Top Hacking Books for 2024 (plus Resources): FREE and Paid
Get Proton Mail for FREE: davidbombal.wiki/protonmail2
Big thanks to Proton for Sponsoring the video!
This is an amazing collection of books and resources - both free and paid. Big thanks to Jason Haddix for sharing his knowledge to help us learn in 2024!
// Books and Resources //
Web application hacker's handbook: amzn.to/48sUNYb
Web security academy, Port Swigger: portswigger.net/web-security
OWASP Web Security Testing Guide: owasp.org/www-project-web-sec...
Web Security Testing Guide Ellie Saad and Rick Mitchell v4.2: owasp.org/www-project-web-sec...
Real world bug hunting: amzn.to/3TK1mSd
Bug Bounty Bootcamp: amzn.to/41DW38B
Red Team Field Manual: amzn.to/48ul0pl
Red Team Development and Operations: A practical guide: amzn.to/3vez1Jl
Operator Handbook: Red Team + OSINT + Blue Team Reference: amzn.to/3vemAgC
Tribe of Hackers Red Team: amzn.to/47ef8zv
The Pentester Blueprint: amzn.to/3tvA8E6
OSINT Techniques: Resources for uncovering online information: amzn.to/3S6xw9j
Evading EDR: amzn.to/3toESeL
Attacking Network Protocols: amzn.to/3TEFvv7
Black Hat GraphQL: amzn.to/47gHl8C
Hacking API’s: amzn.to/3TzS0Z5
APISEC University: www.apisecuniversity.com/
Black Hat Go: amzn.to/3RXV13W
Black Hat Python: amzn.to/3NHFnHo
Black Hat Bash: nostarch.com/black-hat-bash
Zseano’s methodology: www.bugbountyhunter.com/metho...
Breaking into information security: amzn.to/3TI4n5h
Expanding your security horizons: amzn.to/3GU07Iq
Wiki Book Pentest living document: github.com/nixawk/pentest-wik...
HackTRICKS: book.hacktricks.xyz/welcome/r...
Fuzzing lists: github.com/secfigo/Awesome-Fu...
Sec Lists: github.com/danielmiessler/Sec...
Payloads all the things: github.com/swisskyrepo/Payloa...
Pentester Lab: pentesterlab.com/
Try Hack Me: Red Team Fundamentals: tryhackme.com/module/red-team...
HTB Academy: academy.hackthebox.com/
Hacktivity: hackerone.com/hacktivity/over...
Vulnerable U: vulnu.mattjay.com/
Grzegorz Niedziela: members.bugbountyexplained.co...
Or / bugbountyreportsexplained
Sharing what matters in security: securib.ee/newsletter/
Intigriti: www.intigriti.com/
tl;dr sec: tldrsec.com/
Unsupervised learning: danielmiessler.com/subscribe
Pentest Book: pentestbook.six2dez.com/
Bugcrowd: bugcrowd.com/crowdstream
Trickest: trickest.com/
// Jason Haddix SOCIAL //
KZhead: / jhaddix
LinkedIn: / jhaddix
Twitter: / jhaddix
Github: github.com/jhaddix
Boddobot: buddobot.com/
The Bug Hunters Methodology Live: tbhmlive.com/56
// David's SOCIAL //
Discord: / discord
X / Twitter: / davidbombal
Instagram: / davidbombal
LinkedIn: / davidbombal
Facebook: / davidbombal.co
TikTok: / davidbombal
KZhead: / @davidbombal
// MY STUFF //
www.amazon.com/shop/davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
// MENU //
00:00 - Introduction
04:11 - The Web Application Hacker's Handbook
07:16 - PortSwigger Web Security Academy
08:57 - OWASP Testing Guide
12:18 - Real-World Bug Hunting
13:35 - Bug Bounty Bootcamp
14:25 - Red Team Field Manual
16:09 - Red Team Development and Operations
17:24 - Operator Handbook
18:15 - Tribe of Hackers: Red Team
19:14 - The Pentester Blueprint
20:10 - OSINT Techniques
21:32 - Evading EDR
22:28 - Black Hat GraphQL
24:00 - Hacking APIs
26:17 - Black Hat Go
26:39 - Black Hat Python
27:41 - Black Hat Bash
29:04 - zseano's methodology
30:59 - Breaking Into Information Security
32:22 - Jason's Pentester Story
34:32 - Pentest Book
35:36 - HackTricks
36:48 - SecLists
37:23 - SecLists Origin Story
40:27 - Payload All The Things
41:43 - Unsupervised Learning
42:27 - tl;dr sec
43:21 - Bug Bytes Newsletter
44:10 - InsiderPhD
44:21 - High Five Newsletter
44:37 - Grzegorz Niedziela
45:26 - Vulnerable U
47:24 - Hacktivity
50:23 - HTB Academy & Try Hack Me
51:44 - PentesterLab
52:30 - The Bug Hunters Methodology Live
56:01 - Where to Start
58:11 - Attacking Network Protocols
hacking books
hack
python
linux
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
#hacking #hack #cybersecurity
Get Proton Mail for FREE: davidbombal.wiki/protonmail2 Big thanks to Proton for Sponsoring the video! This is an amazing collection of books and resources - both free and paid. Big thanks to Jason Haddix for sharing his knowledge to help us learn in 2024! // Books and Resources // Web application hacker's handbook: amzn.to/48sUNYb Web security academy, Port Swigger: portswigger.net/web-security OWASP Web Security Testing Guide: owasp.org/www-project-web-security-testing-guide/ Web Security Testing Guide Ellie Saad and Rick Mitchell v4.2: owasp.org/www-project-web-security-testing-guide/v42/ Real world bug hunting: amzn.to/3TK1mSd Bug Bounty Bootcamp: amzn.to/41DW38B Red Team Field Manual: amzn.to/48ul0pl Red Team Development and Operations: A practical guide: amzn.to/3vez1Jl Operator Handbook: Red Team + OSINT + Blue Team Reference: amzn.to/3vemAgC Tribe of Hackers Red Team: amzn.to/47ef8zv The Pentester Blueprint: amzn.to/3tvA8E6 OSINT Techniques: Resources for uncovering online information: amzn.to/3S6xw9j Evading EDR: amzn.to/3toESeL Attacking Network Protocols: amzn.to/3TEFvv7 Black Hat GraphQL: amzn.to/47gHl8C Hacking API’s: amzn.to/3TzS0Z5 APISEC University: www.apisecuniversity.com/ Black Hat Go: amzn.to/3RXV13W Black Hat Python: amzn.to/3NHFnHo Black Hat Bash: nostarch.com/black-hat-bash Zseano’s methodology: www.bugbountyhunter.com/methodology/zseanos-methodology.pdf Breaking into information security: amzn.to/3TI4n5h Expanding your security horizons: amzn.to/3GU07Iq Wiki Book Pentest living document: github.com/nixawk/pentest-wiki/blob/master/Books/README.md HackTRICKS: book.hacktricks.xyz/welcome/readme Fuzzing lists: github.com/secfigo/Awesome-Fuzzing Sec Lists: github.com/danielmiessler/SecLists Payloads all the things: github.com/swisskyrepo/PayloadsAllTheThings Pentester Lab: pentesterlab.com/ Try Hack Me: Red Team Fundamentals: tryhackme.com/module/red-team-fundamentals HTB Academy: academy.hackthebox.com/ Hacktivity: hackerone.com/hacktivity/overview Vulnerable U: vulnu.mattjay.com/ Grzegorz Niedziela: members.bugbountyexplained.com/premium/ Or kzhead.info Sharing what matters in security: securib.ee/newsletter/ Intigriti: www.intigriti.com/ tl;dr sec: tldrsec.com/ Unsupervised learning: danielmiessler.com/subscribe Pentest Book: pentestbook.six2dez.com/ Bugcrowd: bugcrowd.com/crowdstream Trickest: trickest.com/ // Jason Haddix SOCIAL // KZhead: kzhead.info LinkedIn: www.linkedin.com/in/jhaddix Twitter: twitter.com/Jhaddix Github: github.com/jhaddix Boddobot: buddobot.com/ The Bug Hunters Methodology Live: tbhmlive.com/56 // David's SOCIAL // Discord: discord.com/invite/usKSyzb X / Twitter: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal KZhead: www.youtube.com/@davidbombal // MY STUFF // www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 00:00 - Introduction 04:11 - The Web Application Hacker's Handbook 07:16 - PortSwigger Web Security Academy 08:57 - OWASP Testing Guide 12:18 - Real-World Bug Hunting 13:35 - Bug Bounty Bootcamp 14:25 - Red Team Field Manual 16:09 - Red Team Development and Operations 17:24 - Operator Handbook 18:15 - Tribe of Hackers: Red Team 19:14 - The Pentester Blueprint 20:10 - OSINT Techniques 21:32 - Evading EDR 22:28 - Black Hat GraphQL 24:00 - Hacking APIs 26:17 - Black Hat Go 26:39 - Black Hat Python 27:41 - Black Hat Bash 29:04 - zseano's methodology 30:59 - Breaking Into Information Security 32:22 - Jason's Pentester Story 34:32 - Pentest Book 35:36 - HackTricks 36:48 - SecLists 37:23 - SecLists Origin Story 40:27 - Payload All The Things 41:43 - Unsupervised Learning 42:27 - tl;dr sec 43:21 - Bug Bytes Newsletter 44:10 - InsiderPhD 44:21 - High Five Newsletter 44:37 - Grzegorz Niedziela 45:26 - Vulnerable U 47:24 - Hacktivity 50:23 - HTB Academy & Try Hack Me 51:44 - PentesterLab 52:30 - The Bug Hunters Methodology Live 56:01 - Where to Start 58:11 - Attacking Network Protocols hacking books hack hacker hacking python python hacking black hat python gray hat hacking linux linux for hackers bug bounty nsa nsa hacker nsa hacking ethical hacking ceh oscp ine try hack me hack the box hacking ethical hacker oscp certification ctf for beginners Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
Hey David can you plz tell me where to get started I want to be pro hacker of phones can you plz tell me
Dear David, is Port Swigger suitable for noobs? I’ve very basic security knowledge for windows and looking 👀 where to start in cyber security. Appreciate your answer. Cheers from Germany.
Thank you Jason ! ❤
Hey should i give a shot on ccna exam in 2024 or should i wait until the new version comes out
¹1😊😊😊😊😊
David bombal is the best channel I found in 2023 ❤
Thank you! Very happy to hear that :)
Hands down . He is honest with integrity and really cares about his fellow humans ❤.
lol
Straight up the best IT and cybersecurity channel on KZhead. Hands down…
Agreed! So glad I found this channel. Participated in a few CTFs now and am on the road to doing big bounties part time. Thanks for the inspiration David!
Undoubtedly one of the finest interviews and resources, well done as always!
Thanks a lot David. I'm 15 and I have been into tech, programming and hacking since I was 12. Your videos have helped me with my learning so thank you for helping the community with your content.
David and Jason, you are both legends. Thank you so much for this informative & amazing show
Loving the content so far David! I'd love it if yourself or even with Occupy With the Web if you could look into and explore Responder attacks. Again thanks for the content👍
0:33 so sorry to occupy the web but this man is by far my favorite guest of David's! Just listen to this man talk, he actually goes so far in depth in subjects I've been searching for over a decade for and tells me precisely what I need to find them what I need to succeed them when I need to become a civil engineer and my worth work ethic literally knows no bounds when it comes anything I want to learn and become an absolute savant so I have no problem I just like to say thank you so much for both of you gentlemen sharing your knowledge
I am a complete newbie in this space. Thank you David. I have some catching up to do.
Thank you so much for Jason and David, this is absolutely a very fruitful videos for us. Your fan from Malaysia
Thanks to both of you This channel and you gentlemen are amazing!
Thank you David for the effort you put into these videos just for us and our benefit. It means the world to us.😊😊❤❤❤
You're welcome! Thank you for supporting me!
Thanks.just downloaded web application hand book .will go through it .
Who needs cable tv when you can get content like this? Thanks a lot Dave, keep up the great work.
Great list of resources. Thanks David!
Have a great year ahead sir 👏🏾🎊 got so much information
Thanks for another informative video, David. The RTFM sounds interesting, I'm going to have to give it a read.
The best channel I would recommend for anyone getting into security, love your work. keep up the good work! ❤
Thank you both for this wonderful information, I really enjoyed this
This is a goldmine, thanks a lot, David!
David Bombalbee hit the nail again. This is the video I was waiting for. Thank you.
WOW, this video is amazing. We appreciate you guys, Steve and Jason.
Thank you David for all you do sir for the community!
THANKS A LOT FOR THIS, I'M STARTING MY JOURNEY FROM THIS YEAR
Thank you, David and Jason!
🙏Thank you, David and Jason. Very helpful.
Two amazing people talking about hacking!!! Once someone told me try to learn from the best, so here i am , learning from the best people!!! Thank you both!!!
Great video! Thank you for all the info!
I love the ground up approach you're taking for 2024 considering the constantly changing climate of this field. Appreciate all your efforts. p.s. Glad to see those suppressed networker yawns at a hacker making the edit :D
Jason did an amazing video w microsoft. Very helpful.
I appreciate what you do for your subscribers Sir.🙂🤞👍
Thank you! And you're welcome!
I would recommend "Bob and Alice Learn Application Security" too.
no idea when to read the WSTG - but a useful information source indeed. thx!
David, your channel is a treasure I'm so glad I've come across
👏 👏👏👏👏 your videos are right on the money David thank you
David you are just so phenomenal. Your channel has taught me about hacking and cybersecurity in general more than any other. Thank you for everything you do.
Hey David,I was just wondering if you would be able to bring us Chris Hadnagy on the show ,I would simply LOVE to see you colab with him and talk about social engineering a little bit ,I always feel like it's always talked about least and yet I personally feel like SE is the most important thing in Red teaming/pentesting,I'd love to see you interview him and share some insight on SE in the future ! As always great content ,I just can't miss a video ,thank you !
I’m glad he mentioned the one guy who hated career pentesting, so many people think working in cyber means not working with people and I keep explaining 1. We are a support function 2 . If you want to “make the money” and have manageable hours you are going to pivot into more non technical roles , but yes you still need the knowledge and experience … the money is actually working with people
100%. I have found the most important things have been knowing how to communicate with people and being likable.
David is single handedly responsible to education of tens if not hundreds of thousands of people
Thank you for the various books as the hour was beneficial. Any chance that you can get someone from a Blue Team books Practioner as already downloaded and noted the books to purchase as started on the Andy Gill book, but if you could get a list of blue defence books would be much appreciated as thank you both as well worth listening to and getting the books.
Amazing information, thank you!
Good to learn something new everyday through your shots❤
Glad to hear that! Lots more coming!
Great video guys. Wish I found it earlier before it was too late for me.
Learning a lot from you, Mr Bombal 🙏.
Great stuff as always❤❤
thanks for sharing the resource
Hope We Would Have an Interview With Michael Bazzell on the Channel Soon , Thanks David for the efforts on the channel
Hi David this is so awesome work thank's
Absolutely loved the video🤩🤩🤩! The content was amazing. Could you please tell me the name of the product mentioned at 49:28 ? Thanks!
You're mindset is superior and inspiration, thank you 😐😌
I really appreciate what you do 😊. If I may ask 🙏. Can you please do some videos for digital forensics 🙂😊 please 🥺
Thank you for this information
"Real World Bug Hunting " by Peter Yaworski is really good i've read it -- thanks for the other resources
So much good content. Thanks David.
Thank you! I hope you learn a lot!
I appreciate you ❤ Thanks so much ❤ To start all this project as I 2 laptop and server are needed
You are so welcome! Thank you!
Home lap is needed for this project
I thank you Professor David ❤. Love to learn.#David . I so appreciate you and your mission to educate others and help people grow l thank you.
Very excited about Black Hat Bash book!
awesome and great content .. bravo
love your word David, proud South African here
Thank you Thobani! I really appreciate you and all my supporters from South Africa!
Fantastic video!!! Free resource is the heaven for my bugget! It would be great if you could also create a video on how hacking victims should respond! Thank you Jason and David!!!
Keep going ur a legend David
once again thank you ❤
Thank you very helpfull
I gotta lot of reading to do!
Hei David i am from India(kerala you should come visit here great place 😄), i love your videos they are perfect . I am gonna attend the C EH in a few days i am preparing for it. Thanks again for providing us such quality content. You can't even imagine how much I respect you. Thank you sir❤... thanks for your efforts.🙂
Thank you Nivedh! I really appreciate you and all my supporters from India! Hopefully I'll be able to visit one day :) All the best for your CEH!
@@davidbombal ❤
thanks david for sharing to us useful content will you please recommend me the best place to learn python programming with realword projects for free for me i dont like books i like tutorials
Love from India ❤️🇮🇳
Anish ow are you brother
Welcome Anish and all my viewers from India! I appreciate you!
@@davidbombal thank you David sir
Great and Worth watching podcast
Thanks for the shout @jhaddix! Appreciate you. +1 to all the resources Jason mentioned as well.
Hello David, love you man❤ I am a new learner. at this time this video is very important for me. maybe it can change my life.
I hope that the video really helps you!
Great resources here!
another amazing video from bombal and friends.
Super helpful video.. We have a lot to do
DAVID! Has anyone told you that you are the freakin man?! Cause you are the freakin man!!!
Amazing Video ❤
My question is what pre-requisites or how much code or computer knowledge is necessary to even start to embark on this journey and work thru these resources?
Jason's mind is a treasure trove!
Using the Web App book, how do you practice the content for out of date material?
Hey should i give a shot on ccna exam in 2024 or should i wait until the new version comes out
David, I feel like rate limiting you with this amount of content lol .. amazing work! p.s love Jason..what an outstanding guest! Final thought: THM has the worst customer service I've ever come across. HTB is a million times better.
lol... I'm going to slow it down a bit I think :) But, got to start the new year with a big bang!
@davidbombal love the content regardless .. I actually bought Corey's api book after seeing your interview.. then did his course.. then did the vapi ctfs..joined intigriti and got 2 bugs in 2 months.. also just got a bug on fb ..going to smash 2024
I would love to learn how to do this from you
hello sir, i want to make a career in clod computing specifically as solutions architect role do i need to have a networking knowledge to become solutions architect associate if yes the which networking certification should i go for and on which topics i should focus more??
What is the best book for defense and SOC?
GREAT INFORMATION!🧠👀👂😃👍
Thank you,David
You're welcome!
Ohh this guy is a legend
hey david can you make a video on ccna 2024
Great stuff again
Glad you enjoyed it
Cool!!
Great!
great video
hello i have a problem with kali llinux wifi adapter it says its no wireless extensions but it worked once can you help me fix this problem
EC concile ceh book is really good.
TO learn CS or hacking do i have to understand API ,stuff which is taught in Computer science
There is no link to Gwendal's sick dot tools!!!
My question David, To what extent can we trust end-to-end products?
If you are referring to Proton mail, their software is open source.
Evading EDR is very good at the moment, but the detection system may evolve, the best EDR evasion is... To find the ways not to have one active on the target system, and this is not that complicated in red teaming. Hopefully, there is still a lot not covered on all these resources. Very good choice, but require medium to advanced skills in my opinion. Anyway you need to get your hands onto it quickly, hacking in 2024 is not the same as it was in 2004 and require a lot of various skillset.
Hello david sir.
Thanks for your work sir 👍
Welcome!
Let's gooo David exploiting zero day exploits all 2024
Proton? You must be joking, they cooperate with law enforcement and admit they have to. Encryption In Transit only for their secure email to and from other providers. It arrives and leaves in plain text and is only encrypted for storage as it arrives, then decrypted as it leaves. So anyone can see the email in and out of proton.