信息安全推荐书籍
2015-10-30 07:41
330 查看
转自:http://dfir.org/?q=node/8/
This page lists books that I have found to be highly relevant and useful for learning topics within computer security, digital forensics, incident response, malware analysis, and reverse engineering, and other
related topics. These books range from introductory texts to advanced research works. While some of these books may seem dated, the information contained is still very useful to people learning today, and much of the information is essential to becoming proficient
in the information security realm.
Please note that, in order to avoid ranking individual books, each category is listed in alphabetical order and each book is listed in alphabetical order within its category.
If you notice any errors with this page or have books that you think should be listed then please contact me. I will only list books that I have personally read and for which I am willing to vouch.
Application Security - Native
Application Security - Web
Cryptography
Database Forensics
Digital Forensics and Incident Response
Exploitation / Penetration Testing
Linux Usage
Malware Development and Analysis
Note: Many of these books contain information related to Reverse Engineering
Memory Forensics
Network Forensics
Networking
Operating Systems Internals - Android
Operating Systems Internals - General
Operating Systems Internals - Linux
Operating Systems Internals - Mac
Operating Systems Internals - Windows
Programming - Concepts and Algorithms
Programming - Language Specific
Note: The reason there are few books here is due to languages having amazing learning resources online
Reverse Engineering
Tradecraft - Digital
Tradecraft - Traditional
Note: I originally found several of these books from The Grugq's list
Recommended Reading
This page lists books that I have found to be highly relevant and useful for learning topics within computer security, digital forensics, incident response, malware analysis, and reverse engineering, and otherrelated topics. These books range from introductory texts to advanced research works. While some of these books may seem dated, the information contained is still very useful to people learning today, and much of the information is essential to becoming proficient
in the information security realm.
Please note that, in order to avoid ranking individual books, each category is listed in alphabetical order and each book is listed in alphabetical order within its category.
If you notice any errors with this page or have books that you think should be listed then please contact me. I will only list books that I have personally read and for which I am willing to vouch.
Application Security - Native
| Title | Comments | Technical Level |
|---|---|---|
| The Art of Software Security Assessment | The Bible of source code auditing | Intermediate-Advanced. Ability to read C/C++ required to get full value. |
| Secure Coding in C and C++ | Arguably the best text for writing secure low-level code | Accessible to all that can read/write C and C++ |
| Title | Comments | Technical Level |
|---|---|---|
| The Browser Hacker's Handbook | Written by the authors of BeEF. A detailed look into many web security topics | Covers basic through advanced topics |
| The Database Hacker's Handbook | The most detailed book available for attacking databases | Covers basic through advanced topics |
| The Tangled Web | A detailed look at the foundations of web protocols followed by a thorough examination of their weakness. Highly, highly recommended | Accessible to all. The beginning chapters cover background needed for later advanced topics |
| The Web Application Hacker's Handbook | Covers a wide range of web security issues | Intermediate |
| Title | Comments | Technical Level |
|---|---|---|
| Cryptography Engineering | The (updated) standard for learning cryptography | Ranges from background and introduction to deep algorithms and security considerations |
| Introduction to Modern Cryptography | A well-done, formal look at cryptography. Used in many graduate level computer science programs | Advanced - full understanding requires deep mathematical knowledge |
| Title | Comments | Technical Level |
|---|---|---|
| Microsoft SQL Server Internals | Examination of MSSQL akin to the OS-level examination of Windows Internals | Intermediate - learn database basics before reading |
| SQL Server Forensic Analysis | A deep look at forensic analysis of MSSQL Systems | Intermediate - learn database basics before reading |
| Title | Comments | Technical Level |
|---|---|---|
| File System Forensic Analysis | The definitive resource for file system forensics | Intermediate-Advanced |
| Forensic Discovery | A foundational text of computer forensics by two of the earliest pioneers | Intermediate |
| Real Digital Forensics | A concise introduction to forensic processes | Beginner-Intermediate |
| Windows Forensic Analysis, Second Edition | This book, along with the 4th edition, are the best books available for Windows disk forensics | Ranges from basic concepts to advanced analysis |
| Windows Forensic Analysis, Fourth Edition | This book, along with the 2nd edition, are the best books available for Windows disk forensics | Ranges from basic concepts to advanced analysis |
| Title | Comments | Technical Level |
|---|---|---|
| A Guide to Kernel Exploitation | Advanced exploitation of a range of operating systems | Advanced |
| Android Hacker's Handbook | A deep dive into exploitation of Android systems | Intermediate |
| The Hacker Playbook | A step-by-step guide to breaking into modern networks with a wide array of techniques and tools | Access to All |
| Hacking: The Art of Exploitation, 1st Edition | A foundational work of low-level exploitation | Intermediate |
| iOS Hacker's Handbook | A deep dive into exploitation of iOS devices | Intermediate-Advanced |
| The Mac Hacker's Handbook | A deep dive into exploitation of Mac systems | Intermediate-Advanced |
| Rtfm: Red Team Field Manual | A concise, well written guide that should be in every penetration tester's travel bag | Accessible to all people with a pen test background |
| The Shellcoder's Handbook | Crafting shellcode and exploits | Intermediate-Advanced |
| Title | Comments | Technical Level |
|---|---|---|
| Linux in a Nutshell | The best text to learn how to use Linux | Beginner-Intermediate |
| Running Linux | Another great text from which to learn Linux | Beginner-Intermediate |
Note: Many of these books contain information related to Reverse Engineering
| Title | Comments | Technical Level |
|---|---|---|
| The Art of Computer Virus Research and Defense | A deep look at many facets of malware analysis | Intermediate |
| Malware Analyst's Cookbook | A "recipe" approach to many topics in malware analysis | Intermediate-Advanced |
| Malware Forensics | A well done introduction to malware analysis | Beginner |
| Practical Malware Analysis | A very approachable book to many topics in malware analysis | Intermediate |
| Rootkits: Subverting the Windows Kernel | A study of many rootkit techniques still in use today | Intermediate-Advanced |
| The Rootkit Arsenal | An 800 page epic of rootkit development and analysis | Intermediate-Advanced |
| Title | Comments | Technical Level |
|---|---|---|
| The Art of Memory Forensics | A 900 page exploration of memory forensics across the major operating systems. NOTE: I am a co-author of this book | Ranges from introductory material to advanced analysis |
| What Makes It Page? | A deep look into the Windows memory manager | Intermediate-Advanced |
| Title | Comments | Technical Level |
|---|---|---|
| The Practice of Network Security Monitoring | Beyond just packet analysis to how to integrate network forensics into a real world environment | Intermediate |
| Practical Packet Analysis | An excellent resource for learning to identify and analyze network traffic | Beginner-Intermediate |
| Wireshark (R) 101 | A deep exploration of Wireshark | Beginner-Intermediate |
| Title | Comments | Technical Level/th> |
|---|---|---|
| CCNA Cisco Certified Network Associate Study Guide | A primer on real world networking and networks | Intermediate |
| CompTIA Network+ All-In-One Exam Guide | An essential book for those looking to learn networking | Beginner |
| TCP/IP Illustrated | The Bible of networking protocols. A must read | Intermediate |
| Title | Comments | Technical Level |
|---|---|---|
| Android Security Internals | A deep look at Android from both the operating system internals and security perspective. | Intermediate |
| Title | Comments | Technical Level |
|---|---|---|
| Intel Architecture Manuals | Very well done documentation on the hardware architecture. Free to download | Intermediate-Advanced |
| Modern Operating Systems | The classic book from Tanenbaum | Intermediate-Advanced |
| Operating System Concepts | "The dinosaur book" of OS internals. | Intermediate-Advanced |
| Title | Comments | Technical Level |
|---|---|---|
| Linux Device Drivers, 3rd Edition | Best resource to learn Linux's driver architecture | Intermediate-Advanced |
| Linux Kernel Development, 3rd Edition | Rob Love on programming in the Linux kernel | Intermediate-Advanced |
| The Linux Programming Interface | Excellent book on programming the Linux environment | Intermediate-Advanced |
| Understanding the Linux Kernel, Third Edition | The equivalent of Windows Internals for Linux | Intermediate-Advanced |
| Title | Comments | Technical Level |
|---|---|---|
| Mac OS X Internals: A Systems Approach | Windows Internals for Mac | Intermediate-Advanced |
| Mac OS X and iOS Internals | Read this after reading Mac OS X Internals | Intermediate-Advanced |
| Title | Comments | Skill Level |
|---|---|---|
| Windows Internals | Read this book if you want to understand Windows | Intermediate-Advanced |
| Windows System Programming (4th Edition) | A step-by-step guide through the Windows API | Intermediate |
| Title | Comments | Technical Level |
|---|---|---|
| Compilers: Principles, Techniques, and Tools | The famous dragon book on compilers | Advanced - Don't read until you have a solid understanding of programming and runtime environments |
| Design Patterns | Required reading for any serious programmer | Intermediate |
| Linkers and Loaders | Required reading for understanding program linking and runtime loading | Intermediate |
Note: The reason there are few books here is due to languages having amazing learning resources online
| Title | Comments | Technical Level |
|---|---|---|
| Advanced Programming in the UNIX(R) Environment | Deep exploration of programming related to Linux, Mac, and BSD | Beginner-Intermediate |
| Black Hat Python | Great book using Python for offensive security purposes | Beginner-Intermediate |
| The C Programming Language, 2nd Edition | "K and R" - required if you want to be proficient with C | Intermediate-Advanced |
| Violent Python | Learn Python programming and directly apply it to forensics and security | Basic to advanced topics |
| Title | Comments | Technical Level |
|---|---|---|
| Assembly Language Step-by-step | The best resource to learn assembly. Later books focused on "high level" assembly as opposed to actual instructions | Intermediate-Advanced |
| Hacker Disassembling Uncovered | A great resource for advanced topics in reverse engineering | Intermediate-Advanced |
| Hacking the Xbox | A well written and fun book from which to learn reversing | Intermediate |
| The IDA Pro Book | The best resource to learn IDA | Intermediate |
| Reversing: Secrets of Reverse Engineering | One of my favorite books. A chapter is dedicated to reversing a Windows API back to C so perfectly that compiling it matches the hash of the Windows DLL | Intermediate-Advanced |
| Practical Reverse Engineering | Reversing across Intel and ARM | Intermediate |
| Title | Comments | Technical Level |
|---|---|---|
| Silence on the Wire | lcamtuf's exploration of vulnerabilities and attacks that most people would never think of. Strongly recommended | Beginner-Advanced |
Note: I originally found several of these books from The Grugq's list
| Title | Comments | Technical Level |
|---|---|---|
| Agent Storm | Real life story of a European convert who joined Al Qaeda while working for the CIA | Accessible to all |
| The Art of Intelligence | Tradecraft and real-world analysis from Henry Crumpton | Beginner-Intermediate |
| Black Banners | Deep coverage of FBI tradecraft while investing the USS Cole bombings, 9/11, and other events in the Middle East | Accessible to all |
| Chinese Intelligence Operations | A well-written, deep study of Chinese intelligence services | Advanced |
| The Main Enemy | An incredibly detailed history of the CIA vs the KGB during the Cold War | Accessible to All |
| See No Evil | Tradecraft and lessons from a former CIA analyst in the Middle East | Intermediate |
| Spy Handler: Memoir of a KGB Officer | Written by the KGB officer whom handled Robert Hanssen and Aldrich Ames. A great text to learn real world tactics and techniques | Beginner-Intermediate |
| Terrorism and Counterintelligence: How Terrorist Groups Elude Detection | A deep examination of modern terrorist groups and counterintelligence use | Intermediate |
| Thwarting Enemies at Home and Abroad: How to Be a Counterintelligence Officer | Read this first - a textbook on how to be a counter intel officer along with terms, techniques, and tactics | Beginner - make this your first book |
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- adb使用大全
- 4.4.6 切换全屏模式
- BZOJ 3124 [Sdoi2013]直径 DFS
- OSChina 周五乱弹 —— 11 大光棍职业
- P2V Windows 2000 到ESXI 5.5
- #define GPBCON (*(volatile unsigned *)0x56000010) 的理解:
- ubuntu关机重启命令介绍
- BZOJ1057 [ZJOI2007]棋盘制作(极大化思想)
- #ifdef __cplusplus extern "C" { #endif 的解释
- CentOS安装时小坑记录
- 8.2 Robot in a Grid
- [LintCode] Search a 2D Matrix
- [CareerCup] 13.3 Virtual Functions 虚函数
- Do You Have Any Question for me
- 8.1 Triple Stair
- 使用androidstudio自带的git插件进行版本控制图文详解
- Generate Parentheses - LeetCode
- 115. Distinct Subsequences (String; DP)
- 国企离职!到了放手的时候!——北漂18年(30)
- 夺命雷公狗jquery---53--jQuery里的ajax的底层实现POST请求