#bookclub

Hii guys I want to learn free el ethical hacking h from basic , anyone have idea Abt free alternative. ?? Plz DM and reply me..

I tried to make an account and buy that humble bundle with paypal and my order got cancelled and my account got disabled. that sucks

I'm trying to find something to read when i am too lazy to do labs, but all the books i am finding that aren't super basic want you to set up labs. Is there anything you can just read in a lazy way when you don't feel like putting the effort into spinning up vm's and stuff but you still want to read about cybersecurity that isn't just the same basic things about enabling 2fa and not clicking on phishing?

I want the books for Operating system

You can check out this THM blog post to get started with free rooms on the platform:
https://tryhackme.com/resources/blog/free_path

You should get in touch with Humble Bundle and/or your bank about such things. They might be able to help you

I opened a ticket but they haven't responded yet

Makes me feel better about my company's support when it takes this long to get a response on a ticket though

Krebs on Security!

I'll check it out

No Starch has lots of books discussing various operating system topics. O'reilly, Wiley, Sybex, APress and others publish lots of books on all kinds of computing/operating system and software topics

https://nostarch.com

I think i read his blog before and i liked it

Thanks

Gave +1 Rep to @desert monolith (current: #625 - 12)

Oh I guess you did mean the blog

Thanks

Gave +1 Rep to @tidal plume (current: #19 - 582)

If you're new to Linux, perhaps Linux Basics for Hackers by OccupyTheWeb would be a good way to get started

Really thanks buddy

Gave +1 Rep to @tidal plume (current: #19 - 584)

Um I wanna download youtube in 1080p in free

Anyone knows the idea of Abt that?

im knew i have started thm got a basic knowledge any tipd

tips for a begginer from aus

I'm guessing this is the right place to ask this? I'm in the UK and a few weeks ago I came across a cyber security magazine in TG Jones (formerly WH Smiths). I cannot remember the name at all. Does anyone know of any physical print magazines that would be sold in shops in the UK?

Telegram bot

I dont think we can help with that

I have just basic knowledge of linux

Thanks

Gave +1 Rep to @tidal plume (current: #18 - 591)

The Linux Command Line by William Shotts is a great book to learn how to work in the command line. It can be downloaded free under a Creative Commons licence from the book's official site, or you can buy a copy from No Starch

https://www.linuxcommand.org/tlcl.php
https://nostarch.com/linux-command-line-3rd-edition

Sure

Thanks Buddy

Has anyone read this book and is it any good

i don't know why it says black hat

lots of pentesting material uses black hat in their titles

i guess it's the alliteration

they just wanna sound badass

This is the contents page of the book. It was in a recent Humble Bundle collection from the publisher. It basically explains all the steps and a method to script each phase of a pentest. It's pretty easy to follow along

oh cool i wish i would have seen that bundle. I will probably get it for full price lol

thanks

Gave +1 Rep to @tidal plume (current: #17 - 593)

Or wait like 10 months for the next one 😄

Hii

Guys

Can someone guide me plz ?

I've bought several books directly from them, and a whole bunch of their different hacking, coding, linux and machine learning bundles over the years

You can ask your questions and be directed to the correct channels, but the best thing to do is to #start-here

That's too long to wait. I'm not that patient lol

My account got disabled somehow last time i tried to buy a bundle and their support team still hasn't gotten back to me. It was weird

i was using paypal. it should have worked

I wanna learn bash scripting to the advance
Any idea ?

If you don't hear from them after a couple of weeks, get back in touch with them

I might, but if they are so busy it takes this long for anyone to answer I don't really want to bug them more

I thought they were finally responding but it was just another automated email that they have my ticket and will start working on it soon

It's been about a week i think

Learning the bash Shell: Unix Shell Programming and the Bash Pocket Reference should cover everything you need. Even one of those books would teach you quite a lot

Well if you've received the acknowledgement then they'll probably get back to you before long

yeah i hope so.

Book reccomendation: The Art of Intrusion by Kevin Mitinick. It isn't an instruction manual, so dont expect to get any hips on how to use tools, but it is full of stories of all kinds from different hackers and what they did, how they learned their skills, and sometimes how they got caught and prosecuted after doing some shady stuff. If you're into hacker stories and interested into what can be pulled off by some of these guys, and how dangerous a little knowledge is, this is a page turner.

Which are the best books for learning cybersecurity and ethical hacking from the beginning... Could someone help me.... ?

You might also like some of the ones listed here: #bookclub message

You can get 'The Linux Command Line' book from its official website as a free download. Learning Linux is very important. If you want a print version of the book, go to https://nostarch.com
No Starch also have lots of other good books on Linux, networking, cybersecurity fundamentals, hacking, cryptography, python and other topics.

There's a Humble Bundle collection from Wiley that has a bunch of books on many of those topics as well as Tribe of Hackers and Blue Team Toolkit, two books I'd recommend if you're new to the field:
https://www.humblebundle.com/books/cybersecurity-wiley-books-2025

If you're just starting out I'd suggest following the instructions at #start-here

Any books on cyberlaw + digital forensics?

I mean, lots.

What sort are you looking for?

Anybody with a pdf of malware development for ethical hackers by zhassulan Zhussupov

Honestly anything... surprise me lol

The Linux for Seasoned Sysadmins Humble Bundle from O'Reilly is back up again for anyone who might have missed it. I picked up this collection a good while back. You don't need to be a seasoned sysadmin to learn from these books. Books like 'Learning Modern Linux', 'Efficient Linux at the Command Line', and 'Practical Linux System Administration' could get you quite comfortable with it. There's lots of other good books in it too

https://www.humblebundle.com/books/linux-for-seasoned-admins-oreilly-books-encore-2026

@tidal plume You seem to read a lot of books. Do you usually read them cover to cover, selected parts or mostly just use them to look up things? Reading these technical books takes a lot of time, compared to novels, since you need to be very focused and perhaps re-read some sections to understand. Last year I only managed to complete three books related to hacking.

I've read a lot of computer books over a lot of years. I read some cover to cover, others selected parts or research. And yeah they can take a long time. I've done a lot of technical work so I can breeze through a lot of it, but a lot of the books too require you to be doing something active, like setting up a server or applications, etc. Three books related to hacking is good going.

I do have many hundreds of books thanks to Humble Bundle, but I haven't read anywhere close to all of them. Books from particular publishers tend to have a format and design to them that makes it easier to decide how you treat a particular tome. There's a lot of dialog, plenty of instructional info, technical concepts, and it's up to you to pick and choose.

Gave +1 Rep to @undone grove (current: #2335 - 2)

Yes, but there are so many interesting books in these humble bundles, but I already have bought bundle books for a decade, at least at my current reading rate 😆
Most of them will probably be too old and never read.

A lot of old books still have relevant info. Things change in the field, but not everything changes quickly

If I'd been reading one book a week from humble bundle the last decade, I'd have a hell of a lot of knowledge, and no time for anything else, and I still wouldn't be close to the end! 😆

One or two hours a day goes a long way

Yeah I am in the same boat. Looking at my kindle app I have 290 books that Ive grouped as "interesting", so if I managed to go through one every two weeks thats 12 years 👀

Yeah but don't think of it as a burden you've placed on yourself, just adventures you haven't had yet. If you read a book a week from the age of 8 to 80 you'd read 3744 books. Most people read far fewer than that, but that's not the point of it. You read what interests you at the time, or what's important, or what's popular or what's obscure. Sometimes the books you'd like to read, but don't get to can be an interesting part of your adventure

Hear, hear!

I have a bad habit of reading half a book and moving onto another one 😄

Same.. so many books started xD and I bought one: "Finish what you started" =.= did not finish that one

I think it's due to seeing another book that looks interesting so I move on and then forget to go back to it

Riiight? My bookshelf is crying at me xD I'm at the point where I can't look that direction xD just going to read the ones near me bed

Not IT related but ive heard kafka is very good

It was on the list. :)

What list? ( i might be dumg)

The reading list... books I want to buy

Ohhhh

Currently I'm switching between these: "Physics if the future" by Michio Kaku, The Great Story of Math: From Prehistory to the Present Day" by Mickaël Launay, "Starry Messenger: Cosmic Perspectives on Civilization" by Neil Degrasse Tyson and George series, by Lucy Hawking :) (don't have the entire series but I like space story for kids)

Yeah I have the Complete Stories, Complete Works, Letters to Felice, Letters to Milena, and of course, Kafka on the Shore by Haruki Murakami

I like the Trial by Kafka

Hey guys, i have a question about Packt/O’Reilly books, they seem to have a terrible reputation, does anyone here has experience with books from those 2 editors ?

I wasn't aware of that.

O'Reilly are usually decent, not sure where you've heard they're terrible. Packt have a bit of a reputation for not being great overall, but I wouldn't rule out Packt books completely. Typically I will pick them up (usually humble bundles or through Fanatical) if there are topics I'm vaguely interested in. Look at the author not the publisher for them.

O'Reilly is awesome. where did you hear that they have a bad reputation

I have no idea who Packt is though

They write a lot of good programming books that are thourough and accurate and are much less dry than most alternatives

A bunch of guys were talking bad about them in a HumbleBundle subreddit, and they were a lot

they do a lot of humblebundle so idk why they get all this hate

weird

Yeah it's true, Packy can be kinda hit or miss. They seem to have a lower standard for the kinds of books they'll accept, but they do have some wonderful books as well. O'Reilly has always had a great reputation for IT/Programming books. I've used them myself many times over the years.

The thing is that, because they both tend to cover a lot of different topics, and the topics themselves can be quite involved, they can require a lot of work, and don't always have the answers a particular reader might be loojking for. Frequently an application or solution might be able to do something it's not necessarily promoted as, or a niche use might have some traction, but it's not covered. There are also several ways to read a book. So it might just be over their heads.

I wouldn't take the ramblings by a bunch of redditors as gospel. Whatever their reasons, if they have access and decide not to buy something, that's their choice

This is the Playbooks and Workbooks bundle from O'Reilly
https://www.humblebundle.com/books/cookbooks-playbooks-and-workbooks-oreilly-books

And this is the Cloud Solutions Architect bundle from Packt
https://www.humblebundle.com/books/ultimate-solutions-architect-cloud-bundle-packt-books

I'm haf convinced Packt authors pay for their books to be published to add to their CV's

Whats a good book about cyber/redteaming?

Red Team Development and Operations. The book is full of excellent information on the topic. It's one of the books we used in college on the topic. The website is full of useful info as well

https://redteam.guide/

Have you checked with your local library?

ensihoito in English is "emergency medical care"

Hello yall I am wondering if yall have some recs on cyber security interview books!

I'd suggest reading some of the interviews from one or more of the Tribe of Hackers books. There are a number of books on the topic, which I haven't read. My experience of cyber interviews involved being able to discuss technical matters, company/client needs and project goals, your experience and ability to perform in various aspects of a role, your work and study history, any projects/blogs/events/books you might have experienced. Perhaps they'll do a technical test, so maybe a bunch of technical questions or a practical assignment related to the job you're going for...

There's plenty of websites about the topic of interviewing for various roles and what you might be asked

https://tenor.com/view/ban-hammer-yoshi-mario-discord-gif-12444703281338986867

Is that a name of a book? Sounds quite good

Guys, any books for SOC?
Please let me know if you find any good book pdf for free

Here's some good blue team books. You can buy them from many stores. We don't advocate book piracy
#bookclub message

Thank you....

You might find some use out of this collection from Packt on Humble Bundle:
https://www.humblebundle.com/books/ethical-hacking-cyber-defense-bundle-packt-books

😫

Big Linux bundle from No Starch on Humble Bundle atm. The higher price of the bundle is because of the two books:
Linux Programming Interface, and
System Programming in Linux
Both of which are individually normally $80-100, but you always have the option to pick a smaller bundle, including things like the newest editions of:
The Linux Command Line
Linux Basics for Hackers
How Linux Works
and more...

https://www.humblebundle.com/books/linux-good-stuff-no-starch-books

good find, thanks! 🙂

Gave +1 Rep to @tidal plume (current: #17 - 628)

hello is there someone who can help me to get free resources for learning cybersecurity , i appriciate for the help

https://www.hacksplaining.com is good for web sec

I too want

ping THMDC.za.tryhackme.com
ping: THMDC.za.tryhackme.com: Name or service not known - doesn't work in the attack box for ad enum

please update the bloodhound tasks they are outdated

This is the Book Club. We talk about books in here. If you're having problems with a room, or a room has a bug, visit https://discord.com/channels/521382216299839518/1333993673381253162 so it gets seen

Which book would you guys recommend for me? I started studying cybersecurity last year but i'm putting on practice what I learned this year doing simulations and THM rooms (until someone finally give me a infosec job...)

Something like "Cibersecurity for dummies" for example

You should check out the books from No Starch, Wiley, Sybex and O'Reilly that are frequently discussed here. You might consider Cyberjutsu or Linux Basics for Hackers from No Starch (see the Linux bundle above), the Tribe of Hackers books from Wiley are worth checking out

APress has released a series of Agentic AI books in this Humble Bundle collection:

https://www.humblebundle.com/books/intelligent-agents-agentic-ai-and-large-language-models-apress-books

Cyberjutsu?

Cool name

It's a cool book!
https://nostarch.com/cyberjutsu

Hey guys... do you know any good books on Cybersecurity that would help me learn a bit and get more knowledge in the field? physical book

There are tons of books ...
bug bounty bootcamp vickie li
Linux Basics for Hackers
The Tangled Web: A Guide to Securing Modern Web Applications

ty

Gave +1 Rep to @hasty jungle (current: #824 - 9)

Hey everyone
I’m GreenBA here:), working my way into Business Analysis with a background in banking ops and ICT. I’m really curious about how AI and cybersecurity connect with areas like KYC and AML, and I’m hoping to learn, share, and grow with others here. I’d love to find a mentor or team to help me follow a structured path toward my goals. Outside of tech, I enjoy creative problem‑solving and even improvising recipes when I can. Looking forward to connecting with you all.what book can i start reading? is there anyone we can discuss the book with aswell?

Just sharing, I'm reading the Portuguese version of The Art of Network Penetration Testing by Royce Davis

book (en): https://www.amazon.com/Art-Network-Penetration-Testing-company/dp/1617296821 (just the source, i'm not promoting)

If you have the opportunity, I recommend; it's excellent content with a practical open-source lab via Vagrant and Ansible

@gentle swallow can someone do something about these spammers

Hello, What books do you recommend about money truth, or financial literacy?

Think and grow Rich

Andrew Tanenbaum Modern Operating System

Andrew Tate if he liked tech

Hi everyone,
What’s a must-read book for an Information Security student?

I also live in the phillipinea

Phillipines*

I'd say the web application hackers handbook. There are online resources as well

@frigid blade Please slow down. Further spam will result in a short timeout.

As possible 😁

welcome

https://nostarch.com/mangacrypto

https://nostarch.com/mg_databases.htm

What should I read first: social engineering, the web hackers handbook, tribe of hackers?

Social Engineering

That book was my bible as a kid

Taught me how to understand basic emotions

i had the same experience with How To Win Friends and Influence People

@hoary mortar seeing as we've got this now, might be worth writing and pinning a message as a guideline for how to use it? i.e. no piracy or uploading copies of paid-for books -- just discussion and reference to said books (assuming that is the stance of course). Similarly, it shouldn't be a problem to share free books, I would assume?

ezpz

I love humble bundle. In the last couple years I've collected hundreds of books from No Starch/O'Reilly/Wiley/Packt/CRC. IT books usually drop Monday 19:00 GMT

Think they're better known for their games, aren't they? I agree though -- their book bundles are superb. Just got the new Cybersecurity 2020. It looks amazing.

Bought top tier of this humble

Let's go

Yep! I have no idea what to read first!

I'm readying social engineering atm

really good so far

I read some weird books as a kid

I had to learn all the emotional stuff

Like this one that taught how to biomechanically engineer a super virus to wipe out the population

I think a social engineering book would have turned me into a little psychopath

Well, sociopath

I read the one Bee is reading now and MItnicks one as a kid

Recommend it?

what

this social eng book

I got the whole bundle, so like I'll read them in time

taught u how to biochemically enginner a super virus

It most certainly turned me that way

Nah, a different one

lemme find it

although

if I'd had said yes it still would have been true

because lies and deceit

Then there was this one book on how to start a drug cartel

This shellcoder's handbook is exciting me

A lot.

RevEng, windows token things

I wonder if I can use Humble Bundle Partner money to buy it

Cisco IOS exploitation

hnnng

Like I could probably get the funds released but that requires US tax forms and ew no

This shellcoder's handbook is exciting me
I have its ebook version, it's pretty cool.
I bought a huge bundle of ebooks a while back, I got quite a few SE books, RE, the Shellcode's handbook, Malware analysis too

Shellcoders handbook is a great book ^

i need to make time to read it though

A book about organisational and team strategy, not directly about but makes reference to hacking/cybersecurity methodology. Partly about playing devils advocate and recognising alternative solutions to recognising and solving problems that can otherwise lead to stagnation. Someone mentioned it last night in 2600 so I played devil's advocate but read it cover to cover. Good fun.

https://www.amazon.com/Red-Teaming-Competition-Challenging-Everything/dp/1101905972/ref=mp_s_a_1_1?keywords=red+teaming+bryce+hoffman&qid=1582045214&sprefix=red+teaming&sr=8-1

Hello there, I think this is the right place to leave this: https://www.humblebundle.com/books/cybersecurity-2020-wiley-books?hmb_source=navbar&hmb_medium=product_tile&hmb_campaign=tile_index_2 I hope it will useful!

Been posted a few times, I recommend people pick up the 1st tier and more if they're interested

Oh that's the 2020 version of the bundle I got a few years back heh

Really liking social engineering atm

Oh that's the 2020 version of the bundle I got a few years back heh
@zenith plank

Yeah i got one too but there's a couple I don't yet have :)

So they did change the stuff inside of it, I'll check it ou

@solemn jewel the social engineering books are really cool, yes !

After browsing one of the books from 2020 CyberSecurity Bundle it looks like Adam Shostack(Microsoft) has created a card game. Named "The Elevation of Privilege threat modeling game... Free to download. https://www.microsoft.com/en-us/download/details.aspx?id=20303

Elevation of Privilege (EoP) is the easy way to get started threat modeling. It is a card game that developers, architects or security experts can play.

@errant sundial https://nostarch.com/blackhatgo

Oooh

It's already the tool I go to for custom HTTP stuff

This looks great https://nostarch.com/miningsocialmedia

If that go book wasn't $30...

No Starch is worth it tbh

https://www.vice.com/en_us/article/bvgy85/how-big-are-jeff-bezos-feet-an-investigation

Excellent use of OSINT imo

More like "I have so much free time that I'll make money out of somebody's divorce and his new gf's picture"

Well that's the most time I've ever or likely will ever spend reading about another man's feet...

assda

Hello there, I think this is the right place to leave this: https://www.humblebundle.com/books/cybersecurity-2020-wiley-books?hmb_source=navbar&hmb_medium=product_tile&hmb_campaign=tile_index_2 I hope it will useful!
@sage cloak Thanks for this. Just bought this bundle.

it's real good

Yeah, 1$ for those books is quite a deal.

I bought the top tier

the second tier is the real interesting one imo

Still gotta look through my library and see if I have these

I have most of them from last time but a lot of them are essential reading for pentesters

Sort of off topic, but a beautifully written, book about spy planes. Very motivating, enjoy!

I remember reading a couple of these books many years ago ☺ old skool shenanigans

https://www.goodreads.com/book/show/6225696-stealing-the-network

did anyone here get the indie humble cybersecurity bundle

because I won't let me buy it without getting a monthly subscription.

Weird, I got it

It was worth getting

I am trying to right now

https://www.humblebundle.com/books/cybersecurity-2020-wiley-books ?

but it wont let me buy it without a monthly subscription as well

yes that

It's expired now

What tier are you after?

They've moved on

Oh weird

so the red means its expired

nah

Don't think so

ok

There's 15 hours left

15 hours left to buy

I was wrong

What tier are you after?

I'll walk you through it

the 15 dollar one

Click $15, re distribute the money as you wish, enter your email and then pay

got it thanks

np

@silk crater appreciate it

Humble Affliate btw

btw I am on bandit level 23 now

nice

looks like I am going to finish it at this rate

when you comin' for my #1 spot then?

A LONG TIME FROM NOW

literally about a year out from attempting that

Is it even possible to get #1 with new point system?

maybe

Likely

If I keep slacking with new rooms it will be

tru

so the red means its expired
@wary needle

The timer is how long is left. Computer bundles usually come out on Monday at 7pm gmt

Scroll to the bottom and you get to pick how much you pay

It'll change at 6pm cos of their daylight savings change

@tidal plume Thanks for the response, but I decided not to get the books. I have wwwaaaayyy too much to do already.

@tidal plume Thanks for the response, but I decided not to get the books. I have wwwaaaayyy too much to do already.
@wary needle i hear ya. I got most in the last wikey bundle and still have a massive reading pile...

Anyone know when the next edition of A hands on introduction to hacking by Georgia Weidman will be released?

I've heard a lot of great things about the first title but it was released a very long time ago and I'm enthusiastic to snag the 2nd edition when it comes out, hopefully soon

No exact ETA, she does post updates from her Twitter though about it. Most recent one I saw was her trying to decide whether to keep Win 7 as the easy first exploit with Eternal Blue or not since it’s no longer supported

sadly, just because an OS isn't supported doesn't mean you won't see it in the wild

I don't think that was the point of her polling it. It was more an intro to more up-to-date things rather than "hey this old vulnerability is still around so we'll just pick the easy one"

Otherwise she wouldn't even bother with a v2

The first one is really good, slightly dated now. The theory is sound but the techniques and targets need updating.

It's also a bit unfortunate that her advanced course on cybrary is now behind the paywall

Anybody read the Snowden book? Finished it a few weeks ago, definetly an interesting guy.

Haven't read his book yet but I read the Glen Greenwald book about the whole thing

@tidal plumei loved the glen greenwald book

i did my 11th grade english report on it

to sum the report up in a picture

@robust salmon fantastic work :D

Not sure if already mentioned but “Ghost in the wires” is my favorite hacking book. I’ve read it 3 times. Very realistic and very easy to read too

It’s written by Kevin Mitnick and is about his years as a fugitive

I read ghost in the wires. Definitely a good read. Mitnick comes across a bit cocky for my liking but I did like the book.
Reading “countdown to zero day” at the moment about Stuxnet

a lot of people get that vibe from him

How To Disappear by Frank Ahearn was a good book, @zenith plank can attest

^^^^^^^^^^^^ I do

Hi all, I have read quite a few great books recently. I'd definitely recommend "Sandworm" by Andy Greenberg. Fantastic book.

I read ghost in the wires. Definitely a good read. Mitnick comes across a bit cocky for my liking but I did like the book.
Reading “countdown to zero day” at the moment about Stuxnet
@chrome parcel Love this book!

Anyone has a good book on enumeration and black hat topics?

Anyone has a good book on enumeration and black hat topics?
@main hinge why are you after black hat topics?

What even is a black hat topic?

@north spade I study Cyber Security and will move on to a master in cryptography after my A.S. I believe that understanding black hat topics will advance your skill as red hat.

You do realise, yes, that it's exactly the same skillset?

Yes

A white hat hacker studies the exact same topics as a black hat hacker.

Asking for "black hat topics" is just kinda suspicious

Not really suspicious

!rules

For what it's worth, I think it is suspicious

See 9

I don't have access to my library just now, but I can send on a few titles that are good for pentesting on Sunday if no one else has responded by then.

@north spade I understand your concern. Thanks, I got quite a few books already but I'm struggling to find more on those topics. If you have any good books on steganography and cryptography too I'd love to know!

But I haven't found many good books on Enumeration..

enum books { }

@sacred terrace lol not that kind of enumeration. Just google Network Enumeration

hey, enumeration is enumeration man c:

I mean I program too so I understand you very well!

Have you done any website programming? I've done a few things here and there to prevent user enumeration attacks

Yeah I have, but mostly I create tools. I use Golang, C#, C++ mostly.

Sometimes Java and Javascript.

C# and aspnet all the way, baby! :p

do hackernote!

Yeah C# is cool, but for the tools I make I like the concurrency and parallelism that Golang offers.

I will when I finish the crashcourse in the tools - aka. the primer. I've gotten wildly sidetracked while doing those room thus far

personally, my opinion is that if you aren't a vendor that does that one specific thing you need, and that thing needs to go real fast, then It's worth paying a vendor to do it for you.

can't reinvent the wheel each time. Especially not the wheels that have to be super round and smooth

If you port scan, bruteforce, and cracking hashes you want things to be as fast.

Just wait til Quantum computers comes out, rip AES256

*AES 128

256 is OK

@mental pelican My girlfriend got me Sandworm today actually as a birthday gift! Going to get stuck into it soon

exactly my point - no point in playing DYI when there are pros who do it for keks

I wrote an academic literature review on this, ask me anything about post quantum crypto @main hinge

I heard good things about the sandworm book

neat, james!

@errant sundial isnt 256 stronger than 128?

yes

But 256 isn't at risk from quantum computing

Did you read Quantum apocalypse?

Yes

256 is safe

NSA is saying use 256

I wrote a paper on this, I know

I can chuck sources at you too

My bad Cryptography Apocalypse

Its a pretty good book.

Yes I did read that book

And dozens more

256 is not at risk from Grover's algorithm

Do you have any other great books on Cryptography then? So far I have Cryptography Apocalypse, the serious cryptography from no starch press and maybe one more

I can drop some links in here if you'd like

But not books

Yeah if you dont mind!

Only academic papers and stuff, so you can't access unless you have access through a uni

Yeah I have access

So you had to write an academic paper on that topic? Through what degree?

https://nvlpubs.nist.gov/nistpubs/ir/2016/NIST.IR.8105.pdf

A literature review

https://kryptera.ca/paper/2019-03/

Thanks a lot! Ill check it out!

https://apps.nsa.gov/iaarchive/library/ia-guidance/ia-solutions-for-classified/algorithm-guidance/cnsa-suite-and-quantum-computing-faq.cfm

@main hinge There's my source on aes256

Interesting, I appreciate that! I will give them all a read!

have you read the "Kali Linux Web Penetration Testing Cookbook"? What do you think about it?

@woven herald I got it in a humble bundle last year. Haven't read it but it looks to have plenty of info to get started

Me too. There is some basics with many kali tools.

Thanks to Humble Bundle I've got so many books on Cybersec, AI, Programming, Data Science, DevOps, Linux/BSD that if they were physical I could open a library

Hello, someone could tell me a complete book for penetration testing, because I read some but when I do labs sometimes I'm frustrated because some knowledge are missed... Sorry for my English I'm from Belgium 😅

@covert zealot Web Penetration Testing with Kali linux

or Hacker’s handbook 2

Thank you very much!

Hacker's handbook 2 - Susan Young & Dave Aitel?

Could you please send me a link for buying it? 😄

it’s on amazon

and bookdepository (best for UK and EU)

This one :
https://www.bookdepository.com/Web-Application-Hackers-Handbook-Dafydd-Stuttard/9781118026472?ref=grid-view&qid=1585511351977&sr=1-1

Sorry to bother you, it's just that I didn't buy the wrong book.

yup!

that one

@covert zealot don't worry! you are not bothering at all 🙂

OK Thank you very much! 👍 👍 👍

@covert zealot Plenty of books for Pen Testing along with the ones mentioned above;

Georgia Weidman's Penetration Testing,

Hacking : The Art of Explotation by Jon Erickson,

The three Hacker Playbooks by Peter Kim,

Advanced Penetration Testing by Wil Allsopp

This is not a complete list. There's loads more to explore from No Starch (nostarch.com), Wiley, O'Reilly, Packt and others. check out bookdepository.com, nostarch.com, humblebundle.com for reasonably priced collections

Thank you very much! 👍

This one :
https://www.bookdepository.com/Web-Application-Hackers-Handbook-Dafydd-Stuttard/9781118026472?ref=grid-view&qid=1585511351977&sr=1-1
@covert zealot great book!

Thank you very much Professor 😄 👍

@mental pelican Yep that's another essential read

actually if you read the absolute introduction of the book where it talks about additional resources and you follow one of the links you get redirected here:

https://portswigger.net/web-security

Web Security Academy by port swigger is meant to be the always-up-to-date replacement to that book, and its run by its author, and it's free so I would use that instead

@neon snow Yep that's true and it's excellent 🙂 I just like having books around... call me old fashioned 😛

Thank you very much Professor 😄 👍
@covert zealot just noticed you did that lol, I wish I was as smart as him!!!! 😁

@mental pelican My girlfriend got me Sandworm today actually as a birthday gift! Going to get stuck into it soon
@chrome parcel it really is great!!! @sacred terrace

Huh..?

Huh..?
@sacred terrace you said you’d heard good things about sand worm 🙂

Oh right. Thats was like ages ago. I barely remember it :p

Haha sorry

No worries~

Still reading Countdown To Zero Day
Reading motivation has been super low so only getting through a chapter a night

@chrome parcel ahhh get to it! Awesome book

Still reading Countdown To Zero Day
Reading motivation has been super low so only getting through a chapter a night
@chrome parcel Is it technical book about hunting 0 day etc. ?

No it's about Stuxnet the malware which the US unleashed to target Iranian nuclear facilities. it's a really good read, I'm about halfway through

I see, sounds fun. Thanks : )

jack from darknet diaries interviewed the journalist who wrote countdown to zero day, seems like a nice lady

At the moment I'm going through The C Programming Language 2nd edition. It was the first recommended thing I learn from a reverse engineering book called Practical Reverse Engineering by Wiley. I opened(scrolled since ebook thanks to humble bundle) Practical Reverse Engineering and it told me that I should first learn C 😄

Has anyone read Kingpin by Kevin Poulson? Great book!

@chrome parcel That C book is pretty cool, from the creators of UNIX, makes a great accompaniment to Donald Knuth's 'The Art of Computer Programming series and Doug Hofstadter's Gödel, Escher, Bach but those books alone are a whole other dimension 😛

I think I have a KNuth book

No I dont. It's Wirth's algo+data structs = programs

😄

another book I have to read but havent read.

The fact there’s a chapter named “the trampoline phase” is all I need to say

jack from darknet diaries interviewed the journalist who wrote countdown to zero day, seems like a nice lady
@raven cosmos Was this on an episode of Darknet Diaries? I must have missed that one

@glad patio i got that in a humble bundle last May. It's pretty cool :) would expect another cybersec bundle from them at some stage this year

@tidal plume didn't they just had one?

@tidal plume Jep! they had one this feb https://www.humblebundle.com/books/cybersecurity-2020-wiley-books

That's the Wiley one... No Starch had one last May and Dec 2018 as well so i got most of their cybersec books through those 😛 No Starch currently has a beginner programming one til tomorrow evening, mainly aimed at kids. O'Reilly has a programming one that's pretty good and Packt has an Azure one. Those publishers do regular bundles in all kinds of topics

The computing bundles generally come out at 7pm uk time on a Monday and occasionally other days

@tidal plume I didn't know you where speaking about nostarch specifically... I love them.. I always take their bundles 😉

Yeah I've got loads of their Linux and python bundles and other stuff too. Their books are really cool.

Georgia Weidman has a new version of her Penetration Testing book due out soon so possibly expect a bundle around that time...

@glad patio That PBA is a gem from a perspective of a guy who's first priority is binary exploitation and their vulnerability analysis.

@chrome parcel yes it was stuxnet episode https://darknetdiaries.com/episode/29/

Ah okay it's been a long time since I've listened to that one

Is anyone having the udemy course "blackhat marketing: A detailed guide to date" .

To this day I'm yet to find a udemy course that provides value for money. With a name like that, I'd imagine it to be a waste of time

To this day I'm yet to find a udemy course that provides value for money. With a name like that, I'd imagine it to be a waste of time
@scenic iron agree ....

i have also seen a course.... complete ethical hacking..... course length 2 hours 😂😂

If only it were that simple, Two hour course turns you into a l33t hackor

there's a python for ethical hackers that is quite good and TCM's practical ethical hacker

To this day I'm yet to find a udemy course that provides value for money. With a name like that, I'd imagine it to be a waste of time
@scenic iron Agreed, I've given a fair few a shot not just for "hacking" stuff. Usually they're pretty low quality

Programming in C : Stephen G. Kochan : 9780321776419
https://www.bookdepository.com/Programming-C-Stephen-Kochan/9780321776419

For anyone that wants to learn C, this is the ONLY book I recommend. One of the best programming books I've read too.

@chrome parcel The only Udemy courses I've subscribed to were the intro course from The Cyber Mentor (Heath Adams) and the Python course from Cristi Vlad and only cos they were free and I find their YouTube content generally good.

There's plenty of other quality resources on the web and if you want to really learn something, you're better off paying for reputable books and signing up for recognised courses from an accomplished training provider unless you're the kind of person who likes to find and compile the resources you need yourself. Most people need some kind of formalised training in anything they really want to pursue :)

I get a lot of my books from Amazon or Humble Bundle or from the publishers or other online shops and use training from Linux Academy, Cybrary (not recently) or other providers.

@tidal plume Yeah books are definetly a plus. I've got a few of Humble's cyber bundles and I've got enough books to last me years of learning individual topics. Labbing is highly underrated as well

@humble goblet why would you recommend this against K&R's book? genuinely curious as I am learning C right now

@chrome parcel I find books essential to learning and some of them are really enjoyable, but yeah having a lab environment is incredibly valuable. The books don't do you much good if you're not getting hands on. I use a combination of books, Linux Academy (They give you a bunch of machines, including Kali to practice), VMs, THM, HTB and other resources like Hackerone and Portswigger. The only thing then is planning and prioritising your learning plan and including a little bit of fun 🙂

@analog bluff I remember picking up that book and dropping it shortly after because I didn't really like it at the time, so I can't speak about it. I felt like it was unnecessarily complicated. I know it's considered the golden standard though, and if I read it today I might had a different opinion. The reason I recommended "programming in C" is because I read it when I was a beginner in programming in general (with C as my first language), and understood everything perfectly. IMHO it's exactly how a programming book should be written, and it also begins from the very basics and takes you up to some advanced C stuff, so it's not strictly an introductory book. I don't think that anyone looking to get into C is going to have a hard time with this one.

thanks 👍

If you had to choose a book, which one would you choose?

any one recommend python book

https://automatetheboringstuff.com/ thats what i used

anyone pls suggest book for assembly language

@shut belfry I didn't got far into the book but I liked The Art of Assembly by Randall Hyde https://www.amazon.com/Art-Assembly-Language-2nd/dp/1593272073 (also: https://www.secjuice.com/guide-to-x86-assembly/)

@shut mountain any online book...its amazon link...but now in lockdown i cant buy it....

@shut belfry You can buy it on Kindle

Or you can buy it as an ebook from the publisher
https://nostarch.com/assembly2.htm

also on amazon.. for kindle.. or at least as an ebook

@shut belfry asmtutor

okie thanku

hey everyone, has anyone read The Web Applications Hacker's Handbook? If so do you recommend it?

@gentle dune i have read it. It gives a good approach but most of the vulnerabilities described there are outdated or fixed

i would not necessarily recommend fully reading it, it’s much better to find some newer version books

@ocean grove thank you I will keep looking then for some other versions then

“Web Penetration Testing with Kali Linux” is a good one

@ocean grove who is that book by?

there are actually couple of them with a same name

just go through reviews and check which one is the best

but i found this one useful back in the days

@gentle dune @ocean grove https://portswigger.net/ is the official follow on from The Web Applications Hacker's Handbook. The book is good but the site is maintained with lots of up to date training resources

@tidal plume thank you so much going to check it out now

anyone knows a good book to data structures

?

@shut belfry data structures in general? or more with a specific language in mind

data structure with c or c++

@shut mountain its good if u give some link of datastructure with c or c++

yeah sorry, can't help.. C and/or C++ are not really my thing 😒

or at least.. i'd need to read up on it myself 😉

okie okie......np p:

This book is free for limited time: https://thehackernews.tradepub.com/free/w_pacb119/prgm.cgi also I think this page will help you https://www.fakenamegenerator.com/gen-random-us-us.php

This book is free for limited time: https://thehackernews.tradepub.com/free/w_pacb119/prgm.cgi also I think this page will help you https://www.fakenamegenerator.com/gen-random-us-us.php
@chrome parcel thanks. Just downloaded

Hope you enjoy it ^-^

I got a bunch of this books from humble bundle a few months ago, but all are a little bit dated, but good for starting

I also have some about sql injection and pentesting but they're in Spanish

ouh, send It @chrome parcel

Think I've got like 2 years of various Humble Book bundles
Will collate them

@chrome parcel what you think of them

I've got enough books to last me years lol
I like them a lot, good way to get cheap textbooks

Me buying for amazon vs people buying from humble

Depends if you're looking for something in particular

Want a cool read? 10.23919/IFIPNetworking46909.2019.8999403

That's a DOI number, don't think I can share the paper

The last couple of weeks I've been dipping into security management and going beyond the reference knowledge you generally find in certs like the CISSP (and the boatload of knowledge and info, such as the Common Body of Knowledge (CBK) that accompanies it) into the wider world of the CISO, a career move that requires skills beyond the masses of technical and management skills many of us might be familiar with.

To that end, Todd Fitzgerald, a leader in the field of CISO research and support (and contributor to the above-mentioned CISSP CBK) recently published his own guidebook geared towards directing people down the path towards CISO and other cybersecurity/information security paths, discussing the skills and experience, resources and effort required to be considered for a position at that level.

At around $50-60, the CISO Compass is definitely an investment worth considering if security management is in the pipeline, even if you're only starting your cybersecurity career.

https://www.amazon.com/CISO-COMPASS-Navigating-Cybersecurity-Leadership-ebook/dp/B07LH3DRLR/ref=sr_1_4?crid=6DVG941DUCIV&dchild=1&keywords=ciso+desk+reference+guide&qid=1589199655&sprefix=ciso+%2Caps%2C304&sr=8-4

https://automatetheboringstuff.com/ that's what i used
@arctic parcel I second this book. Very good for getting into the meat and explains it very well

Anybody have a good PDF for Car Hacking?

@sterile belfry You can purchase PDF here: https://nostarch.com/carhacking

Thanks

https://www.humblebundle.com/books/learn-you-some-python-no-starch-press-books?hmb_source=navbar&hmb_medium=product_tile&hmb_campaign=tile_index_2

idk if someone could be interested

Anybody read "Gray Hat Python"?

no, but it's in the bundle

@woven herald many thanks for the heads up

did someone say bundle?

o it's for python

I have a copy of Cracking Codes

I love this site. From time to time they offer good bundles like this. I think this is the 4th or 5th I got

Please point people to the original source @sterile belfry 🙂

?

Umm, it's on there, I was making a comment on the bundle

Ah!

I gotcha, my bad - sorry.

That bundle looks real neat indeed

No worries

Yeah it's pretty well formatted information, I got the Cracking Codes one about 2 years ago

I'm tempted but I've got like 5 bundles already to get through at some point ahaha

Which book would you recommend for a developer, who has some knowledge of python and other languages as well, but is new to cybersec? Thanks in advance

For ethical hacking? @wet gull

yeah 🙂 not cars, but what other options are there?

Ahaha. I brought a book recently for it bare with

I'm a webdev in work, so I would mostly like the web security, but I don't want to box out my skills, but cars are out of topic for now for sure

Humble had a bundle a bit ago with a lot of good cybersecurity books, they might bring it back

I'll screenshot my folder with them

@glad patio nah brah, get them all. collecting books and reading books are separate hobbies, it is known

Yeah that bundle was a good one

I picked it up

@wet gull https://www.amazon.com/Penetration-Testing-Hands-Introduction-Hacking/dp/1593275641 I haven't read this one, but I keep hearing good things about it. It's an introductory book. For web stuff, I can't think of a book right now but definitely look up portswigger. They offer excellent training and it's free.

@glad patio nah brah, get them all. collecting books and reading books are separate hobbies, it is known
@humble goblet Hahahaha for real! I've got all the textbooks from my course / dissertation completed so hopefully over summer I can start chewing through them. Really looking forward to more RE & hopefully pushing it ous

well time to play the game that portrays hacking the worst

watch_dogs 2

See ya guys later

I've got a lot waiting for me

Have fun! @sterile belfry

oh boy

Any good literature?

yeah, ever heard of H.G. Wells? he's a legend

Anyone have red the hacker playbook by Peter Kim? Any thoughts?

yea

it's a good book

ooh read the phantom tollbooth

i recommend starting it with some shell or scripting language knowledge

Anyone have red the hacker playbook by Peter Kim? Any thoughts?
@wet gull They're excellent books, the three editions build on each other.

I'd also recommend Advanced Penetration Testing by Wil Allsopp

https://www.amazon.com/s?k=advanced+penetration+testing&crid=2DRNAJAV25FYO&sprefix=advanced+pene%2Caps%2C423&ref=nb_sb_ss_i_1_13

I'd also recommend Advanced Penetration Testing by Wil Allsopp

https://www.amazon.com/s?k=advanced+penetration+testing&crid=2DRNAJAV25FYO&sprefix=advanced+pene%2Caps%2C423&ref=nb_sb_ss_i_1_13
@tidal plume Thank you.... And about the hacker playbook, is it needed to go through all three? Or are the other two just newer editions of a same book?

@wet gull You might want to hear it from the man himself. His recommendations were pinned in this reddit thread

https://www.reddit.com/r/AskNetsec/comments/8h8bvy/hacker_playbook_1_vs_2_vs_3/

I personally enjoyed all three and keep them handy.

I’d recommend any of the books by this guy

https://www.amazon.com/How-Hack-Like-GHOST-detailed-ebook/dp/B0852RCVTC

Hello everyone, I would like to share my favourite publisher.
They do only good stuff :)
https://nostarch.com/catalog/security

What’s people’s opinion of the Packt Publishing books?

@stiff sand They are often really low in quality, at least their development books aren't any high quality.

Yeah, I agree. I’ve been looking at the red team related books and they’re pretty meh.

https://www.amazon.co.uk/Art-Assembly-Language-2nd/dp/1593272073
https://www.wiley.com/en-gb/Malware+Analyst's+Cookbook+and+DVD%3A+Tools+and+Techniques+for+Fighting+Malicious+Code-p-9780470613030
https://www.amazon.com/gp/product/1118787315/
https://www.amazon.com/gp/product/1593272898
https://nostarch.com/malware @paper raven

Is what I have on hand

the practical malware analysis one is a bit old but it's still super relevant

• the labs are sick

Thankyou! I think I have that book from a humble bundle a while ago.

Yuisss it's basically flung in every bundle hehe

I'm just waiting for the next bundles with all the books I've missed

No starch books are great

my web app hacking handbook vol. 2 arrived today

https://nostarch.com/tlcl2
I;m about to start reading this book, any one has red this book ?

I feel like im not strong enough when it comes to command line

I'm just waiting for the next bundles with all the books I've missed
@humble goblet btw can you explain how that bunble works ?

Ah it's not a specific bundle mate, I only mean I have seen too many bundles I liked but didn't get, and I'm just waiting for them to pop up again @calm nest

im just not sure how this all bunble thing works, what happens if i pay 1$ ? 😄

do i get few pages ?

@calm nest no, you get a few books, and if you pay for a higher tier you get more. You should sign up, it's amazing, and pretty straight forward. You can get great stuff even for 1$ at a time and you can give it all to charity too

Hey guys

I am fairly new and have been doing a few boxes on THM and HTB, but want to get into Bug Hunting eventually. Thought these books would be good. Any feedback on them or any other suggestions for someone fairly new? Please

I appreciate any help

https://www.amazon.com.au/Bug-Bounty-Hunting-Essentials-Quick-paced-ebook/dp/B079RM344H/ref=nodl_

https://www.amazon.com/Hands-Bug-Hunting-Penetration-Testers-ebook/dp/B07DTF2VL6/ref=nodl_

I think you'd be better off finding resources for web apps. Anything bug bounty related is going to be mostly marketing towards it because it's an overbloated trend. Web app is bug bounty hunting. I recommend looking for something specific to the task.

@tawny schooner https://nostarch.com/bughunting

https://portswigger.net/web-security

Thanks @stiff sand

No probs

I highly recommend checking out this book^

I had it recommended to me recently by the Black Hills infosec guys, it's a book about quitting and managing what to do when you hit the 'wall' (referred to as the dip in this book)

Nice

Suggestions for cyberwarfare books non-fiction or otherwise?

@calm nest The Linux Command Line book is excellent to get you going once you have a distro installed. It's available as a free pdf from the book's official website here:
http://www.linuxcommand.org/tlcl.php/

And of course the Kali book is available free at https://kali.training

@reef lintel Countdown to Zero Day is about about Stuxnet, Sandworm by Andy Greenburg was recommended to me recently, The Hacker and the State by Ben Buchanan was another recommendation

Unmasking Maskirovka by Daniel Bagge is on my kindle atm waiting...

@tidal plume thanks got a couple in my audible wish list now

If that's a paid resource, then no

yes its a paid resource

Then that's piracy

Don't ask people to pirate material for you.

ok im soryy

^^ Both Rule 9 and Rule 11 there

Sorry 😦

If you want a book, buy it.

Support the author.

Here due to lockdown no services are available

any equivalent to that?

The Web Application Hacker's Handbook has been superseded by the portswigger website and there's free security training resources there
https://portswigger.net/

Yes

Online.

Purchase books. Get them delivered.

thats what i m saying here no online services can deliver for now due to containment zone of covid

Ok, this doesn't let you off on piracy

Don't argue.

i said sorry for that 😦

Arguing over rules with mods is a very fast way to get banned.

@reef shore You can use the Kindle app or buy ebooks from many publishers' websites. Sites like Humble Bundle (https://humblebundle.com) provide collections of books for ridiculously low prices and occasionally have amazing cybersecurity and other computing books too

oh thanks

i will go through it

Good Notes on Linux 👍

what are your opinions on libgen and scihub for getting books and resources for computer science?

those are pirate sources and are in fact illegal

Rule 11 also

yes i guess they are, my bad

what are your opinions on libgen and scihub for getting books and resources for computer science?
@limpid bough google and dark web

excuse me? 😄

@tidal plume thank you man

Guys how's this book?
HACKING The art of explotiation by jon erickson

Considered very good

the 2008 edition?

No clue.

i'll read it then

I have read it, it's pretty good for some manual exploitation and low level stuff

@blissful glade it's a great book, but if you're not looking for something that specific and maybe looking for a more introductory book about hacking, I wouldn't pick that one

@humble goblet
it actually was Recommended, i'm trying to dive deep in.. i'll go with some Data structure and some Assembly then i'll take a look on this book again and read it fully

Book words

face books?

fave*

Learning to Swear in America was pretty good

Even had sex jokes and suicidal protagonists

sounds perfect

is it young adult?

14+ I'd say

How do you differentiate in 13+ and 14+

I just read from common sense media

14+ is EU, 13+ is US

I was wondering whether there are some things appropriate for 13 only but not up and above XD

Summary I ripped from the back of the book:
|| LEARNING TO SWEAR IN AMERICA is about 17-year-old Russian physics prodigy Yuri Strelnikov, who's suddenly whisked off to Pasadena to help NASA figure out a way to prevent an asteroid from hitting Earth. They have three weeks to find a solution or the western half of the United States will be obliterated. Although he's constantly watched and chauffeured from his hotel to the lab and back again, he happens to meet the fiercely free-spirited Dovie, a high school junior. Through Dovie, Yuri gets to know a quirky American family, who help him understand there's more to life than the Nobel Prize. Yuri has no doubt that his unpublished work on antimatter containment is the key to eliminating the asteroid, but no one else at the lab agrees. When he's unable to change minds, he secretly replaces codes and calculations to implement his plan without anyone else knowing. Will the plan work, and if it does, will Yuri be able to live with the consequences?||

Does anyone know where I can buy The Cuckoo's Egg by Cliff Stoll ebook (not Amazon) ?

The Pirate Bay

oops i shoulda mentioned legally ;-;

i can only find it on amazon

https://lmgtfy.com/?q=ebook+storefronts

what is a google

@sterile belfry seems pretty rude. it's just a question.

nah but seriously i have searched many ebook sellers and i can only find it on amazon

https://www.ebooks.com/en-us/

Hey hey it's just my go to website

https://www.ebooks.com/en-gb/searchapp/searchresults.net?term=cuckoo's+egg

it's not on ebooks.com ;-;

Aw sowwy

no worries!!!!

maybe if i email the author and beg really nicely

it's a great book from a different time, where computer crimes weren't understood or cared about by law enforcemnet.

anyone read sandworm? like it?

think that may be my next book.

Ooh, I haven't but I might

I'm currently reading Through the Looking Glass

@solemn jewel it is also located in Google play https://play.google.com/store/books/details/CUCKOO_S_EGG?id=0q1_5QkqV8EC

And I also found it on ebooks.com

https://www.ebooks.com/en-us/book/914038/cuckoo-s-egg/clifford-stoll/

@solemn jewel I get my stuff from bookdepository.com, definitely check it out

Most of the time it's cheaper than amazon even if it's a child company

And there's a counterpart for used books too

@sterile belfry please refrain from lmgtfying members in general, but especially in reply to questions like these. You can find a ton of stores through Google, but Google won't tell you which one I (for example) recommend. Knowledge is not same as experience.

@humble goblet unfortunately they're owned by Amazon and I refuse to support Amazon in any way 🙂

Fair 🙂

@reef yarrow neither of those bookstores will let me buy it in the UK

This eBook is not available in your country.

😦

Your best bet is buying an ebook I think

@humble goblet its not available in Uk either, only americas 😦

maybe i'll have to fake being in america to buy it

@reef frost can you uh

Not

I saw.

Any books you reccom? Was thinking of getting the RTFM

that is more of a guide not a book that you read @sterile belfry

I have it and it is amazing alot of tips on different tools/commands to use.

I read the Cuckoos egg many years ago, really enjoyed it at the time. Re-read it not that long ago, still good, but possibly not aged as well as i hoped.

Cliff Stoll is my fave mathematician so I'll probably love it

Hey, can.anyone recommend me some good books on Physical security, red team, physical pen testing... You get what is the idea. If i don't see your msm ping me or dm me. Tnx in advance

Anyone else read this? I'm not advanced but I like the way the writer thinks

I own it

I've read some of it

It's a very strange read

A mix of code, strategy and experience

I like it though. It did make me think about where to put my energy

Version 10 of Debian Administrator's Handbook is up
https://debian-handbook.info/get/

oooh nice! ty for sharing

although I think that if you try to get the paperback, it's still version 8, but the ebook and online version is 10

Anyone got anything good on wireless sensor network routing protocols? more so table-driven like distance vectoring

You will save my life if so

@glad patio It's not a topic I've much experience in but there's tonnes of books on Amazon and loads of freely accessible research papers on the topic (many in pdf)

https://www.amazon.com/s?k=sensor+networks&ref=nb_sb_noss_2

https://duckduckgo.com/?q=wireless+sensor+network+routing+protocols&t=canonical&ia=web

Many books/articles in here, most of them paid but there are some free too:
https://link.springer.com/

A mix of code, strategy and experience
@placid dome What do you mean by code?

@willow quest Programs, code like source code

@glad patio It's not a topic I've much experience in but there's tonnes of books on Amazon and loads of freely accessible research papers on the topic (many in pdf)

https://www.amazon.com/s?k=sensor+networks&ref=nb_sb_noss_2

https://duckduckgo.com/?q=wireless+sensor+network+routing+protocols&t=canonical&ia=web
@tidal plume thank you (: I've got a few academic papers but this is useful ^^

Anyone read Godel Escher Bach? is it worth it?

New book time!

Elephant mug too.

That's an artists drawing of me 🙂

Let me know what you think of it @paper roost !

Ah! I love physical books. Let us know how it is ;)

Can anyone recommend The Hacker Playbook 3?

I like the RTFM book, though it's not a reading book, its references, like a cheat sheet book

Red Team Field Manual?

Just making sure that's not Read The Fking Manual lol

It's gonna be the red team field manual

It was a pun so

@radiant raven gentlemen say "fine" 😛

What?

Oh

Nvm

@glad patio Its an amazing book! Only about 1/3 of the way through. Has a lot of creative ways to exploit certain things. Defo worth it, think it was around 20 quid. Wealth of knowledge in it

@paper roost what kinds of concepts does it teach

Then give an overview of what it is, how it could be exploited then how it's been exploited on bug programs

That's super helpful. I honestly wish I was able to learn better from books

I do better with videos and exercises

Or instructor led lessons

Im terrible with books, Im trying to learn from them as I know there's a wealth of knowledge in them

Yeah definitely

I'd eventually like to take up bug hunting

Im terrible at reading normal books, half way through Snowdens book and half way through Dantes Inferno

If even to just do some small bounty ones

I've found an exploit on a bug program but I dont know how to take it further. Hoping the book can help

Very cool! That's exciting still

Yeah its an odd 1, by adding a random named cookie, I'm able to add SQL in it and the page changes. Though I can't get it to output what I choose.

What year is that one from? What version is it more specifically

Copyright 2019

Sweet

Is that Real World Bug Hunting?

I've read it

It's on Safari Books if anyone has a subscription to it from work or school

I just added it to my Pentesting playlist :P

Along with Black Hat Python and others

audiobook tries to read code

It is a good book currently reading it

I'd honestly love to get into bug hunting, if only for like...the small dollar value ones. Though I've heard that its an overcrowded field and most of the time the lower dollar value ones are taken already

Bug bounty hunting is also great as a learning experience, regardless of the likelihood of missing out on bounties.

@radiant raven that is what I am trying to do right now and have been studying for. I am trying to just use bug bounties as a side job and make some income. Plus @west fjord is right a great learning experience and looks good to employers if you mention it.

@west fjord Idk how the systems all work. Like, can only one person have it active at a time? And what if that person is a complete noob and just wants to use it to maybe learn how to bug hunt.

Like what I'd be doing lol

but #general

Check out the book someone mentioned in here previously, called Real-World Bug Hunting. Covers a lot of ground.

Even how to start with one of these platforms?

as a noob

I added it to my Safari playlist but work has been busy; havent had a time to check it out

Chapter 1 covers the basics, although bugcrowd and hackerone both have ample resources to explain how to start.

Although TryHackMe is the best way to start, as it has many walkthrough rooms that are valuable in explaining the target technology as well as paths and methods of exploitation.

Indeed!

Just ordered bug bounty hunting for my collection. I have so many things I need to read but I’m looking forward for this one - it’s going at the top of my queue 🙂

Also I recommend watching InsiderPHD on youtube she is really good at explaining stuff for bug bounties and she just started about a year ago

I can definitely second InsidePHD. STÖK as well

STOK is a legend just like nahamsec and TomNOMNOM

STOK is the kind of guy that can be friends with anyone

But STOK's videos are more about like...a day in the life right?

That's not quite what I'm looking for

Starting InsiderPHDs starter series now

Thanks for that

not necessary he has some great videos that he collabs with other hackers about javascript for example with tomnomnom. also you can check out bugcrowd and hackerone for their instructional videos

STOK has some good videos too

Im terrible with books
@paper roost same. Halfway through every book bar 3 of them and seem to have the most difficult time finishing them all

Honestly the best thing you can do is to put a book down and move on. Nothing makes you hate reading more than being forced to read an entire book. No one's forcing you, if you don't like it - don't read it! I find maybe 1 fiction book a year I like to read, but even then I've read the first few chapters of so many and they just bore me.

This ^ plus there's no point reading for the sake of reading

It's just counter-productive, you don't learn anything and the time you spent can be doing something else imho

That depends on why you’re reading. I’m an English major—(in reality it’s Writing Communications, which is journalism and creative writing, but it’s close enough)—and like, reading is one of the things you have to do in order to be successful. How can you seek to master the English language if you aren’t exposing yourself to other voices/ideas?

Any good book to learn about proxy,vpn?

Sounds like you'll need a general networking book? Since I doubt there are many books centered around specifically proxies / VPNs. The book networking book I've come across is Computer Networks: A Top Down Approach. https://www.amazon.co.uk/Computer-Networking-Top-Down-Approach-Global/dp/1292153598/ref=sr_1_4?dchild=1&keywords=computer+networks&qid=1591788983&sr=8-4&tag=duckduckgo-ffab-uk-b-21

Hey Everyone , I am new to penetration testing. Can anyone list some resources that will help..?

Hey Everyone , I am new to penetration testing. Can anyone list some resources that will help..?
@proper saddle scroll up and check #resources as well

@chilly osprey Thanks so much..

Hey all, I'm new to TryHackMe and this discord... Figured I would post about a quality book I am reading.
It's called Dark Mirror . It's about Snowden and the things he experienced with his time working for the NSA. Quite the interesting read.

@fallen sinew have you read Glenn Greenwalds book? It's an interesting read

@robust salmon I have not, no. I will jot his name down. Which title do you recommend?

No Place to Hide: Edward Snowden, the NSA, and the U.S. Surveillance State

I'll check it out, thanks!

Hey can anyone recommend be a book for bug bounty

Real-World Bug Hunting: A field Guide to Web Hacking. Peter Yaworski

@mighty onyx

Hands-On Bug Hunting for Penetration Testers, by Joseph Marshall @mighty onyx

Thnx a lot @west fjord @cedar quail

This book is one of few that carried me through Uni

It's a bit hard to tackle to begin with but stick with it I promise!!

https://www.humblebundle.com/books/protect-your-stuff-apress-books

this seems like a nice bundle

does anyone have any feedback for these books and/or the publisher?

is the get certified bundle any good?

@granite knoll packt books aren't very good in my opinion/experience

I concur with @humble goblet. They are a hit or miss when it comes to quality.

I see..

ty guys

If you get the $19 ACM Student Membership you do get all Orielly and Apress books for free. Just have to be a college student.

@chrome parcel oh thanks, good to know! Even the basic tier?

can you suggest me some good python material, guys?

can you suggest me some good python material, guys?
@winged haven automate the boring stuff with python is a great book and there's even a course based on it. It's aimed at beginners. If you're not looking for something like that, many people say great things about learn python 3 the hard way, which I've read but I have some complaints about. I think every programming book should have exercises in every chapter based on what you've learnt, and this book doesn't, for the most part. It's still a good book in any case.

Can anyone recommend some free books for bug bounties?

@winged haven @humble goblet You can read Automate The Boring Stuff at the book's official website and the author has posted the first 15 of the 50 course videos on YouTube (link to YT on this page too:

https://automatetheboringstuff.com/

Right, I have that bookmarked but forgot to mention it, thanks!

I got your back 😉 Also, William Shotts released a pdf version of his Linux Command Line book under Creative commons on that book's website:

http://www.linuxcommand.org/tlcl.php

Keep posting mate 😄 @tidal plume

thanks, guys @humble goblet @tidal plume

Neo, you really should look for books pertaining to Web Apps. Anyone marketing books around bug bounties are doing it because of the current fad. Get the same, and probably better results from a good web app resource instead.

Hi The Mayor

Thanks mayor, any suggestions?

@chrome parcel although this is not a book, portswigger has some great online (and free) labs you can try. the material that explains the concepts is also amazing. it's a good place to start.

A cat and a tomato.

Cool.

#general

😦

@humble goblet thanks man. Whether it's a book or not, information is information

@humble goblet Yep, portswigger was created as the successor to the much-admired Web Application Hacker's Handbook, which has been an essential read for a long number of years

Yep I know

Always loved me a Web resource

I hate the notion of non updatable material

Yeah I dunno how many old and out of date textbooks I've got but not all documentation resources are going to be at the level of portswigger

guys where to start lookin for buffer overflow

I saw the Secure Your Stuff Apress Humble Bundle get posted earlier in chat, but it seems like an evaluation wasn't given on it.

Does anyone have an opinion on the books provided? Do any of them stand out more than the others?

https://www.humblebundle.com/books/protect-your-stuff-apress-books?hmb_source=navbar&hmb_medium=product_tile&hmb_campaign=tile_index_7

@shadow frigate Some of them definitely look interesting but I haven't had a chance to read them yet. If you want to know that style of the books and their information, Apress have an ongoing project called APressOpen where they have made 25 of their books available for free (and legal) download on their own site and I've seen several of them on Amazon Kindle as well.

From what I can see they are generally rated well or highly. From what I can tell from some of the reviews I've seen, they sway in their technical or managerial content and the value you get from them might vary.

https://www.apress.com/us/apress-open/apressopen-titles

I have an idea: since the amount of books/resources we stumble upon daily is overwhelming, we could start creating reading lists (so other people can take that list and read those books in order). If someone has a bunch of books that they consider essential reading (ideally in order), please take a shot.

I like the Idea. What do you think about this: https://www.goodreads.com/ ?

Does anyone have good experience with a Java literature that explains topics like generic classes (ArrayLists, HaspMaps etc.), nested classes in detail?

Preferred languages are English and German.

Currently reading “Gray hat python” to understand about exploit development and reverse engineering.

Do i need to skip any chapter or should i complete from beginning to last?

Hey can someone suggest me a book or a nice series on Linux Privesc. I googled and there is so much stuff, I cant make up my mind

tcm just released a linux priv esc course on udemy @hearty geyser

Following on from what @humble goblet said, if people post their fave books here I can make a spreadsheet and we can have a "faves of tryhackme" - the most popular books 🙂

tcm just released a linux priv esc course on udemy
@tepid torrent Awesome

Following on from what @humble goblet said, if people post their fave books here I can make a spreadsheet and we can have a "faves of tryhackme" - the most popular books 🙂
@solemn jewel please do! that's an awesome idea

is this just for books in general or programming/infosec books only?

I think thats's a compilation of different resources like books, links, courses etc.

This channel is focussed on books, but I believe fiction is OK

Ok

Links/courses ideally go in #resources if they are not books

Thanks, nice to know.

easily fav book https://www.amazon.com/dp/B000BO2D3C/ref=dp-kindle-redirect?_encoding=UTF8&btkr=1

^ The alchemist is a good read

yup

Your name makes a lot more sense now

George orwells books are op too

hahaha

if you like to read lots, and like fiction

read renegades

and if you like slightly less crazy fiction, go for delirium

theyre both trilogies, gonna keep you busy for a long time

im reading the alchemist rn actually

tell him that he owes me a couple sheep

@solemn jewel

hello everyone, im a beginner, i know linux and familiar with hacking terminology

could you please suggest me some good books to gain knowledge on cybersecurity

I loved the alchemist when I read it (~16). If I read it for the first time now though, I'd get bored pretty quickly

orwell is great

another few favs of mine: h.g. wells, philip k. dick, arthur c. clarke

why would you get bored?

@winged summit Check "No Starch Press" - Hacking & Computer Security section.
In addition try to books about hijacking instruments, like Nmap, Metasploit and etc.

@winged summit Check "No Starch Press" - Hacking & Computer Security section.
In addition try to books about hijacking instruments, like Nmap, Metasploit and etc.
@ruby osprey
Oh kk

@chrome parcel because I really don't like it, I think it's immensely overrated. but that's me

@humble goblet i think youre not getting the big picture. ive read the books tens of times since i got it in different languages, and i always feel like i learn a new lesson the next time i read it

no I really think I got it. it wasn't hard. I think it's possible to get where the author is coming from and still not like the work

some things are a matter of taste

hmm yeah. what are your opinions on why you don't like it?

so:

• it'll take dev time away from the platform
• It'll take one of the community members time (probably mine) away to host the thing
• we need to constantly gather questions (and having hosted plenty of AMAs, this is the most difficult part)
• Dark (and myself) are pretty busy because we both work full time jobs
• Skidy & Ashu are in a different timezone than Dark which makes it difficult to find a good time for everyone.

@robust salmon are you in a wrong channel?

nah, just commenting on @chrome parcel's name

@robust salmon lol I'm dumb, I'll see myself out 😄

there's a better channel for it, just this is the one I happened to notice his name in lol

honestly what are you gonna ask the admins anyway? you can just ask it in #general

@chrome parcel I would rather not, because it's been many years since I read it, and I never said I have any valuable criticism to offer, just that I don't like it anymore

tru, it's a lot of time to organize for a little thing too. A podcast would be better

boy I didn't know that with the right name you could get staff attention so easily, there's a vuln there

lolol

There is also this for site/infrastructure updates: https://tryhackme.com/changelog

Closest thing to an ama as it stands (:

@robust salmon oh, well if you think a podcast will be better then you can do that. maybe more frequent AMA's?

@humble goblet yeah lol all books get old

@robust salmon oh, well if you think a podcast will be better then you can do that. maybe more frequent AMA's?
@chrome parcel i thinj that would be a bad idea

maybe like

once every 6 month an AMA

as a celebrationary thing

@chrome parcel I hope I wasn't the one that made you sad 😂

no lmao

once every 6 month an AMA
@solemn jewel i mean that can work too. the main thing i wanted to ask is how they manage all that backend stuff 👀

6 month ama is likely

yeet

Gray Hat Python    1.0
Automate the boring stuff    1.0
Linux command line    1.0
The art of assembley language    1.0
Hands-On Bug Hunting for Penetration Testers,    1.0
Real-World Bug Hunting: A field Guide to Web Hacking.     1.0
No place to hide    1.0
Dark Mirror    1.0
Practical Binary Analysis    1.0
Web Penetration Testing with Kali Linux    1.0
The Web Application Hacker’s Handbook Second Edition    1.0
Mastering Kali Linux for Advanced Penetration Testing    1.0
Kali Linux - An Ethical Hacker's Cookbook”    1.0
Mastering Kali Linux Wireless Pentesting    1.0```

THM's most recommended books so far

the 1.0 is how many times someone has recommended it

I'm considering adding a new category too "Mod / Admin approved" for when Mods / Admins recommend books

Python Crash Course

Cryptography Apocalypse is pretty good @solemn jewel

@hoary mortar sorry to tag you, but I know you read. Mind weighing in on your fave books? 🙂

yee I can hop in here in a bit

Network Security Assessment, by Chris McNab, Third Edition.

Operator Handbook: Red Team + OSINT + Blue Team, by Netmux. If you liked RTFM and BTFM, you will love this.

Red Team Development and Operations: A Practical Guide, by Joe Vest and James Tubberville. Zeroday Edition!

Offensive Countermeasures: The Art of Active Defense, by John Strand, Second Edition.

Attacking Network Protocols: A Hacker's Guide to Capture Analysis and Exploitation, by James Forshaw.

hello there i want some cybersecurity books that is suitable for 0x7 and 13 years old

DM me directly or put it here and tag me

thanks

@distant coyote if someone DM's you directly, please tell me what books 🙂 I'm compiling a list of THM's fave books 🙂

no problem

Any good book suggestions ?

Gray Hat Python    1.0
Automate the boring stuff    1.0
Linux command line    1.0
The art of assembley language    1.0
Hands-On Bug Hunting for Penetration Testers,    1.0
Real-World Bug Hunting: A field Guide to Web Hacking.     1.0
No place to hide    1.0
Dark Mirror    1.0
Practical Binary Analysis    1.0
Web Penetration Testing with Kali Linux    1.0
The Web Application Hacker’s Handbook Second Edition    1.0
Mastering Kali Linux for Advanced Penetration Testing    1.0
Kali Linux - An Ethical Hacker's Cookbook”    1.0
Mastering Kali Linux Wireless Pentesting    1.0```

@velvet horizon

idk how easy that is to read ;-;

but i'll update it again soon

Thank you for the feedback 😇

hello there i want some cybersecurity books that is suitable for 0x7 and 13 years old
@distant coyote
Beginning Ethical Hacking with Kali Linux, by Sanjib Sinha.
Linux Basics for Hackers, by OccupyTheWeb.

Make PBA: 2.0

And add Practical Malware Analysis

This is an abridged list of books I've read/am reading

Becoming the Hacker: The Playbook for Getting Inside the Mind of the Attacker, by Adrian Pruteanu.

From Hacking to Report Writing: An Introduction to Security and Penetration Testing, by Robert Svensson.