Security Books

A diverse collection of cybersecurity readings for working security professionals and advantageous, curious readers. There is something for everyone:


Automate The Boring Stuff With Python – learn step-by-step how to write code for practical daily tasks using Python: 

Applied Network Security Monitoring – an effective guide for anyone looking to learn more about the proper methods for Network Security Monitoring including topics on Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) and much more!

Blue Team Handbook: Incident Response Edition – a brilliant guide for incident responders, SOC analysts, and digital forensic investigators. “Whether you are writing up your cases notes, analyzing potentially suspicious traffic, or called in to look over a misbehaving server – this book should help you handle the case and teach you some new techniques along the way”:

Blue Team Field Manual (BTFM) – aligns with the U.S. National Institute of Standards & Technology (NIST) framework and covers the core functions of incident response and how to properly recover from one:

Cloud Storage Forensics – addresses the current challenges with performing forensic examinations in the Cloud:

Countdown to Zero Day – unbelievable, action-packed inside look at the Stuxnet worm:   

Digital Forensics with Open Source Tools – don’t have access to expensive commercial tools? No problem. Learn how to perform forensic examination using powerful open source tools:

Future Crimes – in the ever-growing connected-world security sometimes takes a backseat. A captivating read that offers tremendous insight into where we have been and where we are headed in the intertwined world. (NY Times feature:

File System Forensics Analysis – a deep dive in the various file systems (i.e. FAT, NTFS, etc.), analysis of data structures, review of critical forensics artifacts and so much more! An amazing reference that comes super helpful during examinations!

Ghost in the Wires – “is a thrilling true story of intrigue, suspense, and unbelievable escape, and a portrait of a visionary whose creativity, skills, and persistence forced the authorities to rethink the way they pursued him, inspiring ripples that brought permanent changes in the way people and companies protect their most sensitive information”:

Hash Crack – a resourceful manual during security assessments:

Hiding Behind the Keyboard – daring and gripping look behind the latest covert communications techniques and forensic methods for identifying them:

Hiding from the Internet – a practical and important guidance on how to take control of your internet footprint:

Incident Response & Computer Forensics – learn the working best practices from the definitive sources that share their experiences from responding to numerous breaches:

Metasploit The Penetration Tester’s Guide –  even if you use Metasploit every day you are bound to learn something new from this coherent and educational guide:

Malware Analyst’s Cookbook; Tools, and Techniques for Fighting Malicious Code – take a deep-dive with Malware as this book exceptionally covers: classifying malware, packing and unpacking, dynamic malware analysis, decoding and decrypting, rootkit detection, memory forensics, open source malware research, and much more :

Operation Desolation – advantageous cybersecurity novel from the best selling author of Zero Day and Trojan Horse:

Open Source Intelligence Techniques – a remarkable resource for locating and performing analysis on data on the internet:

Practical Packet Analysis – it’s easy to capture packets with Wireshark, the world’s most popular network sniffer, whether off the wire or from the air. But how do you use those packets to understand what’s happening on your network?” This book takes this complicated process of packet analysis and makes it simple and easy to follow:

Practical Reverse Engineering  & Practical Malware Analysis – with plenty of hands-on exercises and relevant examples, both of these books articulate the challenging concepts of reverse engineering coherently:

Rogue Code – a thrilling cybersecurity novel about financial markets from the best selling author of Zero Day and Trojan Horse : 

RTFM Red Team Field Manual – A candid and concise guide that every security professional must have!:

Spam Nation – this surreal and thrilling book “proposes concrete solutions for protecting ourselves online and stemming this tidal ware of cybercrime-before it’s too late”:

The Art of Memory Forensics – One of the most relevant and powerful skills is being able to understand memory artifacts and analyze accordingly. This book is the definitive source!:

The Tangled Web – a brilliant narration covering one of the most targeted domains: Web Applications.  The author does a remarkable job in examining the “entire browser security model, revealing weak points and providing crucial information for shoring up web application security”

Threat Intelligence and Me – Engaging and extremely educational book on the complex and most commonly misunderstood topic of Cyber Threat Intelligence:

Threat Modeling: Designing for Security – Learn extremely valuable and actionable advice on how to best design systems, software and services with security from the inception:

Trojan Horse –  Mark Russinovich does it again with this vivid and breath-taking cybersecurity novel about cyber-espionage:

The Phoenix Project: A Novel about IT, DevOps, and Helping Your Business Win – This absorbing and character-driven novel takes you, inside a fictional but real-life like DevOps and IT organization where stakes are high and time is scarce:

The Hacker Playbook 2 – This page-turner is a must-have guide for anyone looking to step-up their penetration testing game!

The Practice of Network Security Monitoring: Understanding Incident Detection and Response – From this exceptionally powerful book, learn how to best leverage open-source tools to build a robust layer of security:

Windows Registry Forensics – This well-researched and in-depth book provides a comprehensive look at Windows Registry from Digital Forensics perspective:

Window Forensic Analysis Toolkit – From a widely acclaimed author and a distinguished security professional, this is a must-have (along with all of other Harlan Carvey’s books)!


Wireshark 101 – Regardless of the team that you are in (red, blue, others) Wireshark is extremely versatile and powerful. From the founder of the Wireshark University, Laura Chappell is a definitive source for anything related Wireshark:

Zero Day – an action-packed and engaging cybersecurity novel that gives you a front-row seat to a cyber-apocalypse:


Got a favorite book that’s not here? Tell me about it & I will include it with your reference!

%d bloggers like this: