Hacker Bookshelf

This is a curated collection of books I would recommend to anybody active in Information Security or with ambitions in any of these subjects. Please note that I did not write/publish/etc any of them. If you find links that are broken, or think something should be added, feel free to
let me know.

Blue Team / Defense Cryptography Databases Exploitation Forensics Hacking Hardware Hacking / IoT Industrial / SCADA Machine Learning / Data Science Mainframes Malware Mobile Networking OS: Generic OS: Linux OS: Mac OS: Windows Physical Security / Lockpicking Programming Reverse Engineering Secure Code Review Security Social Engineering / Organisations Threat Intelligence / OSINT Web Threat Hunting / Purple Teaming Legacy Future Releases

Blue Team / Defense

Applied Incident Response

Released: 2020
Author(s): Steve Anson

Practical Vulnerability Management

A Strategic Approach to Managing Cyber Risk

Released: 2020
Author(s): Andrew Magnusson

Intrusion Detection Honeypots

Detection through Deception

Released: 2020
Author(s): Chris Sanders

Blue Team Handbook: SOC, SIEM, and Threat Hunting

A Condensed Guide for the Security Operations Team and Threat Hunter

Released: 2019
Author(s): Don Murdoch

Blue Team Field Manual (BTFM)

Released: 2017
Author(s): Alan J White, Ben Clark

The Practice of Network Security Monitoring

Understanding Incident Detection and Response

Released: 2013
Author(s): Richard Bejtlich

Applied Network Security Monitoring

Collection, Detection, and Analysis

Released: 2013
Author(s): Chris Sanders, Jason Smith


Cryptography Apocalypse

Preparing for the Day When Quantum Computing Breaks Today's Crypto

Released: 2019
Author(s): Roger A. Grimes

Serious Cryptography

A Practical Introduction to Modern Encryption

Released: 2018
Author(s): Jean-Philippe Aumasson

Bulletproof SSL and TLS

Understanding and Deploying SSL/TLS and PKI to Secure Servers and Web Applications

Released: 2017
Author(s): Ivan Ristic

Introduction to Modern Cryptography

Released: 2014 (2nd edition)
Author(s): Jonathan Katz, Yehuda Lindell

Computational Number Theory and Modern Cryptography

Released: 2013
Author(s): Song Y. Yan

Cryptography Engineering

Design Principles and Practical Applications

Released: 2010
Author(s): Niels Ferguson, Bruce Schneier, Tadayoshi Kohno


Pro SQL Server Internals

Released: 2016 (2nd edition)
Author(s): Dmitri Korotkevitch

Microsoft SQL Server 2012 Internals

Developer Reference

Released: 2013
Author(s): Kalen Delaney, Bob Beauchemin, Conor Cunningham, Jonathan Kehayias, Paul S. Randal, Benjamin Nevarez

The Database Hacker's Handbook

Defending Database Servers

Released: 2005
Author(s): David Litchfield, Chris Anley, John Heasman, Bill Grindlay


A Bug Hunter's Diary

A Guided Tour Through the Wilds of Software Security

Released: 2011
Author(s): Tobias Klein

A Guide to Kernel Exploitation

Attacking the Core

Released: 2010
Author(s): Enrico Perla, Massimiliano Oldani

The Art of Exploitation

Released: 2008 (2nd edition)
Author(s): Jon Erickson

The Shellcoder's Handbook

Discovering and Exploiting Security Holes

Released: 2007 (2nd edition)
Author(s): Chris Anley, John Heasman, Felix Lindner, Gerardo Richarte

Writing Security Tools and Exploits

Released: 2006
Author(s): James C. Foster, VIncent T. Liu

Sockets, Shellcode, Porting, and Coding

Reverse Engineering Exploits and Tool Coding for Security Professionals

Released: 2005
Author(s): James C. Foster

Buffer Overflow Attacks

Detect, Exploit, Prevent

Released: 2005
Author(s): James C. Foster, Vitaly Osipov


Investigating Cryptocurrencies

Understanding, Extracting, and Analyzing Blockchain Evidence

Released: 2018
Author(s): Nick Furneaux

Practical Forensic Imaging

Securing Digital Evidence with Linux Tools

Released: 2016
Author(s): Bruce Nikkel

The Art of Memory Forensics

Detecting Malware and Threats in Windows, Linux, and Mac Memory

Released: 2014
Author(s): Michael Hale Ligh, Andrew Case, Jamie Levy, Aaron Walters

Digital Forensics with Open Source Tools

Released: 2011
Author(s): Cory Altheide, Harlan Carvey

File System Forensic Analysis

Released: 2005
Author(s): Brian Carrier

Forensic Discovery

Released: 2005
Author(s): Dan Farmer, Wietse Venema

Real Digital Forensics

Computer Security and Incident Response

Released: 2005
Author(s): Keith J. Jones, Richard Bejtlich, Curtis W. Rose


Gray Hat Hacking

The Ethical Hacker's Handbook

Released: 2018 (5th edition)
Author(s): Allen Harper, Daniel Regalado, Ryan Linn, Stephen Sims, Branko Spasojevic, Linda Martinez, Michael Baucom, Chris Eagle, Shon Harris

The Hacker Playbook 3

Practical Guide To Penetration Testing

Released: 2018
Author(s): Peter Kim

Pentesting Azure Applications

The Definitive Guide to Testing and Securing Deployments

Released: 2018
Author(s): Matt Burrough

Kali Linux Revealed

Mastering the Penetration Testing Distribution

Released: 2017
Author(s): Raphael Hertzog, Jim O'Gorman

Advanced Penetration Testing

Hacking the World's Most Secure Networks

Released: 2017
Author(s): Wil Allsopp

Game Hacking

Developing Autonomous Bots for Online Games

Released: 2016
Author(s): Nick Cano

Rtfm: Red Team Field Manual

Released: 2014
Author(s): Ben Clark

Penetration Testing

A Hands-On Introduction to Hacking

Released: 2014
Author(s): Georgia Weidman


The Penetration Tester's Guide

Released: 2011
Author(s): David Kennedy, Jim O'Gorman, Devon Keams, Mati Aharoni

Hardware Hacking / IoT

The IoT Hacker's Handbook

A Practical Guide to Hacking the Internet of Things

Released: 2019
Author(s): Aditya Gupta

Practical Industrial Internet of Things Security

A practitioner's guide to securing connected industries

Released: 2018
Author(s): Sravani Bhattacharjee

Hardware Security

A Hands-on Learning Approach

Released: 2018
Author(s): Swarup Bhunia, Mark Tehranipoor

Industrial / SCADA

Handbook of SCADA/Control Systems Security

Released: 2016 (2nd edition)
Author(s): Robert Radvanovsky, Jacob Brodsky

Hacking Exposed Industrial Control Systems

ICS and SCADA Security Secrets & Solutions

Released: 2016
Author(s): Clint Bodungen, Bryan Singer, Aaron Shbeeb, Kyle Wilhoit, Stephen Hilt

Countdown to Zero Day

Stuxnet and the Launch of the World's First Digital Weapon

Released: 2015
Author(s): Kim Zetter

Industrial Network Security

Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems

Released: 2014 (2nd edition)
Author(s): Eric D. Knapp, Joel Thomas Langill

Applied Cyber Security and the Smart Grid

Implementing Security Controls into the Modern Power Infrastructure

Released: 2013
Author(s): Eric D. Knapp, Raj Samani

Robust Control System Networks

How to achieve reliable control after Stuxnet

Released: 2011
Author(s): Ralph Langner

Cybersecurity for Industrial Control Systems


Released: 2011
Author(s): Tyson Macaulay, Bryan L. Singer

Machine Learning / Data Science

Machine Learning and Security

Protecting Systems with Data and Algorithms

Released: 2018
Author(s): Clarence Chio, David Freeman

Malware Data Science

Attack Detection and Attribution

Released: 2018
Author(s): Joshua Saxe, Hillary Sanders


Introduction to the New Mainframe

z/OS Basics

Released: 2011
Author(s): Mike Ebbers, John Kettner, Wayne O'Brien, Bill Ogden

Mastering IBM i

The Complete Resource for Today's IBM i System

Released: 2011
Author(s): Jim Buck, Jerry Fottral

Mainframe Basics for Security Professionals

Getting Started with RACF

Released: 2008
Author(s): Ori Pomerantz, Barbara Vander Weele, Mark Nelson, Tim Hahn

Hacking iSeries

Released: 2006
Author(s): Shalom Carmel

Experts' Guide to OS/400 & i5/OS Security

Released: 2004
Author(s): Carol Woodbury, Patrick Botz


Practical Malware Analysis

The Hands-On Guide to Dissecting Malicious Software

Released: 2012
Author(s): Michael Sikorski, Andrew Honig

The Rootkit Arsenal

Escape and Evasion in the Dark Corners of the System

Released: 2012 (2nd edition)
Author(s): Bill Blunden

Malware Analyst's Cookbook

Tools and Techniques for Fighting Malicious Code

Released: 2010
Author(s): Michael Ligh, Steven Adair, Blake Hartstein, Matthew Richard

Malware Forensics

Investigating and Analyzing Malicious Code

Released: 2008
Author(s): Cameron H. Malin, Eoghan Casey, James M. Aquilina

The Art of Computer Virus Research and Defense

Released: 2005
Author(s): Peter Szor

Malicious Cryptography

Exposing Cryptovirology

Released: 2004
Author(s): Adam Young, Moti Yung


iOS Application Security

The Definitive Guide for Hackers and Developers

Released: 2016
Author(s): David Thiel

The Mobile Application Hacker's Handbook

Released: 2015
Author(s): Dominic Chell, Tyrone Erasmus, Shaun Colley, Ollie Whitehouse

Android Security Internals

An In-Depth Guide to Android's Security Architecture

Released: 2014
Author(s): Nikolay Elenkov

Android Hacker's Handbook

Released: 2014
Author(s): Joshua J. Drake, Zach Lanier, Collin Mulliner, Pau Oliva Fora, Stephen A. Ridley, Georg Wicherski

iOS Hacker's Handbook

Released: 2012
Author(s): Charlie Miller, Dion Blazakis, Dino DaiZovi, Stefan Esser, Vincenzo Iozzo, Ralf-Philipp Weinmann

Decompiling Android

Released: 2012
Author(s): Godfrey Nolan


Practical Packet Analysis

Using Wireshark to Solve Real-World Network Problems

Released: 2017 (3rd edition)
Author(s): Chris Sanders

Wireshark for Security Professionals

Using Wireshark and the Metasploit Framework

Released: 2017
Author(s): Jessey Bullock, Jeff T. Parker

Attacking Network Protocols

A Hacker's Guide to Capture, Analysis, and Exploitation

Released: 2017
Author(s): James Forshaw

Computer Networking

A Top-Down Approach

Released: 2016 (7th edition)
Author(s): Jim Kurose, Keith Ross

Mastering Nmap Scripting Engine

Released: 2015
Author(s): Paulino Calderon Pale

Hacking VoIP

Protocols, Attacks, and Countermeasures

Released: 2008
Author(s): Himanshu Dwivedi

Linux Firewalls

Attack Detection and Response with iptables, psad, and fwsnort

Released: 2007
Author(s): Michael Rash

OS: Generic

Computer Organization and Design

The Hardware Software Interface: ARM Edition

Released: 2016
Author(s): David A. Patterson, John L. Hennessy

Modern Operating Systems

Released: 2014 (4th edition)
Author(s): Andrew S. Tanenbaum, Herbert Bos

Operating System Concepts

Released: 2012 (9th edition)
Author(s): Abraham Silberschatz, Peter B. Galvin, Greg Gagne

Operating Systems In Depth

Design and Programming

Released: 2010
Author(s): Thomas W. Doeppner

OS: Linux

Linux Basics for Hackers

Getting Started with Networking, Scripting, and Security in Kali

Released: 2018
Author(s): OccupyTheWeb

Linux Kernel Development

A thorough guide to the design and implementation of the Linux kernel

Released: 2010 (3rd edition)
Author(s): Robert Love

The Linux Programming Interface

A Linux and UNIX System Programming Handbook

Released: 2010
Author(s): Michael Kerrisk

Solaris Internals

Solaris 10 and OpenSolaris Kernel Architecture

Released: 2006 (2nd edition)
Author(s): Richard McDougall

OS: Mac

MacOS and iOS Internals

Volume II: Kernel Mode

Released: 2019
Author(s): Jonathan Levin

MacOS and iOS Internals

Volume I: User Mode (v1.3)

Released: 2017
Author(s): Jonathan Levin

MacOS and iOS Internals

Volume III: Security & Insecurity

Released: 2016
Author(s): Jonathan Levin

Mac OS X and iOS Internals

To the Apple's Core

Released: 2012
Author(s): Jonathan Levin

OS X and iOS Kernel Programming

Released: 2011
Author(s): Ole Henry Halvorsen, Douglas Clarke

OS: Windows

Windows 10 System Programming

Part 1

Released: 2020
Author(s): Pavel Yosifovich

Windows Kernel Programming

Released: 2019
Author(s): Pavel Yosifovich

Windows Internals

Part 1: System architecture, processes, threads, memory management, and more

Released: 2017 (7th edition)
Author(s): Pavel Yosifovich, Alex Ionescu, Mark E. Russinovich, David A. Solomon

Windows 10 Forensic Analysis

Released: 2016
Author(s): Rhys P J Evans

Windows Forensic Analysis Toolkit

Advanced Analysis Techniques for Windows 8

Released: 2014 (4th edition)
Author(s): Harlan Carvey

Windows Forensic Analysis Toolkit

Advanced Analysis Techniques for Windows 7

Released: 2012 (3rd edition)
Author(s): Harlan Carvey

What Makes It Page?

The Windows 7 (x64) Virtual Memory Manager

Released: 2012
Author(s): Enrico Martignetti

Physical Security / Lockpicking

The Complete Book of Locks and Locksmithing

Released: 2016 (7th edition)
Author(s): Bill Phillips

Car Hacker's Handbook

A Guide for the Penetration Tester

Released: 2016
Author(s): Craig Smith

Practical Lock Picking

A Physical Penetration Tester's Training Guide

Released: 2012 (2nd edition)
Author(s): Deviant Ollam

Keys to the Kingdom

Impressioning, Privilege Escalation, Bumping, and Other Key-Based Attacks Against Physical Locks

Released: 2012
Author(s): Deviant Ollam

Visual Guide to Lock Picking

Released: 2007 (3rd edition)
Author(s): Mark McCloud, Gonzalez de Santos


Black Hat Go

Go Programming for Hackers and Pentesters

Released: 2020
Author(s): Tom Steele, Chris Patten, Dan Kottmann

Modern C

Released: 2019
Author(s): Jens Gustedt

Gray Hat C#

A Hacker's Guide to Creating and Automating Security Tools

Released: 2017
Author(s): Brandon Perry

Black Hat Python

Python Programming for Hackers and Pentesters

Released: 2014
Author(s): Justin Seitz

Threat Modeling

Designing for Security

Released: 2014
Author(s): Adam Shostack

Violent Python

A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers

Released: 2012
Author(s): TJ O'Connor

Hacker's Delight

Released: 2012 (2nd edition)
Author(s): Henry S. Warren

Gray Hat Python

Python Programming for Hackers and Reverse Engineers

Released: 2009
Author(s): Justin Seitz

Assembly Language Step-by-step

Programming with Linux

Released: 2009 (3rd edition)
Author(s): Jeff Duntemann

Surreptitious Software

Obfuscation, Watermarking, and Tamperproofing for Software Protection

Released: 2009
Author(s): Christian Collberg, Jasvir Nagra

ATL Internals: Working with ATL 8

Released: 2006 (2nd edition)
Author(s): Christopher Tavares, Kirk Fertitta, Brent E. Rector, Chris Sells

Reverse Engineering

The Ghidra Book

The Definitive Guide

Released: 2020
Author(s): Chris Eagle, Kara Nance

Rootkits and Bootkits

Reversing Modern Malware and Next Generation Threats

Released: 2019
Author(s): Alex Matrosov, Eugene Rodionov, Sergey Bratus

Practical Binary Analysis

Build Your Own Linux Tools for Binary Instrumentation, Analysis, and Disassembly

Released: 2018
Author(s): Dennis Andriesse

Practical Reverse Engineering

x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation

Released: 2014
Author(s): Bruce Dang, Alexandre Gazet, Elias Bachaalany, Sébastien Josse

Decompiling Java

Released: 2014
Author(s): Godfrey Nolan

The IDA Pro Book

The Unofficial Guide to the World's Most Popular Disassembler

Released: 2011 (2nd edition)
Author(s): Chris Eagle

Hacker Disassembling Uncovered

Released: 2007 (2nd edition)
Author(s): Kris Kaspersky

BIOS Disassembly Ninjutsu Uncovered

Released: 2006
Author(s): Darmawan Salihun


Secrets of Reverse Engineering

Released: 2005
Author(s): Eldad Eilam

Secure Code Review

Secure Coding in C and C++

SEI Series in Software Engineering

Released: 2013 (2nd edition)
Author(s): Robert C. Seacord

The CERT Oracle Secure Coding Standard for Java

SEI Series in Software Engineering

Released: 2011
Author(s): Fred Long, Dhruv Mohindra, Robert C. Seacord, Dean F. Sutherland, David Svoboda

The Art of Software Security Assessment

Identifying and Preventing Software Vulnerabilities

Released: 2006
Author(s): Mark Dowd, John McDonald, Justin Schuh


Foundations of Information Security

A Straightforward Introduction

Released: 2019
Author(s): Jason Andress

Secrets and Lies

Digital Security in a Networked World

Released: 2015 (15th edition)
Author(s): Bruce Schneier

Security Engineering

A Guide to Building Dependable Distributed Systems

Released: 2008 (2nd edition)
Author(s): Ross J. Anderson

Silence on the Wire

A Field Guide to Passive Reconnaissance and Indirect Attacks

Released: 2005
Author(s): Michal Zalewski

Social Engineering / Organisations

Social Engineering

The Science of Human Hacking

Released: 2018 (2nd edition)
Author(s): Christopher Hadnagy

Advanced Persistent Threat Hacking

The Art and Science of Hacking Any Organization

Released: 2014
Author(s): Tyler Wrightson

The Art of Intrusion

The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers

Released: 2005 (60282nd edition)
Author(s): Kevin D. Mitnick, William L. Simon

The Art of Deception

Controlling the Human Element of Security

Released: 2003
Author(s): Kevin D. Mitnick, William L. Simon

Threat Intelligence / OSINT

Hunting Cyber Criminals

A Hacker's Guide to Online Intelligence Gathering Tools and Techniques

Released: 2020
Author(s): Vinny Troia

Extreme Privacy

What It Takes to Disappear

Released: 2020
Author(s): Michael Bazzell

Open Source Intelligence Techniques

Resources for Searching and Analyzing Online Information

Released: 2019 (7th edition)
Author(s): Michael Bazzell


Web Security for Developers

Released: 2020
Author(s): Malcolm McDonald

Real-World Bug Hunting

A Field Guide to Web Hacking

Released: 2019
Author(s): Peter Yaworski

The Browser Hacker's Handbook

Released: 2014
Author(s): Wade Alcorn, Christian Frichot, Michele Orru

Burp Suite Essentials

Released: 2014
Author(s): Akash Mahajan

The Tangled Web

A Guide to Securing Modern Webapplications

Released: 2011
Author(s): Michal Zalewski

The Web Application Hacker's Handbook

Finding and Exploiting Security Flaws

Released: 2011 (2nd edition)
Author(s): Dafydd Stuttard, Marcus Pinto

Threat Hunting / Purple Teaming


Windows System Programming

Released: 2015 (4th edition)
Author(s): Johnson M. Hart

CLR via C#

Released: 2012 (4th edition)
Author(s): Jeffrey Richter

OS X and iOS Kernel Programming

Released: 2011
Author(s): Ole Henry Halvorsen, Douglas Clarke

TCP/IP Illustrated, Volume 1: The Protocols

Released: 2011 (2nd edition)
Author(s): Kevin R. Fall, W. Richard Stevens

Microsoft SQL Server 2008 Internals

Developer Reference

Released: 2009
Author(s): Kalen Delaney, Paul S. Randal, Kimberly L. Tripp, Conor Cunninghan, Adam Machanic, Benjamin Nevarez

The Mac Hacker's Handbook

Released: 2009
Author(s): Charlie Miller, Dino Dai Zovi

SQL Server Forensic Analysis

Released: 2008
Author(s): Kevvie Fowler

Designing BSD Rootkits

An Introduction to Kernel Hacking

Released: 2007
Author(s): Joseph Kong

Windows Via C/C++

Released: 2007 (5th edition)
Author(s): Jeffrey Richter, Christophe Nasarre

Mac OS X Internals

A Systems Approach

Released: 2006
Author(s): Amit Singh

Understanding the Linux Kernel

Released: 2005 (3rd edition)
Author(s): Daniel P. Bovet, Marco Cesati

Linux Device Drivers

Released: 2005 (3rd edition)
Author(s): Jonathan Corbet, Alessandro Rubini, Greg Kroah-Hartman


Subverting the Windows Kernel

Released: 2005
Author(s): Greg Hoglund, Jamie Butler

Practical Cryptography

Released: 2003
Author(s): Niels Ferguson, Bruce Schneier

The Code Book

The Science of Secrecy from Ancient Egypt to Quantum Cryptography

Released: 2000
Author(s): Simon Singh

Windows NT Device Driver Development

Released: 1998
Author(s): Peter G. Viscarola, W. Anthony Mason

Essential COM

Released: 1998
Author(s): Don Box

Windows NT File System Internals

A Developer's Guide

Released: 1997
Author(s): Rajeev Nagar

The Codebreakers

The Comprehensive History of Secret Communication from Ancient Times to the Internet

Released: 1996
Author(s): David Kahn

Handbook of Applied Cryptography

Released: 1996
Author(s): Alfred J. Menezes, Paul C. van Oorschot, Scott A. Vanstone

Applied Cryptography

Protocols, Algorithms and Source Code in C

Released: 1995 (2nd edition)
Author(s): Bruce Schneier

The C Programming Language

Released: 1988 (2nd edition)
Author(s): Brian W. Kernighan, Dennis M. Ritchie

Future Releases

Windows Internals

Part 2

Will be released: 2021 (7th edition)
Author(s): Mark E. Russinovich, Andrea Allievi, Alex Ionescu, David A. Solomon

The Hardware Hacking Handbook

Breaking Embedded Security with Hardware Attacks

Will be released: 2021
Author(s): Jasper van Woudenberg, Colin O'Flynn