Jump to content
Armando

Recommended Books

By Armando, in Tutorials and Further study

Recommended Posts

ortizmj12    1

ortizmj12
Posted

I have it and I'm slowly making my way through it. I've skipped around chapters to supplement the information taught in the course (XSS, SQLi specifically) and it's been really helpful. I'd recommend it :)

  • Like 1

Share this post

Link to post

kelby    2

kelby
Posted

Thanks for suggestion, just ordered it from amazon :)

Share this post

Link to post

Jamie    12

Jamie
Posted

I would definitely recommend the below Python book for anyone wanting to learn the language.

Share this post

Link to post

robertray    41

robertray
Posted

I wouldnt say that the hacking for dummies is up to much. Not sure about any others. A friend did recommend CISSP for dummies if ever interested in that cert.

Share this post

Link to post

sean.reese1    0

sean.reese1
Posted

For Metasploit get "Metasploit: The Penetration Tester's Guide". Very well worth it.

Share this post

Link to post

Jamie    12

Jamie
Posted

For Metasploit get "Metasploit: The Penetration Tester's Guide". Very well worth it.

This is one of my favorite books, learned tons and it's an excellent reference.

Share this post

Link to post

SynNopSys    1

SynNopSys
Posted

Hi All.

All the books in the initial post would be the ones I would recommend, most specifically the following:

1) Shellcoders Handbook (2nd ed)

2) Webhackers Handbook (I only realized today that there was a 2nd edition)

3) Database hackers handbook

4) Hacking the art of exploitation (2nd ed)

5) Reversing - Secrets of Reverse Engineering (Eldad Eilam)

6) Silence on the wire ( I wonder when Zalewski is going to release again)

7) Fuzzing for software Security Testing and Quality Assurance (Highly recommended)

8) Ghost in the Wires (LOVED THIS)

9) Making, Breaking codes - introduction to cryptology - Mantesh.

Of those in my list, I've completed only 2, 4, 5 and 8 - whilst having read 1 extensively but not to a level of mastery, same goes for book number 5. I'm pondering purchasing the 2nd edition of the webhackers handbook. I've just started reading book 9.

  • Like 1

Share this post

Link to post

Mr Pomme    3

Mr Pomme
Posted

I Just finished

- Metasploit: The Penetration Tester's Guide and it's a very nice book.I recommend, good explanation good example and sheet cheat.

I would have appreciate more indepth chapter for writing own exploits but the book is overall really great

Share this post

Link to post

SynNopSys    1

SynNopSys
Posted

Has anyone read "The Tangled Web" By Michal Zalewski, I'm trying to choose between the Web application hackers handbook (2nd ed) or The Tangled web to supplement my Web Security section of the course. I'm leaning towards the former.

Share this post

Link to post

robertray    41

robertray
Posted

I've not read the tangled web, but did find WAHH a useful resource

Share this post

Link to post

Mr Pomme    3

Mr Pomme
Posted

I've finished to read

"A Bug Hunter's Diary: A Guided Tour Through the Wilds of Software Security"

Really nice book, I recommends (multi plateform linux,mac osx,ios,solaris,windows,very good & fun fun approach)

Share this post

Link to post

Mr Pomme    3

Mr Pomme
Posted

I would like recommend you one of the book I've just finished, it's really the book to go after ecppt I guess

It's the better i have on the subject and I have plenty one of them:

Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide

you will be taken by hand to use magictree and dradis and will setup secure environement with ids and firewall and try to evade theme.Really a professionnal approach of what would be met in industry.

Share this post

Link to post

gcraenen    0

gcraenen
Posted

Very good book about metaploit. I really learned alot from it.

Very practical and usefull for starting out with wireless pentesting.

Share this post

Link to post

Noel    1

Noel
Posted

I would like recommend you one of the book I've just finished, it's really the book to go after ecppt I guess

It's the better i have on the subject and I have plenty one of them:

Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide

you will be taken by hand to use magictree and dradis and will setup secure environement with ids and firewall and try to evade theme.Really a professionnal approach of what would be met in industry.

Thanks for sharing this one made my head spin, literally. I love it!

Share this post

Link to post

Omega    15

Omega
Posted

Nice thread Armando :) And I have Metasploit: The Penetration Tester's Guide and I learnt many useful awesome things from that book :)

Share this post

Link to post

norm4n.wagner    0

norm4n.wagner
Posted

Hate to say this, but "amzon"-tagging is not working with my Browser Firefox 27. I neither see a picture nor a link. Is this problem specific to me?

 

 

Books I've read and find useful and interesting:

Metasploit-A-Penetration-Testers-Guide

http://www.amazon.de/Metasploit-A-Penetration-Testers-Guide/dp/159327288X/ref=sr_1_cc_2?s=aps&ie=UTF8&qid=1394570006&sr=1-2-catcorr&keywords=metasploit

 

Linux Firewalls: Attack Detection and Response with IPTABLES, PSAD and FWSNORT

http://www.amazon.de/Linux-Firewalls-Detection-Response-IPTABLES/dp/1593271417/ref=sr_1_fkmr0_3?s=books-intl-de&ie=UTF8&qid=1394570053&sr=1-3-fkmr0&keywords=iptables+fsnort

 

Hacking: The Art of Exploitation (but this book is more for coders/debuggers/shellcoders in general) I'm more interested in the pivoting, intrusion and evasion part. 

http://www.amazon.de/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441/ref=sr_1_1?s=books-intl-de&ie=UTF8&qid=1394570222&sr=1-1&keywords=hacking+the+art+of+exploitation+2+nd+edition

Share this post

Link to post

TheEagerPadawan    41

TheEagerPadawan
Posted

I'm correct to assume that the Metasploit - A Penetration Testers Guide is the most recommend one so far?

Share this post

Link to post

herman    48

herman
Posted

I have done many things (both red and blue) and am still figuring out what I would like to do most haha. My latest adventures are into bug hunting / exploit development so that builds well on top of the eCPPT courses. Still in doubt if I will focus more on embedded systems or Windows applications.

 

Here are some useful resources if anybody else is interested:

 

Hunting Security Bugs
 
Fuzzing Brute Force Vulnerability Discovery
 
Threat Modeling, Designing for Security
 
The Windows Internals books, I forgot what is the most recent one.

Share this post

Link to post

tweety    30

tweety
Posted

my collection of books so far :

 

Metasploit : The Penetration Testers Guide

 

The shellcoder's handbook (2nd edition)

 

The web application hackers handbook (2nd edition)

 

Malware Analysis Cookbook and DVD

 

Cuckoo Malware Analysis

 

IDA Pro book (2nd edition)

 

Advanced Penetration Testing for Highly-Secured Environments  The Ultimate Security Guide

Share this post

Link to post

Francesco    580

Francesco
Posted

That's a nice list of books :)

Share this post

Link to post

TheEagerPadawan    41

TheEagerPadawan
Posted

If you guys should pick a book, say your favorite, what would it be?

and if you have to pick a book for a starter what would it be?

  • Like 1

Share this post

Link to post

caneacsu    253

caneacsu
Posted

Best Book I've read so far in regards to security / pen testing is : http://www.amazon.com/Penetration-Testing-Hands-On-Introduction-Hacking/dp/1593275641 . You can find a review of the book here : https://www.ethicalhacker.net/features/book-reviews/book-review-penetration-testing-hands-introduction-hacking .The Exploit Dev section is pure gold :D This may change while I continue to read books :)

A good book for total beginners : http://www.amazon.com/Basics-Hacking-Penetration-Testing-Edition/dp/0124116442 .

  • Like 1

Share this post

Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Go To Topic Listing Tutorials and Further study
×