Forked from carnal0wnage/gist:606c41ac6ec40bf5c69d4db96d9312e3
Created
March 26, 2018 21:16
-
-
Save matthewjberger/df2b6d2c8c781b8ebbb1067711386d64 to your computer and use it in GitHub Desktop.
Red Team Books
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
From: http://redteams.net/bookshelf/ | |
Techie | |
Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp. | |
Social Engineering: The Art of Human Hacking by Christopher Hadnagy | |
Practical Lock Picking: A Physical Penetration Tester's Training Guide by Deviant Ollam | |
The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick | |
Hacking: The Art of Exploitation by Jon Erickson and Hacking Exposed by Stuart McClure and others. | |
Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning by Fyodor | |
The Shellcoder's Handbook: Discovering and Exploiting Security Holes by several authors | |
Snort IDS and IPS Toolkit (Jay Beale's Open Source Security) by several authors | |
Schneier on Security by Bruce Schneier | |
The Red Team Handbook (PDF) (http://usacac.army.mil/cac2/UFMCS/Repository/RT_Handbook_v6.pdf) | |
The Practice Of Network Security Monitoring, Richard Bejtlich | |
Metasploit, The Penetration Tester's Guide, David Kennedy | |
Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers, TJ O'Connor | |
Rtfm: Red Team Field Manual, Ben Clark | |
Open Source Intelligence Techniques - 3rd edition (2014) by Michael Bazzell. | |
Joint Doctrine Note 1-16, “Command Red Team.” by the U.S. Department of Defense. (http://www.dtic.mil/doctrine/notes/jdn1_16.pdf) | |
Non-Techie | |
The Mission, The Men, and Me: Lessons from a Former Delta Force Commander, Pete Blaber | |
The Art of War, Sun Tzu | |
The Book of Five Rings, Miyamoto Musashi | |
Inside Delta Force, Eric Haney | |
Human Intelligence, Counterterrorism, and National Leadership: A Practical Guide, Gary Berntsen | |
Maneuver Warfare Handbook (Westview Special Studies in Military Affairs), William S Lind | |
Silent Warfare: Understanding the World of Intelligence, Abram N. Shulsky | |
The Gift of Fear and Other Survival Signals that Protect Us From Violence, Gavin de Becker | |
Red Teams and Counterterrorism Training, Stephen Sloan | |
Escape the Wolf – Personal Security Handbook for the Traveling Professional, Clint Emerson | |
On Killing: The Psychological Cost of Learning to Kill in War and Society, Dave Grossman | |
Killer Elite: The Inside Story of America's Most Secret Special Operations Team, Michael Smith | |
Chosen Soldier, Dick Couch | |
KODO: Ancient Ways: Lessons in the Spiritual Life of the Warrior/Martial Artist , Kensho Furuya | |
Man in the Shadows: Inside the Middle East Crisis with a Director of Israel's Mossad, Efraim Halevy | |
The Essence of Aikido: Spiritual Teachings of Morihei Ueshiba, Morihei Ueshiba | |
Let My People Go Surfing: The Education of a Reluctant Businessman, Yvon Chouinard | |
Emergency: This Book Will Save Your Life, Neil Strauss | |
The Rock Warrior's Way: Mental Training for Climbers, Arno Ilgner | |
Brotherhood of Warriors: Behind Enemy Lines with a Commando in One of the World's Most Elite Counterterrorism Units, Aaron Cohen | |
Powerful Peace: A Navy SEAL’s Lessons on Peace from a Lifetime at War, Rob DuBois | |
The Red Circle, Brandon Webb | |
The Art of Intelligence: Lessons from a Life in the CIA's Clandestine Service, Henry A. Crumpton | |
The Unfettered Mind: Writings from a Zen Master to a Master Swordsman. By Takuan Soho. | |
Left of Bang: How the Marine Corps' Combat Hunter Program Can Save Your Life, by Patrick Van Horne. | |
Team of Teams, by Gen. Stanley McChrystal. | |
Red Team: How to Succeed By Thinking Like the Enemy, by Micah Zenko. | |
Extreme Ownership: How U.S. Navy SEALs Lead and Win, by Jocko Willink and Leif Babin. | |
About Face: The Odyssey of an American Warrior, Colonel David H. Hackworth. | |
From Andre Gironda via Sans advisory board mailing list post | |
A Guide to Kernel Exploitation: Attacking the Core | |
Abusing the Internet of Things | |
(!) Advanced Penetration Testing: Hacking the World's Most Secure Networks | |
Advanced Penetration Testing for Highly-Secured Environments, 2nd Edition | |
Advanced Persistent Threat Hacking | |
Analyzing Social Media Networks with NodeXL | |
Android Security Cookbook | |
Anti-Hacker's Tool Kit, 4th Edition | |
Anticipating Surprise: Analysis for Strategic Warning | |
Bioteams: High Performance Teams Based on Nature's Most Successful Designs | |
Black Hat Python | |
Broker, Trader, Lawyer, Spy: The Secret World of Corporate Espionage | |
Building a Cyber Fortress | |
Building a Pentesting Lab for Wireless Networks | |
(*) Building an Intelligence-Led Security Program | |
Building Virtual Pentesting Labs for Advanced Penetration Testing, 2nd Edition | |
(*) CISO's Guide to Penetration Testing: A Framework to Plan, Manage, and Maximize Benefits | |
(*) Corporate Security Intelligence and Strategic Decision Making | |
Counterdeception Principles and Applications for National Security | |
(*) Cyber Operations: Building, Defending, and Attacking Modern Computer Networks | |
Cybersecurity: Managing Systems, Conducting Testing, and Investigating Intrusions | |
(!) Darkweb Cyber Threat Intelligence Mining | |
Data-Driven Security: Analysis, Visualization, and Dashboards | |
(!) DNS Security: Defending the Domain Name System | |
Enterprise Cybersecurity: How to Build a Successful Cyberdefense Program Against Advanced Threats | |
Essential Cybersecurity Science | |
Exploring SE for Android | |
(!) Gray Hat C# | |
Gray Hat Hacking: The Ethical Hacker's Handbook, 4th Edition | |
Gray Hat Python | |
Hacking Android | |
(!) Hacking Exposed Industrial Control Systems | |
Hacking Exposed Linux, 3rd Edition | |
(*) Hacking Web Intelligence | |
Hacking Wireless Access Points | |
(!*) Hash Crack: Password Cracking Manual | |
(!*) How to Measure Anything in Cybersecurity Risk | |
How NASA Builds Teams | |
HTML5 Security | |
Identifying Malicious Code through Reverse Engineering | |
Instant Burp Suite Starter | |
Intermediate Security Testing with Kali Linux 2 | |
Introduction to Social Media Investigation | |
(*) Investigative Interviewing | |
Kali Linux 2 Assuring Securtiy by Penetration Testing, 3rd Edition | |
Kali Linux Wireless Penetration Testing: Beginner's Guide | |
Kali Linux Wireless Penetration Testing Essentials | |
Learning iOS Security | |
(*) Managing the Insider Threat: No Dark Corners | |
Mastering Kali Linux Wireless Pentesting | |
(!) Mastering Metasploit, 2nd Edition | |
(!) Mastering Modern Web Penetration Testing | |
(*) Mastering the Nmap Scripting Engine | |
Mastering Wireless Penetration Testing for Highly Secured Environments | |
(!) Mastering Wireshark 2 | |
(*) Measuring and Managing Information Risk | |
Mobile Application Penetration Testing | |
Network Analysis Using Wireshark Cookbook | |
(*) Network Attacks and Exploitation: A Framework | |
(!*) Network Security Assessment, 3rd Edition | |
(!) Network Security Through Data Analysis, 2nd Edition | |
Offensive Countermeasures: The Art of Active Defense | |
Open Source Intelligence Techniques | |
Packet Analysis with Wireshark | |
Penetration Testing | |
Python Penetration Testing for Developers | |
Rebels at Work: A Handbook for Leading Change From Within | |
ReModel: Create mental models to improve your life and lead simply and effectively | |
Red Teams and Counterrorism Training | |
Reverse Deception: Organized Cyber Threat Counter-Exploitation | |
Risk Centric Threat Modeling | |
Rtfm: Red Team Field Manual | |
SELinux Cookbook | |
(!) SELinux System Administration, 2nd Edition | |
Secrets of Analytical Leaders | |
Securing the Clicks: Network Security in the Age of Social Media | |
(!) Security Testing with Kali Nethunter | |
Six Figure Management Method | |
Social Engineering Penetration Testing | |
Social Media Security | |
(!) Splunk: Enterprise Operational Intelligence Delivered | |
(*) The Analyst's Cookbook, Volumes 1 and 2 | |
The Antivirus Hacker's Handbook | |
The Art and Discipline of Strategic Leadership | |
The Art of Software Security Assessment | |
(*) The Applied Critical Thinking Handbook: Formerly the Red Team Handbook | |
(*) The Complete Guide to Shodan | |
(!) The Director's Manual | |
(*) The Hacker Playbook 2 | |
The Human Skills: Elicitation & Interviewing, 2nd Edition | |
The Master Switch: The Rise and Fall of Information Empires | |
The Mobile Application Hacker's Handbook | |
The Tangled Web | |
Unauthorised Access: Physical Penetration Testing For IT Security Teams | |
Violent Python | |
Web Penetration Testing with Kali Linux | |
(!) Windows Stack Exploitation 2 | |
Wireshark Essentials | |
Wireshark for Security Professionals | |
Wireshark Network Security | |
The ones marked with (!) are new and have novel or unique tactics and techniques. The ones marked with (*) are, at least to me, core-essential books on Red Teaming. | |
CG books every red teamer needs to read (in no particular order cept for Phoenix Project - that should be high on the list) | |
The Phoenix Project: A Novel about IT, DevOps, and Helping Your Business Win - Gene Kim (Author), Kevin Behr (Author), George Spafford (Author) | |
Red Team: How to Succeed By Thinking Like the Enemy - Micah Zenko | |
Practical Lock Picking: A Physical Penetration Tester's Training Guide - Deviant Ollam | |
Keys to the Kingdom: Impressioning, Privilege Escalation, Bumping, and Other Key-Based Attacks Against Physical Locks - Deviant Ollam | |
Unauthorised Access: Physical Penetration Testing For IT Security Teams - Wil Allsopp | |
The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws 2nd Edition - Dafydd Stuttard (Author), Marcus Pinto (Author) | |
LAN Switch Security: What Hackers Know About Your Switches - Eric Vyncke, Christopher Paggen | |
Incident Response & Computer Forensics, Third Edition | |
Gray Hat Python: Python Programming for Hackers and Reverse Engineers - Justin Seitz | |
Black Hat Python: Python Programming for Hackers and Pentesters - Justin Seitz | |
Vulnerability Assessment of Physical Protection Systems - Mary Lynn Garcia | |
More stuff here - need to be udpated http://astore.amazon.com/carnal0wnage-20 | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment