Best computer networks security books according to redditors
We found 200 Reddit comments discussing the best computer networks security books. We ranked the 55 resulting products by number of redditors who mentioned them. Here are the top 20.
We found 200 Reddit comments discussing the best computer networks security books. We ranked the 55 resulting products by number of redditors who mentioned them. Here are the top 20.
Here's a short reading list I created yesterday about protecting your privacy:
Darknet: A Beginner's Guide to Staying Anonymous
How to Disappear: Erase Your Digital Footprint, Leave False Trails, And Vanish Without A Trace
Obfuscation: A User's Guide for Privacy and Protest
Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World
Complete Guide to Internet Privacy, Anonymity & Security
Tor and the Dark Art of Anonymity: How to Be Invisible from NSA Spying
I’d recommend this book
How to disappear:
http://www.thesmokingjacket.com/lifestyle/stuff-you-should-know-how-to-disappear
http://www.amazon.com/How-Disappear-Digital-Footprint-without/dp/1599219778
http://www.skeptictank.org/hs/vanish.htm
Good luck.
Buy a book called "how to disappear," Then you may want to contact this guy: http://www.frankahearn.com/ : he will make it close to impossible for someone to track you online.
Then if you and your family move, you will need to move to a different state, and start doing things completely different than what you are doing now. If you're a car sales man, you'll have to find a new profession.
Move to another state and change your name, if you feel your life is in danger, you can contact a lawyer that can help you change your name and seal the records.
Changing a name and Moving states might do the job really, I'm a private investigator and even when I get all of the persons information it is still hard to find them.
If you TRULLY want to disappear, you need to stick to your guns and not say "oh, well I'm going to go back home for the holidays" changing your identity means CHANGING your entire LIFE, and that's why sometimes not even the Witness Protection Program works as intended.
What ever you do, DO NOT buy a firearm if you don't intend to use it. many people get killed with their own weapons.
TL;DR - Change your name, Move, Start a new life
Well, we hit the 10000 limit. Reserving this comment for the misc. section.
FREE TIME/FUN/MISC.
The Art of Deception: Controlling the Human Element of Security
The Art of War
Steal This Computer Book 4.0: What They Won't Tell You about the Internet
How to Disappear: Erase Your Digital Footprint, Leave False Trails, and Vanish without a Trace
The Best of 2600: A Hacker Odyssey
Super Crunchers: Why Thinking-by-Numbers Is the New Way to Be Smart
Casting the Net: From ARPANET to INTERNET and Beyond thanks sjhill
A Quarter Century of UNIX thanks sjhill
A Reading List For the Self-Taught Computer Scientist thanks zinver
How to Talk So Kids Will Listen & Listen So Kids Will Talk thanks segamix
The Black Swan: The Impact of the Highly Improbable thanks AgonistAgent
Snow Crash thanks AgonistAgent
Cryptonomicon thanks Mirple
Also I highly recommend THP2 (pentesting focused) (you can skip THP, its contents are all included and better organized in THP2) and THP3 (red teaming focused). Peter also hosts awesome trainings which I've leveraged into internships and jobs. more info at https://securepla.net/training
Social Engineering: The Art of Human Hacking
All of your security infrastructure is meaningless if I can call Suzy in Accounting and ask her for her password.
TCP/IP Illustrated, Vol. 1: The Protocols
Yes, I know this book is old. This book is the Mutha-Fecking 1969 Camaro 454SS of networking books.
It simply NEVER goes out of style.
Wireshark for Security Professionals: Using Wireshark and the Metasploit Framework
If you don't have a basic understanding of Wireshark and Packet Analysis, you're useless to me.
You don't have to be a wizard. You don't have to look at the Matrix and see Blondes or Red Heads. But you MUST possess a clue.
I have no specific love for this book. Just pick any good looking Wireshark book writen for an InfoSec audience.
DNS and BIND (5th Edition)
The author "Cricket Liu" is THE DNS guy. He literally wrote the book on DNS.
Designing for Cisco Internetwork Solutions Foundation Learning Guide: (3rd Edition)
The Cisco CCDA track will teach you focus on technical requirements, and aligning network functionality to match those requirements. Data Networking is CRITICAL knowledge to InfoSec professionals. But you might find this an easier starting point than CCNA.
Swiggy is wise. Listen to Swiggy.
Also check out the book, “How to Disappear.” Don’t keep it at home. Keep it at a friend’s house.
https://www.amazon.com/How-Disappear-Digital-Footprint-Without/dp/1599219778/ref=mp_s_a_1_2?ie=UTF8&qid=1540691872&sr=8-2&pi=AC_SX236_SY340_QL65&keywords=how+to+disappear&dpPl=1&dpID=51f4Ko3VWyL&ref=plSrch
This book covers rootkit development, not analysis, on Windows 7 and x86/IA32. It's a must read, if you're interested in rootkits.
While not yet released, it looks very promising. Over the years, Microsoft has continually introduced better protections against rootkits and malware in Windows. Among other things, the book will cover how some of the rootkits/bootkits seen in the wild have bypassed protections such as Secure Boot, kernel-mode signing, Patch Guard and Device Guard.
I'd also recommend having a look at the following books:
Also, Windows Internals for both Windows 7 and Windows 10 is a great reference to have laying around.
Incidentally the latest issue of 2600: Hacker Quarterly has an opening article called “Embracing Empowerment”, looks like there’s a push to make the hacking community ‘woke’, you can read the whole article in English here:
https://www.amazon.de/2600-Magazine-Hacker-Quarterly-English-ebook/dp/B07BWDKSNS (Click on the picture of the magazine)
If you're a novice, as most people start out as, then I would recommend the following:
The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy
Hacking For Dummies
Grey Hat Hacking
Hacking Exposed - 5th Edition - May be outdated
Network Security Bible
So now people here may disagree on the books I've suggested, and that's fine, but it definitely depends on what you're trying to learn and/or accomplish. Google is a great place to start as well without spending a fortune on books.
Some great websites:
SANS
Dark Reading
I'm sure you can find plenty more.
And always ask questions, even if you think its a stupid question. Being on Reddit and having the luxury of anonymity, you can ask away without worrying about getting personally ridiculed.
As far as hackerspaces and defcon, they were just a suggestion. If you ever are able to get to a hackerspace though, I highly recommend it.
Archives for this post:
----
Archives for links in comments:
----
I am Mnemosyne 2.1, Ask not what kek can do for you. Ask what you can do for kek. - John F. Kekidy ^^^^/r/botsrights ^^^^Contribute ^^^^message ^^^^me ^^^^suggestions ^^^^at ^^^^any ^^^^time ^^^^Opt ^^^^out ^^^^of ^^^^tracking ^^^^by ^^^^messaging ^^^^me ^^^^"Opt ^^^^Out" ^^^^at ^^^^any ^^^^time
Copy paste from a post I made earlier
Malware RE isn't really all that much voodoo as it seems, you take the executable and break it down into steps.
First check out the PE headers and find what strings you can, characteristics. Figure out if the malware is packed or not.
A quick and dirty way to get an idea of what it does it run it with certain tools on the system and a linux box to intercept all network communications. This is called behavioral analysis.
After that you can load it into a disassembler like IDA Pro and start looking for interesting functions or windows API calls. Things like WriteFile, VirtualAllocEx, ReadFile then figure out that they are doing.
After that you can take it into your debugger (I like OllyDbg) and set some breakpoints at interesting functions to see what the malware is doing in the stack. Like I said, its not voodoo once you look into it further.
Creating the malware is a whole different story and outside my skill set. In fact I hate programming and know only high level programming, basically I can interpret code and what it wants to do. But I have an easier time reading Assembly (lol) than something like C++. But coding malware is just like coding anything else, design it for what you want it to do and get to work. Stuff like Stuxnet had probably at a minimum 10 extremely talented coders behind it.
Here is a great list of learning sources.
Cybrary.it Malware Analysis Course - Free
Opensource Malware Analysis Course - Free
Dr. Fu's Malware Analysis Course - Free
OpenSecurityTraining.info - Free
SANS FOR610 Reverse Engineering and Malware Analysis - Expensive
Practical Malware Analysis
Practical Reverse Engineering
Malware Analyst's Cookbook
For reverse engineering:
For malware analysis and malware techniques
For programming
This should be enough for you to get started.
Specific to Cryptanalysis (in order):
Good intermediate texts on cryptography/cryptology:
Lastly, a really fantastic all around book on network security (including crypto) would be: Network Security 2nd Ed. by Kaufman and Perlman. It is a little old though but still relevant. Also has great analysis of real world protocols such as IPsec (IKE, ISAKMP), Kerberos, SSL/TLS, S/MIME, etc.
Penetration Testing: A Hands-On Introduction to Hacking
https://www.amazon.com/Penetration-Testing-Hands-Introduction-Hacking/dp/1593275641
Offensive Computer Security Spring 2014 Homepage Florida State University
http://www.cs.fsu.edu/~redwood/OffensiveComputerSecurity
Offensive Security Certified Professional
https://www.offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional
The Hacker Playbook 3: Practical Guide To Penetration Testing
https://www.amazon.com/Hacker-Playbook-Practical-Penetration-Testing/dp/1980901759
MIT Course Number 6.858 :Computer Systems Security
https://ocw.mit.edu/courses/electrical-engineering-and-computer-science/6-858-computer-systems-security-fall-2014
More at http://Learn.SharjeelSayed.com
Ok, it doesn't matter why you did it. You did it, and that's what matters. The important thing to remember during all of this is that there's no going back. The best thing you can do to help yourself is just focus on your plan.
Now, what I'm about to tell you is very important: they already now. The NSA. You have, at a maximum, about 48 hours before the FBI kicks down your door and slaps a pair of stone cold cuffs on you.
Your first step is to erase everything: incinerate all your papers, cell phones, hard drives, everything. Anything that could possibly clue them in to where you're heading.
Second step: research. This is a great book to read up on. Obviously you don't have months to put this plan into action, but it'll still give you a good idea of what you're doing.
Now you need to pick a destination. There are two options: either go for the Walter White and hide out in a tiny house in the middle of nowhere for the rest of your life, or the "hiding in plain sight" option and settle down in a nice mansion on a tropical beach somewhere. Due to your extremely likely economic situation I think you'll have to go with Walter White unfortunately. All that's left to consider now is the country: obviously you want a poor, derelict nation, preferably hostile to the United States government - like Canada.
With careful planning, smart movement, and a little luck, you should be able to cross the border a few days. Don't both with credit cards, they'll have your face on INTERPOL within hours. Godspeed, Link_Mau5
Hey /u/Xerack! I'm the original author of the post linked here.
Appreciate the feedback! If you think I could clarify anything better, please let me know.
As far as resources for Reverse Engineering, I can provide you with a baseline that I would recommend starting with.
x86 Assembly:
If you don't know assembly language at all, this list of videos was where I picked up a decent amount of x86 assembly language.
A few good books would be:
Hands On:
Courses:
Tons of courses on youtube. I learn well from visual, so I recommend these youtube videos:
Beyond that, Google will always be your friend, and /r/reverseengineering. I also have a bunch of material for Malware RE, but that's a bit different than Software RE, though it is relatable.
I actually already have a copy of Hacking: The Art of Exploitation. My personal library consists of around 45 books on a range of computing topics from PHP, MySQL, C++, Windows Internals, CCNA, MCSE/MCSA, Unix, Rootkits, AI, Data Structures and the list goes on.
Other relevant titles include Gray Hat Python, Reversing: Secrets of Reverse Engineering and Rootkits: Subverting the Windows Kernel.
I was going to buy the following: Assembly Language Step-by-step, SQL Injection Attacks and Defense and Metasploit: The Penetration Tester's Guide.
I agree that where one starts really depends on what they want to end up doing. "Hacking" is such a general term and SQL-Injections is completely different from finding 0-days. If I'm honest I'm not sure where to start but I'm open to suggestions.
​
If you want to read a real book about hacking...
Final Step: Just disappear. Better than giving the bitch the satisfaction of whinging to her cunt buddies the rest of her life that her "chiiildren are viiictims b/c their Daddddy keeeled himself".
Best revenge is to live life to the fullest in some far-off tax shelter without an extradition treaty with your home country.
I used Ubuntu years ago but what exactly makes it restrictive? You can change the whole desktop environment with simple sudo apt get and config file adjustment. Not to mention variois tools for gnome to do stuff.
I’d definitely start with using Ubuntu variant or Debian and learn some bash and then proceed somewhere. Hacking is pretty retarded term IMO but OP will figure it out eventually.
There is this book for people like this, that is newbies who found the term hacking and are interested. It uses Kali linux but just sandbox it and you’re good to go. At least back in the day wit back track os the tools were actually pretty annoying to find so it’s better to just install kali somewhere
Also check out this book: How to disappear by Frank Ahearn.
There's a pretty good, but brief, tutorial in the first chapter of Gray Hat Python. You can preview it right there on Amazon.
Some thoughts:
I've had people recommend the following books:
Other resources:
Here you go...
https://www.amazon.com/Advanced-Penetration-Testing-Hacking-Networks/dp/1119367689/ref=sr_1_3?keywords=Advanced+Penetration+Testing&qid=1559063887&s=gateway&sr=8-3
​
https://www.amazon.com/Hacker-Playbook-Practical-Penetration-Testing/dp/1980901759/ref=sr_1_4?crid=GHPJ1O3RQ2NI&keywords=advanced+penetrating+testing&qid=1559063962&s=gateway&sprefix=Advanced+Penetration%2Caps%2C140&sr=8-4
Some resources which will indirectly help you for GREM
https://amzn.com/1593272901
https://amzn.com/1118787315
https://amzn.com/1593272898
Reversing: Reversing: Secrets of Reverse Engineering
Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation
Books:
1.amazon.com/Rootkit-Arsenal-Escape-Evasion-Corners/dp/144962636X
2.amazon.com/Art-Memory-Forensics-Detecting-Malware/dp/1118825098
3.nostarch.com/rootkits
Blogs/Forums:
1.0x00sec.org/
2./r/rootkit
3.rootkitanalytics.com/
4.turbochaos.blogspot.co.uk/?m=1
5./r/malware
6./r/reverseengineering
7.r00tkit.me/
Choice of programming language differs among researchers but Python seems to be pretty common. I suggest you get the books Violent Python and Grey Hat Python . The former is more beginner friendly for people new to security. As for getting started with InfoSec maybe try reading the Security+ books?
Short answer: yes. Scripting is helpful in DF, especially if you're in an IR role where you're dealing with data from many different systems. Python is far and away the most common, although plenty of folks use other languages.
You could go the conventional "take a class about it" route: http://classlist.champlain.edu/course/description/number/dfs_510/register/false
Or you could just teach yourself: https://www.amazon.com/Learning-Python-Forensics-Preston-Miller/dp/1783285230
An accessible undergraduate textbook that I have used and enjoy is Introduction to Cryptography with Coding Theory. That being said, I have not looked at many others.
A much more technical (but formally correct) textbook is Introduction to Modern Cryptography by Katz and Lindell.
On a side note, cryptography is a very mathematical field. So take as many math courses as you can. Number theory and algebra in particular.
This pdf has some great info on systems administration
This book was a great read. Violent Python
This book goes very deep into exploit development with python in windows environments Gray Hat python
Same author as above, I have not read yet, but it is on my todo list Black Hat python
Heavily C based, but a great explanation of x86 and low level systems Rootkit Arsenal
The first rule of "learning the basics of hacking" is that you don't ask or talk about "learning the basics of hacking". I learned this the hard way when I was about 12 years old on irc.
And there is really only one shade of hacking, and that is 'gray'. You may become a white hat, or a black hat depending on your motivation. But I personally do not look at anything in absolute contrast. The world is gray, hacking is gray, your mother is gray.
Speaking of 'gray', if I were you I would check out this book
I have not read it myself, only skimmed through it over coffee at barnes&noble. Looks like it covers a very broad spectrum of hacking and seems 'user friendly' enough. Also start reading 2600, and check out securitytube.net
Aside from SANS FOR508 (the course on which the cert is based) the following helped me:
Windows Registry Forensics
Windows Forensic Analysis Toolkit 2nd ed
Windows Forensic Analysis Toolkit 4th ed
The 2nd edition covers XP, the 4th covers 7/8
Digital Forensics with Open Source Tools
File System Forensic Analysis
This is a new book, but I imagine it'll help as well:
The Art of Memory Forensics
I read many of these in preparation for taking mine, but your best resource are the SANS class/books which is what the cert tests after. Having a good index is key.
There may be other classes out there that might help, but I have no firsthand experience with them, so I can't say what I recommend. All the above books, however, are amazing. Very much worth your time and money.
Yes.
Hacking Exposed
Shellcoders Handbook
Reverse Engineering
Malware Analyst's Cookbook
Gray Hat Python
Gray Hat Hacking Second Edition
Writing Security Tools & Exploits
Sockets, Shellcode, Porting and Coding: Reverese Engineering Exploits and Tool Coding for Security Professionals
Professional Penetration Testing
These are definitely some books you could start with. Once you've gone through those, you'll know more then a lot of them out there :)
There's these reddit threads on r/netsec:
http://www.reddit.com/r/netsec/comments/d3hua/how_to_get_started_in_netsec/
http://www.reddit.com/r/netsec/comments/ekyjw/interested_in_learning_about_network_security/
http://www.reddit.com/r/netsec/comments/es4si/what_are_some_good_netsec_books_out_there/
http://www.reddit.com/r/netsec/comments/g6r71/getting_started_in_network_security_a_list_of/
There's also loads of blogs and websites around, if you go hunting or look at some of these netsec threads, you'll find loads more material.
Highly recommended reading on that topic and why you neither need that nor it would be very advisable:
https://www.amazon.de/How-Disappear-Digital-Footprint-Without/dp/1599219778/ref=pd_lpo_sbs_14_img_1?_encoding=UTF8&psc=1&refRID=W1DX4NT8NZZJZXEP5JCY
Reversing: Secrets of Reverse Engineering - Is probably the most common book recommendation. Its an older book (2005) but its about as gentle as it gets in terms of the core concepts but its missing a bit due to its age (32bit RE only). I'd liken it to something like Hacking: The Art of Exploitation for exploit developers. Its a solid book, it covers the fundamentals but it'll take a bit more work to get up to speed.
Practical Reverse Engineering - This one is a newer book (2014) while it doesn't cover as many topics as the above book, its less dated in what it does cover, and it does cast a wider net covering things you'll see today like ARM and x64 instead of just x86. I tend to recommend starting with this book, using Reversing and the next book as a reference if there is a chapter of interest.
Practical Malware Analysis - While this one has more traditional RE introduction, where it excels is in dynamic analysis and dealing with software that doesn't want to be analyzed. Now, its from 2012 and malware has changed since then, so its age certainly shows, but again fundamentals remain even if technical details change or are expanded upon.
Practical Binary Analysis - This is the newest book of the list (December 2018). It wouldn't use it alone, but after you've gone through any of the above books, consider this an add-on. Its focus is on dynamic analysis and its modern. I'll admit I haven't read the entire thing yet, but I've been pleased with what I have read.
Edit: s/.ca/.com/g
> Do they have the right to know where their adult child lives;
If you are a legal adult, they do NOT have that right.
> is it cruel not to tell them (they are still parents & people, and would probably worry);
It is NOT cruel to deny a narcissist and her enabler information that can be used to abuse you.
And keep in mind: their 'worry' wouldn't be for you and your well-being. It would their 'worry' that they no longer have their usual punching bag around, and they would use 'worry' as an excuse for extending their control of you into your adult life.
> and would they realistically/legally have any way of finding it out?
If you don't take certain steps, they could find out, yes.
When you get your own place, you'll want to:
(the reason to remove yourself from mailing lists, by the way, is because the companies that send out those mailers sell customer data to each other all the time, and it helps to ensure that your address doesn't accidentally end up online at WhitePages.com or some such)
If your parents escalate, check out How to Disappear: Erase Your Digital Footprint, Leave False Trails, and Vanish without a Trace. The book is strongly recommended for victims of stalking and harassment. The author was the world's top expert in skip tracing prior to writing this book.
You said you checked the header, but did you check the footer? PNGs have a clear start and end, anything after that is basically ignored and could be used to hide data.
Look for extraneous data after the IEND chuck. This has been used in the past to obscure a malware payload in an otherwise normal looking PNG.
Also, PoC or GTFO is a newish book that addresses this, so whoever gave you the PNG might of read it recently and thought they'd be clever with you.
Penetration testing is a really broad term. If you want the overview i would suggest picking up a book like Gray Hat Hacking.
Metasploit is a fun tool, but learning to use it without understanding the basics will not really lead to anywhere.
Gray hat python is apparently pretty good:
http://www.amazon.com/Gray-Hat-Python-Programming-Engineers/dp/1593271921
(pdf - http://news.asis.io/sites/default/files/Gray-Hat-Python.pdf)
Ok - Here's a list of books I've read in the last few years
As you can tell, I'm big on the technical books, and even exam prep books. This is just a selection, but I think it's a good starter pack to some different fields.
best advice i can give is to start reading anything and everything you can get your hands on related to programming, operating systems, networking, security, etc......
a few books i'm reading/have read/on my list to read and all are excellent starting points:
BackTrack 4: Assuring Security by Penetration Testing (this book was just released and still relevant when using BackTrack5)
Metasploit: The Penetration Tester's Guide
Ninja Hacking: Unconventional Penetration Testing Tactics and Techniques
Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning
Gray Hat Hacking The Ethical Hackers Handbook, 3rd Edition
plenty of links to keep you busy for awhile:
Open Penetration Testing Bookmarks Collection
In case you're talking about reverse engineering, malware analysis etc.:
It would be an... interesting team, since as I understand it reverse engineering x86 is mostly for people creating malware. And the security experts thwarting them, I suppose. Book on Amazon: Practical Reverse Engineering.
If someone was a programmer looking to expand their skillset into IT security, though...
https://smile.amazon.com/Learning-Python-Forensics-Preston-Miller/dp/1783285230
All he needs to run to another country is a plane ticket and this book from Amazon. It's easy really.
Everyone seems to be pretty on point with their responses so I'll just throw some ideas out there that you can look into to maybe find a more exciting vector:
Good luck!
How to Disappear: Erase Your Digital Footprint, Leave False Trails, and Vanish without a Trace
Obvious tip: Don't order it online with your credit card
http://www.amazon.com/Stealing-Network-Complete-Collectors-Chapter/dp/159749299X/ref=sr_1_2?ie=UTF8&qid=1290372515&sr=8-2
EDIT: maybe shop around a bit or hold out - this book was $44.95 new from amazon a year ago.
This is the most comprehensive online guide I've found.
> http://billstclair.com/matrix/
Also good reads..
> How to Be Invisible by JJ Luna
> How to Disappear by Frank M. Ahearn
I have ordered this one. The hacker PlayBook 3
The Hacker Playbook 3: Practical Guide To Penetration Testing https://www.amazon.de/dp/1980901759/ref=cm_sw_r_cp_api_i_bN4OCbJ6W268R
Interesting....Here is Link to amazon pre-order page isc2 cissp reference book.
My question is what’s the difference between this reference book and the 8th edition study guide, what’s better for exam?
Okay so there are a couple of good places to start with malware. The first is Malware Analyst's Cookbook. It is a pretty decent beginner level resource.
From there, Practical Malware Analysis is excellent and goes a lot deeper.
For free resources I've heard good things about Dr. Fu's Malware Analysis Tutorials.
You will need to have a strong understanding of reverse engineering. I like Practical Reverse Engineering or Reverse Engineering for Beginners. The latter is free.
With RE comes assembly. I learned from the free book PC Assembly Language. The RE books should have some info on assembly as well.
You should also know the systems programming API and OS internals for whatever OS you're interested in. This is most likely Windows, so I recommend Windows System Programming and Windows Internals. You can find similar books for Linux and macOS too. Having a good understanding of C and C++ is helpful for this. Also get comfortable using your assembly level debugger on your OS of choice. WinDBG, x64dbg, and OllyDBG are all good on Windows. GDB is pretty much the default on Linux, and LLDB on macOS.
I also highly recommend some scripting language, whether it's Python, Ruby, Powershell or whatever for hacking up your own tools.
Lastly, there is a list on GitHub with a ton of helpful links.
I think that's enough for now.
As far as demand it's hard to say and probably depends a lot on where you're from. It's certainly not like the demand for webdevs but there's also not nearly as many people with the skillset. I'm not a malware analyst myself, I'm more focused on security research and embedded development.
I know those skills are especially high in demand around the Washington, DC area with defense contractors and government agencies. Especially if you can get a security clearance. Most other security firms I know of are always looking for good people with strong reversing and OS internals knowledge.
Let me know if you have any questions and I will try to answer.
Advanced Penetration Testing: Hacking the World's Most Secure Networks https://www.amazon.co.uk/dp/1119367689/ref=cm_sw_r_cp_apa_i_ewpvDbX22PY0G
Great book - actually a very enticing read.
Linux Basics for Hackers
Don't let the name fool you, it covers python scripts in Kali Linux. It's a nice all in one book I recommend to all beginners.
If you're asking this question you already don't have and won't have the right mindset to make this happen. Perhaps read this book, I'm currently in the middle of it.
For people who want to get into network security and have have a moderately good grasp on programming, I nominate Gray Hat Hacking . Each chapter in the book is basically devoted to a certain aspect of hacking (windows exploits, xss attacks, metasploit, etc). It's a good all around introduction to pretty much all the important aspects you need to know.
next, I recommend getting familiar with metasploit as it can save you a lot of time with a lot of different types of attacks. The guys from offensive security have a website , but there is also an ebook available if you want it.
It's important to understand security from both an offensive and defensive side of things.
I've read a lot of these but I'm glad to see not all of them :) Adding to my reading list for sure.
Thanks!
EDIT: forgive me if these are already listed but just in case...
Bug Hunter's Diary - http://www.amazon.com/Bug-Hunters-Diary-Software-Security/dp/1593273851
Gives real hands on real-life experience in a "diary" format and covers some great bugs
Gray Hat Hacking - http://www.amazon.com/Hacking-Ethical-Hackers-Handbook-Edition/dp/0071742557
Despite a bad generic "ethical" title this book goes really in-depth on a lot of subjects (almost to the point of rambling actually) including fuzzing, client-side exploits (mostly browser-based), and much more.
Hacking Windows Exposed - http://www.amazon.com/Hacking-Exposed-Windows-Microsoft-Solutions/dp/007149426X
Another generic title but this book has small good parts scattered throughout, really written more for pentesters it has some very common red team methods but also has a few hidden gems hidden within the various subjects it tries to cover.
Also for anyone looking to get TAOSSA (The Art of Software Security Assessment) it's absolutely huge and WILL split down the middle while reading...it's sitting on my bookshelf right now in its ripped state but I've read it 4 times and still don't feel like all the material has sunken in, if you're going to buy any book at all it should be that one as it will provide countless hours/days/weeks/months of reading.
You should read this book. http://www.amazon.com/Gray-Hat-Python-Programming-Engineers/dp/1593271921
I suppose you could just read Practical Reverse Engineering. The typical methods are explained there for reverse engineers. It's kind of an "arms race", so I doubt any one place will have a full set of up to date info. Also, companies who do this sort of thing will not usually be willing to outline exactly what they do and how they do it. Obviously, disclosing that would only help crackers.
http://www.amazon.com/Practical-Reverse-Engineering-Reversing-Obfuscation/dp/1118787315/ref=sr_1_1?ie=UTF8&qid=1406820088&sr=8-1&keywords=practical+reverse+engineering
If you're looking for practice you can use sysinternals notmyfault but you have to first configure the system to produce a complete memory dump. Another option is memoryze from Fireye (previously Mandiant) though it looks like it hasn't been updated in awhile. I also recommend picking up a copy of The Art of Memory Forensics. That should be enough to get your feet wet.
edit; I forgot to mention Lenny Zeltzer's cheat sheet's as well. While not specifically related to memory forensics there is a sheet covering just about every aspect of infosec from incident response, volatility, reverse engineering, assembly language, analysis report writing, and much much more.
>Examples of projects I have completed: Coded a basic Linux kernel from the ground up for x86 machines, Working on a basic IRC botnet coded in Python, I have experience in Snort rules and have written Python scripts for log parsing. I have used Wire shark for packet sniffing etc, experience in using IDA for disassembling code for CTFs.
Why on earth would you pursue Sec+ and CISSP if you have experience in those things?
Build a Malware Lab, dude. Check out Practical Malware Analysis and The Art of Memory Forensics. With your experience you could probably wreck those over the summer.
If you want an old school, but relevant (more Red Teamer), you could check out Hacking: The Art of Exploitation and The Shellcoder's Handbook.
Practical Malware Analysis
The Art of Memory Forensics
Hacking
Shellcoder's Handbook
Malware Analyst's Cookbook
I believe these following resources will help you,
Learning Penetration Testing with Pyhton [https://www.amazon.com/Learning-Penetration-Testing-Python-Christopher/dp/1785282328]
https://jhalon.github.io/
https://scund00r.com/all/oscp/2018/02/25/passing-oscp.html
https://www.youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA
Super helpful! Thanks for the response. Might be dumb but what does CEH stand for? I'll avoid it as it sounds like I should.
I bought this book and this book I'll do all the excercises in them.
What are the CTF's you mention?
Thanks again though, very helpful.
If you can get this book, it will help you a bunch
https://www.amazon.com/Wireshark-Security-Professionals-Metasploit-Framework/dp/1118918215/ref=mp_s_a_1_4?ie=UTF8&qid=1549574800&sr=8-4&pi=AC_SX236_SY340_QL65&keywords=wireshark+101&dpPl=1&dpID=51kdA1YQ4tL&ref=plSrch
"Grey Hat Python" by Justin Seitz has a lot of really good examples.
https://www.amazon.com/Gray-Hat-Python-Programming-Engineers/dp/1593271921
Grey hat Python
Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation https://www.amazon.com/dp/1118787315 is very good and has a huge ARM part
Yes, abstract algebra will be useful for some parts. So will number theory.
You should definitely have some idea about algorithms and time/space complexity.
An introductory book like Katz - Lindell will be pretty self contained and it will be easy to understand having a math degree.
> and pentesting isn't an entry level job
WRONG. I know lot of companies who posts pentest positions for fresh grads, because there is a big need for these people.
Do download a kali copy and play around with it. Read books I recommend Gray Hat Hacking The Ethical Hackers Handbook
forget CISSP and CCNA (and don't even mention Ethical Hacker Cert) .. go for OSCP!
Don't get me wrong- BackTrack, Kali, Pentoo, etc. are all amazing tools but to recommend this to someone coming from a helpdesk role might be a bit much to grasp.
Learning how to work with the distros and the wide range of tools is great but you have to learn about the theories behind analyzing protecting the infrastructure and software.
OP, you might start with some books (these have helped me a lot in my career in security)-
CompTIA Security+ Study Guide (not a bad book and the cert is easy, provides the basics of IT security)
The Basics of Information Security: Understanding the Fundamentals of InfoSec in Theory and Practice (an easy read)
Gray Hat Hacking The Ethical Hackers Handbook (is an intro to the security world and a lot of info, more in-depth)
IT Security is an awesome field and like most IT is has many separate areas within it to learn.
Check out the links below for more info on training (there are others available these are just ones I've used and SANS has a lot of additional resoures)-
SANS Institute
InfoSec Institute
Some dank af infosec books:
Malware Data Science: https://nostarch.com/malwaredatascience
Real World Bug Hunting: https://nostarch.com/bughunting
Penetration Testing: https://nostarch.com/pentesting
Black Hat Python: https://nostarch.com/blackhatpython
Social Engineering: The art of human hacking https://www.amazon.com/Social-Engineering-Art-Human-Hacking/dp/0470639539
Linux System Security: https://www.amazon.com/Linux-System-Security-Administrators-Source/dp/0130158070
Advanced Penetration Testing: https://www.amazon.com/Advanced-Penetration-Testing-Hacking-Networks/dp/1119367689
There are a ton of different things you can do on the defensive side. The path here is a bit less defined because you can specialize in each of these areas with out ever really touching the other ones. But I think these are the most important skills as a defender, so I’ll break it up into three smaller chunks. For the most part, defender/Blue-team concepts draw from these skills, I’ve setup the courses in order, as some of these skills may feed into other areas.
IR:
Forensics:
Reverse Engineering (Dynamic and Static):
I know there’s not a lot of certs here, and unfortunately, that’s how it is across the blue team. Certs here are usually very vendor-specific, and not applicable to defense as a whole. Those certifications exist, but I’m not listing them here.
If people are interested, I can also do a similar write-up on Mobile Forensics and Cloud Forensics (which is my direct background).
Lastly, here are some of my favorite news sources across the InfoSec community -
News Sources
The Stealing The Network series is pretty good for a slightly geekier crowd.
The Cuckoo's Egg is pretty old, but a fascinating captivating read even today!
Maybe if you look at the Wikipedia page which cites a Red Hat 3 manual about computer security from 12 years ago. I will leave this book in evidence as a modern definition of Gray Hat hacking; it contains a full definition.
http://www.amazon.com/Hacking-Ethical-Hackers-Handbook-Edition/dp/0071742557
https://www.amazon.com/How-Disappear-Digital-Footprint-without/dp/1599219778
Read this book (preferably get it from a public library so that you don’t have an obvious purchase record for it.) It’s written by a former skiptracer and should give you enough of an idea of what it means to disappear along with actual instructions on what to do. It’s also the book that got me interested in the topic of privacy, so there’s that...
Not about inventing a false identity per se, but covers the topic.
http://www.amazon.com/How-Disappear-Digital-Footprint-Without/dp/1599219778/ref=sr_1_1?ie=UTF8&qid=1426552176&sr=8-1&keywords=how+to+disappear
http://en.wikipedia.org/wiki/Skiptrace
edit: something is fucked with linking on this comment.
There's a great book on this called "how to disappear". It's on amazon. http://www.amazon.com/How-Disappear-Digital-Footprint-Without/dp/1599219778
No, this is not me but I know Frank Ahearn. Out of our "Industry", if you will, he is the most vocal about the process and has written several books over the years, including How to Disappear. It is a little old at this point but still a lot of great information along with some really great stories. The Manatee Story is one of my favorites. :-)
Not sure I will ever write a book myself, since I feel the information should be easily obtained by anyone who wants it for nothing. We will see.
I REALLY enjoyed the "Stealing the Network" series. The final books is especially good. It's a collection of realistic hacker stories/scenarios that all revolve around one main plot. The hacking focuses on being accurate while also outlandishly awesome. here's a link to the series on amazon: www.amazon.ca/gp/aw/d/159749299X
I'm on mobile so that's the best I can do for now..
Australian link
It seems the book is the same as https://www.amazon.com/Learning-Penetration-Testing-Python-Christopher/dp/1785282328
So I would highly suggest you get this book! I have it at home and it's really well written and goes over Python 2.7 coding, OWASP, PTES, good read.
Which book is better for very begginers?
https://www.amazon.com/Practical-Malware-Analysis-Hands-Dissecting/dp/1593272901/
or
https://www.amazon.com/Practical-Reverse-Engineering-Reversing-Obfuscation/dp/1118787315
http://www.amazon.com/Practical-Reverse-Engineering-Reversing-Obfuscation/dp/1118787315/ref=sr_1_1?s=books&ie=UTF8&qid=1405264006&sr=1-1&keywords=practical+reverse+engineering
I did a quick search and found 2 books specifically in your current field of interest. Gray Hat Python and Violent Python
I've never read either of them, but they look interesting.
What you're asking for is kind of silly.... Here's a series that's all about real theoretical attacks though. You're not going to find information on how to steal money from a bank, but you can read books from hackers who have done a lot of interesting things, like a group of friends who won nearly a million dollars in Las Vegas by reverse-engineering slot machines in Kevin Mitnick's book.
Generally speaking, "reverse engineering" implies getting an executable (like a .exe file on Windows) and trying to figure out what it does at the level of the source code. Reverse engineering is a long and tedious process that is not as simple as it sounds for several reasons.
The first thing that you have to understand is how a program goes from source code to EXE (since we're going in the opposite direction when we reverse an .exe file). When a program is written in a high level language like C or C++, it can't be run by a computer until it has been compiled, a special process performed by a compiler. Compilers take the source code, and translate it first into a middle language called an intermediate representation that represents the logical structure of the program, and then based on that middle language emit machine code. Machine code (which can be translated into a human readable form called assembly language) is the binary language that the CPU actually uses to do computation - it contains very simple instructions like "move this data to this location in memory" or "add these two numbers together". Most compilers will also make a lot of optimizations in before emitting the machine code - for example, if they see a certain piece of data being accessed and stored unnecessarily, they may move the code responsible for the redundancy to another place in the executable to avoid wasted operations. The compiler will finally output a file called an object file, which contains optimized machine code.
However, this file is generally not executable - it still has to be linked by the linker, (which sometimes automatically runs after the compiler). The linker performs several tasks, like fixing up absolute addressing to ensure that a program can be loaded anywhere in it's address space, as well as providing references to shared libraries. Usually when writing big programs, developers will use already-written code, like the C library or other vendor specific packages, by referencing it in the source code. For example, C source code can use statements like
include <stdio.h>
to indicate that the program includes references to the standard input/output library in the C library, which is used to allow user-provided data and to print data to the screen, among other things. So, it's the linker's job to ensure that these libraries are included in the final executable and that the other object files can reference them correctly. To make matters worse, the linker will build the executable program in whatever file format the operating system uses (PE on Windows, ELF on Linux, and Mach-O on OSX), and these file formats store the program data and code in separate locations. However, the linker handles this cleanly and produces a compiled, optimized, and linked program in the right format, which can then be executed. So that's how it happens normally.
So now, let's do it in reverse. Suppose you have suspicious.exe, a file that you think is malware and you want to find out what it does so that you know whether it's dangerous or not. Suspicious.exe is a compiled and linked executable, and since it was optimized, you don't necessarily have a 1-to-1 correspondence between each machine code instruction and each line of source code (and you don't have the source code anyway). Furthermore, the Intel x86 architecture that most commercial personal computers use in their CPUs uses variable length machine code instructions - some of the instructions will be longer than others, so it is very difficult to look at them in a binary and figure out what is doing what. This is where a disassembler is used - a program that takes a raw binary file and emits human readable assembly language. Because of variable length instructions, some disassemblers even emit the wrong assembly instructions sometimes! However, because the program has to be able to run consistently and reliably when given to the CPU, there is always a way to disassemble it into the correct machine code - it sometimes just takes a few hours (and a headache or two).
Now, you've disassembled the file using a tool like IDA Pro (which can cost hundreds or thousands of dollars, depending on the license), and you have human-readable assembly. So why is it still hard to figure out what the program does? Firstly, any descriptive variable names that a programmer used to make the source code more easy to read are gone because the compiler got rid of them once it generated the intermediate representation - so you don't even know what the various memory references are where data is stored. Secondly, while you can tell where functions begin and end, you can't necessarily tell what they do - they're just blobs of assembly, and sometimes not even that; if the functions were included in a shared library, they'll often be just references to the address in memory where the imported library is placed when the operating system loads the process into its address space (it depends on whether the executable is dynamically or statically linked, but that's a more in depth and tangential discussion). You also don't where important data structures - like strings or pointer tables - are because what the disassembler doesn't recognize as code, it'll just call "data" and leave it at that. Thirdly, most of the data in the program depends on the memory state while it's running, which you can't tell just by looking at the assembly. You need to actually run suspicious.exe.
So you take a look at this mess, ask yourself why you chose this job in the first place instead of being a web developer even though they get paid about the same as you, open another can of Rockstar, and you get to work. Generally, you'll start suspicious.exe in a sandbox environment like a virtual machine using a debugger, which is a special program that will allow you to halt it and examine its memory state, register states, and other activity. As the program executes, you will begin to notice behaviors that resemble C structures - how you actually do this is a huge discussion that people have written entire books about, but suffice it to say for now that it comes with experience. Furthermore, if you use IDA (or keep a notebook), you'll write down lots of notes about the program behavior, and use Microsoft's MSDN pages (or Apple's developer documents or the Linux man pages, depending on what environment your executable runs in). Eventually, whatever it is that you were aiming to find out becomes clear, or you quit out of sheer frustration (but usually and hopefully the former).
Bear in mind that most people don't aim to entirely reverse engineer every bit of machine code in an executable. A lot of it isn't related to what you're trying to discover, and so part of the game is first finding what pieces of code are actually relevant (which you do with a debugger by stopping the program's execution once it starts doing stuff relevant to your reversing purposes), then reversing those little parts of the code.
This is a phenomenal book that I would suggest you read before leaving. If you're going to do it, at least do it right.
My recommendations then for self study:
Read all those and you will be in good shape ;)
EDIT: I hate trying to get reddit to do what I want.
Oh sorry - I thought when you wrote "The author...", it meant you bought a book about Wireshark.
Tell you what - I have extras of my book from the publisher.
PM me your address and I'll mail one out to you. No charge, as long as you promise to work through it and learn as much as you can. :)
A new version of the CISSP CBK is out. I suggest buying that book as well. Lots of updated content.
The Official (ISC)2 Guide to the CISSP CBK Reference https://www.amazon.com/dp/1119423341/ref=cm_sw_r_cp_apa_i_-ezEDbXBTBHFR
If you're interested in technically accurate hacker books you can't beat this series.
The Presentation of Self in Everyday Life
https://en.wikipedia.org/wiki/The_Presentation_of_Self_in_Everyday_Life
How to Disappear: Erase Your Digital Footprint, Leave False Trails, And Vanish Without A Trace
http://www.amazon.com/How-Disappear-Digital-Footprint-Without/dp/1599219778
(edit, books are not for beginners and black hat has better reviews)
There are two books, not sure if they are too advanced and I think both are writen for python 2.7 but they are more or less on the subject, one is called 'Gray Hat Python' and another 'Black Hat Python'
https://www.amazon.com/Gray-Hat-Python-Programming-Engineers/dp/1593271921
https://www.amazon.com/Black-Hat-Python-Programming-Pentesters/dp/1593275900/
You could read reviews of these two books to see if this would be a good starting point. Othervise I would search youtube for keywords like 'python network security' and similar...
So by buying the following :
https://www.amazon.co.uk/Certified-Information-Security-Professional-Official/dp/1119523265/ref=sr_1_1?ie=UTF8&amp;qid=1538646513&amp;sr=8-1&amp;keywords=cissp
You get access to an online Sybex exam tool by registering your books. Directions are provided on the back side of the books.
congrats !
&#x200B;
can you confirm that those are the books you were using:
https://www.amazon.com/Certified-Information-Security-Professional-Official/dp/1119523265/ref=sr_1_1?keywords=sybex+cissp&qid=1557068330&s=gateway&sr=8-1
&#x200B;
https://www.amazon.com/CISSP-Study-Guide-Eric-Conrad/dp/0128024372/ref=sr_1_2?crid=3EHIXX8M9ICO3&keywords=11th+hour+cissp&qid=1557068417&s=gateway&sprefix=11th+ho%2Caps%2C391&sr=8-2
In the highly connected world we live in it's almost impossible to disappear without a trace. There is an excellent book called How to Disappear by Frank Ahearn. From Amazon "How to Disappear is the authoritative and comprehensive guide for people who seek to protect their privacy as well as for anyone who’s ever entertained the fantasy of disappearing—whether actually dropping out of sight or by eliminating the traceable evidence of their existence.
Written by the world’s leading experts on finding people and helping people avoid being found, How to Disappear covers everything from tools for disappearing to discovering and eliminating the nearly invisible tracks and clues we tend to leave wherever we go. Learn the three keys to disappearing, all about your electronic footprints, the dangers and opportunities of social networking sites, and how to disappear from a stalker."
https://www.amazon.com/How-Disappear-Digital-Footprint-Without/dp/1599219778
&#x200B;
I have read the book a number of times and one of the worst ways to disappear is to fake your own death. The other thing is when a person suddenly disappears what happens is there is always someone in that persons circle of friends who becomes completely obsessed with the case. In Gerald Cottons case we have a situation where many highly intelligent people from around the world are on the case and becoming obsessed by it. If this is an exit scam - (which many people including myself believes it probably is)and if Cotton is still alive then it's only a matter of time before he is found and brought to justice.
&#x200B;
Everything about the case is suspicious and it reeks of an exit scam. Apply the duck test: If it looks like a duck, swims like a duck, and quacks like a duck, then it probably is a duck.
I'm not too sure if this is the sort of answer you're looking for because it appears that you are pretty new to all this but...
If you read these books, then you will know everything you need (ranked by reward to required effort ratio):
https://www.amazon.com/Practical-Malware-Analysis-Hands-Dissecting/dp/1593272901
https://www.amazon.com/Practical-Reverse-Engineering-Reversing-Obfuscation/dp/1118787315
https://www.amazon.com/Windows-Internals-Part-architecture-management/dp/0735684189
However, the books might be pretty difficult to understand with how much you currently know.
https://www.amazon.com/Black-Hat-Python-Programming-Pentesters/dp/1593275900/ref=sr_1_2?ie=UTF8&amp;qid=1499051272&amp;sr=8-2
https://www.amazon.com/Learning-Penetration-Testing-Python-Christopher/dp/1785282328/ref=sr_1_1?ie=UTF8&amp;qid=1499051419&amp;sr=8-1
Ah, yes. Those aren't the same. This is the most updated, recent official exam book that includes the practice exams:
https://www.amazon.com/gp/product/1119523265/ref=ppx_yo_dt_b_asin_title_o07_s01?ie=UTF8&amp;psc=1
The book comes with questions as well, but not very good ones in relation to the exam. It also has online flashcards. The practice exam book can be activated online, and all questions are available online. That book has everything that is covered in the test.
The other book I used was this one, but more straight to the point, but doesn't cover every single detail like the Sybex:
https://www.amazon.com/CISSP-Study-Guide-Eric-Conrad/dp/0128024372/ref=sr_1_1?keywords=cissp+study+guide+third+edition&amp;qid=1555615018&amp;s=gateway&amp;sr=8-1
If your background is webdev then obey the testing goat is a good option as well. But none of these books will help with netsec. For that you're better off with something like Learning Pen Testing
No one got my joke.. or it was so bad
https://www.amazon.com/PoC-GTFO-Manul-Laphroaig/dp/1593278802
Oh if you are in the UK try this link instead : https://www.amazon.co.uk/dp/B074THN82S
It should be free as well
You need to know a lot of things to be able to figure that kind of stuff out. Not just low-level programming but details about hardware, tricks the developers used to create the product...
These books might be a good start:
Reversing: Secrets of Reverse Engineering
Gray Hat Python - Since you are familiar with Python right now
An amazing book on the subject:
http://www.amazon.com/How-Disappear-Digital-Footprint-without/dp/1599219778/ref=sr_1_1?ie=UTF8&amp;qid=1342560375&amp;sr=8-1&amp;keywords=how+to+disappear
If you want the quick and dirty I suggest Practical Reverse Engineering:
http://www.amazon.com/Practical-Reverse-Engineering-Reversing-Obfuscation/dp/1118787315
I used this book back when I was learning how to use cheat engine to hack games. It teaches you basic assembly language in 3 major architectures, how to decipher ambiguous machine code, and the relationship between memory and processor. It's really a boon if you're going to dive that deep into computer science. If you can reverse engineer programs in run-time, you can do just about anything.
Hey, if you want to disspaear, maybe life offshore or whatever, you may want to check out this book: Here
Is this the right book? Wanna make sure before picking it up on AudibleEdit: Never mind, looks like its not on Audible. Full title is How to Disappear: Erase Your Digital Footprint, Leave Fake Trails, and Vanish Without a Trace I believe. Apparently it's more around physical security than digital security though.
Three books for you:
Python for Unix and Linux System Administration:
http://www.amazon.com/Python-Unix-Linux-System-Administration/dp/0596515820
Gray Hat Python: Python Programming for Hackers and Reverse Engineers:
http://www.amazon.com/Gray-Hat-Python-Programming-Engineers/dp/1593271921
Foundations of Python Network Programming:
http://www.amazon.com/Foundations-Python-Network-Programming-Goerzen/dp/1590593715
If you aren't going to go the Python route, then you should teach yourself Scheme.
I plan on taking mine in a week, a friend of mine who passed his suggested this book to me.
http://www.amazon.com/Fundamentals-Information-Systems-Security-Assurance/dp/1284031624
The book is "Fundamentals Of Information Systems Security" by David Kim and Michael Solomon. The book also includes a lab manual. http://www.amazon.com/Fundamentals-Information-Systems-Security-Assurance/dp/1284031624/ref=sr_1_fkmr0_1?ie=UTF8&amp;qid=1426633913&amp;sr=8-1-fkmr0&amp;keywords=introduction+to+information+security+kim
Gray Hat Python
http://www.amazon.com/Gray-Hat-Python-Programming-Engineers/dp/1593271921
Grey Hat Python is an interesting book I have on the subject. It is a little complex so I put it off for now but it might be just what you need.
I disagree. I strive to not care about politics as much as possible and I am doing great. I try to live in countries/get paid in countries where there are fewer taxes, I buy duty-free whenever possible, etc. Also, foreign policy doesn't affect people with multiple citizenships as much, so try to get dual citizenship if you don't want to care.
There are some great books on the topic: here, and here (affiliate links).
Here is the mobile version of your link
I would recommend "The Hacker Playbook: Practical Guide To Penetration Testing" and the follow up book. I'm making my way through the second one now. They give you a good sense of the toolkits available, how to use them, and they also give you some good insight into the mindset of a pentester.
You're going to have a real rough go at it;
That said; 508 is largely derived from the following two sources:
Brian Carrier's File System Forensics (This book is actually given out in the course)
&
The Art of Memory Forensics by MHL, Andrew Case, Jamie Levy, and AAron Walters
That'll get you ~75% the way there. But it's a lot of material to cover and retain without a reference source. I don't know if SANS has an official policy on what specifically you can take in with you during the test outside of your personal notes and their material.
Outside of those two books; get very familiar with The Sleuth Kit and timelining.
Honestly; this would be advice for someone taking the course just as much as it would be for someone not taking the course.