Information Security 101: The Reading List

Part of my Information Security 101 Series.

• Information Security 101: The Reading List
• Information Security 101: The Community
• Information Security 101: Hands-On Experience with Information Security
• Information Security 101: Certifications and Degrees (Coming soon.)
• Information Security 101: Careers and Career Paths (Coming soon.)

Follow me on Twitter:

---

Table of Contents

• Reading List
  • Information Security
  • Digital Forensics, Incident Response, and Malware Analysis
  • Software Engineering and Scripting
  • Criminal Justice and Intelligence
  • Assorted Reading
• Resource Centers and Information Security News
  • SANS
  • NIST
  • OWASP
  • Other News Sources

---

Reading List

These books are listed in no order, other than subject-based categorization.

Information Security

Book Title	Additional Information	Purchase
Penetration Testing	Author: Georgia Weidman. 2014.	Purchase.
The Hacker Playbook 2	Author: Peter Kim. 2015.	Purchase.
Metasploit: The Pentration Tester's Guide	Author: Dave Kennedy et al. 2011.	Purchase.
A Bug Hunter's Diary	Author: Tobias Klein. 2011.	Purchase.
RTFM: Red Team Field Manual	Author: Ben Clark. 2014.	Purchase.
Defensive Security Handbook	Author: Amanda Berlin, and Lee Brotherston. 2017.	Purchase.
Attacking Network Protocols	Author: James Forshaw. 2017.	Purchase.
Serious Cryptography	Author: Jean-Philippe Aumasson. 2017.	Purchase
BTFM: Blue Team Field Manual	Author: Alan White, & Ben Clark. 2017.	Purchase.
Hash Crack: Password Cracking Manual	Author: Joshua Picolet. 2017.	Purchase.
The Web Application Hacker's Handbook	Author: Daffyd Stuttard et al. 2011	Purchase
The Browser Hacker's Handbook	Author: Christian Frichot et al. 2014.	Purchase

Digital Forensics, Incident Response, and Malware Analysis

Book Title	Additional Information	Purchase
Intelligence-Driven Incident Response	Author: Scott Roberts. 2017.	Purchase.
Practical Forensics Imaging	Author: Bruce Nikkel. 2016.	Purchase.
Incident Response and Computer Forensics	Author: Jason Luttgens et al. 2014.	Purchase.
The Art of Memory Forensics	Author: Michael Ligh et al. 2014.	Purchase.
Windows Registry Forensics	Author: Harlan Carvey. 2011.	Purchase.
Windows Forensics Analysis	Author: Harlan Carvey. 2014.	Purchase.
Practical Malware Analysis	Author: Michael Sikorski et al. 2012.	Purchase.
Practical Reverse Engineering	Author: Bruce Dang et al. 2014.	Purchase.
Practical Packet Analysis	Author: Chris Sanders. 2017.	Purchase.

Software Engineering and Scripting

PowerShell

Book Title	Additional Information	Purchase
Learn Windows PowerShell in a Month of Lunches	Author: Don Jones et al. 2016.	Purchase.
Learn PowerShell Scripting in a Month of Lunches	Author: Don Jones et al. 2017.	Purchase.
Windows Server 2016 Automation with PowerShell Cookbook	Author: Thomas Lee. 2017.	Purchase.

Python

Book Title	Additional Information	Purchase
Black Hat Python	Author: Justin Seitz. 2014.	Purchase.
Grey Hat Python	Author: Justin Seitz. 2009.	Purchase.
Violent Python	Author: T.J. O’Connor. 2012.	Purchase.
Learn Python the Hard Way	Author: Zed Shaw. 2013.	Purchase.
Python Crash Course	Author: Eric Matthes. 2015.	Purchase.
Automate the Boring Stuff with Python	Author: Al Sweigart. 2015.	Purchase.

C++

Book Title	Additional Information	Purchase
The C++ Programming Language	Author: Bjarne Stroustrup. 2013.	Purchase.

Golang

Book Title	Additional Information	Purchase
The Go Programming Language	Author: Alan Donovan. 2015.	Purchase.

Criminal Justice and Intelligence

Book Title	Additional Information	Purchase
Studies in Computational Intelligence (Vol. 593)	Author: Mohamed Chawki. 2015.	Purchase.
Psychology of Intelligence Analysis	Author: Richards Heurer. 1999.	Read Free (CIA.GOV).

Assorted Reading

Book Title	Additional Information	Purchase
Unmasking the Social Engineer	Author: Christopher Hadnagy. 2014.	Purchase.
The Art of War	Author: Sun Tzu. 5th century BC.	Read for Free.
Operating Systems: Internals and Design Principles	Author: William Stallings. 2014.	Purchase.
The Confidence Game: Why We Fall for It Every Time	Author: Maria Konnikova. 2016.	Purchase.
The Linux Command Line	Author: William Shotts. 2012.	Purchase.
Discrete Mathematics and Its Applications	Author: Kenneth Rosen. 2011.	Purchase.

---

Resource Centers and Information Security News

SANS

Site Name
The Information Security Reading Room
The Internet Storm Center
SANS’ DFIR Blog
SANS’ Penetration Testing Blog
SANS’ Newsletters

NIST

Site Name
The NIST Computer Security Resource Center
NIST’s Special Publications
NIST’s Drafts for Public Comment

OWASP

Site Name
OWASP Top 10
OWASP Cheat Sheets
OWASP Categories

Other News Sources

Site Name
Krebs on Security
Dark Readings
Wired
Ars Technica
Network World
SC Magazine
Lenny Zeltser’s Blog
VulnHub
ZDNet: Zero Day