Learning Resources: Books, Links, Courses

I’m quite new here and I already read a lot of really good and valuable content, I really wanted to repay somehow thus creating this post that contains a lot of resources for learning, both for beginners and more advanced people.

Lots of material about information security in general:

Awesome Infosec

Hacking: The Art of Exploitation, 2nd Edition
A very good starting point for beginners, mainly about low level exploitation, introduces basic C and x86 ASM, exploitation (stack overflow, heap overflow, format string exploitation), a bit of networking, a bit of shellcodes, C and ASM knowledge is recommended before reading but can survive without it.

more about assembly: http://opensecuritytraining.info/IntroX86.html

more about exploits: http://opensecuritytraining.info/Exploits1.html

Offensive Computer Security: Training for manipulating all kinds of things: Learning Exploitation with Offensive Computer Security 2.0

a course mainly about low level exploitation that contains some networking and web stuff as well, C and ASM knowledge is required, teaches basic exploitation, teaches about ASLR DEP, ROP, IDS, WAF, SSL and more.

Books:

Reverse Engineering Books:

Reverse Engineering for Beginners (http://beginners.re/) recently became paid but a pdf still can be found easily

Reversing: Secrets of Reverse Engineering

Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation

IDA Pro Book, 2nd Edition

Exploit Development / Kernel Exploitation Books:

Hacking: The Art of Exploitation, 2nd Edition (already mentioned)

The Shellcoder’s Handbook: Discovering and Exploiting Security Holes, 2nd Edition

A Guide to Kernel Exploitation: Attacking the Core

Malware analysis / Rootkits Related Books:

Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software

The Rootkit Arsenal: Escape and Evasion: Escape and Evasion in the Dark Corners of the System

Malware Analyst’s Cookbook and DVD: Tools and Techniques for Fighting Malicious Code

The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory

Operating System Books:

Linux:

Linux Kernel Development
The Linux Programming Interface
Understanding The Linux Kernel

Windows:

Windows Internals
Windows System Programming
Windows Kernel Development

Website Security Books:

Web application Hacker’s Handbook, 2nd Edition

SQL Injection Attacks and Defense, Second Edition

The Tangled Web: A Guide to Securing Modern Web Applications

Smartphone Security Books:

iOS Hacker’s Handbook
Android Hacker’s Handbook
The Mobile Application Hacker’s Handbook

Networking Books:

TCP/IP Illustrated

Cryptography Books:

Serious Cryptography: A Practical Introduction to Modern Encryption

Penetration Testing:

Introduction To Penetration Testing

The Hacker Playbook 2: Practical Guide To Penetration Testing

The Hacker Playbook 3: Practical Guide To Penetration Testing

Great content about low level security: http://fuzzysecurity.com/

Great content about shellcoding and reversing in ARM assembly: https://azeria-labs.com/

Note: I didn’t read all of those books, I collected all of those resources by spending hours on google
and did a simple quality check (skimmed through/read a few pages) for each book/article, for a matter of fact I’m still quite a beginner and still in the process of reading books/solving ctf’s on my topics of interest.

5 Likes

Hey @Lelouch , thanks for the share , you are much appreciated , but next time make sure you check out our existing wikis on Books and references , please contribute your entries there , so that we have a central catalogue which everyone can enjoy :grinning: :+1:.

1 Like

My bad, didn’t notice the wiki section. Will add the resources that are not there already.

2 Likes

Thank you for the resources

This topic was automatically closed after 8 days. New replies are no longer allowed.