Best modern books for penetration testing. (where to start learning hacking)

Hi, it’s Louis here.
So when I first began learning about cyber security I had a fairly solid understanding of IT fundamentals, as should anyone who wishes to build a career in cyber security. I had done a course in secondary school, (i’m UK based), and also done research online about different cyber security, and IT topics. Things you need to understand before tackling the task of beginning your cyber security endeavours are as follows: (keep in mind this is merely my personal recommendations, no one can tell you how you go about learning this topic)

Basic networking, i.e TCP/IP protocols and fundamentals.

Different networking protocols such as HTTP and HTTPS, FTP etc.

It also helps to have an understanding of what ports run what services, e.g port 80 running HTTP and 443 running HTTPS, however this is easier to learn whilst learning pentesting as you will find this out on your own when learning scanning and information gathering.

Take a beginner python course, this will help in many different ways, (there are free courses online), you will learn fundamentals in programming, loops, variables etc. Python is also very common in penetration testing for scripting your own tools and frameworks.

From here, I will recommend some actual books that I believe will be useful to beginners, and also share my not-so popular opinion on certain books as well.

First, my not-so popular opinion. Georgia Weidman is a phenomenal hacker and author of one of the most popular and well selling books on hacking in history, “A hands on introduction to hacking”. This book at the time it was written would easily, without a doubt, be a completely invaluable piece of writing that would skyrocket your knowledge and skills in hacking with a single detailed read through. However, in the modern age, this book is less that worth the hassle. With out of date resources you will find yourself, (as I have), spending nearly a week on the introduction and preparation phases of the book. Some of the resources are genuinely impossible to find. Along with the obscenely complicated lab setup and not only that, but all attack methods spoken about in the book are completely archaic and outdated. This is not by any means a way of discrediting the writer for any of her phenomenal achievements in the field, just in 2019 the book is expensive, and there are other books that will serve you better, and are less likely to make you frustrated and give up on the hobby/passion.

Right, now, time to suggest some actually useful purchases for a beginner. The first of which is actually free! Offensive security have a wonderful course that is FREE, called “Kali linux revealed” and is a must read for any beginner, as it will help you become more familiar and comfortable with your environment, and not only this, will provide a strong foundation from which to build your knowledge off of. (which I personally think is the number 1 issue with people getting into hacking, a lack of fundamental knowledge of linux and their pentesting environment.)

Another great book on C and the C programming language in relation to hacking is “Hacking, the art of exploitation” by Jon Erickson. This book is great, and comes with a great little CD, (which you may need to download, as most cd’s I have seen that come with this book are scratched and dont work), but finding an online version of the ISO is relatively easy. All you need is a 32 bit comuter and you can start learning c in a way that is hacking orientated, and also it will help you learn secure programming as opposed to just what is easiest.

My next book line is “grey hat hacking”, these books are incredible as they are frequently updated with modern methods, mitigation, and strategies. Just a great all round book to enhance your skills and learn about the legal side of things as well as the practical as well, with in depth chapters on law and how to abide by them on a penetration test.

The “Hacker playbook” series by Peter Kim is not for the faint of heart. It is by no means a beginner book, however it is absolutely jam packed with rare and incredible knowledge on hacking and its tools that it is a must read for anyone experienced, and wanting to learn more and take their skills to the next level.

These are just a few books that I would recommend to and absolute beginner, as they are engaging, challenging and most of all exciting. These books will let you immediately get hands on and start hacking.

If you want to take things a little more seriously, and have the spare cash left over, I cannot recommend the “Complete ethical hacking course” that you can find for 10 dollars on this site. (Around £8.70 here in the UK), it is a full comprehensive, detailed, interesting, modern introduction to hacking with an absolutely unparalleled section on web application hacking. You will pay upwards of 700 dollars for any course I have personally seen for the same level of detail and passion put into this course. Seriously, I am not sponsored and do not have to say this, it’s just that this course is so ridiculously affordable, and so incredibly put together that it would be a crime not to recommend it.

But yea, here was my first post on this forum, I hope you found it useful, and remember,
Please hack responsibly. :wink:

5 Likes

@FatherBlob Thanks for sharing a lot of good info.

1 Like

That helped a great Deal! I needed some good valuable reads!

Good! I’m happy I could help!

1 Like