No.

It took me two seconds to find that out via google

java programming...

Sorry I forgot the content warning 😄

@normal ether its pretty easy to get rid of tracking just yeet all the things that look like nonsense out the window.

https://www.amazon.com/gp/product/014312417X/

its ez pz

is there any books about tools included in kali linux ?

Probably not but there is Google. @blazing stone

hmmh, thanks

@blazing stone https://tools.kali.org/

Started reading Sandworm

Its good if you want a book on APTs meshed with a bit of politics

https://flaviocopes.com/page/linux-commands-handbook/
subscribe here (and verify your e-mail) to get the following e-books for free:

    The Linux Commands Handbook. 135 pages. Fall 2020. PDF, ePub, Mobi
    The Deno Beginner’s Handbook. 46 pages. Spring 2020. PDF, ePub, Mobi
    The JavaScript Beginner’s Handbook. 76 pages. Early 2020. PDF, ePub, Mobi
    The C Beginner’s Handbook. 77 pages. Early 2020. PDF, ePub, Mobi
    The Next.js Handbook. 102 pages. Fall 2019. PDF, ePub, Mobi
    The Svelte Handbook. 41 pages. Fall 2019. PDF, ePub, Mobi
    The HTML Handbook 87 pages. Summer 2019. PDF, ePub, Mobi
    The CSS Handbook 173 pages. Spring 2019. PDF, ePub, Mobi
    JavaScript from ES5 to ESNext. 75 pages. Early 2019. PDF, ePub, Mobi
    The React Handbook. 220 pages. Early 2019. PDF, ePub, Mobi
    The Node.js Handbook. 189 pages. Fall 2018. PDF, ePub, Mobi
    The Express.js Handbook. 61 pages. Fall 2018. PDF, ePub, Mobi
    The Vue.js Handbook 122 pages. Summer 2018. PDF, ePub, Mobi

Mastery – Robert Greene
Deep Work – Cal Newport
The Subtile Art of Not Giving a F**ck – Mark Manson
The Power of Habit – Charles Dugigg
Atomic Habits – James Clear
The Paradox of Choice – Barry Schwartz

@normal ether i cleared your warning 😄

👍

i have these books
The Hackers Playbook 2
The Hackers Playbook 3
Gray Hat Hacking
Black Hat Python
Practical Reverse Engineering x64
Cybersecurity for dummies

which one should i read first

@chrome parcel would you recommend getting the The Hackers Playbook 2, if you've already got the 3rd version?

@chrome parcel gray hat hacking

Start with Cybersecurity for Dummies.

I can't find that book that was "python for hackers" or something ? Tim, did you do that?

@prisma coral THP2 teches you things that THP3 dosen't as you read THP3 you'll see the author references THP2 alot.

I would recommend getting THP2 also

this is going to drive me crazy, I thought it was No Starch Press and called Python for Hackers

Real World Python: A Hacker's Guide to Solving Problems with Code.

ok maybe I totally made up that name, maybe that was it

yeah it is

did you do that one Tim?

I read part of it, I believe.

There is violent python and also black hat python. I've read neither but I've heard good things for both

Also these were python2 but someone did the lord's work and ported all the code to python3 on github

Are these the ones you're looking for @cedar plank?

Black hat python is the no starch one. https://nostarch.com/blackhatpython

https://securitylab.github.com/research/Ubuntu-gdm3-accountsservice-LPE

Is Gray Hat The ethical hackers handbook a good read? It looks really interesting but not sure

hi guys

i know this is the channel for hacker or something like that but what if i have some question about the operating system

#general

ok

https://twitter.com/billpollock/status/1327660878779478017?s=20

want

https://twitter.com/transathon/status/1327249010835533825?s=20

test

https://www.amazon.com/OSCP-Complete-Guide-Service-Publishing/dp/1867423677/ref=sr_1_10?crid=38XUS3E5FD9BF&dchild=1&keywords=oscp+book&qid=1605705466&sprefix=OSCP%2Caps%2C286&sr=8-10

anyone know anything about this company ot tis book?

this*

no, I'd take a hard pass just previewing it, no author, $100

@cobalt quarry good chance Offsec will have that taken down anyway

from the public pages amazon shares it doesn't look like anything about offsec's oscp to me

Ok @cedar plank @stoic oracle @north spade thx for the responses 🙂

@cobalt quarry That OSCP dosen't stands for Offsec Certified Pentester 😅.. it's a book for something else

I feel like and idiot now

Thx man

any references for Threat hunting management

can you be a bit more verbose on what you want ie. Threat Hunting in general, How to setup a SOC, Project Management?

(having trouble with the webapplica tion hacker handbook)So Can anyone refer me Book on web
Like I can get a basic grasp of how the things work

Do a Google search on Portswigger Academy @wooden crystal

👍

@cobalt quarry That book has nothing to do with Offensive Security. Its some sort of compliance standard around risk and business operations.

hey does anyone have any recommendations for tech/stem books for a youngling? Have a nephew thats interested in what i do, hes 8 and im looking to maybe get him a few books for christmas. TBD on kits and stuff, just starting with books for now. If there was a kid friendly version of like The Art of Intrusion then that would be awesome

thanks in advance!

1. the code book
2. CODE (might be a bit to much)
3. Life 3.0 (depends though, might have an existential crisis)
5. things to make and do in the 4th dimension
6. weapons of math destruction
7. the simpsions and their matheical secrets
8. teach your dog quantum physics
9. the cloud book
10. humble pi
11. prisoners of geography
12. a short history of nearyl everything
13. how to (randall munroe, xkcd author)```

just from the top of my head

most of them are quite high level but delve deep enough into topics (with great explanations) that a youngun can understand (source: i read some of these as a child 😛 )

@broken idol https://nostarch.com/teachkids

Thanks @humble goblet! That looks pretty interesting too

hey book club

Guys, maybe It's a little bit off topic but I think It still concerns this world: any good book on neural interfaces?

Brain-Computer Interfacing for Assistive Robotics

Electroencephalograms, Recurrent Quantum Neural Networks, and User-Centric Graphical Interfaces

Neural Interface: Frontiers and Applications

Just released on Humble Bundle...

https://www.humblebundle.com/books/hacking-101-no-starch-press-books

@tidal plume I love and hate you at the same time for that

Hacking, The art of exploitation is like $1

I went for blackhat go though

@mortal wedge Did you pick up blackhat go in the end?

I probably have it somewhere

I'm just trying to see if there's any of these I don't have cos of previous bundles. I wish reading books was as quick and easy as buying them 😆

IMO it's worth buying even if you already have the books through previous bundles - remember to adjust the sliders for charity 🙂

FIIIIIIIIIIINALLY

I've been waiting for a bundle like this for months

these are 2 separate hobbies, it is known. 😛

ohhh

the top tier has a few nice books

guess were getting it

yeet

lmao

fun fact

the malware analysis book gets picked up by AV

hahaha

What's the bet it contains the EICAR test string?

Yeah, nothing like getting your Malware Analysis book quarantined as malware.

Do you guys recommend HAK5 books?

Hmm you got the point

so what's the over under on this humble bundle heh...

is it somewhat good or.. meh?

I'll defo consider it.. The malware analysis book looks promising

I mean it's like a dollar right?

Excellent price for that book

I got them all 🤷‍♀️

thanks, you're in the minority 😛

It’s super old. I saw it at a book store and didn’t buy it because of that. IS it more like concepts that are relevant forever rather than tools and such that need to be updated often in order to be useful?

art of exploitation is under rated. same tier usefulness as RTFM and BTFM

I have bought art of exploitation as paperback and still bought the bundle.

Also finally bought an ebook reader so i'll be doing a lot of reading in the next few months

Are the hacker playbooks good?

Yes

Is Real-World Bug Hunting: A Field Guide to Web Hacking any good? I want to get into submitting bug bounties on hackerone...Any other resources that would be good for that?

@uncut crater #resources message

Thanks, I realized there's a whole bug-bounty channel.

We can talk about self-help books here too?

Does anyone knows any book like black hat python, but for python3?

https://github.com/EONRaider/blackhat-python3

not the exact answer to your question but the next best thing

It helps a lot. Thanks 🙂

There are some pretty significant deviations between py2 and py3 on how raw strings are handled - I've never had much luck getting p3 raw string shellcode to work correctly

good luck

^^^
It's a pain to get working

Exploit Dev: The one place I still say use Python2

what are some good beginner books?

on what topic?

I really like Network Security Assessment, Third Edition, by Chris McNab. @chrome parcel

Has anyone read The Pentester's Blueprint?

or _Hands on Hacking: Become an Expert at Next Gen Penetration Testing and Purple Teaming? I am thinking of getting one of those books for the holidays but I am not sure which one.

Two very different books. Blueprint is more about what it takes to become a Pentester, and it is rather lite on everything else. It's only 140 pages. Hands on Hacking is more about tools and techniques. @gentle dune

For learning about scoping and non-technical pentest stuff, strongly recommend red team field manual and blue team field manual. If you don't have those and are interested in the 'breaking stuff' aspect of security, I think they are required reading

ahhh thank you! Do you have a recommendation of which one to get from the two?

Out of those two, the Hands on Hacking one.

ahh perfect! thank you I am going to put it on my christmas list haha

Hey whats your review on Ghost in the wires Book

By ~KDM

I have it, its a good book. Mostly about the life of kevin mitnick and how he got into hacking

Have something Technical ?@gentle dune

Beginner security

Hacking the art of exploitation Is a Good book 📚. But i dont Like it to be frank as i love Python .duh

Are you trying to learn from the book?

@gentle dune Actually No but i love reading when i am bored so i love it to make ny time productive .uknow

@thick temple I started reading it and its a great book, but I stopped cause it was more of a story and not teaching stuff

This would be something you are interested in then. This is what it says on Amazon "Ghost in the Wires is a thrilling true story of intrigue, suspense, and unbelievable escapes -- and a portrait of a visionary who forced the authorities to rethink the way they pursued him, and forced companies to rethink the way they protect their most sensitive information. "

Humble Bundle currently has a good bundle called 'Hacking 101'. Lots of practical material there a lot of the beginner level books will be useful. A Sec+ study guide might also give a useful overview. On a 'free content' level, I'd say look up some blogposts about the CIA triad

Yeah Gonna try it . thAnkyou @gentle dune

What are the main differences between these 3 books

They seem to be the most popular here

I have hacker playbook 3 and its good just a lot of information and tools. Hacking is good also (so I hear) but you can get it part of the Humblebundle deal for $1 and Hands on Hacking is the book I am looking at right now just to learn more about hacking methodology and get better

IMO art of exploitation is a better beginner book

Ghost in the wires is an amazing auto biography, definitely recommend it!

How would you guys rate The Art of Deception?

did anyone ever get the Morgan&Claypool books from Humble Bundle? I'm wondering if these are good quality but can't find anything. I actually need to brush up on all these subjects so... not sure: https://www.humblebundle.com/books/applied-math-statistics-toolkit-morgan-claypool-books?hmb_source=humble_home&hmb_medium=product_tile&hmb_campaign=mosaic_section_2_layout_index_5_layout_type_threes_tile_index_1_c_appliedmathstatisticstoolkitmorganclaypool_bookbundle

I usually find M&C books too academic for my taste, although those can be good for 'academic' research.

does anyone have any good recomendations as a fairly new beginner on some kindle books ?

I honestly recommend "Linux basics for Hackers" there is a kindle version. This book is AMAZING with getting started with linux, knowing important linux commands for hacking and just great resource. I learned so much from this book, its a super easy read and super easy to follow.

https://www.amazon.com/Linux-Basics-Hackers-Networking-Scripting-ebook/dp/B077WWRK8B

thanks @gentle dune i will give it a go 🙂

I have the bundle - if you already have a solid background in math, i think they are a good refresher but difficult otherwise

I think I figured out that I'll just buy what I need when I need it from Amazon

@sour hazel don't get that book, get this bundle: https://www.humblebundle.com/books/hacking-101-no-starch-press-books
cause it has a bunch of other great books as well

(the book is in the bundle)

are those in pdf ?

you can download them in pdf and other formats, yes

oh sweet, i shall grab those then as i am wanting some books for my kindle

it has kindle format as well 😉 go for it

oh nice ... so with the price it says pay what you want but obviously the lower prices contain less books ??

yup, the higher you go, the more books you get

im guessing its worth paying for them all

definitely worth it in the sense that they're great books, but it's up to you of course

awesome 🙂 i dont mind paying £20 for them at all

@sour hazel I think it's like £13?

Yeah £13.66

yeah i got it

Each tier comes with the previous tiers for humble

got them 😄

enjoy

even though I have Oreilly online still tempted by that bundle although I have most already

do you recommend oreilly online?

If you can get it cheap, sure... I get it through work

probably not 😄 ah well

I paid for Safari online for a few years when it first came out but it was really cheap back then

but they have the entire No Starch catalog so its nice

I buy the bundle even if i have most of the books already if i like the charity

Do you guys read entire book in pdf formot

I'm contemplating on buying the book Sandworm. I think the 3 star and below reviews on Amazon affected me, but there are also bad reviews on books that I truly enjoy. Hah! Decisions.

Yeah. You're right. They said the author is biased.
I'm not from US or Russia, I just heard the NotPetya episode on Darknet Diaries so it got me curious about the book.

When I read ebooks, I tend to use Lithium on my phone as an e-reader

If it's a PDF, I'm normally reading it for reference, like the quantum crypto book I picked up

What's that lithium?

An android ereader app

https://play.google.com/store/apps/details?id=com.faultexception.reader&hl=en_GB&gl=US

Did u read any entire book in pdf format

I try to avoid it

If it's a PDF, I'm normally reading it for reference, like the quantum crypto book I picked up as I said

OK

@chrome parcel Please don't send unsolicited friend requests

Ok sry

I read most of my books in pdf because its easier for me as Im on a whole range of different devices

^^^ PDF is my preferred format for reading these days. Weighs less than paper, easy to annotate with notes

i read physical textbooks and i buy them myself from the bookstores because i don't like having money or physical space

I got tired of carrying 20-40lbs of paper around

i usually buy my books for the Kindle since it is cheaper and trying to save the environment

I can think of an arrangement that will be a win-win for us 😛

any book recommendations for making python code more... pythonic? More elegant looking, how to make best design choices, etc

Practical Python Design Patterns: Pythonic Solutions to Common Problems, by Wessel Badenhorst. 😄 I thought you made up that word: pythonic, but it is used in book subtitles. 😄

https://www.oreilly.com/library/view/fluent-python/9781491946237/

I'm not sure it fits that description but it's the one that came immediately to mind

thanks, I'll look at both

^^ thats one of my fave books

one of my all time most popular blog posts is inspired by a small section in that book

Fluent Python has an Early Release for the Second Edition by the way, from O'Reilly.

Are there any books that can teach me how to be a scdipt kiddie?

I love scripting but I dont know how to do it

I use Google Play Books

I don't think that means what you think it means, lol. but on a serious note, there are many scripting languages. for example, you could pick a book on python or bash.

I dont know but somehow a reverse shell php code is kinda hard to understand

I want to have an ability to understand such thing

you can only do that by studying. if there's code you don't understand, save it and read it at various intervals while consistently spending time studying (eg. read it once a week). as you get better, you will gradually understand it better.

Oh I understand now

Thanks for your help

I think I cant fully understand what was written in the book "Hack Like a pornstar" at a current time

I wouldn't recommend that book if you're a beginner. it has some stuff that you simply won't need while penetration testing / ethical hacking in safe and simulated environments like here, or even in professional settings.

So what books may be good for beginners like me?

In your opinion

if you're looking for an introduction to pentesting, you can't go wrong with this https://nostarch.com/pentesting

it's a little dated but still a solid intro and most of the stuff are still relevant anyway.

it's currently in a bundle with a bunch of other great books so you can get it pretty cheap. scroll up and you'll find a link.

Thanks

Appreciate it

Ill give it a look too, thanks

this looks great, although it looks a bit more advanced and comprehensive. thanks for pointing it out 🙂

yeah she is

well, it doesn't have to be a standalone guide, you can still benefit greatly from the material and test the things you learn on THM for example

it's also great to get the basic methodology down

Georgia said she partnered with Pentesting acadamy and the labs are there now for her first book (Penetration testing, No Starch press), you might have to go to the website to find the labs

her 2nd edition will be the same whenever that comes out

if you tweeted her, she'd reply, I thought she mentioned it back in June or earlier

:3

She said that she is actually writing it as we speak. So it should be out maybe sometime next year??? But it will be a must buy since how great I heard the first edition is

is it recommended to get the whole hacker playbook series?

I think you should try and get the first version and see if you like it. On the other hand if there are selling bundles for a pretty cheap price then get it

Any good audiobooks?

For cybersecurity? Pentesting? Hacking ? ?

Porcast is Darkweb diares

Brilliant

I finished listening to The Art of Invisibility by Kevin Mitnick, narrated by Ray Porter on my Audible app. Try Audible and get it free: https://www.audible.co.uk/pd?asin=B01N5XY8U3&source_code=AUKORWS071615904E

Hmm I have a question

I have an intention on buying this bundle

https://www.humblebundle.com/books/hacking-101-no-starch-press-books

I just wonder if I have permanent access to those books

You do

Nice thing to hear

Thanks

Anytime〜

Im gonna buy that and 100% of that money will go to charity

And some for nostarch

A little (my english sucks)

Yeah, I bought them and loaded then on to my Kindle to have something to read when I'm not actively at the computer studying 〜

Your English is fine〜

Thanks

Hehe. I wish I could get an actual book instead of an ebook

But its fine

I know that feeling. Definitely waiting for March when I can get a hardcopy of the Black Hat Python 2nd Ed.

I have access to it now via Oreilly... just saying

https://www.packtpub.com/free-ebook/cybersecurity-attack-and-defense-strategies/9781788475297

thank you, that looks interesting!

Looks great!

Do you recommend this book bundle for beginner?

https://www.humblebundle.com/books/hacking-101-no-starch-press-books

yes

Thanks

This one is a good start as well
https://www.amazon.com/Linux-Basics-Hackers-Networking-Scripting/dp/1593278551/ref=sr_1_1?crid=3OL3PCR4P1TIR&dchild=1&keywords=linux+basics+for+hackers&qid=1607856751&sprefix=linux+basics%2Caps%2C222&sr=8-1

I'd love to get a hard copy of the book but the shipping fee is way too high for me to get it. But anyway, that book is also included in the bundle

you can get lower shipping fees by looking for it on your local Amazon

if you're not in the us

We dont have amazon here

I'm in Vietnam

$79 lmao

Yo guys, does anyone know about this book or about Packt Editions?

I’ve heard about packt and have a few of their books just haven’t really sat down to read them. From my understanding they contain some good information but they can be dry and boring

Thanks for the feedback!

Well it’s a no for Packt then, thankss!

Yep I'll look into that, I haven't yet since I have several other books to be done with before starting TS, I especially wanted to know about Packt and the quality of their books hence your answer was really beneficial

Seems to be more oriented towards devops, no?

as a sysadmin/netadmin that doesn't have a whole lot of experience in devops, would these be a good starting point?

DevOps is a hugely complicated topic. There are a lot of moving pieces to even a simple deployment; the good devops books in that bundle, just judging from the title, will be puppet, terraform, kubernetes, and jenkins

thanks!

how didn't I know there's an o'reilly book about kali? and there's another in there that is security oriented bash. definitely worth a look

What's the title, I have O'reilly sub ;o

Check the bundle, they're in there

Nice

Learning Kali Linux: Security Testing, Penetration Testing & Ethical Hacking; by Ric Messier.

Better late then never :)
I want to say thanks to @west fjord

I really enjoy this book
I hope he get the mod soon
Really thanks to you

Just finished these books and was a surprising a very good lecture

So be open to any of his recommendation

Cause I can't wait to the next ones

He already got mod

Glad to hear you enjoyed the books. 🥳

I'd highly recommend reading Meditations by Marcus Aurelius, helped me while serving in military, but many aspects of it are applicable to day to day life,book focuses on adversity and how to truly grow your character, deal with loss and failures in life.

US Military?

UK

Oooo mind if I DM?

go for it

Meditations is great

But if you're reading first time philosophy it isn't that great tbh

You have to read Meditations and then another book that is explaning it

I'd disagree, there is nothing to explain, he wrote it in a form of a diary, for his own thoughts and observations that occurred on his daily basis, all he does is offer a perspective that focuses on rational thinking

Need ideas for books on christmas :P

General pentesting

Hacking the art of exploitation
Shellcoder's handbook

If you like lower level/hardware Bunnie Huang's "Hacking the Xbox" is a masterpiece

Hei guys. Should I grab the Humble Bundle Hacking 101 book bundle?
Any ideas if the books are any good?

they are excellent books

I think they are great books. I recommend them.

i want some suggestions on great hacking books

https://www.humblebundle.com/books/hacking-101-no-starch-press-books

jokes aside

I wouldn't recommend that book as Tim has said before that's on with borderline black hat

Removed

@short carbon what does that have do do with blackhat?

Honestly I don't know i've never read it but I saw someone wanted to get it and Tim said it's on borderline with black hat

I'll see if I can find it

its red teaming, yes. but you can (in theory) use everything for black hatting

#bookclub message

what ever, kk

No, it's not red teaming at all. It's written in a very poor format, and covers topics that are geared towards doing things illegally.

ah i see. well that explains it. thx for the feedback 😄

I’ve looked at the scripts and stuff from the github repo for that book nothing really amazing I’ve only ever used one script for an applocker check script

Operators Handbook is a good one as a desk reference book

ISBN: 979-8605493952

Operators Handbook is great, just dont the the physical copy of it

hello all

@scenic cloak why?

Just the type of book it is. Made for ctrl-f then copy and paste

Cant really do that with a physical copy

if you already have the hacking 101 books, these are good https://www.humblebundle.com/books/cybersecurity-cryptography-wiley-books?hmb_source=navbar&hmb_medium=product_tile&hmb_campaign=tile_index_3

Favourite statistics books? Looking for maths heavy stuff 🙂

What level of stats? Intro stuff, undergrad major area of study, or post grad course level?

There are a couple of 'Stats and R' books humble has offered in the past that weren't terrible. One of them ended up being a textbook for a stats for CS course I had taken

Undergrad! 😄

Although R isn't my favourite language 😂

R is no ones favorite language.... but it is useful

If you aren't using RStudio when doing R, you are making your life a lot harder :X

I do use R studio but still is hard

Sorting through my e-library now, I can throw a couple titles your way in a few

"Introduction to Statistics Using R" by Akinkunmi isn't bad, but it's a pretty heavy read for undergrad. If you aren't used to reading discrete or calculus proofs, you may struggle. YMMV

"Probability and Statistics for STEM" by Barron, Del Greco is more accessible, but also possibly less useful long term

picking between the two for intro, Barron is probably better

"Practical Statistics for Data Scientists" is an Oreilly book, i picked a few thing out of there when I was looking at ML concepts

this looks quite good 😄

that's what i can find offhand - i know the Dummies series has a stats book that was pretty good when I was struggling with ANOVA

anyone suggest me any book which can teach programming concepts from scratch like how coding works algorithms etc

so after learning high level language would be easy

@silk helm from which high level language you want to take start?? If you want to learn c++, object oriented programming in c++ by robert lafore, is a good option.

i think C not C++ because starting should be from basics

C is good for beginning

They're very similar in many respects. Either would be a good choice, although I wouldn't recommend either as a first language.

then which should be in first

I started with Python then moved down. That would be my recommendation. Something high level lets you get a feel for it. Makes you see how computers operate, and how you can work with them.

look seniours my purpose of asking is that if even i'm gonna learn C/C++ python bash perl but if i don't know what's going on behind those language codes maybe i get stuck in sometimes so i wanna learn assembly and algorithms for that suggest me any book

Programmatical thought is transferable, it's the same in any language. If you have that then you're already a long way forward.

i want best knowledge in shell-coding and creating explois

Start with the basics. Exploit dev is not a good place to begin.

so you would recommend me that first of all i should learn high-level languages then look down to low

I would recommend that, yes

C and C++ are similar , its just that C++ is more wholesome and it supports concepts of object oriented programming. C how to program by deitel and deitel, it book is often taught in academics in the beginning.

ok sir thanks alot

so im gonna learn C and python bash after that low-level programming

C and C++ are very similar for most things. C is better for kernel stuff, but I personally prefer C++ for coding as I prefer OOP

Oh, C is about as low as you get these days

It is definitely not a high level language.

yeah i searched in google some seniours and developers call C low level

You used to get somewhat lower, but C is the lowest language most people will ever code in

so i should have strong grip on python first right but aswell if i read some basic algorithm books

Yep

ok thanks

learning python is really easy

Technically it's a high level language

It's just lower level than the current high level languages

You can do OOP in C. It's just trickier because building public and private interfaces had to be done through exposing different .h and .c files with includes

Also Right

Any best book for shell scripting

Ok thanks

Ok

I got sandworm

I got the browser hacker's handbook 👀

Any Hardware hackers here? Which one do you recommend for learning electronics as a beginner?

I got Real-World Bug Hunting by Peter Yaworski
So far so good!

Wait a second i think i have you on twitter! @modern elk

@willow quest I would highly recommend against books I found for myself I could never really learn anything from them and they were either dry and just theory or way over explained. The only way I was able to actually wrap my brain around electronics was by taking an actual digital electronics course with multiple projects both on and off the computer. This series of YouTube videos is similar to what I took minus the projects but you can look and find various projects that line up with the videos https://youtube.com/playlist?list=PLBlnK6fEyqRjMH3mWf6kwqiTbT798eAOm

Can anyone suggest a good book on coding in C?

C by Kernigan and Richie?

Like.... The C book.

Appreciate it, checking it out now. ✌️

Thanks for sharing your experience 🙂 I will checkout the link

Have you seen the humble bundle ?

They got nice books for good prices

https://www.humblebundle.com/books/linux-apress-books

I've been thinking of getting Chris Kubecka's "Through the Rabbit Hole: An OSINT Journey" and maybe "Hack the Planet with OSINT" anyone here read those and think they are worth it? I'm kind of curious before I buy since they are pricey for what they are.

But I kind of want to give myself a neat OSINT book 😄

sure do

I still need to finish Web Hacker's Handbook 2

Sandworm and burrito blanket to start the night

I knew I shoul've bought that blankie

That's one I'd like to read. Though I love that the amazon reviews are russians speaking about it being biased against russians

but the story is incredible

Its not really biased against them it doesnt speak of them highly though

I immediately snagged that when i saw it had a book on libvirt. which is a documentation desert

I didn't even spot that!

I'd be interested to hear if it's useful

yeah I know, sounds like the machine reacting to being caught to me.

any recommendations for a sql book

complete beginner

what kind of sql?

if you are looking for DBMS theory, that can be 'different enough' depending on SQL engine

I think I want mysql, but maybe the most used one will be good

how much relational algebra do you have?

oof

i prefer mysql/mariadb due to familiarity, but postgresql sees a LOT of use in opensource based projects; the other big alternatives are oracle and mssql - both paid

well for a normal company which would you recommend?

i have never worked for a "normal" company

yikes

I guess I'll start with mysql

i work for a very large opensource shop, and previously i worked infosec for a BPO

i've seen all 4 relational DBs in production, it really depends on products and applications needed in the environment

if you intend to go for opensource, i'd recommend postgres over mysql

I see honestly I dont like Sql based dbs

right now, it seems to be taking hte lead in terms of market share

they have their place, just as document based DBs do

but I need to learn them if I want to go pro

so yea

any good books for mysql?

i'd start with the w3schools reference (https://www.w3schools.com/sql/) and branch out there

honestly, you are never going to get good any relational DB without building a horrifyingly complex project

well see I need an actual book

i see - CE credits?

probably

honestly I just like having books

let me see if i can dig up the old text book i had

it wasn't bad, but even at a college level a DB class is about 30% relational algebra, 30% translating RA into SQL, and 40% projects

yeah I havent started college still

but I need to learn some type of SQL db

Textbook from the course I took: http://www.amazon.com/First-Course-Database-Systems-3rd/dp/013600637X

honestly, you'll get more mileage out of learning any SQL if you have some kind of a data to manage, even if it's purely manufactured

I see

omg

I'd recommend picking a common use-case (inventory, human resources, etc), fabricating a bunch of data and ingesting that into the DB engine

this one is pretty expensive

looks good tho

I wouldn't necessarily just buy the hardcover - paperback is fine, and i bet you can a used copy of whatever DB textbook your local uni uses

I had bad experiences with paperback covers

especially the eloquent js one

or talk to a jr college or community college to see what textbook they use - they'll all be basically the same stuff

fell off immediatly

JS is my least favorite programming language

mine neither

but I felt it chose me

and then I fell in React's wrath

JS chooses no one but the devil

maybe Im the devil

Anyone know of any new or relatively new infosec novels that is a good read? 🙂

Last one i read was fatal system error, it was meh.. ok

I wonder if I've read any infosec novel since Cryptonomicon. and that was from 1999. Unless you count Charlie Stross' Halting state from 2007 and Rule 34 from 2011.

Sandworm is pretty solid

@summer robin The Daemon by Daniel Suarez was an enjoyable read.

Sounds interesting! Might buy that one

Aw it was temporary sold out, have to settle with sandworm for the moment 😛

Is there an actual bookclub or is this mainly recommendations?

Recommendations.

Damn, well if anyone wants to take up the initiative of making one I'll definitely join.

Y'know, that could actually be quite interesting

Is that something you'd be interested in looking at @west fjord? I know this is usually your stomping ground 😆

Well there's two main categories

It wouldn't be so good with reference books

But books like Sandworm etc sounds fun

I don't mind giving recommendations, but discussions of the type of books like Sandworm easily result in discussions that would lead into political science, conspiracy theories, and blackhat tendencies.

Oh, as in, pick a book each month for people to read 🤷‍♂️

Wouldn't be yet anyway though, to be fair

Sandworm is full of political science and sketchy crap

And I’m only 4 chapters in

I can do Book of the Month. 👍 I'll pick one for the first Monday of the Month. 🥳

Yes, that's why I'm going to be selective in my recommendations, as to stere clear from political science, and geared towards ethical hacking and learning.

We try to keep it educational on the Discord.

Book of the Month Club
Linux Basics for Hackers: Getting Started with Networking, Scripting, and Security in Kali, by OccupyTheWeb.
This month's book is about learning Linux. It covers the same topic as the first of TryHackMe's Modules on the site: https://tryhackme.com/module/linux-fundamentals
Feel free to discuss this book with others and ask questions. The goal is to study and learn together! 🥳

ooo I think I have this book somewhere

@west fjord mind if I copy this over to subreddit? 🙂

Great recommendation to get things started! I have this book and it was the first information security book I bought to read.

It's been a few years since I read it, but it does a great job of getting you familiar with the basics of Kali Linux if you've never worked with that OS or Linux before. Interesting sidenote: I bought the book in the gift store of the International Spy Museum in Washington, DC, USA. If you ever have a chance to visit that, the gift shop has some very interesting book choices!

Are you asking in general?

the spy museum store is pretty awesome

its a museum that has a small gift shop, but its a fun gift shop

is that the one only americans can go to

Yes, part of the reason it is a great museum gift shop is because what it sells ranges from the stereotypical "James Bond" spy stuff to actual legitimate "spy" content. The book selection includes content written by actual intelligence community members (I know this is an international audience in here, so when I write "great" I mean from an academic, wanting to understand more about what actually happens.)

No, it's open to anybody as it is privately run. If you can physically enter through the doors, you can enter the museum.

if I happen to be in DC, I'll usually pop in there just to look at stuff

Funny indeed, I love it :p

I heard the author talk recently in the security weekly podcast

Don't seem to find it, but here's some other security weekly stuff on him which might be worthwhile to watch before buying the book:
https://securityweekly.com/shows/se-village-2020-and-innocent-lives-foundation-christopher-hadnagy-psw-618/
https://wiki.securityweekly.com/Episode618

^

Heheh, I didn't experience him that way; I think your consciousness is safe from fiddling

Or I'm so badly under his influence that I can't even tell..

It's on my amazon shopping list. I discovered Christopher Hadnagy through Darknet Diaries podcast. It's Episode 69: Human Hacker if you want to listen.

I am currently reading this book and in my opinion it is great, such a great no nonsense and hands on book to learn the fundamentals of Linux

Looks interesting!! Now I'm wondering if I should buy the Kindle version.

https://www.amazon.com/AWS-Penetration-Testing-Beginners-Metasploit/dp/1839216921 might grab this one at some point

seems simple, but I'm curious

need to go through a bunch of other stuff first though

any good books on post exploitation?

very interested in avoiding AVs and how that works in a real life pentest

There may or may not be some AV evasion content coming soon 👀

oo

I'm definitely looking forward to that

I've just read Metasploit: A penetration tester's guide

But the main AV evasion is with msfencode, and not how to avoid it when you're on the network

https://www.ired.team/offensive-security/defense-evasion

oo thank you sir, looks very interesting

I really have very little experience with post exploitation apart from with meterpreter

are there any books which really stand out for this?

Not for defense evasion. Most of the sources for that will be webpages.

Alright thanks, I guess the field evolves so fast that it's practically impossible to write a full book that isn't outdated very fast?

Yep. You can only really teach the broad overview for AV evasion

Alright thanks for clearing that up

Can I ask if there are any books you know that are better for more general post exploitation

Figure I've leeched quite a lot this evening

Explore the site I mentioned previously, it covers a lot of ground.

Yeah, thank you for that

It looks incredibly extensive

Can't think how much time it would've taken to have put it all together

Here's another one: https://book.hacktricks.xyz

Yup, I've seen that before at least - it's by the author of LINPEAS if I remember correctly?

Yes it is. Carlos Polop.

A great name for an even greater guy

Anyone read any version of 'Open Source Intelligence Techniques' by Michael Bazzell (also has the OSINT podcast)? He seems to really know his stuff, I'm curious how the book is.

If you're familiar with a lot of OSINT techniques, the book might not be an eye-opener, except for the chapter on OSINT methodology. Bazzell knows his stuff, he's got 20 years of FBI CCTF experience.

good to know, I knew a little bit about his LEO background. Im super green in regards to OSINT so I'm looking for more of methodology so this seems to be right up my alley.

Yeah, that's the book to get on OSINT. I think the latest version is only available in print, and no longer in digital edition.

yep, Im generally wary of books that are reviewed as the "bible of XYZ" but this one universally seems to get this accolade lol. funny enough I just listened to a show he talked about his reasoning on not releasing e-books which mainly has to do with piracy. Its a shame seeing course creators in infosec constantly get ripped off

are there any books that would be recommended for OSCP (other than Operator's handbook)

Hacker Playbook 3 by Peter Kim comes to mind
Although its dated, George Weidman's Penetration Testing still has solid methodology and some modules may hold up on dated Windows machines you may encounter

I'm pretty new to cybersecurity and it was painful trying to use Weidman's book. I'd not recommend it for any novice's, way to many issues with various programs being outdated. She's releasing an updated version in the future though. Still TBD on the release according to her twitter.

thanx everyone for help

read the Red Team Manual book

!rank

hi

its forever TBD, I'm sure it'll come

the amount of stuff in there nice

I can recommend THP3, but I'm not sure it's going to do much for you OSCP-wise

I'm currently only at 25%, but scrolling through the rest, it focuses mostly on a real assessment while the OSCP exam requires very few of those discovery, exploitation and pivoting tools and techniques they talk about in THP3.

Compared to the web application hackers handbook THP3 does talk about different protocols and services you'll need to exploit to succeed in the PWK labs & OSCP exam so that's nice

although you'll be attacking lots of websites in the PWK labs, I think both THP3 & the web application hackers handbook go way too far either in breath and in depth, overshooting by a lot for what you'll actually need to succeed in the PWK labs & OSCP exam.

Incidentally, I just set up the labs for this book like two days ago, so if anyone needs help finding the software, feel free to ping me ^^

Didn't know Al Sweigart released a new book! Looks like a sequel to "Automate the Boring Stuff" https://nostarch.com/beyond-basic-stuff-python

Fun fact: This book in 2013 by Al Sweigart was the inspiration for Ciphey (I even got his blessing to do it!) https://nostarch.com/crackingcodes

Can you share?

Can You Share?

That user is no longer in the discord.@heavy bear

this brought me back

anyway

google social engineering book

https://www.amazon.co.uk/Social-Engineering-Art-Human-Hacking/dp/0470639539

it was this one

this is the 2nd edition (2018) and it is awesome! 10/10

https://www.amazon.co.uk/gp/product/B07F24YV2M/ref=dbs_a_def_rwt_bibl_vppi_i1

How did you go all the way back to when this channel started to bring back a conversation lmao

@mortal wedge

Also I have a really weird Windows bug if you want it 😁

@north spade dm me bb

Have been listening to the podcast for years, tis very very informative 👍 Book is on my reading list for 2021

https://www.social-engineer.org/category/podcast/

latest episode is an interview about his latest book: https://www.social-engineer.org/podcast/ep-13-human-hacking-with-chris-hadnagy/

Can anyone recommend a good networking book?

computer networking:: a top down approachh is the best i've read 🙂

CCNA routing & switching book is where I started and it has served me well years after completing the cert

CCNA 200-301 vol1 & vol2 will cover the first 2-4 years in industry

computer networking a top down approach is recommended often so I'd second what Bee says

Any book for bash scripting??

bash Cookbook: Solutions and Examples for Bash Users, Second Edition, by Carl Albing & JP Vossen. @reef vortex

Cybersecurity Ops with bash: Attack, Defend, and Analyze from the Command Line by Paul Troncone & Carl Albing.

ooo

thanks

I learned a lot with Microsoft's MTA book. But it's very beginner level

Art of exploitation anyone?

Anyone know what is best book on TCP/IP? Please DM if you have an answer, as i'm getting off computer.

Hi, would love to hear ur suggestions about any book , paid course or podcast about mobsec. Every suggestion is appreciated 😊

Anything published by no starch press is amazing

that answers like all those questions

iOS Penetration Testing by Kunal Relan, The Mobile Application Hacker's Handbook by Dominic Chell. Both are 5 years old, but provide a decent introduction.

Have read those books already, thank for suggesting 😉

Any Book suggestions about Networking for beginners?

I really enjoyed Practical Packet Analysis from NoStarch. It's also a Wireshark book but it doesn't hurt to know Wireshark.

#bookclub message

Ty

Has anyone tried Beginning x64 Assembly Programming by Jo van Hoey? I found Art of Assembly Language by Randall Hyde but that seems to use his HLA language.

I was doing the open security training free from 2012 and thought I'd pick a copy of art of assembly

So, I second that question

I mean, x86 is DEEP. And although it is hugely interesting, it's like a rabbit hole...

Like a whole knowledge domain on its own

Hacking the art of exploitation is cool. Deprecated, but cool

It sure is and I don't want to know how to use this obscure machine instruction that only the compiler would use once in a blue moon. The thing is that HLA seems to abstract away by using high-level language constructs for a whole lotta things. I could be wrong though.

Yeah, I think I have that book somewhere.

Hello guys! Do you guys have any great books that are highly recommended for a complete novice who wanted to get into hacking?

Checked the pinned messages in this channel @crimson fable Especially Book of the Month 🥳

Oh wow @west fjord thank you for letting me know!

🙂

Would you recommend reading Web application hacker's handbook in 2021? or is it better to just go to portswigger?

The book is really good for starting and understanding the basics, i have done both the book and portswigger academy , and i believe both are great, on the book you learn about the vulnerabilities and on portswigger you get a hands on , because of the labs they offer!

Alright. I'll do the same then. Thank you

the academy is just the updated version of the book with included labs so don’t even bother with reading the book imo

The Portswigger Academy website is great. The book does have nice graphics though with an overview of how web test functionality works together, specifically regarding methodology. I'm referring to Chapter 21: A Web Application Hacker's Methodology

I have ~19GB worth of e-books to sort by category. This is gonna be hell. I should've done it from the start.

I was thinking the same. Since I cannot visit the site or perform the exercises mentioned in the book

Yes the book feels more comprehensive as compared to the website

That's why I was confused in the first place lol

Use the book's methodology alongside the updated content from the Portswigger Academy website. 👌

Alright thanks

Ayy guys! Good day!
I'm shopping for books on Amazon. Is the The Web Application Hacker's Handbook 2nd Edition still relevant to this day? Should I get it?

It's a fun read but it's been superseded by the Portswigger Academy site, developed by the book's author and other hackers.

https://portswigger.net/web-security

Wow! Thanks bud! Looks like there are great stuff in there!

Anyway, I found this book. And it looks like something worthwhile to read. https://www.amazon.com/Open-Source-Intelligence-Techniques-Information/dp/169903530X/ref=sr_1_3?dchild=1&keywords=osint&qid=1612100914&sr=8-3

Yeah it's a fantastic resource and everyone on THM should look into it and yeah that osint book looks alright too

Thank you @tidal plume
lol my thank you goes perfectly with your name.

Yes, I'm going to get that book. And also saved that web page from PortSwigger.

@crimson fable https://www.amazon.com/Open-Source-Intelligence-Techniques-Information-dp-B08RRDTFF9/dp/B08RRDTFF9/ref=dp_ob_title_bk

It's the newest edition

Came out like a month ago

Actually has a ton of changes

Hey @dusk minnow !! Haa! Thanks for showing me this! I thought the 7th was the newest. I'll get this one instead. Good thing I haven't press the purchase button!

OSINT moves fast so get that one

Oh you read his other books I see 🙂

I haven't

But I remember reading about it a couple weeks ago

Cooll. Was it good?

No, I haven't read it. I meant, some guy mentioned it either here or on another server and they were discussing it.

I think it got described as the OSINT bible.

New one has 666 pages. What a number lol

Guy has 20(?) years of FBI experience on some cyber task force so I'm guessing it's good

Yea for some reason they're calling it the osint bible

I look forward in getting it. Are you going to get it?

Maybe some time in the future. I'm focusing on SOC things (networking, Splunk, etc) and reverse engineering right now. I'm currently working on re-learning x86 assembly.

Good for you that you know what you should be focusing on. I'm still learning here and there. Still new to this! 🙂

Good luck to you @dusk minnow !!

Yeah, I eventually want to move into malware analysis. I made a general list of skills, certs and languages I want to learn to get there.

Thanks! You too. Let me know what you thought about the book when you read it.

Hopefully soon I'll know where I want to move into after spending some time learning all this. 🙂
Sure!! Give me some time! 666 pages! Haha. 😄

@crimson fable: The link you have is to the 7th edition. The 8th edition is out (just came out this month), and it's a terrific resource to have.

mine just came in

Yes!! Good thing I was told there's a 8th edition before purchasing! Haha. Now I'm looking forward to receiving it. 🙂

Have you started reading it? 😮

not yet, finishing the current book i'm reading first

Ah, well then enjoy reading! 🙂

Practical Reverse Engineering is damn good so far. I've had it for ages but just now started reading it.

Can anyone recommend any good Social Engineering books?

Social Engineering: The Science of Human Hacking (2nd Edition) by Christopher Hadnagy.

https://www.amazon.com/Social-Engineering-Science-Human-Hacking/dp/111943338X

https://www.amazon.com/Art-Deception-Controlling-Element-Security/dp/076454280X

after purchasing this book i realized it is from 2003.. I've had it on my shell for some time. is it outdated?

social engineering is never outdated 😄

it still bases on the same rules and Kevin Mitnick is a master in this art

right now I'm reading The Art of Invisibility from Kevin and I have a feeling that his books are for someone with literally zero experiences in the fields he is describing. but they are well written.

can't wait for release of this book in paperback format.

https://www.amazon.com/Human-Hacking-Friends-Influence-People-ebook/dp/B087287Y3M/

I liked his biography, but yeah they were written for people with less technical knowledge, but all he rules still apply, especially in social engineering

yes, it was really good

I'm so jealous 😄

I promised myself I'll go and listen to his talk after covid if he arrives in Poland

He is a great speaker

I just searched it up and it looks interesting

yeah, he seems so nice in interviews

https://www.humblebundle.com/books/programming-fundamentals-mercury-books?hmb_source=navbar&hmb_medium=product_tile&hmb_campaign=tile_index_6
has anyone heard anything about these books before? might be worth getting cant go wrong with 12€ :D

Just want to share my new books.

hi, just randomly want to hear some book suggestions from you. Preferably beginner friendly since I'm completely new to this. thanks for reading this and have a great evening!

Check the pinned messages, especially the Book of the Month Club.

thank you, ill check it out!

do we have one for February?

Coming soon™️ 🥳

Do you have any book or resources on exploit development in general@or with python

I'm at the "hacking the art of exploitation" and it's amazing.

A little outdated but it's foundational

Thank you

I’ll test it out

Hey hey, anyone know a good and recently updated place/book to study malware analysis?

I checked that one out, it seems to be done up for windows XP and the reviews say a lot of the content was good at the time but is out of date now.

I don't know if the content is still completely applicable or not.

Yeah it does I think. I want to get familiar with how malware interacts with systems mainly, so how the operating system handles specific things is up my alley.

Book of the Month Club
Networking Fundamentals, by Crystal Panek.
This month's book is about learning Networking Fundamentals. It covers the same topic as the second of TryHackMe's Modules on the site: https://tryhackme.com/module/intro-to-networking
Feel free to discuss this book with others and ask questions. The goal is to study and learn together! 🥳

Tim decides :))

https://www.amazon.com/Real-World-Bug-Hunting-Field-Hacking/dp/1593278616

This one 🤩

There is some good stuff on here! I finished Sandworm a few weeks ago, and I really enjoyed it. I've seen some people on this discord say that it has some questionable poli sci stuff (I don't know much about poli sci, but in retrospect, I do see some of what they mean). I enjoyed the blend of technical stuff (learning about the origin of mimikatz and such) and storyline, however. Anybody else have thoughts on it?

I have been reading Art of Exploitation on and off, but I think I learn better from videos than books. I've been following Live Overflow's binary exploit series on YouTube, and now I understand the AoE book better.

Also, maybe a weird suggestion, but I do think reading Sherlock Holmes stories as a kid is what got me interested in cyber as I got older. Maybe if y'all wanted to have a relaxing, non-technical read, I might suggest it.

I'm halfway through Sandworm now and I quite enjoy the blend of history/technical parts too. Though I find the writing style a bit lacking personally. I find it difficult paying attention on this one

I did enjoy it for the reasons cited above, but I'm curious about the Pol. Sc. criticism. Does anyone have an idea what they entail?

The previous comments from last month, about Sandworm, regarding political science, was a reminder to avoid the discussion of politics that is covered in the book, and focus on the ethical hacking technical aspects. This way no rules will be broken. 🙂

good idea

"Practical Reverse Engineering" or "Reversing: Secrets of Reverse Engineering" - any recommendation which one is better suited if I want to dig a bit deeper into x64 (mostly ELF) RE?

I own both (thanks, Humble Bundle :) ). Would like to know with which I should start 😀

The Hardware Hacker by Andrew Huang is a nice book to read 🙂

Are The Hacker Playbook parts (1, 2 and 3) sequels, or is it the same book updated over the years?

The Hacker Playbook: https://www.amazon.com/gp/product/1494932636/
The Hacker Playbook 2: https://www.amazon.com/gp/product/1512214566/
The Hacker Playbook 3: https://www.amazon.com/gp/product/1980901759/

has anybody read Security Testing with Raspberry Pi?

https://www.amazon.com/Security-Testing-Raspberry-Daniel-Dieterle/dp/1072017679/

They are revised versions of the idea of a hacker playbook, although due to the fast-paced industry that is cyber security, the content is quite different between the books. Get playbook 3, as it is the most recent.

thank you so much.

Hi. When did you get the hum hacking book and where are you? I was meant to get mine at the beginning of this month but its been delayed until the 18 of Feb!

Hi! I bought it last January 17 and it arrived at Portland on January 20. You can contact Amazon for the status of the delivery, if it is delayed I think they will refund you.

Does anyone have any recommendations for books on user interface design / user experience?

I'm not an expert in UX, but I've heard a lot about Kaizen UX framework, that covers UX and User Story mapping. Is that what you're looking for?

Having quickly looked at it, I think it's slightly overkill for what I need it for. But anyways, thanks Tim. I'll keep this on my list too

Hey everyone! Quick question, has anyone read the book: Social Engineering: The Science of Human Hacking?

If so, how is it?

can please someone tell me about a book that I can reference for binary exploitation?

Shellcoders handbook

thank you @errant sundial

just picked up this bad boy, awesome little book

It's an excellent book and you should read it

Just for kicks, on the weekend I picked up a couple of books from No Starch;

Cyberjutsu by Ben McCarty, a former NSA developer and US Army Cyber Warfare specialist, about cybersec tactics and techniques with a lot of hot air about ninjas. Currently in Early Access so usually the code 'PREORDER' gives you a discount. https://nostarch.com/cyberjutsu

Effective C, by Robert C Seacord is about writing professional, modern C code in a secure manner. I haven't written any C or C++ code in many years so looking forward to diving in to this and having fun. https://nostarch.com/Effective_C

Nice! Thank you for that! I just ordered it

I'm a beginner, have started recently any book suggestions !!

what kind of books? As for security, there are many categories.

the one which might be good for basic pentesting

#bookclub message

How about Hacker playbook series? but I think TryHackMe room is more basic study materials, I agree with @indigo dragon .
#bookclub message

you could always join the monthly bookclub!

Okay thanks for the suggestions I will try them out :)

@versed coyote before The Hacker Playbook 3 I would consider reading The Pentester BluePrint

https://www.amazon.com/Pentester-BluePrint-Your-Guide-Being/dp/1119684307

Okay, I will

What's that

Check pins

its the monthly tryhackme bookclub

Listening to "A burglars guide to the city" by Geoff Manaugh. Good listen so far, talks about changing your perspective on looking at buildings.

It’s pretty good. Another good one to fill out this area of study is “The Ellipsis Manual”

Heyyy! Did somebody read Defensive Security Handbook: Best Practices for Securing Infrastructure by Amanda Berlin and Lee Brotherston? Is it good? Or is it more for people on advanced positions?

It's more on the level of implementing a Security Program for an enterprise, similar on the level how topics are covered in CISSP, so less technical detail, more on the management side for managers and up.

Ok, thank you!

So, not for me 😄

You might enjoy Network Security Assessment: Know Your Network, Third Edition by Chris McNab, it provides technical assessment to issues and solutions.

I have this one! I am going through it now 🙂

I just finished up "The Ideal Team Player" by Patrick Lencioni and thoroughly enjoyed it. I feel that it is honestly a must read

what is this book about?

the bible has finally arrived 🙏

Would you mind sharing your thoughts about this book after you read it?

sure thing 😄
given the nature of the book im probably not gonna read front to back and just refer to some of the tools and techniques as needed, but I'll def give some thoughts on the general framework and methodology as a whole

but Im only about 50 pages in and I can very highly recommend the book, if you have the slightest curiosity in OSINT listen to his podcast, some of his episodes are basically like audio-book chapters the way he'll cover a specific technique or topic

https://www.amazon.com/Cybersecurity-state-art-organization-cybercriminals/dp/183882779X

Hiii, anyone read this book ????

I would to have this book but it is not available in my area.. have a good read! 🙂

Reading time ❤️

+1 those two are real good!

The Ghost in the Host. 😄

Nice supplemental read to OSINT Techniques...

Extreme Privacy: What It Takes to Disappear https://www.amazon.co.uk/dp/B0898YGR58/ref=cm_sw_r_cp_api_fabc_1CQ07JZQPC2WJV15SSYC

Hi all, can somebody suggest any resource about building a cft box from scratch? (beginner-medium)

https://docs.tryhackme.com/docs/room-creation/room-creation-getting-started

i mean its not only applicable for THM.

watch john hammond video of room creation

also i read some blog written by Dark

and also there is content on it on vulnhub

enough hint to work i guess. thank you

Learn-Python-Hard-Way-Introduction/dp/0134692888

https://www.amazon.com/Learn-Python-Hard-Way-Introduction/dp/0134692888

thanks

np

hello guys

i have problem intalling virtual box any help pls

This channel is called #bookclub. Try #infosec-general

https://www.humblebundle.com/books/pocket-reference-guides-oreilly-books?partner=johnhammond

do you happen to have a link or the name to his podcast please?

this has his podcast info among other useful stuff from him
https://inteltechniques.com/

Sorry to bug you, but to what book were you referring to as "the bible" a while ago? You sounded rather positive about it and I'd love to know what the fuss is about, but I'm a screenreader user and can't seem to decipher the title from the picture you posted 😦 thanks much 🙂

my apologies I will be a bit more mindful about accessibility in the future for when I post pictures of resources! the book is the 8th Edition of "Open Source Intelligence Techniques" by Michael Bazzell, its a pretty well-regarded book on OSINT.

thanks for clarifying 🙂 I'll give it a look 🙂 and yeah, even just captioning with the book title would already be an awesome help 🙂

Cheers for that bud I’ve just started listening to it in work lol

At the risk of going very slightly off-topic, is anyone actually using Georgia Weidman's book in 2020/2021? The material seems solid, and through some github spelunking I think I've been able to find ...most of the older versions required to follow along with the labs excluding a couple older versions of particular applications. I know a second version's being worked on, but off the top of my head I don't really know of a book that covers a similar amount of topics with a similar amount of depth, closest I can think of perhaps being the hacker playbook 3 in combination with the pentester's blueprint. Am I missing a hidden gem? And is Weidman's book recommended to go through at this point, or is waiting for an update the better thing to do? I realize that is a subjective question, I'm mostly curious about the yays or nays, not so much crowdsourcing my path forward 🙂

yes, lots of people have mentioned using it, still solid, still good info

Any good book about ruby and metasploit

uhm ...to do what exactly? Mastering Metasploit has a section on Ruby iirc, but if you still need to come to grips with the language that might not be the best intro?

for those who want to go through Violent Python or the 1st edition of Black Hat Python without running into the Python2 problem, this looks like a great way to do that. Black Hat Python's 2nd edition is being worked on but until then:
https://github.com/EONRaider/violent-python3
https://github.com/EONRaider/blackhat-python3

To add onto this, Sam Bowne has a cool interactive Violent Python 3 course that plays out like a series of THM rooms - not sure if he's still standing up the servers from CactusCon for the challenges but the lessons are still there
https://samsclass.info/124/VP2020.htm

if the port he is sending stuff to is indeed 10201 like my tools tell me then that gives no response when poking it with nc so may no longer be up, regrettably. lessons sseem good though, including precious 2020 zoom issues 🙂

any good recommendation book for learning linux ?

nvm the pinned messages got it

Hello everyone, since I'm pretty bored with pentest these days, I wanna discover new fields and especially cryptography so if someone has a good book about it let me know, thanks !

"Serious Cryptography" is a famous book.
https://nostarch.com/seriouscrypto

Oh I will have a look about it, thanks a lot !

Book of the Month Club
Kali Linux Web Penetration Testing Cookbook, Second Edition, by Gilberto Najera-Gutierrez.
This month's book is about learning Web Hacking Fundamentals. It covers the same topic as the third of TryHackMe's Modules on the site: https://tryhackme.com/module/web-hacking-1
Feel free to discuss this book with others and ask questions. The goal is to study and learn together! 🥳

For the bookclub...Is there anywhere we discuss the books for the month, or is it just a general recommendation? Sorry I looked at the pinned comments but couldn’t find anything...

Tim decides them each month

he listens to recommendations iirc

But no like real time or guided discussion, right? And thank you!

You're welcome to start conversations over it in here 🙂

She's doing a second edition, editing it at the moment

whaaat how have i not noticed this channel 😮

i love books!

anyone else read The Daily Stoic? picked it up yesterday

Yes I've read it! 🙂

is there a book like Linux Basics for Hackers but for Windows?

wait what? Linux basics for windows ?

Do you mean WSL for example ?

They're asking for a book that is like Linux Basics for Hackers but instead a windows basics for hackers

Oooh yeah that makes sense sorry 😆

There's currently a Humble Bundle collection that has a good book on PowerShell

https://www.humblebundle.com/books/pocket-reference-guides-oreilly-books

thank you. I have already a PowerShell book on my list of books I would like to read in the future. Right now I'm looking for a book which is more general (just like Linux Basics for Hackers).

found this one "Windows Hacking: crack all cool stuff of windows"

looks like it may have some basics covered

thank you. based on the table of contents this book is probably not what I'm looking for.

I thought humblebundle was only for gaming

Check out these two:
Hands-On Penetration Testing on Windows by Phil Bramwell.
Kali Linux 2018: Windows Penetration Testing, Second Edition by Wolf Halton and Bo Weaver.

thank you so much.

I just bought the book The Pentester BluePrint did anyone read it and is it useful for a beginner?

I think people have talked about that book positively

okay that's nice

Thanks

just finished up spam nation. awesome book tried listening to the audiobook while i worked out at the gym, ended up having to leave and grab coffee instead because it steals all your attention

https://www.fanatical.com/en/bundle/cybersecurity-bundle

Has anyone read any of these?

I haven't, but from the packt books I have read, they are generally kinda low-quality. I hope this is still useful as feedback while not a direct answer to your question.

Yeah I've read a couple of them, for the bundle's price they are fine, but definetly not worth paying their real cost

thanks !

check out the no starch books on security, there are some great ones in there

Yeah I got that bundle too hahahah

And they are much much better imo

if I buy a book on the no starch platform, do I get all the updated versions too?

I'm obviously talking about ebook, not print

I think you don't, but I bought the humble bundle, not a single book

@humble goblet

I'm asking because I want to grab a book on there that's currently early access

I have a ton of books from HB but I don't expect to get newer editions from there

no idea mate I'm sorry

nw (I wasn't asking you personally 😛 )

I think if you get the early access, that includes the final release of that edition. Essentially a pre-order.

but if a new edition comes out, do you know if that's included as well?

probably not, just thought I'd ask

Usually not, an edition is considered a new book. But you should get all releases of an edition, atleast that is the case with O'Reilly books.

thanks a lot

this is the one I want btw https://nostarch.com/practical-iot-hacking

I think I was searching for a no starch book on iot a while back

I was very happy to find out about this today

That looks interesting. 🙂

I have a few others but no starch has never let me down

Pre-orders with early access materials will receive a PDF containing those completed chapters as soon as it becomes available. When the completed text becomes available it will automatically be uploaded into your customer account at nostarch.com. You will receive an email notification with links to download the texts, or you can access them directly in your user profile

Had to look it up 😄

https://www.humblebundle.com/books/learn-you-more-code-no-starch-press-books

ayy speak of the devil

No starch are the good ones right?

No Starch Press is the best !

I really need to stop buying 10 books everytime I read one

collecting books and reading books are 2 separate hobbies

Two lovely hobbies. ♥️

they do book bundles, comic bundles, magazines, software... Sometimes really top tier stuff, sometimes not so...

If you buy a preorder ebook you'll get the updates but you don't get new editions, like you won't get the second edition of Georgia Weidman's book that's currently being edited (but I reckon you're well beyond it anyway). Usually whatever book you're looking for will be in a bundle within 6-8 months. Effective C came out last November. I bought it last month and it's in a bundle this week!

If you're buying an early access book (pdf or paper) the code PREORDER usually gets you a discount and you get all the updates up to release

Yay! I got top tier as well. Thanks for sharing that observation, I had no idea. I put off buying that book but I'll probably get it cause I expect it will be very helpful for my thesis.

There's a 30% discount on No Starch books in this Women in Tech selection:

https://nostarch.com/blog/celebrate-women-tech-nsp

Nice one. I own a few of those already, but sadly the iot book is not on there

I would love to save that extra 5% 😛

I decided to rename my book buying habit to my library expansion habit cos a TBR pile is a little too subtle term to describe the volume of books I'm acquiring through Humble Bundle and other book deals. I will never read them all

yeah but from what you're saying, you'll be able to practically wish for a book and already have it, so at that point who's laughing?

Umberto Eco calls it an antilibrary...

https://www.brainpickings.org/2015/03/24/umberto-eco-antilibrary/

I'm about to spend on a book 2x the amount I spend on 15 with some of these bundles

I don't get every single one, only those that I specifically want/need of course

I have purchased 2 books directly from No Starch. Effective C and Cyberjutsu (cos it's the coolest name for a book on cyberwarfare). All the rest are Humble Bundles. Usually there's plenty of crossover in those books (I have most of their Cybersec, Python and other programming books). If they were print books they'd need their own environmentally controlled room. That's much easier on hard drives 🙂

why did you have to remind me about that book? I really want it

Oh yeah and all the Linux/BSD books too pretty much. And a bunch of Wiley, Sybex, O'Reilly and Packt bundles among others.

I'm guessing cyberjutsu will be in a hacking bundle around May/June maybe

I read through some of the humble ones on my phone when I'm bored. I can't work through the more technical ones that way, but it's like a written defcon talk for some of them

ebooks are also far more practical especially in topics like programming. I learnt C from a book (print) and on a 4:3 screen, and python with an e-book and 16:9. having done the latter I couldn't go back to the former, it was so tiring.