So, you're looking for your next read? For hackers, curling up with a good read usually means a technical guide or course book (and maybe the occasional William Gibson novel). The right book will be an excellent supplement to your courses and a great tool you can refer back to. But with so many available, you may ask yourself which you should have on your shelf.
Well, we know which we like keeping in our offices and want to share that list with you. These are our choices for the best books on ethical hacking. Weβve broken them into categories, given an overview of the contents and convenient links to grab the ones you like.
We hope you enjoy our choices as much as we do.
Hacking Foundations
Are you just getting started with ethical hacking? We have some great recommendations for you to learn the basic tools, tricks, and techniques of the profession, and start your journey off right.
Hands on Hacking: Become an Expert at Next Gen Penetration Testing and Purple Teaming
Category: Penetration Testing
Author: Jennifer Arcuri and Matthew Hickey
Overview
This book can be considered a crash course in ethical hacking. Arcuri and Hickey make sure to cover all of the core concepts a penetration tester needs to know, from legal advice and code of conduct, to setting up your attack machine, and all manner of enumeration and exploitation.
The authors have created custom virtual machines for you to download and follow along with, getting hands-on experience as you go. Topics include information gathering, understanding and attacking email, web apps, VPNs, file sharing systems, Linux and Windows machines, various databases (including MySQL, Oracle, and MondoDB), Active Directory, and more.
It ends with the absolutely necessary but often ignored skill of report writing, including vulnerabilities scoring system, executive and technical summaries, and tips on proofreading.
The book is well organized, full of hands-on exercises, and written with beginners in mind.
Buy it here
The Hacker Playbook 2: Practical Guide To Penetration Testing
Category: Network Hacking & Penetration Testing
Author: Peter Kim
Overview
The Hacker Playbook 2: Practical Guide To Penetration Testing is a re-organized and updated version of Kimβs first volume - it does not take over where the last book left off, but can instead be considered a replacement, offering a more complete guide to pentesting.
The book walks through practical exercises you can follow along with, taking you from network scanning, OSINT, all the important enumeration tools, and their hands-on uses, to the actual exploitation of your target machine.
From there, pivoting, Active Directory, common vulnerabilities, wireless, anti-virus evasion, persistence, and post-exploitation tactics are all covered in depth. Concepts are explained in a clear and easy-to-digest manner, and the frequent use of screenshots makes this an excellent guide for both beginners and intermediate hackers to return to.
Buy it here
Red Team Field Manual v2
Category: Quick Reference Material
Author: Ben Clark and Nick Downer
Overview
The updated version of Red Team Field Manual, this book isnβt one to leave on your shelf; itβs one to keep in your bag at all times.
Red Team Field Manual v2 is a well-organized cheat sheet that aims to cover everything youβll need during a pentest. This includes Linux environment variables, important file locations on Windows systems, enumeration commands for Linux and Windows systems, domains, and SQL servers.
It covers important tools such as Nmap, Metasploit, and Ettercap, references for techniques like tunneling and port-forwarding, different ways to transfer files to a target, and more.
It is a compact guide, cramming a lot of information and no filler into under 150 pages, making it easy to fit in a laptop bag or even the pocket of a pair of cargo pants.
Buy it here
Black Hat Python, 2nd Edition: Python Programming for Hackers and Pentesters
Category: Developing Hacking Tools Using Python
Author: Justin Seitz
Overview
Despite the name, Black Hat Python 2nd Edition is a great resource for ethical hackers as well. If you want to learn how to utilize the most popular scripting language among penetration testers and red teamers, you canβt do much better the Seitzβs book.
Black Hat Python, 2nd Edition is full of useful programming projects, such as
- Creating a trojan command-and-control server using GitHub
- Extending the Burp Suite web-hacking tool
- Escalating Windows privileges with creative process control
- Using offensive memory forensics tricks to retrieve password hashes and find vulnerabilities on a virtual machine
- And many more
Not just a collection of scripts, this book will help you understand the inner workings of Python3 and how you can use it in the context of cyber security. It will undoubtedly prepare and inspire you to continue with your own scripts and projects.
Buy it here
Specialties
If youβre looking to become a specialist in attacking a particular technology, we have some recommendations that may help you choose a focus and learn the ins and outs of that particular tradecraft.
Hacking APIs: Breaking Web Application Programming Interfaces
Category: API Hacking
Author: Corey J. Ball
Overview
There is a lack of quality information on API hacking, but Corey J. Ball does an excellent job of filling that void with his book, Hacking APIs.
Not satisfied with simply explaining the theory, Ball walks you through nine labs, where you will gain hands-on experience in fuzzing APIs, NoSQL injections, endpoint analysis, and tools like Kiterunner and OWASP Amass.
Hacking APIs is a beginner-oriented book, so industry veterans may not get much from it. If youβre new to understanding how APIs work and how to attack them, this is a straightforward, enjoyable read with plenty of opportunity to get your hands dirty.
Buy it here
Web Application Hacker's Handbook: Finding and Exploiting Security Flaws (second edition)
Category: Web Application Hacking
Author: Dafydd Stuttard and Marcus Pinto
Overview
With over 850 pages of content, when we say Web Application Hacker's Handbook 2nd Edition covers the complete gamut of web app hacking, we mean it.
Listing everything covered in this book could be an article in and of itself, but high-level topics include
- Flaws in web application security
- Understanding web app technologies
- Information gathering
- Bypassing client-side controls
- Authentication attacks
- Session attacks
- Attacking access controls
- Attacking databases and back-end components
- Automating attacks
- Exploiting information disclosure
- Reviewing source code
- Much, much, much more
Each chapter beginners with an overview of the subject (what are authentication technologies), followed by subsections for each control mechanism and attack. The subsections also begin with an explanation of the technology and the inherent weakness (flaws in implementing authentication) then multiple exercises to practice different attacks (taking advantage of verbose failure messages, performing user impersonation, etc.).
If you want to specialize in web application hacking, make this book your bible.
Buy it here
Bug Bounty Bootcamp: The Guide to Finding and Reporting Web Vulnerabilities
Category: Bug Bounty
Author: Vickie Li
Overview
Bug Bounty Bootcamp is exactly what it advertises itself as: a resource covering all the need-to-know elements that make a great bug bounty hunter.
The book doesnβt just focus on the technical aspect either. What separates this from so many other books is the time spent explaining what the industry is like. Li covers different bug bounty platforms, the payouts you might expect, the typical response times, and what is expected in a good report.
Li also talks about typical roadblocks, such as why you may not be finding bugs or why your reports may be rejected, how to build good relationships with devs, and how to deal with conflict. It is only after all this is settled that hacking techniques are discussed.
As you might expect, all the prime techniques are covered, including XSS, clickjacking, CSRF, SQLi, etc., and advanced techniques, such as code review, API hacking, hacking Android apps, and automating discovery. Li explains each vulnerability, what causes them, and how to find, exploit, escalate, and mitigate them.
Bug Bounty Bootcamp is a great preparation guide for a career in bug bounty hunting.
Buy it here
Practical IoT Hacking: The Definitive Guide to Attacking the Internet of Things
Category: IoT Hacking
Author: Fotios Chantzis and others
Overview
You cannot escape the Internet of Things. Your smartphone, fitness tracker watch, and Bluetooth earbuds are kept on your person. You can speak to a device and ask it to turn on the lights in your house or change the temperature. You can even control your oven from a distance. All of these things are vulnerable to attack.
Practical IoT Hacking walks you through the theory and practice of IoT hacking in a way that someone with a moderate knowledge of Linux and hacking can understand. It begins by explaining what the IoT landscape is, explaining the technology, and threat modeling.
You will learn VLAN hoping, hacking hardware and firmware, attacking various wireless technologies like WiFi and Bluetooth, and finally moving into smart devices, smart homes, and mobile applications.
Both theory and reproducible exercises are used to create a well-rounded, organized, and highly useful guide that is equally powerful in its content and terrifying in its implications.
Buy it here
Advanced Hacking
Ready to take your hacking to the next level? These two books can take you from a competent hacker to a professional cyber-ninja. Learn advanced penetration testing and red teaming with our following recommendations.
The Hacker Playbook 3: Practical Guide To Penetration Testing
Category: Red Team Hacking
Author: Peter Kim
Overview
If youβve become confident in the techniques Peter Kim provided in The Hacker Playbook 2, take the opportunity to move up to more complex and challenging red team techniques with The Hacker Playbook 3.
This edition explores C2 frameworks, such as Cobalt Strike, Empire, and Merlin. It covers the differences between penetration testing and red teaming, obfuscating attacks, using social engineering, Active Directory enumeration, and AD exploitation tools like Responder and CrackMapExec. It also teaches you how to βlive off the landβ, using native installed tools in Windows to better avoid detection.
Linux systems, web app attacks, and privilege escalation arenβt ignored. Like his previous book, each technique is explained in an easy-to-follow manner, covering both the how and why, supported with lots of excellent screenshots.
Buy it here
Advanced Security Testing with Kali Linux
Category: Advanced Penetration Testing
Author: Daniel W Dieterle
Overview
Author Daniel Dieterle may very well be irritated seeing his book in this category, as he starts off saying, βThis book will not teach you to be an uber l33t hacker. There is no βsecret sauceβ to leetness here.β This is fair, as no book on hacking acts like a magic spellbook granting you unearthly cyber skills.
What this book does do is expand upon many of the skills learned not only in Dieterleβs earlier books, but in the books already covered in this list.
Not focused on theory, Dieterle summarizes the general subject (recon, web attacks, C2) then moves on to the tools he chooses, where to download, how to set up, and hands-on practice against targets set up at the start of the book. Itβs plain to see a lot of time has been spent looking for useful (and perhaps not commonly known) tools to aid in penetration testing and red teaming.
Advanced Security Testing with Kali Linux is a great way to further your knowledge of penetration testing tools and methods and is a favorite of ours.
Buy it here
Hacking Without The Keyboard
Hacking isnβt just command-line kung-fu. It is the art and science of making things act in a way they werenβt intended to - preferably to your benefit. It is about seeing the flaws in a system and exploiting them to suit your needs.
People can be hacked. Doors, fences, and other physical boundaries can be hacked. Letβs look at some resources to teach you how to hack without the keyboard.
Unauthorised Access: Physical Penetration Testing For IT Security Teams
Category: Physical Penetration Testing
Author: Wil Allsopp
Overview
Wil Allsopp has put together what we think is the most complete guide on physical pentesting available. The book begins with all the preliminaries, including contracts, legal obligations, and scope of testing, then moves on to planning the engagement, building a team (what specialists you should consider), and researching the target.
There is a general overview of common techniques to keep in mind, like tailgating, disguise, fabricating passes and badges, and visiting non-existent employees, before breaking into detailed chapters.
Social engineering, lock picking, bypassing physical obstacles such as motion detectors and mantraps, collecting and organizing information using Maltego, and tools to crack WiFi and collecting information from computers using forensic data capture are all covered showing real-world scenarios Allsopp has been involved in.
The book ends with ways to help your clients improve their security, including best practices and employee training. Allsopp goes into detail regarding US, UK, and European laws that will be absolutely essential for a physical pentester to be aware of.
This book is your one-stop shop for physical penetration testing education.
Buy it here
Social Engineering: The Science of Human Hacking
Category: Social Engineering
Author: Christopher Hadnagy
Overview
An update to Hadnagyβs first book, Social Engineering: The Art of Human Hacking, this book reprises the old material while adding a significant amount of new content and practical examples.
Hadnagy not only covers reproducible techniques for you to try, but explains why it works - how we tend to respond in social situations, our compulsion to please, our fear of missing out, and how it takes only a small amount of βproofβ and mirroring to build trust with a stranger.
The different social engineering techniques are not just explained at a conceptual level, but with solid examples that he, or others he works with, have successfully used.
A detailed explanation of these methods and how to apply them in your own physical pentests, information gathering, phishing emails, and more are provided in a clear, casual, and sometimes funny style. He also shares when heβs failed using these techniques, the lessons learned, and how you can avoid the same missteps.
Buy it here
The Hacker Mindset
What drives hackers to do what they do? Why do people dedicate themselves so passionately to this career? Why do black hat hackers risk their freedom to break into systems and cause destruction? Letβs look at two infamous hacker collectives, one fighting for good, the other creating chaos just for laughs.
Cult of the Dead Cow: How the Original Hacking Supergroup Might Just Save the World
Category: Understanding Ethical Hackers
Author: Joseph Menn, Jonathan Davis, et al.
Overview
The Cult of the Dead Cow (cDc) is perhaps the oldest and most infamous white-hat hacker group. While many of its original members have gone on to be executives, entrepreneurs, and politicians, this group of eccentric technophiles up-ended how the world viewed security back in the late 90s.
This book covers the inception of the cDc in 1984 in Lubbock, Texas, to almost the present day. It also focuses strongly on the affiliate organization L0pht Heavy Industries, the hacker collective out of Boston, which shared many members with cDc.
Joseph Menn does more than list dates and events. Reading it feels like someone telling you an interesting story about their friends. The how and why things happened hold equal importance to the narrative as the what.
Buy it here
We Are Anonymous: Inside the Hacker World of LulzSec, Anonymous, and the Global Cyber Insurgency
Category: Understanding Threat Actors
Author: Parmy Olson
Overview
This book is a biography of sorts for the hacker group LulzSec and its core members Sabu, Topiary, Kayla, Tflow, Avunit, and Pwnsauce. Of course, it has to start at the beginning, on a simple anime image board we arenβt supposed to talk about.
We are treated to the history of Anonymous and Operation Chanology (their fight against the Church of Scientology), and how LulzSec came together to form something uniquely dangerous.
Told primarily through IRC chat logs, we are walked through the planning and execution of famous attacks against Sony, Bethesda Game Studios, InfraGard, CIA.gov, HBGary, and SOCA, to name a few. We get to learn the real-life identities and backgrounds of these hackers, what drove them to commit these acts, and the legal repercussions they faced.
Buy it here
Career Guidance
Even the greatest hacker will need to be a salesman to potential employers. How do you convince human resource representatives, department heads, and management that you are the ethical hacker they need on their team? Here is our favorite resource to learn this skill.
Hack the Cybersecurity Interview
Category: Job Hunting for Ethical Hackers
Author: Ken Underhill, Christophe Foulon, and Tia Hopkins
Overview
This book is not simply for ethical hackers, but for anyone wishing to get a job in the field of cyber security. It begins with general interview advice, common interview questions in this industry, advice on managing stress going into an interview, and salary negotiation. It also has a chapter on personal branding.
From there, it covers specific guidance for an impressively wide collection of cyber security jobs ranging from entry-level positions to advanced senior-level jobs. Positions include penetration tester, SOC analyst, malware analyst, GRC, CISO, and more.
Each chapter explains the position details, the average salary, advice on education and certifications, and the common interview questions you can expect for this position.
Hack the Cybersecurity Interview is a must-have preparation guide to help you ace your interview.
Buy it here
Conclusion
As youβve seen, there is a tremendous amount of information to absorb when it comes to ethical hacking. While weβre sure youβre taking excellent notes, having a good reference book is invaluable. If youβre new to this trade and have a limited book budget, we recommend grabbing either Hands on Hacking or The Hacker Playbook 2 and a copy of Red Team Field Manual v2. (Check out some great cyber security podcasts too!)
Also, we have courses on almost all the subjects covered in this article, so check out our Member Section. If this article was of interest to you, you would probably love these courses: