Once you start to work in the cybersecurity industry, you are overwhelmed with the vast majority of knowledge needed to get around
I personally try to educate myself every few months with different stuff, either memory forensics, windows forensics, python scripts, and nowadays the trend is AI and machine learning used in just about any tool that is coming to the market
Most of us learn using online resources, youtube, pdf’s, blog posts online courses from udemy, teachable and more, that is the way we purchase knowledge now days
Having said so, I have found that whenever I wish to take a deep dive into a topic, the best way is to grab a best seller book on the topic i am interested in.
Reading a book is much slower than watching a 4-hour ethical hacking course on youtube, yet I have found it to be much more comprehensive and rewarding
Here are my top cybersecurity books.
Feel free to add yours, the following is my thoughts plus a description of the book from amazon
1. Windows internals part 1
Have you ever heard of Shimcache, MFT, shellbags, jumplists?
If you are not in the cyber forensics industry, you probably haven’t heard of it. But if you plan on taking your cyber career to new heights, then you should become familiar with these terms and understand the internals of windows operating systems. you can do it, by taking one of the SANS institute courses or webinars ( they are the best ) but you can also get this book
One of the best books when you get into cyber forensics, this is a classic guide that has been fully updated for Windows 10 and Windows Server 2016. can’t recommend enough
This book will help you to:
· Understand the Window system architecture and its most important entities, such as processes and threads
· Examine how processes manage resources and threads scheduled for execution inside processes
· Observe how Windows manages virtual and physical memory
· Dig into the Windows I/O system and see how device drivers work and integrate with the rest of the system
· Go inside the Windows security model to see how it manages access, auditing, and authorization, and learn about the new mechanisms in Windows 10 and Server 2016
2. Memory forensics
modern malware doesn’t just sit as a file in your hard drive, it is being injected as a DLL or service in your memory. memory forensics is becoming more relevant to modern cybersecurity detect and response
Reading this book you will learn :
- How volatile memory analysis improves digital investigations
- Proper investigative steps for detecting stealth malware and advanced threats
- How to use free, open-source tools for conducting thorough memory forensics
- Ways to acquire memory from suspect systems in a forensically sound manner
3. Malware Analysis
Get an intro to malware, classic and modern, understand their structure and the new form of malware that has gained new tricks to hide against any anti-virus and Endpoint detect and response solutions
With this book, you will learn
- Create a safe and isolated lab environment for malware analysis
- Extract the metadata associated with malware
- Determine malware’s interaction with the system
- Perform code analysis using IDA Pro and x64dbg
- Reverse-engineer various malware functionalities
- Reverse engineer and decode common encoding/encryption algorithms
- Perform different code injection and hooking techniques
- Investigate and hunt malware using memory forensics
4. The art of invisibility
This is probably one of the best books I read recently
Kevin Mitnick, the world’s most famous hacker, teaches you easy cloaking and countermeasures for citizens and consumers in the age of Big Brother and Big Data.
Like it or not, your every move is being watched and analyzed. Consumers’ identities are being stolen, and a person’s every step is being tracked and stored. What once might have been dismissed as paranoia is now a hard truth, and privacy is a luxury few can afford or understand.
5. Cryptography and network security
I love cryptography, classic ( Playfair, caesar cipher) and modern ( symmetric and asymmetric ) and the truth is, that cryptography is everywhere, it is part of the CIA model that speaks of confidentiality, integrity, and availability, it is part of any secure connection either SSL VPN and IPsec, it is part of our every day digital life
6. Attacking network protocols
One of the things that I teach my students, almost all the time is to understand protocols, their behavior, how sessions are created, the underlying of every network behavior
A deep dive into network protocol security from James Forshaw, one of the world’s leading bug hunters. This comprehensive guide looks at networking from an attacker’s perspective to help you discover, exploit, and ultimately protect vulnerabilities.
7. Machine learning and security
One of the trends in cybersecurity, and for good reasons, once you add up machine learning to your cyber analytics or prevention tools, you will recognize and analyze threats faster and more accurate
Can machine learning techniques solve our computer security problems and finally put an end to the cat-and-mouse game between attackers and defenders? Or is this hope merely hype? Now you can dive into the science and answer this question for yourself. With this practical guide, you’ll explore ways to apply machine learning to security issues such as intrusion detection, malware classification, and network analysis.
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
My Own Contribution — Book Of secrets
If you are interested in cryptography for beginners, I recommend my very own “ Book of secrets — cryptography handbook for beginners”
For beginners and Intermediate Users