InfoSec101 — Part Four: Books, Books, & More Books

Stock Photos are awesome. Credit: http://www.capstan.be/can-computers-read-books-and-what-knowledge-can-we-gain-from-them/

In the final part to this series, I want to share something that’s very close to my heart: books. If you like reading, hop on this journey with me and explore the possibilities. If not, maybe you can recommend this list to people who do.

As I’ve reinforced throughout this series, the cyber security industry is very fast paced. It’s clear that as technology changes, some books may become outdated, and you might think to yourself, what’s the point of reading 400 pages when the next version will be out in two years? Well, this list compromises of books that offer the reader basic, foundational, or necessary knowledge if they wish to continue down a certain path or skillset. They teach technique, attitudes, and fundamental technical understanding, all of which are important at the start or during your career in cyber security.

Thus, most of which I’ve recommend here are for beginners, or at least have the first couple of chapters dedicated to covering basic knowledge. I’ll seperate the lists based on a few topics: Book Sellers/Publishers, Networking, Red Team, Blue Team, Social Engineering, and Others.


Book Sellers & Publishers:

There are a few sites that you’re able to purchase books from. Notables are:

  • No Starch Press: I treat this as my Christmas list. Some of the books mentioned throughout this post are No Starch Press books, so take a look around and enjoy their fantastic work. I’ve linked you to the ‘Hacking & Computer Security’ section of the site, but if you’re interested in starting or advancing your programming skills, they have an elaborate coding catalogue too.
  • Humble Bundle: Sometimes Humble Bundle have collections on cyber security books on offer, where there’s literally a ‘pay what you want’ model. Keep a look out for these deals, it’s worth every cent.
  • Online stores such as Booktopia, Book Depository, and Amazon have a pretty exhaustive range too.

Networking:

  • TCP/IP Illustrated, Volume 1: written by Richard Stevens, this book gives you an in-depth look into networking protocols that you’ll need in any line of work.
  • Practical Packet Analysis: I’ve read once when I was a network engineer, and again later as a security analyst. It comes highly recommended, as it goes through the basics of using Wireshark, capturing network traffic, and simply understanding communications over the internet.
  • Network Attacks and Exploitation: since this has the word network in it, I’ll leave it in this section. But seriously, Matthew Monte covers both defensive and offensive measures to network attacks, using case studies like Stuxnet and Conficker to explore each.

Red Team:

  • Penetration Testing — A Hands On Guide to Hacking: written by Georgia Weidman, the title says it all. This book will take you through the beginnings of Kali Linux, Metasploit, Nmap, Burp Suite, and other such tools to get you started on your ethical hacking ways.
  • Metasploit: David Kennedy, Jim O’Gorman, Devon Kearns, and Mati Aharoni instill their pentesting knowledge in this book that informs beginners and practitioners of the attacker lifecycle. From reconnaissance, finding vulnerabilities, and exploitation, this is a perfect way to discover Metasploit’s various capabilities.
  • Red Team Field Manual: this tiny reference guide by Ben Clarke is all you need when you quickly need to remember what nmap flag to use, syntax for unix/linux commands, or when you’re too lazy to read the man page.

Blue Team:

  • Incident Response & Computer Forensics: written by Jason Luttgens, Matthew Pepe, and Kevin Mandia, this is the best introduction and deep dive into DFIR I’ve personally read.
  • Guide to Computer Forensics and Investigations: Bill Nelson, Amelia Phillips, and Christopher Steuart have co-authored this textbook intended for university students, which is where I first came across it. However it still has practical applications for any professional, complete with labs and exercises at the end of each chapter.
  • Blue Team Field Manual: similarly to the RTFM, Ben Clarke as instilled tactical steps to follow within this guide, with commands required when you’re preparing for or dealing with an incident response.

Social Engineering:

  • Open Source Intelligence Techniques: this book by Michael Bazzell not only introduces OSINT techniques you can use for social media and search engine queries, it goes through tools that have been created by Michael Bazzell, all of which are available on his website too.
  • Social Engineering — The Art of Human Hacking: from the brains behind social-engineer.com and SECTF at Defcon, Chris Hadnagy writes the OG book on OSINT. From psychology, to writing pretexts and learning the art of manipulation, this book is vital if you’re interested in this topic.

Others:

  • Windows Internals: understanding how this operating system works is needed for Incident Responders, for analysts, for people who attack and exploit vulnerabilities. The authors Pavel Yosifovich, Alex Ionescu, Mark Russinovich, and David Solomon, have made sure that this is a must-read.
  • UNIX and Linux System Administration Handbook: similarly, this book covers all you need to know and more about the Linux OS. Having read this during my university studies just as I’d discovered Linux’s existence, I cannot recommend this enough, thanks to Evi Nemeth, Garth Snyder, Trent R. Hein, Ben Whaley, and Dan Mackin.
  • Building Virtual Machine Labs: if you’re looking for more instructions on setting up a lab, Tony Robinson covers a practical guide into how to properly build and configure your virtual machines. Better safe than sorry!
  • Cuckoo’s Egg: a fun little story by Cliff Stoll, who wasn’t a security professional, but quickly learns how to think like one.
  • Countdown to Zero Day: an incredible recount of Stuxnet by Kim Zetter, the worlds “first digital weapon”.

That’s all for now. Thank you to all those who have retweeted or shared this series at any point in time, and I hope it has been informative, to say the least. Happy to hear feedback or even recommendations for another blog post if you feel there’s something else that should be covered within InfoSec101. Happy hacking or protecting!