#bookclub

If you search Python on hacktivities you see a few 🙂

From what I've read, both books are Python 2.6/2.7

I've been taught in Python 3x

It's not that hard to convert between the two, but they are both Python 2*. As far as I am aware, there is no Python 3* hacking books 😦 Some exploits on exploitDB use Python 2* also, which is annoying

That's really frustrating. 😦

I definitely don't want to use a variant that could be rendered derelict in the future.

As a fun exercise, you could always turn the exploits & adventures in Black Hat Python / Violent Python into Python 3*. There's also gray hat Python, but I'm not too sure on it

Is there any one you recommend over the other?

A list of 6 books I'm currently looking at (I'd like to select from 1 at this time.)

Python: As mentioned above, I'm looking for a Python cookbook or something to give me something to physically reference/scribble into. My class ends in a few weeks and I'll be using JetBrains to supplement what I haven't been able to learn in my Python class. I'm hoping some folks here have read some of these books so they can help narrow down a specific one to pick up.
- Automating the Boring Stuff with Python: I've only head good things about it and seen it recommended a lot here, but nothing specific. Seems to be cookbook based. Need more info to judge. ❓
- Black Hat Python: PenTesting specific Python. I would need to convert the code to Python 3x from 2x. I'm not sure the difficulty of that and what the difference between 2 and 3 is and what it means for me.❓ (potential ✅ if Py 2->3 conversion isn't awful)
- Fluent Python Clear, Concise, and Effective Programming: Seems like an intermediate book that seems to explore "why" in Python. Uses Python 3. ✅
- Python Cookbook, Third Edition: From the description, talks about updating Python code from 2 to 3, which would make it a kinda nice companion to Black Hat Python, or at least a book to read before that. It was published in 2013, so obviously will fail in being "modern" or up-to-date. ❓

Kali: I've seen two Packt books recommended here. I've heard conflicting info on whether or not Packt means a good book. Both books seem to be modern (published in 2019) and cover a lot. They both seem to cover two different sections of Kali and PenTesting, so I'm a bit conflicted if one is recommended over the other and in what case. At this point, I also wonder if there's even a point to picking up a Kali book or skipping over it. I see a benefit in what could be a reference but...
-Kali Linux An Ethical Hacker's Cookbook
-Mastering Kali Linux for Advanced Penetration Testing

I loved Fluent Python (quite a lot, actually) and automate the boring stuff 🙂

https://www.humblebundle.com/software/python-programming-software?hmb_source=navbar&hmb_medium=product_tile&hmb_campaign=tile_index_6

Available for another 6 days. Might be worth it for anyone trying to pick up Python? Has a 6 months JetBrains sub.

(remember, jetbrains do free student stuff)

Yep that too

Option for people who aren't a student at least

By suggestion of Bee, I'm picking up Fluent Python as my first Python book. Also picking up the Operator Handbook and Mastering Kali Linux for Advanced Penetration Testing.

Couldn't decide on 1.

Hey I am just getting started with the pentesting would you recommend something's like book or where should I get started

https://tryhackme.com/

I am using thm but with my online classes I am not able spend too much time with it

So may be some beginner level book

@lost viper What kind of classes are you taking? If you're taking a topic right now in college for say networking, why not take that topic and build from it? Research into the topics THM offers and learn what you should be watching out for. Learn how Nmap and Wiresharp use the network to do their deed. For me, I'm taking a programming class, so I'm spending most of my outside time doing that and delving further into that. It also is a topic I bought a book on recently because it's my research focus.

If you ctrl +f Bee's responses here, he has a list somewhere that has some of the top recommended books by folks here, as well

has anyone read this ?https://www.amazon.com/dp/1984201573/?coliid=IAI4V80TQ2G6P&colid=5ZTQ9V5AE3SI&psc=1&ref_=lv_vv_lig_dp_it

"Open Source Intelligence Techniques: Resources for Searching and Analyzing Online Information 6th Edition"

The same author has published a book recently on a similar topic that's cheaper than the book you posted. In the reviews, it mentions the resources no-longer being available for the book. Maybe check into the newer book and read reviews (not just Amazon) to see if it covers similar material. Extreme Privacy: What it takes to Disappear (https://www.amazon.com/gp/product/B0898YGR58/ref=dbs_a_def_rwt_bibl_vppi_i0)

has anyone read this ?https://www.amazon.com/dp/1984201573/?coliid=IAI4V80TQ2G6P&colid=5ZTQ9V5AE3SI&psc=1&ref_=lv_vv_lig_dp_it
@boreal osprey This book is highly recommended on r/osint (to the point where 70% of all posts there are about this book)

has anyone read this ?https://www.amazon.com/dp/1984201573/?coliid=IAI4V80TQ2G6P&colid=5ZTQ9V5AE3SI&psc=1&ref_=lv_vv_lig_dp_it
@boreal osprey Good book, although there is a Seventh Edition.

Get the latest OSINT book mentioned above!

Anyone that can recommend a reverse engineering book ? This one looks pretty solid: Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation (https://www.amazon.com/dp/1118787315/)

Thank you to all who answered me! Much appreciated!

I can vouch for Extreme Privacy. It is not so much about OSINT gathering but rather how to go full nomad. If you are interested there is a podcast that Mike hosts which goes over the main topics of the book called "Privacy Security & OSINT with Michael Bazzell"

Make sure you grab the 2nd edition if you decide to purchase

Anyone that can recommend a reverse engineering book ? This one looks pretty solid: Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation (https://www.amazon.com/dp/1118787315/)
@chrome parcel Practical Malware Analysis.

@thick jasper thx. I will check it out:)

👀

@cinder plaza why u looking like this??

👀

is there any book for php learning

What epub/pdf reader do you all use? I tried out a few last night because I got sick of sore eyes bc of a white back ground on the ebooks. I tried freda, okular (linux/windows versions), kindle (desktop), adobe, calibre, icecreamapp ebook reader, and a couple others but none seem to be the whole well rounded package I was hoping for.

I used Lithium on android a little

Thank you I’ll check it out!

Book Recommendation: "The Ideal Team Player" by Patrick Lencioni

@boreal osprey I recommend kindle ebook reader , you can buy an old one and it’ll gold just fine, as mine is 10yrs old and going strong

I love my kindle

Had one of my good friends recommend this book to me. Not explicitly cyber related but more so a general good read: https://www.amazon.com/gp/product/1775224112/ref=ppx_yo_dt_b_asin_title_o00_s00?ie=UTF8&psc=1

For those too lazy to click the link

@crimson compass ^This is one you might enjoy, it's from one of my business friends

@crimson compass ^This is one you might enjoy, it's from one of my business friends
@hoary mortar awesome, thank you man. I’m check this out.

oh my god it's horrifying but i love it xD

No No No No No

Bad James

(Is it your birthday?)

No No No No No
@north spade how dare you

(Is it your birthday?)
@shadow frigate It's 0day's birthday

Hence that monstrosity

Hey guys just new to the group anyone else here read cult of the dead cow yet? Great little history lesson on some of the greatest badasses in cyber security

I actually just ordered that today

Excited to read it, one of my coworkers (not on THM) used to be involved with them I believe

@hoary mortar you should totally invite him or at least get him to write a few stories for us to read. I would totally love that

I can ask him lol

If its not too uncomfortable or strange go for it!

I'll see what I can do

Truthfully, I do need to restart the AMAs

I'm sure he'd be down

Sounds good to me

Their SQLi section is sqlmap

Which isn't good guidance for OSCP as sqlmap is explicitly banned

I can't speak for the rest of it

I actually just order that today
@hoary mortar enjoy it, one of my favourite reads in years

can some1 recomend good book to start learning javascript?

JavaScript is a curse

JavaScript is actually really nice with ES6. Somehow. Never thought I would say that.

@grave oxide You might like https://eloquentjavascript.net/

thanks, ill check it out, not a big fan of JS so far, but atleast need to understand it for starters

@north spade It came a long way as a language and browsers actually respecting more specs 🙏

any good books or resources for learning about opsec

@chrome parcel https://inteltechniques.com/ specifically his podcast and books

And +1 on Eloquent JavaScript. I read the 2nd edition and made some of the annoying parts of the language clearer to me

There's also https://javascript30.com/ if you prefer something more project-based

Java script.....

https://pbs.twimg.com/media/EdBiQcDX0AATWK5?format=jpg

Hi, any books to get started with cybersec?

#bookclub message

This is a list of the most recommended books

When we get the bot to do book stuff it'll be much larger 😛

A Recommendation I have
The Operator Handbook (Red Team + OSINT + Blue Team)
While I haven't perused RTFM+BTFM, this book has a large amount of helpful information I've been flipping to for the past couple of weeks. Some sections, I've noticed, need work. Nmap has -T missing from its list of useful things as an example. I've penciled in some corrections/used stickies to expand on the info in my own copy. Some info in it is a little bit much. There's an entire table of info on different operating systems and what their current version is, how they release, etc. Obviously this information is best not included because it will constantly be out of date, but it's nice to know what the most popular Linux distros are at the flip of a page. It separates things by sections, by if they are red team, blue team, or other. There's a mini-section on OSINT, but if you want an actual deep dive, I still recommend reading an actual book on the topic. It gives you a handy list of websites to use, but the way they are classified is a bit misleading. Blue team sections have info on patching, but I recommend actually doing research on those topics because the book will eventually be out of date, even if it was just published. It is useful to know what to look for, though, in your research of blue teaming.
So can recommend, but always be prepared to make amendments.

I think it would be neat if in the recommendations from the bot, you can click on a link and it will tell you why it's recommended by a user but man the automation on that would suuuuuuuuck

I think it would be neat if in the recommendations from the bot, you can click on a link and it will tell you why it's recommended by a user but man the automation on that would suuuuuuuuck
@shadow frigate that wouldnt suck at all to implement, but what would suck would be moderating exactly what users enter into the books recs

Yeah the only way would be to screen it like write-ups

@shadow frigate Did you purchase the hardcopy or digital?

The AWS and Azure coverage in the book is pretty solid.

@west fjord I purchased the hard copy so I can scribble in it/have the information ready outside of the Internet.

I have the digital version. Printed out a few pages so far.

Many infosec gurus contributed to that book.

Another good book is: Blue Team Handbook, by Don Murdoch. Covers SOC, SIEM, and Threat Hunting. It's from 2018, so a bit older.

Cheers for the recommendation I'm definitely gonna get a hard copy for my new bookshelf that's on its way

Although I really learn better from a THM style I do like books.

I'm a ferocious reader, but many of these handbooks are mostly utilized as reference books, to look things up.

If you guys want lots and lots of technical stuff for reasonably cheap, check out Packt publishing. They have a shit ton of books geared toward professional/technical skill development. I used their book to do some business analytics in python stuff and it was good, managed to cancel before the trial ran out too lol

but good stuff for cybersec too

i mean i assume it's good i didnt read it, i just know they have it 🤷‍♂️

Packt can be hit or miss

I think it's been discussed why when it comes to Humble Bundles and a Packt IT bundle gets posted

Maybe it depends on the subject matter? I was not impressed with their game development books and hadn't really looked at their other books because of that

Had anyone read Tribe of Hackers: Red Team? Are the answers from most of the people the same? I ask because I found this was an issue with the first book.

@rich hatch Similar to the original book. Still somewhat insightful as to how the Red Team approaches things differently.

Anyone know any red hat hacker books if not a good gray hat hacker book

Red hat is a linux distro, is that what you're looking for?

Yea I wanted to learn more about it as I didn’t know there was a thing as red hat hacker til the other day

There isn't

Red Hat is an enterprise focussed linux distro

Red team exists, but that's seperate from hats

@errant sundial I think he's talking about the concept of red team vs blue team maybe?

Or I guess white hat vs gray hat

No not about red team and blue

No there's an urban legend of "red hat hacker" going around

I have the RTFM

Saying "oh if you don't know what it is then you're not good enough"

I searched it up and it said hackers that want to destroy black hats so I wanted to look into it more but guess it’s a legend like you said

Is there a good gray hat hacker book you coyld reccomend?

Why would you want a grey hat book?

Just interested to learn more about it

Red hats don't exist, Cybrary created them for some reason

Red Hat is a linux distro

Oh alright thanks

I think you might want to look into maybe working for a government's cybersecurity/forensics division probably

A lot of that is a lot less offensive than you think, and more just about forensics and trying to piece a name to digital evidence

@chrome parcel Stop recruiting people to work for the government, we know you're a spy

@chrome parcel Stop recruiting people to work for the government, we know you're a spy
@cinder plaza

I mean, most digital forensics or cyber justice jobs are basically only government

Since it's illegal for any company to do offensive work like that I Guess

@west fjord thanks for the info. Guess I'll dive in and give a few of the chapters a read anyway

Hands-On Penetration Testing with Python, by Furqan Khan. @chrome parcel Not as good as Violent Python though.

Almost all books in that category are written for Python 2.x @chrome parcel A matter of time before they catch up and adopt 3.x, now that Kali is moving away from 2.x.

You can convert from 2 to 3. Though I don’t know what it means to do that since I know 3.

At the least it could help you understand the program better

Well you could go through Violent Python and use a resource like https://github.com/EONRaider/violent-python3 to understand the PoCs in Python 3 while being mindful of the differences between 2 and 3 while you read the book

Seems there are some PoCs that weren't rewritten though since there's no equivalent library in 3 that the code depends on (chapter05/ninja_print.py)

https://www.humblebundle.com/books/programming-languages-oreilly-books?hmb_source=navbar&hmb_medium=product_tile&hmb_campaign=tile_index_1

I just bought Fluent Python

It is weird how there's Fluent Python (not a basic book) but there's basic+intermediate groups for the other languages.

Fluent Python is really good

my maybe 1st? most popular blog post came from that book

"TimSort" - the python default sorting algorithm 🙂

Fluent Python's a brilliant book. Serious Python from No Starch is along similar lines

@west fjord Somebody converted the whole thing into Python 3. It's on Git

@steady perch this it? https://github.com/BLTSEC/violent-python3

https://github.com/EONRaider/violent-python3

this one^^

Are there any books that would be like the equivalent of Windows Internals but specifically for Active Directory concepts? Showing the details of the kerberos authentication implementation, forests and trees and objects etc. ?

not really you may be able to find a couple sys admin related books to active directory and Kerberos but in general there’s just not a lot of AD books

@inland sonnet Somewhat covered in Mastering Active Directory, Second Edition, by Dishan Francis. A free resource I use, is the Active Directory Security site: https://adsecurity.org

Has anyone read this book "Advanced Programming in the UNIX Environment, 3rd Edition"? It kind of old but I take it since its low level its still viable?

Has anyone read this book "Advanced Programming in the UNIX Environment, 3rd Edition"? It kind of old but I take it since its low level its still viable?
@boreal osprey Big fan of this book, concepts explained are still relevant IMO

any books for noobs

?

https://media.discordapp.net/attachments/679099130320125952/729369995007492156/unknown.png?width=367&height=300

@calm goblet these are books recommended by thm for beginners id say the hacker playbook 3.0, linux command line, and kali linux would be helpful books for you the kali one being free I believe

Thanks @mortal wedge

@west fjord thanks!

@mortal wedge what’s the score mean behind the titles? I got the physical Kali book and looking to expand my bookshelf, thx for the image!

I believe it’s how many people in thm recommend it

Aah, gotcha. Thx mate

@mortal wedge what’s the score mean behind the titles? I got the physical Kali book and looking to expand my bookshelf, thx for the image!
@hollow kelp Yup! Soon we'll have a bot command to recommend the books, so we can have a constant database of TryHackMe's favourite books. The bot team is v/ busy right now though, so may take some time 😅

That’s really cool @solemn jewel gl hf to the bot team then 😃

Really recommend these books if you want to start with Buffer Overflow https://subscription.packtpub.com/book/security/9781789807608

https://subscription.packtpub.com/book/networking-and-servers/9781788473736

I read the whole binary analysis book from packt

It's about how to use inbuilt tools in linux to analyse binary, from dd, objdump to readelf. It's good for starter, but not really good for buffer overlflow.

I just needed a starting point, this was good

If you have some more advance resources for bof, do send me pls 🙂

@hearty geyser check pins in #resources, there's a list of materials related to binex pinned there

Guys, anyone knows good books translated into spanish?

Hi there! Any recommendations on materials for improving social engineering?

@obsidian current The Social Engineer's Playbook: A Practical Guide to Pretexting is the only that I have heard about

Thanks @mortal wedge .

its currently free on amazon kindle

Even better!

Social engineering the art of human hacking is also good

And mitniks the art of deception

What do you guys think about this book?

I was thinking of getting it

What do you guys think about this book?

Combines stories that are fictional, with hacking methods and technology that is real.

back into the hacking roots

Books in text for those that can't read images: Stealing the network by Ryan Russell, Timothy Mullen, and Johnny Long The best of 2600 a hacker odyssey by emmanuel goldstein

Authors for stealing the network are Ryan Russell, Timothy Mullen, and Johnny Long

thanks guys for updates, I am sorry for inconvenience

Since I’ve been (slowly) getting into game hacking and there's a DEF CON discount from No Starch, I just picked this up ❤️ https://nostarch.com/Effective_C

Hey guys I am looking go get a couple of books related to hacking and Cybersecurity and I would love some suggestions. I have been programming for a few years but I am really getting into this side of CS now so I would love a good beginner friendly book that can teach me the basics of CyberSecurity. I would also like a good story type book that isnt as informative but is interesting and can still teach me some. I was looking into Ghost in the Wires: My Adventures as the World's Most Wanted Hacker for the story type book and ‘
Operator Handbook: Red Team + OSINT + Blue Team Reference’ but I would love some feedback and suggestions. (Sorry if this was the wrong channel for this but it seemed sorta on topic)

@mossy tangle Stealing the Network (see my post above), is thriller book, with good story behind and about 90% of the content is describing the various hacking and IT security techniques (data hiding, SQL injection, Wifi wardriving, identity theft, virus programming, disassembling atc. ) and using real hardware and software. For me it was very interesting reading to see how it may look like behind the scenes. To give a technical credit to that book, Kevin Mitnick was one of the technical editors.

Hey guys, do you have any recommendation for a Ebook ( Kindle format ) for pentesting something relate to that ? Thanks !

@mossy tangle I'd skip Ghost in the Wires unless you want to read that for pure entertainment, as I recall it was mostly about social engineering and phreaking. What little there is about network security could probably be read in a lot more detail in another book.

If you want another recommendation, Sandworm was still one of my fav reads in the past year, good balance of being informative and entertaining

Ok sandworm looks really good and interesting to read but what would you guys recommend for mostly information

https://media.discordapp.net/attachments/679099130320125952/729369995007492156/unknown.png?width=367&height=300

what do the numbers mean in this list

If I remember correctly those are books voted from THM for any beginners

How many people recommended it

Not for beginners, just recommended it over all

any recommend book for shellcoding ?

Shellcoders handbook

for window 64 bit env

https://www.amazon.co.uk/Shellcoders-Handbook-Discovering-Exploiting-Security/dp/047008023X/ref=sr_1_1?dchild=1&keywords=shellcoders+handbook&qid=1596891054&sr=8-1&tag=duckduckgo-ffab-uk-b-21

oh

Shellcoders handbook
@left haven thanks

https://www.amazon.co.uk/Shellcoders-Handbook-Discovering-Exploiting-Security/dp/047008023X/ref=sr_1_1?dchild=1&keywords=shellcoders+handbook&qid=1596891054&sr=8-1&tag=duckduckgo-ffab-uk-b-21
@solemn jewel thank you.

it's hard for 64bit env. So. xD

And any recommended for malware development ?
thank you.

@chrome parcel Would you say that the book you recommended is more entertainment or informative? I think I am going to get Sandworm but I want one more book I can really learn from.

Any recommendations for reverse engineering? Almost all the time I open a elf in ghidra I don't know what I am doing. I suck at assembly and rev . Please suggest.

I like the shellcoders handbook, I'll have a check over the contents page to see how much RE it does

The core of RE is being able to read assembly

Oh kay

Any recommendations for reverse engineering? Almost all the time I open a elf in ghidra I don't know what I am doing. I suck at assembly and rev . Please suggest.
@bleak moth theres a ghidra room in thm

Ok if you're learning RE for BoFs, it's a great book

The start has some chapters on recognising how C/Cpp structures compile to assembly which might help

But there are probably some dedicated books for learning x86 which would be better suited

@distant coyote actually during CTF's when an elf has a flag.txt inside it and you struggle to fetch it out by using all methods you know, you feel my pain? 😅

kinda

But irrespective of that, I want to understand assembly fluently.

Shellcoders handbook seems like the real catch , I'll definitely read it

@errant sundial it will okay for beginners right?

I wouldn't recommend it to start with

Since BoF is a hard topic if you don't know the basics

I had a subject in microprocessors and microcontrollers, that would help I guess

A lot of dialects of assembly seem fairly similar

Since BoF is a hard topic~~ if you don't know the basics~~

But until you can read some x86, I wouldn't recommend starting BoF

Okay okay

Eventually I'll write some material on "This is what you should do before you start learning BOFs"

If you have a lil compsci background, it really helps. Then you can understand the stack etc a bit easier

Eventually I'll write some material on "This is what you should do before you start learning BOFs"
@errant sundial eagerly waiting for that

@mossy tangle It is perfectly OK when you go for Sandworm, that's actually very good choice. Then you can try other books, life is long :-)

I mentioned "Stealing the network", as it started my eager for hacking and IT security in general few years back. It provided good story with great and accurate technical details. All chapters were hypnotic, but I remember especially chapter "Birth of Pawn". It put whole SQL injection topic in context, from perspective of noob.

Stealing the network is set of 4 books (~1100 pages):

• How to own the box
• How to own a continent
• How to own an identity
• How to own a shadow

hey guys does this book still relevant because it was released back in 2011 and if not do you have any recommendations for web app books

https://www.amazon.com/gp/product/1118026470/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=1118026470&linkCode=as2&tag=bugcrowd-20&linkId=9f9c5e3f51e50ea7092a21a04aec184f/

@cunning thistle PortSwigger Web Academy would be a replacement for WAHH; the authors made it to fulfill being a 3rd edition of the book, just not in book form https://portswigger.net/web-security/web-application-hackers-handbook

@rich hatch alright thank you !!!

Any recommend book of ASM for windows x32 x64

https://www.amazon.com/Computer-Organization-Design-MIPS-Architecture/dp/0124077269

This one is really good for learning ASM and the entire machine/kernel structure from scratch

Although, MIPS isn't x86

true

but at least this gets your foot in the door

@tacit schooner I have a good YouTube series I can recommend. I know that's not a book, but if you're interested, please DM me. I don't want to post here because this channel is for books only afaik.

Feel free to drop it into #resources though!

Yo guys ik that there was some talk about a good hacker story book that went in detail with the tools that were used. Can you tell me the name of the book again please?

Yo guys ik that there was some talk about a good hacker story book that went in detail with the tools that were used. Can you tell me the name of the book again please?
@cobalt quarry I know one book but it is in spanish

Any way the book is: Hacker épico

Ahh shit no i found it. It was called Stealing the network

seem very interesting

Ahh shit no i found it. It was called Stealing the network
@cobalt quarry It's a very old book keep in mind

So you may not find what you are expecting

Ye ik but its a thriller story book and honestly i was kind looking for a nice story telling hacker book

guys whats the best hacking book that helps you learn more

@chrome parcel here are some books that may help you

ty

Thpb3 was really good. More of an updated copy paste of the second tho

Anyone know a good malware analysis book?

https://github.com/rshipp/awesome-malware-analysis#books @boreal osprey

Recommend me a non-fiction non-tech related book 😄

Man's Search for Meaning?

The broken earth series

Mine first

The broken earth series
@placid vigil this is fiction 😦

Man's Search for Meaning?
@thick jasper i have read this book ;-;

Oh I misread your message sorry

I have no nonfiction recs then 😱

Oh well, I can't think of any at the moment

The Compound Effect is self help book but quite good

Preferably I like books about weird topics, like clouds, you know? something you wouldn't normally think about but someone else has advanced knowledge on it 😄

clouds, you're obsessed with it :p

And cloud is a really abnormal topic to write a book about?

this is my fave book on clouds

https://www.amazon.co.uk/Cloud-Book-How-Understand-Skies/dp/0715328085/ref=sr_1_1?dchild=1&keywords=cloud+book&qid=1597589494&sr=8-1

it goes really well with this book on water

https://www.amazon.co.uk/How-Read-Water-Patterns-Puddles/dp/1473615224/ref=sr_1_1?dchild=1&keywords=how+to+read+water&qid=1597589507&sr=8-1

Cloud Dynamics (Volume 104) (International Geophysics (Volume 104)) 2nd Edition

Understand skies?

Damn, that made me curious

wait woah that looks cool

i told u

these are the books i love

you see these things everyday but you never stop to learn about how they work

did you know it rains frogs

like quite regularly too

https://en.wikipedia.org/wiki/Rain_of_animals

No, I don't. I think I should try the 1st one

Only interest I have beside tech stuff includes human psychology

But your one is cooler Bee

Only interest I have beside tech stuff includes human psychology
@thick jasper fave book? i've read thinking fast & slow

i got this discord into rust I'll get y'all into clouds >:)

I agree, little things we see everyday has more to see than it meets the eye

Thinking Fast and Slow is really really good

That's my fav too

You have really great taste in books @solemn jewel

You have really great taste in books @solemn jewel
@thick jasper I just read a lot and put down books that are boring haha

Same

If first few pages interests me then I'll read the book in 2-3 days

Have you read Mastery?

Or any of the Robert Greene book?

Yup! 48 laws of power, I own mastery too but haven't read it 😛

i should finish that book actually I think?

48 laws of power

was quite good

maybe I'll find it 😛

Damn

Mind sharing an image of your book collection?

an image? I sold all of them about a year go 😛 But I maintain a database of every book I've owned, here's that list:

Oh btw

you're going to see some really weird books

like uhmm

from dictators or people that society normally looks down upon

that's because I push myself to read the opinions of people I disagree with

so when u see stuff like mein kampf or trumps books dont h8 me too much :p

Considering the school you went, I am waiting for more shockers

ok i might read crackign the coding interview or 1984

I'm thinking about re-reading 1984

I've never ead it

read*

It's a pretty scary book

It's like Fahrenheit 451

Can anyone tell me if this book is still relevant...

Just saw this pic pop on LinkedIn, anyone has read one of these ?

Some of those are generally recommended

I've seen Hacking The Art of Exploitation and I think Black Hat Python?

Penetration Testing isnt bad but its really outdated

Hacking the art of exploitation is great for the deep understanding of techniques

Practical Malware Analysis is chefs kiss. Tad bit old but the content is still very relevant. The binaries/labs start to error out in compatability on win10. Try and use Win7 at the latest. iOS application handbook is really good if you wanna get started in bug bountying apps @icy furnace

Helps you setup an environment of tools iirc from my copy

PMA is arguably the bible of malware analysis man

Pentesting Azure Applications is pretty good

and in general any book from no starch press is top notch

I'm taking notes guys, thanks a lot 🧐

No Starch Press as a publisher is very good, same for Manning Publications and O'Reilly.

Some Packt books seem to be good. I have been reading Mastering Kali Linux for Advanced Penetration Testing 3e for a month off and on and I think it's been helpful.

I’ve only heard bad things about packt but it may depend on the book

I've heard the quality of info is super dooper iify but this one and the other one I'm interested in picking up supposedly are highly rated. My experience so far with that book has been good. I like that the first chapter tells you about the RTE model and gives you snippets of mindsets. The second chapter is OSINT-y and it is mostly about Kali's use with the OSINT tools it comes with. It's okay, I think? But the mindset I think is best represented in Social Engineering The Science of Human Hacking (so far). I plan on learning about Kali's OSINT tools and kinda leaving it there. I want to use a separate Linux box for OSINT, per Bazell's recommendation.

I'm still waiting on that book in the mail. LOL

Opinions about: Operator Handbook: Red Team + OSINT + Blue Team Reference?

Positive opinions

It doesn’t contain everything and I’ve made my own pages for it

Some info you might have to pencil out like Kali being rolling etc

It’s a handy desk book for me

It isn’t going to teach you something, but it will act as a reference when you don’t want to crawl through man/-h for a specific flag. It tries to limit what’s in the book to the most useful stuff.

@shadow frigate kali is based on debian rolling

Yes. But that book says it is a stable release. Kali isn’t really full stable anymore

Oof

Yeah it's definitely not stable

James xd why

Metasploit dev is included

Which breaks

Practically monthly

Do you guys read code in disclosed cve and perform root cause analysis?

@willow quest this is for books and other literature. Use #general for that 🙂

The art of war. Whether your planning to lead an army or apply the book to your everyday life, its a good read. It's also in the public domain so you can often find it for free in audiobook form

I never really picked it up but I want to. It's mentioned so many times in self help category.

Give opinion about "The web application hackers handbook 2nd edition"

Finished reading it at the start of this month

Hugely helpful for understanding web application security (and insecurity)

You'll learn a huge amount if you're new to the field

Iirc I have a copy of The Art of War in my boxes

Can't remember much about it, but I remember it making me feel better when I was going through my super dark depression spiral like 4 years ago

I don't know for how long I'll keep spamming this but, The King Killer chronicles is worth every page. Not to sound like a 13 year old, but IMO Harry Potter is a subset of this novel.

Upsides: There is no movie/TV series on it, yet.
Last part of this series is coming out this month. (After 10 years)

You'll learn a huge amount if you're new to the field
@proper axle Do you just read the book without doing labs?

Hm?

You mean the questions at the end of each chapter?

It'll help your retention to do them.

You should definitely do any labs a book tells you to do

The exception should be if the resources got yeeted

It can tell you the concept, but practice is part of retention

Can anybody recommend me any good PDF format book on Python?

Yep, Automate The Boring Stuff With Python and Fluent Python.

Fluent python is not exactly good for learning python for the first time, if that's what you want to do

Fluent Python is 100% for those who are already practicing Python

But Automate the Boring Stuff as well as Python Crash Course are great.

If you’re learning and a student with an email hit up jetbrains

Hence I mentioned Automate The Boring Stuff With Python first.

Ive heard this is good for beginners. also the site has good info

@solemn jewel pirated content above

As far as I can tell its not free

@solemn jewel pirated content above
@ancient zenith i checked it, it didnt look like it to me

let me read up on the license 1 sec

Share — copy and redistribute the material in any medium or format

https://creativecommons.org/licenses/by-nc-sa/3.0/ its safe content 😄

Oh good. I just saw it for sale and didn't see that. Better safe than sorry

can anyone suggest book on computer networking

Cisco CCNA is about networking and configuring Cisco devices and after finishing the book you can try their exam and obtain a certificate.

but i guess there is more and better books

Oh good. I just saw it for sale and didn't see that. Better safe than sorry
@ancient zenith
Yeah imagine jumping to conclusions before knowing and accusing someone of something. Good practice 👍

So the hint I am asking for is... If there was 1 book you could suggest A noob read that will help fill out on foundational knowledge what would you suggest?

So the hint I am asking for is... If there was 1 book you could suggest A noob read that will help fill out on foundational knowledge what would you suggest?
@lyric thunder a mind for numbers by Barbara Oakle, it teaches you how to learn

@solemn jewel great reccomendation

Recommend me a book. Any topic

https://www.amazon.com/Alchemist-Paulo-Coelho/dp/0061122416

lol

@hearty geyser

Awesome

The Cloud Book

Learn about clouds

The Cloud Book: How to Understand the Skies Paperback – 21 Mar. 2008

This attractive and entertaining guide to the clouds, helps readers to identify every cloud type and related phenomena, and understand its implications for the weather.

Sounds interesting

but can you really identify clouds @solemn jewel

but can you really identify clouds @solemn jewel
@hearty geyser yes

you can tell when it's going to rain based on clouds

it also talks about cool things

like when it rains frogs

you are being serious right

cause that would be nice thing to learn

I am being serious

All right then, added this one to my 2 books long reading list 😄

There's another cool book "how to read water" which does the same but for water

so you can tell when it's going to flood

yes, among other things

I think it's really cool to be able to look at clouds and say "ah, it's going to rain" or to look at the ocean and say "hmmm... this looks odd we should leave"

especially as we look at clouds and water everyday, it's nice to know what they are

I'm definitely Intrested in the cloud one atm. I don't live anywhere near an ocean or even a sea, so that's a pass rn

So bee is a weatherman

It reminds me of this meme

https://tenor.com/bdrOL.gif

savaged

i never understand that meme

Hi, looking to learn php and JavaScript. Please recommend a book for me. (it doesn't have to be beginner friendly).

@lime sedge https://eloquentjavascript.net/ for JS, I don't have recommendations for PHP

@lime sedge https://eloquentjavascript.net/ for JS, I don't have recommendations for PHP
@rich hatch
Thanks.

Does anyone know a good book on networking ? Doesn't have to be beginner friendly, but something that is praticle and give good example to solidfy concepts

Does anyone know a good book on networking ? Doesn't have to be beginner friendly, but something that is praticle and give good example to solidfy concepts
@chrome parcel Computer Networks: a top down approach is the best I have ever read

^^ it has python code examples and even online exams / questions if you buy the book 😛

Hi, looking to learn php and JavaScript. Please recommend a book for me. (it doesn't have to be beginner friendly).
@lime sedge sololearn is good, but read the comments

https://www.humblebundle.com/books/advanced-computer-security-and-privacy-morgan-claypool-books
any feedback on this?

I'm interested

IMHO better to spend more on a book or two you know you'll definitely read and can be valuable, than less on a whole bunch that are vaguely interesting and might end up wasting your time

hmm those aren't even things I can look up on Amazon

M&C as a publisher I find too academic, dry material. @humble goblet

can someone send me uni cybersecurity book pdf? i wanna have a peek

Would that be a paid resource you're requesting @distant coyote?...

Would that be a paid resource you're requesting @distant coyote?...
@north spade if its free, I am just curios about the content

How do y'all feel about that humble bundle?

https://www.humblebundle.com/books/programming-productivity-mercury-books?hmb_source=navbar&hmb_medium=product_tile&hmb_campaign=tile_index_6

How do you guys feel about this?

It seems nice but want to get more opinions on it

I don't really like that one. 🤷‍♀️ I think there are a lot of free online resources to learn programming

What a weird bundle

You got programming with Python, C++, and then just randomly Photoshop stuff, doing stuff with cloud computing, cybersecurity, and Bash? Then there's Excel? And then ML stuff?

Seems very unfocused

Programming and Prodictivity by Mercury

Programming is the languages and CyberSec, productivity is MS, PS so on

Yes, I can see that. Doesn't change that it's a very oddly unfocused bundle

So its a nono

https://www.reddit.com/r/humblebundles/comments/ibjlz0/humble_book_bundle_programming_productivity_by/

AutoCad?

I'm giving that a straight pass

V fun to play with but in an infosec / redhat perspective

I'm not quite sure what can be learnt from it other then printing really cool stuff

3D printing a lockpick set sounds kind of cool…

Hopefully the resin works lol

@rich hatch I agree with you but humble bundle is known to pack great value in little money, so there are at least some thing I would rather get this way than getting the individual books. A good example is basically any bundle with no starch press books. I got a few from the latest one, which included classics like black hat python and a few others.

Agreed that No Starch's bundles have a better signal/noise ratio than some other publishers. But you still have to watch out for what you're buying (ie: programmer bundles where they may be bundling more K-12/Scratch books than ones more applicable to doing InfoSec or software projects)

yeah No Starch and Oreilly I'll buy... others mostly no

I trust a few others like hackers playbook and operators handbook

And the "Hack like a pornstar" books are surprisingly ok

Hey dose anyone know any good new books on system administration?

Not a single book but no starch has a sys admin collection
https://nostarch.com/catalog/system-administration

Azure devops labs @cobalt quarry

You can get some free credit and learn some cloud stacks like Azure

Businesses are becoming more and more hybrid by the day (on-site Windows domain with Azure and O365)

Do you guys recommend the book "Hack like a p0rnstar" ?

Think someone here recommended it here, unironically

Might give this a read after Tribe of Hackers Red Team https://www.cl.cam.ac.uk/~rja14/book.html

Boo no social card, but https://www.cl.cam.ac.uk/~rja14/Papers/SEv3-coversmall.jpg

Isn't this piracy?

dont think so, a friend gave me

idk

im gonna delete them so

Yea I would say it's piracy as it's books for free

idk

I was giving them as a gift or sharing

But meh

If it's free books on a drive or mega files etc it's best not to as those are mostly piracy

Oow

F

Better to don’t have troubles so

Thx for advice

It's in the rules

Yea you'll get a warning by the mods as well if you post any piracy stuff

!rule 11

Rule 11: No distribution of illegally obtained materials within the discord. Do not pirate books in #bookclub

🧐

Unless the book is published publicly online for free

it's basically pirating

My dudes, he apologised could we leave the discipline to the staff.

!rule 11
You are technically violating rule 15 yourself

Which book?

Sorry I didn't know I actually doled out punishment

https://discordapp.com/channels/521382216299839518/679099130320125952/751075693156106260 the author discusses distributing it looks good to me + it's an ac.uk domain

That's not the book

maybe you guys should leave the enforcement of rule 15 to the mods 😉

That post was yesterday CMNatic, you're investigating the wrong book

@glad patio Check #lounge It’s All there

Not the books just the rest

Thanks

!rule 15

Rule 15: Please leave any disciplinary measures to the discord staff (Trial Mods, Mods, and Admins). This is also known as no 'mini-modding'. If something is happening, please just let the staff know and we can take care of it <3

good lord - anyone actually go to the link?

the author is publishing it on his website for review

geez

Are you referencing the right book? The drama isn't about what I posted

I am gonna have to check that book out

I think there was another link posted after ESWAT's

Any resources for reading or some kinda tutorial of macro malware? xD

youtube

"Amazon.com: How to Hack Like a PORNSTAR: A step by step process for breaking into a BANK (Hacking the planet Book 1) eBook: FLOW, Sparc: Kindle Store" https://www.amazon.com/How-Hack-Like-PORNSTAR-breaking-ebook/dp/B01MTDLGQQ

Lol

Erm

Erm

What

Erm, is that legal?

Erm yes

If not, it wouldnt be on amazon

👀

It's a somewhat recommended book around here for some reason

actually amazon sells the anarchist cookbook. And that's illegal in many places

and I thought the anarchist cookbook was an actual cookbook

There are a lot of things amazon sell that can be illegal in some places or used illegaly. Doesn't makes them ouright illegal tho

Check with local laws before buying a thing.

even IF it is legal, I'm sure you get put on a list

then try to get sudafed AFTER that

I haven't touched Ruby on Rails in 4 years and kind of want to build something real, so bought this and hopefully I’ll actually complete it lol (I went through 2/3 of the 2nd edition many moons ago and that was a solid book) https://pragprog.com/titles/rails6/agile-web-development-with-rails-6/

"Amazon.com: How to Hack Like a PORNSTAR: A step by step process for breaking into a BANK (Hacking the planet Book 1) eBook: FLOW, Sparc: Kindle Store" https://www.amazon.com/How-Hack-Like-PORNSTAR-breaking-ebook/dp/B01MTDLGQQ
@icy lark - i actually read that book - horrible name - but it was good intro when I was starting out. the author has a decent series of books.

@icy lark - i actually read that book - horrible name - but it was good intro when I was starting out. the author has a decent series of books.
@stiff prairie I just did a write up of his CTF on my blog. Not going to list it as I don't want to violate any rules here, but hilarious that I come into book club and see this post right after I finished all of this.

who knows about the OTW new book?

otw?

OccupyTheWeb

I read his linux book, it was not bad. I'd read another one of his

Yes

Aw man

https://guyinatuxedo.github.io/

Not really the place for writeups

I believe #resources is the best place as long as it doesn’t turn into self advertisement

it's not a write up ... kinda book

!help

I don’t even know where the best place or that be is 🤷‍♂️ whatever if it needs to be moved a mod will tell you

Please don’t use the help command anywhere except #bot-commands though please it gets spammy

@mortal wedge ok , Thanks

who has some good books about web app pentesting? just started reading The Web Application Hacker's Handbook and was wondering what others people have found helpful

web app hackers handbook is widely regarded as the best intro to web app handbook

well that's good to know, thanks! I've only just started reading it

@solid portal i have some

@robust salmon is it legal to share the books here?

You can share books within the public domain, like Alice in Wonderland

I mean I would be good even with the titles

Web Penetration Testing with Kali Linux, Third Edition, by Gilberto Najera-Gutierrez and Juned Ahmed Ansari.

has anyone here read blackhat python? is it worth the money

I would say yes, but it's in python 2 from what I remember.

How is violent Python

It's also outdated but worth reading on how python can be used for pentesting.

I have been translating and summarizing free programming books ENG -> SPA on my free time, any recommendations ?

Active Directory Administration Cookbook, by Sander Berkouwer. Published: 2019.

@west fjord would u pls name 3 of ur favourite infosec's books ?

If this is a communal game

• Shellcoder's handbook
• Cryptography apocalypse
• On Intelligence

Security -- Network Security Assessment: Know Your Network, Third Edition, by Chris McNab.
Hacking -- The Hacker Playbook 3: Practical Guide to Penetration Testing, Red Team Edition, by Peter Kim.
Blue Team -- Blue Team Handbook: SOC, SIEM, and Threat Hunting Use Cases, by Don Murdoch.
Red Team -- Red Team: Development and Operations, Zeroday Edition, by Joe Vest and James Tubberville. @warm vector

@west fjord tnx buudy

Is there any good book which teaches scripting using Python3? I see mostly python2. :|

the differences aren't that great, it'd be better just to find a webpage explaining differences https://sebastianraschka.com/Articles/2014_python_2_3_key_diff.html

Thanks. Will have a look at it.

Someone ported the Blackhat Python exercises to Python3 and put them on GitHub. Others have probably done the same with other books

I'm reading The Quick Python Book (3rd edition) which uses Python 3, but expects some previous programming knowledge

Crash Course in Python as well as Automate the Boring Stuff. The latter I think is free on the author's website and the former I believe is half-free. If you're a student, doing interactive exercises on JetBrains might also be your speed since you're having to actually write code repeatedly to get things right.

Is anyone here into psychology?

I'm looking for some articles / vids on behavioral psychology. I'm interested how people react to certain words or some surprising statistics or persuasion or double speak / euphemism.

Thinking Fast and Slow.

Not specifically what you're looking for but it works.

is hacking for dummies, 5th edition a good book?

I've never been a fan of the 'For dummies' books

@chrome parcel I have it it’s only good if you’re like beginner/early intermediate

I'm looking for some articles / vids on behavioral psychology. I'm interested how people react to certain words or some surprising statistics or persuasion or double speak / euphemism.
Whenever i see the word "yawn" i yawn

yawn

Thinking Fast and Slow.
@thick jasper This is the best book on it. Hands down. Nothing else will ever compare 🙂

True that.

Alright, I'll check it out. Thanks =)

Imo, books on social engineering might be good for that topic, too. Social Engineering: The Art of Human Hacking touches on psychology behind getting someone to do what you want.

Ok I’m going to read Thinking Fast and Slow

I read about the book and it seems to be a very thorough read. I read as a recommendation that I should go through the summary first before attempting to read the whole book.

Thinking Fast and Slow is a great read

+1

+2

-1

What books should I read if I'm just starting with rooms

stuff like excercises

https://www.amazon.com/Diary-Roblox-Hacker-Ultimate-Diaries-ebook/dp/B07GZY6BGL/ref=sr_1_160?dchild=1&keywords=hacker+sticker&qid=1600353144&sr=8-160

My man!

You can't post that here

The Sacred Texts

That knowledge is too much for us here

Linux Basics for Hackers, by OccupyTheWeb. @chrome parcel

@empty cairn I worked creating software for psychologists before and they made me learn about Theory of Mind, you can look it up and it's the base of all of that. Also the mirror neuron system. If I find the articles I'll give you the exact names of the authors

Is there a pdf link?

No piracy

purchase the book

@empty cairn I worked creating software for psychologists before and they made me learn about Theory of Mind, you can look it up and it's the base of all of that. Also the mirror neuron system. If I find the articles I'll give you the exact names of the authors
@scenic orchid Thank you so much! I'll read about it

looks similar to the CySA+ book

hi

Is there a pdf link?
No ❤️

@modern elk no
share ur opinion about it with us here then
tnx

@modern elk just working my way through that book right now. Pretty good book.

Hey. Any suggestions for a good book for a complete beginner like me?

in what topic?

Maybe this one - https://www.amazon.com/Internet-Dummies-John-R-Levine/dp/0764506749

does anyone know of a good linux kernel book not from 2007

basiccly >=2017

Mastering Linux Kernel Development, by Raghu Bharadwaj. Published in 2017. @ember dragon

thanks dude @west fjord

been lookin that

Where do you get all these books from @west fjord

Check into O'Reilly Online (previously called Safari Books Online). Packt publishing also has it's entire catalog online. @hearty geyser

Thanks

It's like Spotify for books. 🥳

Yeah I have OReilly online

Humble Bundle strikes again! 'Data and AI'. Azure, SQL, SAP, R, Neural Networks... Lots of this is over my head, but I'm sure someone will get use from it.

https://www.humblebundle.com/books/data-ai-oreilly-books

Yoinked! Nice find, thanks @sick hull

I'm somewhat of a humble bundle addict :p

Whats a good follow up book after reading Hacking The Art of Exploitation I haven’t finished it yet but wondering what would be good to read after it

I couldn't get through it. I still have it here, I think it's just a bit too full-on for the level I'm at. And have been at

But on amazon I keep getting told to get the Hackers Playbook and RTFM/BTFM

I have the RTFM it’s good to look at when what tool to use and how

Does it get the Blackout Seal of Approval?

Yea it does it helps me so much especially when you’re trying to scroll up and find a command it’s so much easier to find it in the manual

Can you guys recommend me a book or any resource on how to make your own CTF ?

how to get role?
@radiant scroll Out of interest, how is that related to books?

Guys I would like to buy the Shellcoder's Handbook but considering the price I don't want to regret it. What's the recommended knowledge level to enjoy it properly?

It is beneficial if you already are familiar with Assembler/C/C++ as programming languages, Unix/Linux as OS, and computer architecture and design in general. @mental crane

Jeff Duntemann's book comes highly recommended; Assembly Language Step-by-Step: Programming with Linux, Third Edition.

u can buy the whole book via https://www.buymeacoffee.com/l/H4ckTr1cksW0o

Any suggestions for calculus math books? Please @ me with the suggestions

What sort?

Didn't realising shaming books was a thing

Welp now there's no context

So I'm going to assume it was about to be a request for PDFs and I could shame them for piracy.

for Calculus, I'd say if you want something deep, I'd go with this https://www.amazon.com/Calculus-4th-Michael-Spivak/dp/0914098918 and if you want something that will get you the basics, I'd go with this https://www.amazon.com/Manga-Guide-Calculus-Hiroyuki-Kojima/dp/1593271948/

can anyone suggest me a good book on cryptography and encryption

I got you @chrome parcel!

https://www.schneier.com/books/cryptography-engineering

https://www.schneier.com/books/applied-cryptography/

I can recommend both with high praise!

If you need more of an Applied Cryptography book, look at “Serious Cryptography”, No Starch Press

thanks for the books

Has anyone read Real-World Web Hacking: A Field Guide to Bug Hunting: A Field Guide to Web Hacking? And is it a good read?

Hi fellow hackers, I'm in love with this community and I'm trying to be 0xD God here but I'm lacking some strategies and logical thinking, Is there any book that can help me upgrade my logical thinking and strategies?

I'm reading Hacking The Art of Exploitation which is really good book it teaches you the fundamental techniques of hacking

Okay! thank you for answering my questions

Has anyone read Real-World Web Hacking: A Field Guide to Bug Hunting: A Field Guide to Web Hacking? And is it a good read?
@short carbon It's good. It demonstrates the various vulnerability types with actual real cases that have happened to real companies, instead of merely illustrating it with theoretical cases.

Thanks

any opinion about this book?

I dunno but whenever I see Packt, I proceed with cautioun

@cedar plank reason?

i'm on page 100
it's a good article

Linux Basics for Hackers, by OccupyTheWeb. @chrome parcel
@west fjord did u read his second book?

Packt has a history of publishing books that are inaccurate and/or poorly edited. I have no experience with their infosec books but have experienced this with their game development books

I've read that Linux book from OTW. It's a pretty good Linux primer if you're new

@rich hatch tnx
i read some articles from 'em and find out np
by the way
tnx again

I've read that Linux book from OTW. It's a pretty good Linux primer if you're new
@rich hatch i've read that too
that's really good
i'm interested in this new one

and in terms of Packt books, they tend to not have much depth to them, it is very basic, with a book that has 1 review on Amazon and not even someone who has been verified to have bought the book, it also seems very strnage

So just an aspiring master hacker

Becoming the Hacker by Adrian Pruteanu is good. Despite it's catchy title, it covers a good amount of hands-on ways to go about exploiting vulnerabilities.

https://www.humblebundle.com/books/learn-to-code-the-fun-way-no-starch-press-books

c++

Eloquent Javascript is an awesome book

You can find it here for free too https://eloquentjavascript.net/

Aaaaannnd Humble Bundle Strikes again! Perl, F#, Java, Lisp, R, SQL, Python, Rust C++, JS, Haskall and Assembly, along with a few programming concepts books

https://www.humblebundle.com/books/learn-to-code-the-fun-way-no-starch-press-books

xD @sick hull Scroll upwards a little

Ahh. I was stuck further up when I posted it

Still, you can always get it twice...

it warmed my tiny, cold heart that they included a Perl book in there

"Learn you a Haskell for great good" is one of the best programming books ever, especially for functional programming / haskell. HIGHLY reccomend the bundle just for that book 😮

Any recommendations for burp suite pro book?

Burp Suite Cookbook, by Sunny Wear. She's a great author, who has also done instructional video courses on Burp. @quick wharf

@west fjord Thank you.

oh that is totally what I need, I always feel lost with burp

which i guess is why i'm not a master hacker yet
@modern elk update me with ur opinions when u start it
tnx

what are some books that you all recommend having a physical copy of?

Hackers playbook

@tranquil yew the RTFM would be a good answer I think, especially since it's written in a pocket-reference style

although typing long one-liners by hand sucks

Hi fellow hackers, is there any books that I can read for problem solving and critical thinking

Decision Making & Problem Solving Strategies John Adair

Bulletproof Problem Solving: The One Skill That Changes Everything

Decision Making and Problem Solving: Break Through Barriers and Banish Uncertainty at Work John Adair```

Wow! Thank you

Red Team: How to succeed by Thinking Like the Enemy, by Micah Zenko. This book provides insight into out-of-the-box thinking and adversarial-thinking when it comes to the dynamic of offensive- and defensive security. @gleaming violet

Alright thanks!

any opinion about this book?
@warm vector now @ page 200
too many ups and downs and it's a lil messy in topics
but it really worth the time spent on it

Finally, some updated books for GIAC certifications:
GCIH: GIAC Certified Incident Handler All-in-One Exam Guide, by Nick Mitropoulos.
GPEN: GIAC Certified Penetration Tester All-in-One Exam Guide, by Raymond Nutting and William MacCormack.
GSEC: GIAC Security Essentials Certification All-in-One Exam Guide, Second Edition, by Ric Messier.

Are those completely new? Didn't know there were books, wonder if they're worthwhile replacements for the courses

yep, by the looks

Yeah all three are new, the third one is a second edition, as it was previously published in 2014. Don't know if these will replace any course material from other content providers.

I just ordered the GPEN book, will take a crack at it and see if it's worth it

any feedback on this book?

I haven't read it but I see it get recommended quite a lot, looking at the reviews it takes you from a start to finish on red team engagement

Wow! That's nice it will be improve my knowledge about read teaming, ight thank you for your feedback!

The book is borderline blackhat hacking, so I would not recommend it. @gleaming violet

@gleaming violet you may be interested in this: https://nostarch.com/pentesting

How one could hack like a pornst⭐r? 🤔

i may be wrong but i think pornstars are pretty bad hackers 4head

@robust salmon https://www.youtube.com/watch?v=F4mZLHDGMqg relevant

Ight thanks guys!

@robust salmon https://www.youtube.com/watch?v=F4mZLHDGMqg relevant
@humble goblet holy. shit.

Saw this mentioned on another discord, $4.99 for kindle version of Web Application Hackers Handbook https://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470

Or you can just signup for Port Swigger's Web Sec Academy. They released that instead of launching another version of the book

Maybe I looked at the web sec academy but I didn’t understand it. Like it would have a few paragraphs about something and then say ‘here is a website, practice on it’. And I was like uhh what?

It's def structured differently from the book and doesn't have some of the older bits (attacking Silverlight lol) but yeah it's a worthwhile update to the book

@cedar plank check this out: https://portswigger.net/web-security/web-application-hackers-handbook
The web sec academy can be updated. It's also completely free and you only have to sign up to practise in the labs. I've went through most of the material and I remember it being incredibly well laid-out, but nevertheless if you're struggling with it, you should just read up on the topics you're struggling with in other sources. The labs will also help you very much, and you can check the walkthroughs if you find something hard. If you want to make it though, don't give up. You will if you put enough time in.

@modern elk you can start anywhere. Start with whatever is most familiar to you and work towards the rest of the stuff. Some of them are not directly related.

Personally I love books, but in the security field (and sometimes in technology in general) some things become dated quickly. If you read the book, you can at least supplement your learning with the academy as well, at least the labs if nothing else.

Maybe I looked at the web sec academy but I didn’t understand it. Like it would have a few paragraphs about something and then say ‘here is a website, practice on it’. And I was like uhh what?
@cedar plank Exactly,that's the point

Also if you're struggling with a specific topic, you can ask in #infosec-general. The more specific the question, the easier it will be for someone to explain it to you or point you to the right resource

I think for some a book, even outdated may work better for some people

Well, outdated is maybe fine as long as you have a source from which you get the up-to-date information

but still, this is web hacking, by definition a practical topic. Learn by reading whatever clicks with you, but you'd be better off practising on the labs afterwards

I figured the book had labs? I haven’t looked (and of course it would seem you could use things like Juice shop / Broken Web app)

https://riptutorial.com/ebook

Are there any books that teach me how to program with arduino, rasp, or just random chipset?

I dont even know what im talking about

Raspi you can use Python for GPIO quite easily.

I think for some of the others, there's micropython but it's mostly c or cpp. I have an arduino book somewhere that I think I'd recommend, I'll see if I can find the title

Make: Arduino Bots and Gadgets Is the one I have, I think, but there's some other good ones from Make

If you can pick up an ESP8266 based microcontroller, you can do some cool wifi projects

Woa insteresting!

Thanks

If you can pick up an ESP8266 based microcontroller, you can do some cool wifi projects
@errant sundial can you give me some examples of "cool wifi projects" made from it?

It can be a full wifi access point or a full client

Oh damn thats cool

Lol

https://cph.opsdisk.com/
Just found out about this book. I've been trying to understand SSH tunnelling and this is a pretty nice first introduction to the topic, explaining different types of connections with clear examples. I think it's very well worth $5-10 (if you are a student).

What if you’re no longer a student, but now a blob?

You get banned.

@scenic rock There may also be something big planned for teaching that too 👀

Niceee, can't wait

Good. It's scheduled for January 😆
It's free though

I'll have time to chew through the book then

Build Your Own Cybersecurity Testing Lab: Low-cost Solutions for Testing in Virtual and Cloud-based Environments, by Ric Messier. 🥳

It is Thor's day, so why not some Cloud pentesting books: 🌩️
Hands-On AWS Penetration Testing with Kali Linux, by K. Gilbert and B. Caudill.
Pentesting Azure Applications: The Definitive Guide to Testing and Securing Deployments, by M. Burrough.

my copy of the hacker playbook 3 finally arrived today when i ordered it on august 27

@chrome parcel You happy with it? I've been thinking about getting my own copy lately

what are your top 5 books for learning how to hack?

They still use books to teach this? I thought everything had more-or-less transitioned to interactive websites like TryHackMe is?

Nope!

THM doesn't even cover 20% of the content that can be covered by books 😛

Mostly due to the fact that books have a much larger user base than tryhackme could ever possibly physically hope to achieve 😆

I guess I'm one of those people that can read "point A connects to B" but until I connect point A to B myself, it just doesn't make sense. I'll be interested to hear what people have to say about this though. Last person I heard ask that question got told "any book that teaches you to program, hacking is just taking advantage of the bugs that other programmers leave unpatched"

it depends on what part of hacking tbh, like web dev there's a new JS framework every minute so any book you write by definition will be outdated but for something like industrial control systems companies use those babies for 30+ years the stuff you learn likely wont be outdated super quickly

Any recommended books for pentesting Windows?

Hands-On Penetration Testing on Windows, by Phil Bramwell. @dawn parrot

A lot of books are introductory/beginner and cover a variation of basic hacking concepts and areas, including how to set up a lab, install VMs, etc. Other books are more hands-on learning, e.g., often labelled cookbooks, that cover actual examples of vulnerabilities and how they are attacked. @winter marsh

thanks boss😎

@chrome parcel You happy with it? I've been thinking about getting my own copy lately
@prisma coral late response but yes

https://www.humblebundle.com/books/aws-azure-google-and-cloud-security-books

That's a wicked bundle

Nice find concat!

Yeah I'm studying for AWS SAA so might pick up the practice exam book (even though it's for the old one)

Ditto

SAA-C01 or 02? O.o

SAA-C02 is the latest/current

Oh that sucks. I would hope you'd get the up to date version if you're paying for it

I wouldn’t use an old book, the changes can mean difference between right or wrong answers

any good book on reverse engineering

Maybe ths one? https://www.amazon.de/Art-Reverse-Engineering-Cultural-Medientheorie/dp/3837625036

https://beginners.re/

I liked this one and the best thing is that it is free.

Guys

Any recommendation for ebook about networking

#bookclub message

Thank Youuu

@dapper basalt r u familliar with assembly ?

Practical Binary Analysis: Build Your Own Linux Tools for Binary Instrumentation, Analysis, and Disassembly; by Dennis Andriesse.
Rootkits and Bootkits: Reversing Modern Malware and Next Generation Threats, by A. Matrosov, E. Rodionov, S. Bratus. @dapper basalt

Any recommendation for ebook about networking
@hollow hound "Compute networking: a top down approach" is my favourite networking book of all time 😄

Php book

?

@dapper basalt r u familliar with assembly ?
@warm vector not really

@hollow hound

Any recommendation for ebook about networking
The Illustrated Network by Walter Goralski is very good. Juniper based but also covers Windows and *nix systems, wireless and other things

Real World Python: A Hacker's Guide to Solving Problems with Code, by Lee Vaughan.

@hollow hound
The Illustrated Network by Walter Goralski is very good. Juniper based but also covers Windows and *nix systems, wireless and other things
@tidal plume
I work with Juniper equipment and not being biased but they have some free learning materials on their website learningportal.juniper.net. They also have an app called Junos Genius. Of course some of it is more geared towards learning their OS compared to other competitors but they also have some basic networking level material. There's lots of great networking material out there: books, youtube, simulators. Other networking vendors might provide some free material as well.

anyone know of any good books on nation state APT's

not necessarily technical books, more just stories

@hidden kayak Sandworm is a great one. There's also The Hacker and the State but haven't read that

Countdown to Zero Day is a great book about Stuxnet

Man, I missed the humble book sale...

Fml

there is always a new humble book sale

Ik but I really wanted this one, thought it ended today.

anybody read The Perfect Weapon: War, Sabotage, and Fear in the Cyber Age

Malware writing Book

@dapper basalt ?

there’s not a lot of malware development books only really malware analysis and c

most of the malware dev stuff you’ll find with papers and stuff like that

Anyone knows any really good books about networking?

if you can grab a Cisco CCNA R&S book, you'll learn the most from there

you'd be looking for ICND1/2

Network Security Assessment: Know Your Network, Third Edition, by Chris McNab. @vague helm

I loved networking: a top down approach

ty

I can't wait for that practical python book someone mentioned

It's coming out next month iirc

Real World Python? @humble goblet

Yeee

spiffy, its already on Oreilly online

unfortunately my weekend is already planned

Yeah, O'Reilly online is always ahead of Amazon release dates. 🙂

Good site to solve coding problems and learn more about algo and Data structures

@dapper basalt #resources message

Someone already read this one? Blue Team Handbook: SOC, SIEM, and Threat Hunting (V1.02): A Condensed Guide for the Security Operations Team and Threat Hunter

Very practical insights in that handbook. @clever flax

Thanks!

@west fjord if you have any other good recommendations, pls shoot (especially blue team stuff) 😄

A higher level overview: Defensive Security Handbook, by L. Brotherston and A. Berlin.

More tool-oriented: Cybersecurity Blue Team Toolkit, by Nadean H. Tanner.

why you using the channel like google? lol

https://www.humblebundle.com/software/stem-productivity-library-mercury-books

Bunch of geeky books. From Python to Quantum Mechanics, Artificial intelligence and Data Mining to.. Umm.. Waste management for some reason.

still waiting for a decent security bundle

not that aws stuff though, and not packt

I mean really the only time you can get a nice bundle for security is when they do a no starch bundle everything else is generally meh

Exactly

No starch is always 💯

@boreal vine Yeah I did a lot of work with Juniper years ago. I've done a few of their certs and I've read many of their O'Reilly and Day One books. I even had a Juniper SRX as my home firewall at one stage

Finally got a copy of The Art of Memory Forensics. Super dense but boy is this a interesting topic.

Does any have links to free ebooks with info

Programming,AI, quantum, hacking, etc.

@autumn jungle No links

@chrome parcel Please don't promote piracy.

With some nice recourses

I was referring to gitbook

Hold on I think I have one

Oh?

I will put it in book club

It is a gitbook

@autumn jungle https://vulp3cula.gitbook.io/hackers-grimoire/

One of many

You can also read blog posts and other articles online

You have a question there is somewhere online with an answer

@autumn jungle https://book.hacktricks.xyz/ the content of this site is available as a book (for a price). So not a free book, but the content is available for free

Thanks👍

Another free gitbook https://sushant747.gitbooks.io/total-oscp-guide/content/

what would be a "really good" one? I saw a recommendation in one of the room

what would be a "really good" one? I saw a recommendation in one of the room
@mental pond Good one for what in particular topic?

what is a gitbook

an online book website

like a wiki

but as a book

OOO

so its legal @solemn jewel(so they are documented notes)

?

Another free gitbook https://sushant747.gitbooks.io/total-oscp-guide/content/
@west fjord Full OSCP course book LOL Thanks to sharing

yes

I mean they write it themselves

they own the copyright so

Just got my copy of the Operator Handbook, there is really cool stuff in here and excellent cheat-sheets/user-guides.

thanks for bringing that to my attention

No Paperback ! Shoot

Which books can you recommended to learn hacking?
eg:
https://www.amazon.de/Penetration-Testing-Hands-Introduction-Hacking/dp/1593275641/ref=sr_1_2?__mk_de_DE=ÅMÅŽÕÑ&dchild=1&keywords=Penetration+Testing%3A+A+Hands+On+Introduction+to+Hacking&qid=1603977433&s=books&sr=1-2

https://www.amazon.de/Learn-Ethical-Hacking-Scratch-penetration/dp/1788622057/ref=sr_1_3?__mk_de_DE=ÅMÅŽÕÑ&dchild=1&keywords=ethical+hacking+lernen&qid=1603977478&s=books&sr=1-3

And can you recommend this udemy course?:
https://www.udemy.com/course/learn-ethical-hacking-from-scratch/

I'd recommend TCM's courses tbh

I'd recommend TCM's courses tbh
@errant sundial What do you mean with TCM? So what does TCM mean?

The cyber mentor

The cyber mentor
@errant sundial And which course would you prefer? Can you probably send a link?

I'm a firm believer on pushing people to do their own research. Take a look at what's offered and see what's most attractive to you. Taking into account price and content covered.

I'm a firm believer on pushing people to do their own research. Take a look at what's offered and see what's most attractive to you. Taking into account price and content covered.
@errant sundial Alright. So Im taking research. But would you recommended to get a book additionally to the course?

I can't really recommend any specific books, most of hacking is about practice

https://www.amazon.com/Penetration-Testing-Hands-Introduction-Hacking/dp/1593275641/ref=mp_s_a_1_3?dchild=1&keywords=penetration+testing&qid=1604059877&sprefix=penetration+&sr=8-3

A little dated but the methodology still holds true

Oh jeez the convos a day old

Dat Discord scrollback

Im trying to get into this reading stuff but its not striking my fancy.

videos are where its at.

videos are where its at.
@full cobalt I'd say a combination of both is great. Conceptual and theory learning from a book, and hands-on applied practical learning from a video. Or in more modern courseware, they have a modular approach where they start each module with the theory, followed by a video to see this applied in-action as you will.

I find it much easier to follow something in a book. You can go immediately wherever you need (I'm talking about technical books though, not just dry text). In a video it's much harder to get to a specific point, and much harder to go at your own pace

that said, of course some concepts are best explained in a video

Yeah, it also depends on the format of a video. If it's a video of a 100 slides, I'd rather read the slides. Visual instruction is ideal for hands-on teaching / demonstration, instead of static pictures in a book.

Videos are my secondary source when I want to reinforce things I've already tried to remember through reading a book or practice. Was actually a chore to go through all of Prof. Messer's Sec+ videos and the ones for PWK/OSCP

^ exactly. I'd much rather have all of that in a book

I'm dyslexic so I generally gravitate towards other means, such as the videos, in order to be able to focus on the actual reading material. Most of the time the effort lies in the reading so I learn the material but just takes 2x the time.

what books would you guys recommend I add to my list @humble goblet. I'm always looking to expand my knowledge.

if you're looking on something like an introduction to pentesting, then this is a good one: https://nostarch.com/pentesting

oh, just found out there's a discount on all security related books over here: https://nostarch.com/catalog/security

Nice I was actually looking at Web Security for Developers earlier

What a good rule of thumb for clicking on links in this discord.

Don't

Also dat cover https://nostarch.com/sites/default/files/styles/uc_product_full/public/cyberjutsu_6x9_front_v01.png

What a good rule of thumb for clicking on links in this discord.
@full cobalt Shouldn't have an issue tbf, but always be careful, use common sense and do some research.

guys any good book to learn js? looking to learn it more in depht

There's a room coming out on it soon @polar saddle

I want a book

more detailed

https://eloquentjavascript.net/ @polar saddle

ty

Opinions on "shellcoders handbook" and "hacking the art of exploitation" ?

I like shellcoders handbook

ive heard good things

best 2 books to get into pentesting except from https://nostarch.com/pentesting

best 2 books to get into pentesting except from https://nostarch.com/pentesting
@proven oasis 2014 is a bit old?

I probably wouldn't recommend that book, the author has an updated book releasing soon, there was a good section on binary exploitation in there iirc tho

but the methodology in there is solid, and worth skimming overall

she said she is releasing it 'soon' but who knows what that means, I'd guess early next year

I probably wouldn't recommend that book, the author has an updated book releasing soon, there was a good section on binary exploitation in there iirc tho
@south kayak how will be the book called?

@proven oasis https://nostarch.com/pentesting 2nd edition 😛

@proven oasis https://nostarch.com/pentesting 2nd edition 😛
@humble goblet But where is it written? 😄 I dont see anything about the 2nd edition lol 😄

just look up her name, you'll find it

Before books are released for sale, there are Early Access editions of some of the No Starch press books. These are unfinished/incomplete editions that are given for review or feedback/given to people who pre-order a book. I'll check if there's one for the Second Edition of Penetration Testing.

I may be misremembering but I think she will self-publish the second edition, it won't come from No Starch

https://www.patreon.com/georgiaweidman scroll down a bit

https://beginners.re/

Book on RE

PDF is free

What are generally good books that have been released recently (last couple of years )

What are generally good books that have been released recently (last couple of years )
@dawn parrot About?

@west fjord generally anything like pentesting , security.

Penetration Testing Basics, by Ric Messier.

@west fjord you know soon everyone's going to be asking you to compile your own list, right?

It's a very long list.

you mean one list to rule them all

Tim did post his top 5 books not long ago, I think we need to all read like tim

If anyone haven't read it and want a Greek mythological fiction, then I'd strongly suggest, The song of Achilles
It is one of the finest I've read in mythology.
It will make you laugh and will make you cry, but will leave you content.

Bookclubbers! The subreddit is building a Definitive™️ list of TryHackMe's favourite books. Post your lists below, preferably in a format like:

networking:
book1
book2
book3

IOS
book1
book2

Red Teaming
book1
book2
``` etc

@west fjord if you have a spare 72 hours to write all of the books you like out I'd appreciate it 😄

Can add fiction?

Sure I'll move it down the list

@west fjord if you have a spare 72 hours to write all of the books you like out I'd appreciate it 😄
@solemn jewel 😄 👍 🥳

@stray oar this chat

Yes

Does anyone have any recommendations for books to read to get into pentesting and cybersecurity. I’m new to this field and I really wanna dive in it. Doing stuff in thm and get advanced enough for higher level activities.

scroll up

@barren carbon https://www.ceos3c.com/hacking/the-best-hacking-books/

My library is very smol, but these are my recommendations @solemn jewel

Operating systems:
Modern Operating Systems (4th edition) by Andrew Tanenbaum

x86 Assembly:
Assembly Language Step by Step (3rd ed.) by Jeff Duntemann

You recommend that book? Interesting