Top Hacking Books for 2024 (plus Resources): FREE and Paid
Ғылым және технология
Get Proton Mail for FREE: davidbombal.wiki/protonmail2
Big thanks to Proton for Sponsoring the video!
This is an amazing collection of books and resources - both free and paid. Big thanks to Jason Haddix for sharing his knowledge to help us learn in 2024!
// Books and Resources //
Web application hacker's handbook: amzn.to/48sUNYb
Web security academy, Port Swigger: portswigger.net/web-security
OWASP Web Security Testing Guide: owasp.org/www-project-web-sec...
Web Security Testing Guide Ellie Saad and Rick Mitchell v4.2: owasp.org/www-project-web-sec...
Real world bug hunting: amzn.to/3TK1mSd
Bug Bounty Bootcamp: amzn.to/41DW38B
Red Team Field Manual: amzn.to/48ul0pl
Red Team Development and Operations: A practical guide: amzn.to/3vez1Jl
Operator Handbook: Red Team + OSINT + Blue Team Reference: amzn.to/3vemAgC
Tribe of Hackers Red Team: amzn.to/47ef8zv
The Pentester Blueprint: amzn.to/3tvA8E6
OSINT Techniques: Resources for uncovering online information: amzn.to/3S6xw9j
Evading EDR: amzn.to/3toESeL
Attacking Network Protocols: amzn.to/3TEFvv7
Black Hat GraphQL: amzn.to/47gHl8C
Hacking API’s: amzn.to/3TzS0Z5
APISEC University: www.apisecuniversity.com/
Black Hat Go: amzn.to/3RXV13W
Black Hat Python: amzn.to/3NHFnHo
Black Hat Bash: nostarch.com/black-hat-bash
Zseano’s methodology: www.bugbountyhunter.com/metho...
Breaking into information security: amzn.to/3TI4n5h
Expanding your security horizons: amzn.to/3GU07Iq
Wiki Book Pentest living document: github.com/nixawk/pentest-wik...
HackTRICKS: book.hacktricks.xyz/welcome/r...
Fuzzing lists: github.com/secfigo/Awesome-Fu...
Sec Lists: github.com/danielmiessler/Sec...
Payloads all the things: github.com/swisskyrepo/Payloa...
Pentester Lab: pentesterlab.com/
Try Hack Me: Red Team Fundamentals: tryhackme.com/module/red-team...
HTB Academy: academy.hackthebox.com/
Hacktivity: hackerone.com/hacktivity/over...
Vulnerable U: vulnu.mattjay.com/
Grzegorz Niedziela: members.bugbountyexplained.co...
Or / bugbountyreportsexplained
Sharing what matters in security: securib.ee/newsletter/
Intigriti: www.intigriti.com/
tl;dr sec: tldrsec.com/
Unsupervised learning: danielmiessler.com/subscribe
Pentest Book: pentestbook.six2dez.com/
Bugcrowd: bugcrowd.com/crowdstream
Trickest: trickest.com/
// Jason Haddix SOCIAL //
KZread: / jhaddix
LinkedIn: / jhaddix
Twitter: / jhaddix
Github: github.com/jhaddix
Boddobot: buddobot.com/
The Bug Hunters Methodology Live: tbhmlive.com/56
// David's SOCIAL //
Discord: / discord
X / Twitter: / davidbombal
Instagram: / davidbombal
LinkedIn: / davidbombal
Facebook: / davidbombal.co
TikTok: / davidbombal
KZread: / @davidbombal
// MY STUFF //
www.amazon.com/shop/davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
// MENU //
00:00 - Introduction
04:11 - The Web Application Hacker's Handbook
07:16 - PortSwigger Web Security Academy
08:57 - OWASP Testing Guide
12:18 - Real-World Bug Hunting
13:35 - Bug Bounty Bootcamp
14:25 - Red Team Field Manual
16:09 - Red Team Development and Operations
17:24 - Operator Handbook
18:15 - Tribe of Hackers: Red Team
19:14 - The Pentester Blueprint
20:10 - OSINT Techniques
21:32 - Evading EDR
22:28 - Black Hat GraphQL
24:00 - Hacking APIs
26:17 - Black Hat Go
26:39 - Black Hat Python
27:41 - Black Hat Bash
29:04 - zseano's methodology
30:59 - Breaking Into Information Security
32:22 - Jason's Pentester Story
34:32 - Pentest Book
35:36 - HackTricks
36:48 - SecLists
37:23 - SecLists Origin Story
40:27 - Payload All The Things
41:43 - Unsupervised Learning
42:27 - tl;dr sec
43:21 - Bug Bytes Newsletter
44:10 - InsiderPhD
44:21 - High Five Newsletter
44:37 - Grzegorz Niedziela
45:26 - Vulnerable U
47:24 - Hacktivity
50:23 - HTB Academy & Try Hack Me
51:44 - PentesterLab
52:30 - The Bug Hunters Methodology Live
56:01 - Where to Start
58:11 - Attacking Network Protocols
hacking books
hack
python
linux
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
#hacking #hack #cybersecurity
Пікірлер: 190
Get Proton Mail for FREE: davidbombal.wiki/protonmail2 Big thanks to Proton for Sponsoring the video! This is an amazing collection of books and resources - both free and paid. Big thanks to Jason Haddix for sharing his knowledge to help us learn in 2024! // Books and Resources // Web application hacker's handbook: amzn.to/48sUNYb Web security academy, Port Swigger: portswigger.net/web-security OWASP Web Security Testing Guide: owasp.org/www-project-web-security-testing-guide/ Web Security Testing Guide Ellie Saad and Rick Mitchell v4.2: owasp.org/www-project-web-security-testing-guide/v42/ Real world bug hunting: amzn.to/3TK1mSd Bug Bounty Bootcamp: amzn.to/41DW38B Red Team Field Manual: amzn.to/48ul0pl Red Team Development and Operations: A practical guide: amzn.to/3vez1Jl Operator Handbook: Red Team + OSINT + Blue Team Reference: amzn.to/3vemAgC Tribe of Hackers Red Team: amzn.to/47ef8zv The Pentester Blueprint: amzn.to/3tvA8E6 OSINT Techniques: Resources for uncovering online information: amzn.to/3S6xw9j Evading EDR: amzn.to/3toESeL Attacking Network Protocols: amzn.to/3TEFvv7 Black Hat GraphQL: amzn.to/47gHl8C Hacking API’s: amzn.to/3TzS0Z5 APISEC University: www.apisecuniversity.com/ Black Hat Go: amzn.to/3RXV13W Black Hat Python: amzn.to/3NHFnHo Black Hat Bash: nostarch.com/black-hat-bash Zseano’s methodology: www.bugbountyhunter.com/methodology/zseanos-methodology.pdf Breaking into information security: amzn.to/3TI4n5h Expanding your security horizons: amzn.to/3GU07Iq Wiki Book Pentest living document: github.com/nixawk/pentest-wiki/blob/master/Books/README.md HackTRICKS: book.hacktricks.xyz/welcome/readme Fuzzing lists: github.com/secfigo/Awesome-Fuzzing Sec Lists: github.com/danielmiessler/SecLists Payloads all the things: github.com/swisskyrepo/PayloadsAllTheThings Pentester Lab: pentesterlab.com/ Try Hack Me: Red Team Fundamentals: tryhackme.com/module/red-team-fundamentals HTB Academy: academy.hackthebox.com/ Hacktivity: hackerone.com/hacktivity/overview Vulnerable U: vulnu.mattjay.com/ Grzegorz Niedziela: members.bugbountyexplained.com/premium/ Or kzread.info Sharing what matters in security: securib.ee/newsletter/ Intigriti: www.intigriti.com/ tl;dr sec: tldrsec.com/ Unsupervised learning: danielmiessler.com/subscribe Pentest Book: pentestbook.six2dez.com/ Bugcrowd: bugcrowd.com/crowdstream Trickest: trickest.com/ // Jason Haddix SOCIAL // KZread: kzread.info LinkedIn: www.linkedin.com/in/jhaddix Twitter: twitter.com/Jhaddix Github: github.com/jhaddix Boddobot: buddobot.com/ The Bug Hunters Methodology Live: tbhmlive.com/56 // David's SOCIAL // Discord: discord.com/invite/usKSyzb X / Twitter: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal KZread: www.youtube.com/@davidbombal // MY STUFF // www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 00:00 - Introduction 04:11 - The Web Application Hacker's Handbook 07:16 - PortSwigger Web Security Academy 08:57 - OWASP Testing Guide 12:18 - Real-World Bug Hunting 13:35 - Bug Bounty Bootcamp 14:25 - Red Team Field Manual 16:09 - Red Team Development and Operations 17:24 - Operator Handbook 18:15 - Tribe of Hackers: Red Team 19:14 - The Pentester Blueprint 20:10 - OSINT Techniques 21:32 - Evading EDR 22:28 - Black Hat GraphQL 24:00 - Hacking APIs 26:17 - Black Hat Go 26:39 - Black Hat Python 27:41 - Black Hat Bash 29:04 - zseano's methodology 30:59 - Breaking Into Information Security 32:22 - Jason's Pentester Story 34:32 - Pentest Book 35:36 - HackTricks 36:48 - SecLists 37:23 - SecLists Origin Story 40:27 - Payload All The Things 41:43 - Unsupervised Learning 42:27 - tl;dr sec 43:21 - Bug Bytes Newsletter 44:10 - InsiderPhD 44:21 - High Five Newsletter 44:37 - Grzegorz Niedziela 45:26 - Vulnerable U 47:24 - Hacktivity 50:23 - HTB Academy & Try Hack Me 51:44 - PentesterLab 52:30 - The Bug Hunters Methodology Live 56:01 - Where to Start 58:11 - Attacking Network Protocols hacking books hack hacker hacking python python hacking black hat python gray hat hacking linux linux for hackers bug bounty nsa nsa hacker nsa hacking ethical hacking ceh oscp ine try hack me hack the box hacking ethical hacker oscp certification ctf for beginners Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
@ANTINIE-0283
4 ай бұрын
Hey David can you plz tell me where to get started I want to be pro hacker of phones can you plz tell me
@Ziggy_Scambuster
4 ай бұрын
Dear David, is Port Swigger suitable for noobs? I’ve very basic security knowledge for windows and looking 👀 where to start in cyber security. Appreciate your answer. Cheers from Germany.
@gergemall
4 ай бұрын
Thank you Jason ! ❤
@ArjunRam-so7cr
4 ай бұрын
Hey should i give a shot on ccna exam in 2024 or should i wait until the new version comes out
@felixmoshami17
3 ай бұрын
¹1😊😊😊😊😊
David bombal is the best channel I found in 2023 ❤
@davidbombal
4 ай бұрын
Thank you! Very happy to hear that :)
@gergemall
4 ай бұрын
Hands down . He is honest with integrity and really cares about his fellow humans ❤.
@gergemall
4 ай бұрын
lol
@robotron1236
4 ай бұрын
Straight up the best IT and cybersecurity channel on KZread. Hands down…
@d4nm4c
4 ай бұрын
Agreed! So glad I found this channel. Participated in a few CTFs now and am on the road to doing big bounties part time. Thanks for the inspiration David!
Undoubtedly one of the finest interviews and resources, well done as always!
Thanks a lot David. I'm 15 and I have been into tech, programming and hacking since I was 12. Your videos have helped me with my learning so thank you for helping the community with your content.
I am a complete newbie in this space. Thank you David. I have some catching up to do.
Thanks to both of you This channel and you gentlemen are amazing!
Who needs cable tv when you can get content like this? Thanks a lot Dave, keep up the great work.
Thanks.just downloaded web application hand book .will go through it .
Great list of resources. Thanks David!
Have a great year ahead sir 👏🏾🎊 got so much information
Thank you so much for Jason and David, this is absolutely a very fruitful videos for us. Your fan from Malaysia
Loving the content so far David! I'd love it if yourself or even with Occupy With the Web if you could look into and explore Responder attacks. Again thanks for the content👍
0:33 so sorry to occupy the web but this man is by far my favorite guest of David's! Just listen to this man talk, he actually goes so far in depth in subjects I've been searching for over a decade for and tells me precisely what I need to find them what I need to succeed them when I need to become a civil engineer and my worth work ethic literally knows no bounds when it comes anything I want to learn and become an absolute savant so I have no problem I just like to say thank you so much for both of you gentlemen sharing your knowledge
Thank you David for the effort you put into these videos just for us and our benefit. It means the world to us.😊😊❤❤❤
@davidbombal
4 ай бұрын
You're welcome! Thank you for supporting me!
David and Jason, you are both legends. Thank you so much for this informative & amazing show
Thank you both for this wonderful information, I really enjoyed this
Thank you David for all you do sir for the community!
Thanks for another informative video, David. The RTFM sounds interesting, I'm going to have to give it a read.
I’m glad he mentioned the one guy who hated career pentesting, so many people think working in cyber means not working with people and I keep explaining 1. We are a support function 2 . If you want to “make the money” and have manageable hours you are going to pivot into more non technical roles , but yes you still need the knowledge and experience … the money is actually working with people
@omegadroidzero
12 күн бұрын
100%. I have found the most important things have been knowing how to communicate with people and being likable.
David Bombalbee hit the nail again. This is the video I was waiting for. Thank you.
WOW, this video is amazing. We appreciate you guys, Steve and Jason.
THANKS A LOT FOR THIS, I'M STARTING MY JOURNEY FROM THIS YEAR
Thank you, David and Jason!
🙏Thank you, David and Jason. Very helpful.
Great video! Thank you for all the info!
Two amazing people talking about hacking!!! Once someone told me try to learn from the best, so here i am , learning from the best people!!! Thank you both!!!
I appreciate what you do for your subscribers Sir.🙂🤞👍
@davidbombal
4 ай бұрын
Thank you! And you're welcome!
This is a goldmine, thanks a lot, David!
no idea when to read the WSTG - but a useful information source indeed. thx!
Jason did an amazing video w microsoft. Very helpful.
David, your channel is a treasure I'm so glad I've come across
The best channel I would recommend for anyone getting into security, love your work. keep up the good work! ❤
I love the ground up approach you're taking for 2024 considering the constantly changing climate of this field. Appreciate all your efforts. p.s. Glad to see those suppressed networker yawns at a hacker making the edit :D
I would recommend "Bob and Alice Learn Application Security" too.
Amazing information, thank you!
David is single handedly responsible to education of tens if not hundreds of thousands of people
Good to learn something new everyday through your shots❤
@davidbombal
4 ай бұрын
Glad to hear that! Lots more coming!
thanks for sharing the resource
👏 👏👏👏👏 your videos are right on the money David thank you
Learning a lot from you, Mr Bombal 🙏.
David you are just so phenomenal. Your channel has taught me about hacking and cybersecurity in general more than any other. Thank you for everything you do.
Great video guys. Wish I found it earlier before it was too late for me.
You're mindset is superior and inspiration, thank you 😐😌
Hope We Would Have an Interview With Michael Bazzell on the Channel Soon , Thanks David for the efforts on the channel
Hi David this is so awesome work thank's
love your word David, proud South African here
@davidbombal
4 ай бұрын
Thank you Thobani! I really appreciate you and all my supporters from South Africa!
I appreciate you ❤ Thanks so much ❤ To start all this project as I 2 laptop and server are needed
@davidbombal
4 ай бұрын
You are so welcome! Thank you!
@Abduselam.m
4 ай бұрын
Home lap is needed for this project
Thank you for this information
Hey David,I was just wondering if you would be able to bring us Chris Hadnagy on the show ,I would simply LOVE to see you colab with him and talk about social engineering a little bit ,I always feel like it's always talked about least and yet I personally feel like SE is the most important thing in Red teaming/pentesting,I'd love to see you interview him and share some insight on SE in the future ! As always great content ,I just can't miss a video ,thank you !
Thank you for the various books as the hour was beneficial. Any chance that you can get someone from a Blue Team books Practioner as already downloaded and noted the books to purchase as started on the Andy Gill book, but if you could get a list of blue defence books would be much appreciated as thank you both as well worth listening to and getting the books.
"Real World Bug Hunting " by Peter Yaworski is really good i've read it -- thanks for the other resources
Great stuff as always❤❤
Very excited about Black Hat Bash book!
So much good content. Thanks David.
@davidbombal
4 ай бұрын
Thank you! I hope you learn a lot!
I really appreciate what you do 😊. If I may ask 🙏. Can you please do some videos for digital forensics 🙂😊 please 🥺
awesome and great content .. bravo
Love from India ❤️🇮🇳
@animashaunroselynawa9229
4 ай бұрын
Anish ow are you brother
@davidbombal
4 ай бұрын
Welcome Anish and all my viewers from India! I appreciate you!
@anishbhadouria3186
4 ай бұрын
@@davidbombal thank you David sir
Super helpful video.. We have a lot to do
Thank you very helpfull
Absolutely loved the video🤩🤩🤩! The content was amazing. Could you please tell me the name of the product mentioned at 49:28 ? Thanks!
I gotta lot of reading to do!
I thank you Professor David ❤. Love to learn.#David . I so appreciate you and your mission to educate others and help people grow l thank you.
Great and Worth watching podcast
Using the Web App book, how do you practice the content for out of date material?
Hey should i give a shot on ccna exam in 2024 or should i wait until the new version comes out
Hei David i am from India(kerala you should come visit here great place 😄), i love your videos they are perfect . I am gonna attend the C EH in a few days i am preparing for it. Thanks again for providing us such quality content. You can't even imagine how much I respect you. Thank you sir❤... thanks for your efforts.🙂
@davidbombal
4 ай бұрын
Thank you Nivedh! I really appreciate you and all my supporters from India! Hopefully I'll be able to visit one day :) All the best for your CEH!
@N1v3dh
4 ай бұрын
@@davidbombal ❤
once again thank you ❤
Keep going ur a legend David
Fantastic video!!! Free resource is the heaven for my bugget! It would be great if you could also create a video on how hacking victims should respond! Thank you Jason and David!!!
Thanks for the shout @jhaddix! Appreciate you. +1 to all the resources Jason mentioned as well.
Great resources here!
hello sir, i want to make a career in clod computing specifically as solutions architect role do i need to have a networking knowledge to become solutions architect associate if yes the which networking certification should i go for and on which topics i should focus more??
another amazing video from bombal and friends.
Jason's mind is a treasure trove!
Hello David, love you man❤ I am a new learner. at this time this video is very important for me. maybe it can change my life.
@davidbombal
4 ай бұрын
I hope that the video really helps you!
DAVID! Has anyone told you that you are the freakin man?! Cause you are the freakin man!!!
thanks david for sharing to us useful content will you please recommend me the best place to learn python programming with realword projects for free for me i dont like books i like tutorials
My question is what pre-requisites or how much code or computer knowledge is necessary to even start to embark on this journey and work thru these resources?
I would love to learn how to do this from you
What is the best book for defense and SOC?
Amazing Video ❤
hey david can you make a video on ccna 2024
Thank you,David
@davidbombal
4 ай бұрын
You're welcome!
Ohh this guy is a legend
There is no link to Gwendal's sick dot tools!!!
TO learn CS or hacking do i have to understand API ,stuff which is taught in Computer science
EC concile ceh book is really good.
GREAT INFORMATION!🧠👀👂😃👍
Hello david sir.
David, I feel like rate limiting you with this amount of content lol .. amazing work! p.s love Jason..what an outstanding guest! Final thought: THM has the worst customer service I've ever come across. HTB is a million times better.
@davidbombal
4 ай бұрын
lol... I'm going to slow it down a bit I think :) But, got to start the new year with a big bang!
@camelotenglishtuition6394
4 ай бұрын
@davidbombal love the content regardless .. I actually bought Corey's api book after seeing your interview.. then did his course.. then did the vapi ctfs..joined intigriti and got 2 bugs in 2 months.. also just got a bug on fb ..going to smash 2024
Great stuff again
@davidbombal
4 ай бұрын
Glad you enjoyed it
hello i have a problem with kali llinux wifi adapter it says its no wireless extensions but it worked once can you help me fix this problem
My question David, To what extent can we trust end-to-end products?
@davidbombal
4 ай бұрын
If you are referring to Proton mail, their software is open source.
Great!
great video
Hi David I want to be hacker how long does it take from me to be able doing hacking operations
Im wondering you havent mentioned "Hack the planet" books
Tutti questi libri li trovo in italiano?
Evading EDR is very good at the moment, but the detection system may evolve, the best EDR evasion is... To find the ways not to have one active on the target system, and this is not that complicated in red teaming. Hopefully, there is still a lot not covered on all these resources. Very good choice, but require medium to advanced skills in my opinion. Anyway you need to get your hands onto it quickly, hacking in 2024 is not the same as it was in 2004 and require a lot of various skillset.
Hey. Is it possible to enter ethical hacking without laptop