#445: Top Hacking Books for 2024 (plus Resources): FREE and Paid

25 snips

Jan 6, 2024

In this podcast, guest Jason Haddix shares his top hacking book recommendations for 2024. Topics discussed include resources for learning application security, recommended books for offensive security, playing Capture the Flag competitions, various resources for offensive security testing, transitioning into penetration testing and web application penetration testing, and understanding network protocols and exploiting their security.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

ADVICE

Resources for Web Hacking

Start with Web Application Hacker's Handbook for foundational knowledge.
Supplement it with PortSwigger's Web Security Academy for free, updated practical labs.

ANECDOTE

Meeting Daniel Miessler

Jason Haddix met Daniel Miessler at a Black Hat training for Web Application Hacker's Handbook.
He noticed Miessler's worn-out copy of the book, indicating extensive use.

ADVICE

Using OWASP Testing Guide

Bookmark OWASP's Web Security Testing Guide for comprehensive web application testing guidance.
Use it as a reference and checklist, not dense reading material.

Get the Snipd Podcast app to discover more snips from this episode

Get the app

Get Proton Mail for FREE: https://davidbombal.wiki/protonmail2 Big thanks to Proton for Sponsoring the video! This is an amazing collection of books and resources - both free and paid. Big thanks to Jason Haddix for sharing his knowledge to help us learn in 2024! // Books and Resources // Web application hacker's handbook: https://amzn.to/48sUNYb Web security academy, Port Swigger: https://portswigger.net/web-security OWASP Web Security Testing Guide: https://owasp.org/www-project-web-sec... Web Security Testing Guide Ellie Saad and Rick Mitchell v4.2: https://owasp.org/www-project-web-sec... Real world bug hunting: https://amzn.to/3TK1mSd Bug Bounty Bootcamp: https://amzn.to/41DW38B Red Team Field Manual: https://amzn.to/48ul0pl Red Team Development and Operations: A practical guide: https://amzn.to/3vez1Jl Operator Handbook: Red Team + OSINT + Blue Team Reference: https://amzn.to/3vemAgC Tribe of Hackers Red Team: https://amzn.to/47ef8zv The Pentester Blueprint: https://amzn.to/3tvA8E6 OSINT Techniques: Resources for uncovering online information: https://amzn.to/3S6xw9j Evading EDR: https://amzn.to/3toESeL Attacking Network Protocols: https://amzn.to/3TEFvv7 Black Hat GraphQL: https://amzn.to/47gHl8C Hacking API’s: https://amzn.to/3TzS0Z5 APISEC University: https://www.apisecuniversity.com/ Black Hat Go: https://amzn.to/3RXV13W Black Hat Python: https://amzn.to/3NHFnHo Black Hat Bash: https://nostarch.com/black-hat-bash Zseano’s methodology: https://www.bugbountyhunter.com/metho... Breaking into information security: https://amzn.to/3TI4n5h Expanding your security horizons: https://amzn.to/3GU07Iq Wiki Book Pentest living document: https://github.com/nixawk/pentest-wik... HackTRICKS: https://book.hacktricks.xyz/welcome/r... Fuzzing lists: https://github.com/secfigo/Awesome-Fu... Sec Lists: https://github.com/danielmiessler/Sec... Payloads all the things: https://github.com/swisskyrepo/Payloa... Pentester Lab: https://pentesterlab.com/ Try Hack Me: Red Team Fundamentals: https://tryhackme.com/module/red-team... HTB Academy: https://academy.hackthebox.com/ Hacktivity: https://hackerone.com/hacktivity/over... Vulnerable U: https://vulnu.mattjay.com/ Grzegorz Niedziela: https://members.bugbountyexplained.co... Or https://www.youtube.com/c/BugBountyRe... Sharing what matters in security: https://securib.ee/newsletter/ Intigriti: https://www.intigriti.com/ tl;dr sec: https://tldrsec.com/ Unsupervised learning: https://danielmiessler.com/subscribe Pentest Book: https://pentestbook.six2dez.com/ Bugcrowd: https://bugcrowd.com/crowdstream Trickest: https://trickest.com/ // Jason Haddix SOCIAL // Youtube: https://www.youtube.com/c/jhaddix LinkedIn: https://www.linkedin.com/in/jhaddix Twitter: https://twitter.com/Jhaddix Github: https://github.com/jhaddix Boddobot: https://buddobot.com/ The Bug Hunters Methodology Live: https://tbhmlive.com/56 // David's SOCIAL // Discord: https://discord.com/invite/usKSyzb X / Twitter: https://www.twitter.com/davidbombal Instagram: https://www.instagram.com/davidbombal LinkedIn: https://www.linkedin.com/in/davidbombal Facebook: https://www.facebook.com/davidbombal.co TikTok: http://tiktok.com/@davidbombal YouTube: https://www.youtube.com/@davidbombal // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com hacking books hack python linux Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! #hacking #hack #cybersecurity