首页 > 代码库 > (翻译)网络安全书籍推荐列表

(翻译)网络安全书籍推荐列表

看到作者列出的书籍列表,对于信息安全的初学者来说,能很好的选择教材,鉴于只有英文版,我尝试翻译成中文以供参考,初次翻译,翻译的不好请见谅。

原文链接:http://dfir.org/?q=node/8/

注:对于所有的书籍链接,我都会寻找中文版重新链接,如无中文版,则按原文链接英文版。并且所有书籍名称保留英文名称

  这是一个我建立的一个有关计算机安全的书籍列表,它们都是很有用的“计算机安全”这个主题的相关数据。包括:数字取证、 事件响应, 恶意软件分析和逆向工程。书籍的范围从入门教材到高级的研究课题都有。有一些书可能看起来过时了,但是其中包含的信息对现在来学习的人们依然非常有用, 并且要想在信息安全领域成为一个专家,其中有许多知识点是必不可少的。

  请注意,为了避免造成给书籍排名的印象,每个类别的都是按照字母表的顺序排列,类别中的书也是按照字母表的顺序排列的(译者注:顺序是按书籍英文名称排序)。

  如果你发现了这个列表中的错误或者你认为某本书也应该加到这个列表里的话,请联系我。我仅列出了那些我个人阅读过,并且自愿为之担保的书籍。

应用安全 - 本地应用

标题注解技术等级

The Art of Software Security Assessment

软件安全评估的艺术

源码审计的圣经级读物中高级。需要能阅读C/C++代码 

Secure Coding in C and C++

c和c++安全编码

写牢固的底层代码最好的书籍

对于所有能阅读C/C++的人都很容易


应用安全 - web应用

标题注释技术等级

The Browser Hacker‘s Handbook

浏览器黑客手册

有许多详细的web安全主题

从基础进阶到高级主题

The Database Hacker‘s Handbook

数据库黑客大曝光

有关于数据库攻击的最详细的书

从基础进阶到高级主题
The Tangled WebA detailed look at the foundations of web protocols followed by a thorough examination of their weakness. Highly, highly recommendedAccessible to all. The beginning chapters cover background needed for later advanced topics
The Web Application Hacker‘s HandbookCovers a wide range of web security issuesIntermediate


Cryptography

TitleCommentsTechnical Level
Applied CryptographyThe standard for learning cryptographyRanges from background and introduction to deep algorithms and security considerations
Introduction to Modern CryptographyA well-done, formal look at cryptography. Used in many graduate level computer science programsAdvanced - full understanding requires deep mathematical knowledge


Database Forensics

TitleCommentsTechnical Level
Microsoft SQL Server InternalsExamination of MSSQL akin to the OS-level examination of Windows InternalsIntermediate - learn database basics before reading
SQL Server Forensic AnalysisA deep look at forensic analysis of MSSQL SystemsIntermediate - learn database basics before reading


Digital Forensics and Incident Response

TitleCommentsTechnical Level
File System Forensic AnalysisThe definitive resource for file system forensicsIntermediate-Advanced
Forensic DiscoveryA foundational text of computer forensics by two of the earliest pioneersIntermediate
Real Digital ForensicsA concise introduction to forensic processesBeginner-Intermediate
Windows Forensic Analysis, Second EditionThis book, along with the 4th edition, are the best books available for Windows disk forensicsRanges from basic concepts to advanced analysis
Windows Forensic Analysis, Fourth EditionThis book, along with the 2nd edition, are the best books available for Windows disk forensicsRanges from basic concepts to advanced analysis


Exploitation / Penetration Testing

TitleCommentsTechnical Level
A Guide to Kernel ExploitationAdvanced exploitation of a range of operating systemsAdvanced
Android Hacker‘s HandbookA deep dive into exploitation of Android systemsIntermediate
Hacking: The Art of Exploitation, 1st EditionA foundational work of low-level exploitationIntermediate
iOS Hacker‘s HandbookA deep dive into exploitation of iOS devicesIntermediate-Advanced
The Mac Hacker‘s HandbookA deep dive into exploitation of Mac systemsIntermediate-Advanced
Rtfm: Red Team Field ManualA concise, well written guide that should be in every penetration tester‘s travel bagAccessible to all people with a pen test background
The Shellcoder‘s HandbookCrafting shellcode and exploitsIntermediate-Advanced


Linux Usage

TitleCommentsTechnical Level
Linux in a NutshellThe best text to learn how to use LinuxBeginner-Intermediate
Running LinuxAnother great text from which to learn LinuxBeginner-Intermediate


Malware Development and Analysis
Note: Many of these books contain information related to Reverse Engineering

TitleCommentsTechnical Level
The Art of Computer Virus Research and DefenseA deep look at many facets of malware analysisIntermediate
Malware Analyst‘s CookbookA "recipe" approach to many topics in malware analysisIntermediate-Advanced
Malware ForensicsA well done introduction to malware analysisBeginner
Practical Malware AnalysisA very approachable book to many topics in malware analysisIntermediate
Rootkits: Subverting the Windows KernelA study of many rootkit techniques still in use todayIntermediate-Advanced
The Rootkit ArsenalAn 800 page epic of rootkit development and analysisIntermediate-Advanced


Memory Forensics

TitleCommentsTechnical Level
The Art of Memory ForensicsA 900 page exploration of memory forensics across the major operating systems. NOTE: I am a co-author of this bookRanges from introductory material to advanced analysis
What Makes It Page?A deep look into the Windows memory managerIntermediate


Network Forensics

TitleCommentsTechnical Level
The Practice of Network Security MonitoringBeyond just packet analysis to how to integrate network forensics into a real world environmentIntermediate
Practical Packet AnalysisAn excellent resource for learning to identify and analyze network trafficBeginner-Intermediate
Wireshark (R) 101A deep exploration of WiresharkBeginner-Intermediate


Networking

TitleCommentsTechnical Level/th>
CCNA Cisco Certified Network Associate Study GuideA primer on real world networking and networksIntermediate
CompTIA Network+ All-In-One Exam GuideAn essential book for those looking to learn networkingBeginner
TCP/IP IllustratedThe Bible of networking protocols. A must readIntermediate


Operating Systems Internals - General

TitleCommentsTechnical Level
Intel Architecture ManualsVery well done documentation on the hardware architecture. Free to downloadIntermediate-Advanced
Modern Operating SystemsThe classic dinosaur book from TanenbaumIntermediate-Advanced


Operating Systems Internals - Linux

TitleCommentsTechnical Level
Linux Device Drivers, 3rd EditionBest resource to learn Linux‘s driver architectureIntermediate-Advanced
Linux Kernel Development, 3rd EditionRob Love on programming in the Linux kernelIntermediate-Advanced
The Linux Programming InterfaceExcellent book on programming the Linux environmentIntermediate-Advanced
Understanding the Linux Kernel, Third EditionThe equivalent of Windows Internals for LinuxIntermediate-Advanced


Operating Systems Internals - Mac

TitleCommentsTechnical Level
Mac OS X Internals: A Systems ApproachWindows Internals for MacIntermediate-Advanced
Mac OS X and iOS InternalsRead this after reading Mac OS X InternalsIntermediate-Advanced


Operating Systems Internals - Windows

TitleCommentsSkill Level
Windows InternalsRead this book if you want to understand WindowsIntermediate-Advanced
Windows System Programming (4th Edition)A step-by-step guide through the Windows APIIntermediate


Programming - Concepts and Algorithms

TitleCommentsTechnical Level
Compilers: Principles, Techniques, and ToolsThe famous dragon book on compilersAdvanced - Don‘t read until you have a solid understanding of programming and runtime environments
Design PatternsRequired reading for any serious programmerIntermediate
Linkers and LoadersRequired reading for understanding program linking and runtime loadingIntermediate


Programming - Language Specific
Note: The reason there are few books here is due to languages having amazing learning resources online

TitleCommentsTechnical Level
Advanced Programming in the UNIX(R) EnvironmentDeep exploration of programming related to Linux, Mac, and BSDBeginner-Intermediate
The C Programming Language, 2nd Edition"K and R" - required if you want to be proficient with CIntermediate-Advanced
Violent PythonLearn Python programming and directly apply it to forensics and securityBasic to advanced topics


Reverse Engineering

TitleCommentsTechnical Level
Assembly Language Step-by-stepThe best resource to learn assembly. Later books focused on "high level" assembly as opposed to actual instructionsIntermediate-Advanced
Hacker Disassembling UncoveredA great resource for advanced topics in reverse engineeringIntermediate-Advanced
Hacking the XboxA well written and fun book from which to learn reversingIntermediate
The IDA Pro BookThe best resource to learn IDAIntermediate
Reversing: Secrets of Reverse EngineeringOne of my favorite books. A chapter is dedicated to reversing a Windows API back to C so perfectly that compiling it matches the hash of the Windows DLLIntermediate-Advanced
Practical Reverse EngineeringReversing across Intel and ARMIntermediate


Tradecraft - Digital

TitleCommentsTechnical Level
Silence on the Wirelcamtuf‘s exploration of vulnerabilities and attacks that most people would never think of. Strongly recommendedBeginner-Advanced


Tradecraft - Traditional
Note: I originally found several of these books from The Grugq‘s list

 

TitleCommentsTechnical Level
The Art of IntelligenceTradecraft and real-world analysis from Henry CrumptonBeginner-Intermediate
Chinese Intelligence OperationsA well-written, deep study of Chinese intelligence servicesAdvanced
See No EvilTradecraft and lessons from a former CIA analyst in the Middle EastIntermediate
Spy Handler: Memoir of a KGB OfficerWritten by the KGB officer whom handled Robert Hanssen and Aldrich Ames. A great text to learn real world tactics and techniquesBeginner-Intermediate
Terrorism and Counterintelligence: How Terrorist Groups Elude DetectionA deep examination of modern terrorist groups and counterintelligence useIntermediate
Thwarting Enemies at Home and Abroad: How to Be a Counterintelligence OfficerRead this first - a textbook on how to be a counter intel officer along with terms, techniques, and tacticsBeginner - make this your first book

(翻译)网络安全书籍推荐列表