From popular requests, it’s time to put together a list of the best hacking books in 2022. Now, this list contains not only hacking books that were published in 2022, but simply all the books worth reading. mention from this year. there are still some classics that will always be mentioned, even if they haven’t been updated for years, they are still relevant. Basically, I get questions from you guys every day, whether on instagram, facebook, twitter, or via email, what ethical hacking books should I buy to get started?
“what are the best hacking books?” or “do you recommend learning from books?” they are the most popular. I understand that today we have so many possibilities when it comes to learning. we got youtube, and we have billions of online courses, serving every subject one can imagine. but I’m a firm believer in a good book. why? because putting together a good book requires a lot of work.
You are reading: Best books on hacking
You need to review your content several times, you need to remove irrelevant content and reduce it to the best possible version. I think this makes books a much richer experience than a 5 minute youtube video because the content is usually very carefully selected.
That said, I highly recommend learning from books. a big plus is also that you can put bookmarks (yes, the paper ones) in your book and quickly look up something if you need it.
This article not only contains the best books on hacking, it is also a list of my personal favorite books. I personally have all the books I recommend here.
by the way, the order in this list is not relevant. all the books mentioned are worth reading in no particular order.
all books can be found in the ceos3c amazon store.
🚀 this guide has been completely updated in August 2022
index
- best hacking books in 2022
- 1 – hacker playbook 2
- 2 – hacker playbook 3
- 3 – real world bug hunting
- 4 – hacking apis: breaking web application programming interfaces
- 5 – rtfm: red team field manual
- 6 – Hacking: The Art of Exploitation, 2nd Edition
- 7 – The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws
- 8 – Penetration Testing: A Practical Introduction to Hacking
- 9 – Kali Linux Revealed: Mastering Penetration Testing Distribution
- 10 – Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker
- 11 – Advanced Penetration Testing: Hacking the World’s Most Secure Networks
- 12 – Honorable Mention: Metasploit Hacking
the best hacking books in 2022
Below you’ll find my favorite hacking books in 2022. Here’s a quick overview to help you navigate:
1 – the hackers playbook 2
by peter kim
level: suitable for beginners!
If I could only choose one book, it would be this one.
I started with this book and it helped me a lot. It’s got the rhythm just right when you’re just starting out. learn how to set up a lab and review all the popular tools used by professional penetration testers.
This book could be called the “penetration tester’s guide” while the hacker’s playbook 3 could be called the “red team guide”. I get to the difference between those two a bit later. I would definitely recommend reading the second edition before the third edition. both are excellent books, but the second edition is a bit easier to get started with.
In this book, in addition to learning how to set up a lab and Kali Linux, you will learn about:
- passive discovery (osint)
- password lists
- active directory
- vulnerability scan
- exploitation
- web application security
- moving through a network
- social engineering
- password cracking
and much more. The cool thing is that Peter really treats you like a beginner, meaning he doesn’t skip steps he’s supposed to know. I love that type of author. Having said all of this, you can probably see that I personally really like this book and can’t recommend it highly enough. If you had to choose a book to start with, this is it!
2 – the hackers playbook 3
by peter kim
level: suitable for beginners!
hackers playbook 3 is the natural evolution of its predecessor, hackers playbook 2. It easily ranks in the top 3 of my favorite hacking books of all time. I’ve read both books and the third even beats the second by a notch.
peter takes you on a journey through all the phases of a penetration test. he helps you set up your pentesting environment and then walks you through all the steps of a penetration test, reconnaissance, web application exploitation, compromised networks, social engineering techniques, physical attacks, av and id avoidance and, of course, exploitation.
This book has a great introduction to web application testing, there is a vulnerable web application included in this book that teaches you some newer techniques being used today. besides that there are attacks against nodejs, sql injection and some advanced xss techniques. many of my friends have also read this book and recommend it for all beginners.
I learned a lot from this book. I’ve worked it several times because the techniques taught in it are extremely valuable to improve your skills. peter kim is an excellent teacher.
I will mention that this book is more difficult than the second edition. the techniques here are more sophisticated, so you’d really benefit from reading the second edition before buying the third. There is also a lot of information about what it means to be a member of the red team vs. a penetration tester, which is really interesting to learn.
In the end, you need to know how to report your findings to your clients, this book teaches you that too.
I highly recommend adding this book to your library of ethical hacking books!
3 – real world bug hunting
by peter yaworski
level: beginner – intermediate
The latest addition to this guide. If you’ve been following me on social media or in general over the past few months, you know that right now I’m mostly bug bounty hunting and educating myself in this area. this book is very new (it was released in 2019) and up to date. peter is a seasoned security professional trying to provide an entry point for people with no knowledge in this area, and i think he pulled it off. this book easily ranks in my top 3 favorite hacking books of all time.
This book is very well written and delves into all the important topics related to web application security/troubleshooting. After covering the basics of bug bounty, it walks you through all of the most common types of web vulnerabilities, such as:
- open redirect
- http parameter pollution
- cross-site request forgery
- html injection
- line feed carriage return injection
- cross-site scripting
- sql injection
- ssrf
- xee
- rce’s
- idor’s
… and much more. After a detailed explanation of each vulnerability, the guy follows some actual reports of real vulnerabilities found with HackerOne’s bug bounty program, including information on how the bug was found, where it was found, and how much you paid. Seeing this kind of information makes everything a bit easier to understand, since you see real examples in nature.
another very interesting section awaits you at the end of the book: finding your own bug bounties.
this section covers everything from reconnaissance to application testing and how to automate your tests etc.
The last section of the book covers report writing, which I think is a very important topic to understand. peter does a wonderful job of explaining things and makes complicated topics quite easy to understand. you really see his years of experience reflected in this book.
If you want to get started with bug bounties and don’t want to dive into a giant web application hacker’s playbook right away, this is the book for you. I highly recommend this book for any beginner, any day.
4 – hack apis: break web application programming interfaces
See Also: Quiz: The ultimate Dark Arts quiz – Owlish Books & Movies
by corey j. ball
level: all levels
Finding a book on hacking APIs is not an easy task as there are not many books on the subject. API hacking is a relatively new topic, but it is becoming increasingly popular as more and more companies make their APIs available to the public. there are some hacking apis books on the market, but only a few are worth reading.
the apis hacking book by corey j. ball is an excellent book for those looking to get started in the world of API hacking. the book is a great resource for beginners and provides a good overview of the basics of api hacking.
The Hacking APIs book covers topics like setting up your development environment, working with HTTP requests and responses, and using the burp suite to test APIs.
Hacking APIs is a crash course in online API security testing that will prepare you to perform API penetration testing, profit from lucrative bug bounty schemes, and harden your own APIs. this book is extremely well written and easy to understand. is a great introduction to the world of api testing. does a fantastic job of explaining the tools used for api security testing.
I felt like I had learned everything I needed to about api security at the end of the book. the author does an excellent job of explaining what he needs to do during each step of the process, including how to use each tool correctly and how each device should be used in conjunction with other agencies.
Also, I loved the fact that the book includes practical examples of api security testing. these examples helped me understand how each tool works and how i can use it to test api. All in all, I highly recommend Hack API to anyone interested in learning about API security testing. This book is a great resource for beginners and provides a good overview of hacking APIs.
The only drawback is that this book doesn’t cover as many topics as other books on this topic (such as the owasp test guide). however, it still covers all the basics, so you won’t miss anything important if you’re just getting started with API testing.
That can be a problem if you’re looking for more advanced stuff, but if you’re just starting out, hacking api is a great place to start. it’s like an effective sampler of what hacking api’s have to offer.
hacking apis is an excellent book for those looking to get started with api hacking. the book is an excellent resource for beginners and provides a good overview of how to hack.
If you’re looking for more extensive information on hacking in general, I’d recommend another book, as this one only focuses on apis. All in all, this is a great introduction to this field for anyone who wants to learn about it. The Hacking APIs Book by Corey J. ball comes highly recommended by me.
5 – rtfm: red team field manual
by ben clark
level: all levels
The red team field manual is a must when it comes to hacking books. this is not a book you use to study, this is a red team reference guide. this guide contains the basic syntax of commonly used linux and windows commands. also includes python scripts and windows powershell hints.
Personally, I always carry this book with me when I’m on assignment or on any hacking-related trip. I also have many personal notes and additions. for the price, I definitely recommend picking up a copy. put it under your pillow while you sleep, and carry it with you at all times. great little book.
6 – Computer Hacking: The Art of Exploitation, 2nd Edition
by jon erickson
level: intermediate
You’ll probably have a hard time finding a hacker/cybersecurity specialist who doesn’t recommend this book. Hack: The Art of Exploitation is a true classic when it comes to hacking books. the only drawback is that it was last updated in 2008. The good news is that most of their content is still relevant and valuable today. this book helps you build a solid foundation of theory and technique, which will translate nicely into modern hacking tools.
This book has it all, you will learn a little about programming, exploitation, networking, shellcode, countermeasures and cryptology. Frankly speaking, I still recommend this book today.
Please note that this book is geared more towards advanced users. I would not recommend choosing this book as a first book. you should be familiar with or have a basic idea of assembly before starting this book.
7 – the web application hacker’s handbook: finding and exploiting security flaws
by dafydd stuttard & marcus pinto
level: beginner/intermediate
Until now, all the books have dealt with the topic of web application hacking as a separate section. This book is dedicated to the subject. The Web Application Hacker’s Handbook is one of the best books out there when it comes to hacking books for testing web applications. The book was written by the guys who developed the burp suite, the most popular web application testing framework out there.
If you get a book written by people who developed an actual web application testing framework, you can make your best bet for the value you find in it. this is a giant of a book with 912 pages. it was last updated in 2011, so the content is still very relevant today.
Nowadays, you have to know about web application security if you want to work in cybersecurity. many companies use web applications and many of them have flaws because they were poorly developed or not updated. The Web Application Hacker’s Handbook helps you understand common flaws and how to exploit them. you won’t believe how many web application failures you’ll find in the real world.
That said, if you’re serious about working in cyber security, you may or may not be able to avoid this book. This book takes you through web application security step by step, from the beginning until you finally have a good understanding of the topic. Highly recommended addition to your collection of ethical hacking books.
8 – penetration testing: a practical introduction to hacking
by georgia weidman
level: suitable for beginners!
this book was written by georgia weidman, security expert, researcher and trainer. Penetration Testing: A Practical Introduction to Hacking teaches the fundamental skills every penetration tester needs. you will build a virtual lab with kali linux and a couple of vulnerable virtual machines and run through multiple scenarios in this environment. tools like wireshark, nmap, and the burp suite are used in this book, among many others.
you will learn how to crack passwords, how to brute force wireless networks using wordlists, you will learn a bit about web application security, you will learn about the metasploit framework, how to bypass antivirus software, and how to take control of a virtual machine to compromise the network. This book, like Hacker’s Playbook 3, is a good first read for people interested in learning cybersecurity.
some people really love and trust georgia’s explanation skills, some people i know personally also used them as oscp test prep. This book contains many step by step steps, so it is very easy to understand even for beginners.
Warning: Unfortunately, several people have reported that parts of the labs and external materials in the book are no longer available. so buy it only if you know what you are looking for! You can follow the author’s twitter account as she is currently working on the second edition of the book!
9 – kali linux revealed: mastering the penetration testing distribution
by raphael hertzog & jim o’gorman
See Also: 9 of George Orwell&039s Books Ranked in Order | Book Analysis
level: beginner-advanced
first things first, this is not one of those ethical hacking books that penetration testing teaches you. this is a book that teaches you kali linux. Kali Linux, formerly known as Backtrack, is by far the most popular penetration testing distribution out there. therefore, it makes sense for you to learn it. Although I don’t recommend kali linux for beginners, if you decide to go with kali linux anyway, I recommend reading kali linux revealed.
In this book, the Kali developers themselves will take you on a journey through the operating system and help you maximize your use of Kali Linux. you will learn all the fundamentals of kali linux, learn the basics and basics of linux, and learn how to install kali linux in all sorts of different scenarios (laptop, desktop, server, virtual, etc). In addition to that, you will learn how to configure packages and how to keep your installed kali up to date the right way.
They even guide you through things like deployment on large enterprise networks and very advanced topics like kernel compilation, creating custom iso files, and encryption. that’s why I rate this book beginner-advanced. you can definitely learn something new from this book no matter where you come from.
don’t be distracted by amazon ratings, some people clearly can’t read and complain that no pentesting tools are taught in this book, which was never their intention in the first place. That said, if you work with Kali, pick up this book, it will take you to the next level and keep you safe for the long haul. you can also refer to my article to follow at least the essential steps after installing kali linux as a beginner.
10 – ghost on the wires: my adventures as the world’s most wanted hacker
by the legend himself, kevin mitnick
level: all levels
now one could argue if this fits into the category of hacking books or not, but for me it definitely fits. Ghost in the Wires is a book by one of the most notorious computer hackers that ever lived: Kevin Mitnick. So why would I recommend this book? because it is a hacking book by definition. This book tells the true story of Kevin Mitnick, a computer hacker who had the best of him between the years 1979 and 1995, when he was finally arrested by the FBI after being on the run for several years.
kevin hacked his first computer system at the age of 16, from then on, there was no going back. this book explains very well how a hacker’s mind works and what drives it. takes an in-depth look at the hacker mindset, and that’s exactly why I found this book so valuable. i don’t know how much hype is in this book on kevin’s part, but most of the stories he tells seem to be pretty legit and in the realm of possibility, especially since so many of them were confirmed by the feds or his former friends/enemies .
I devoured this book in no time, I had so much fun reading it that I finished it in a week, which is very unusual for me.
That said, don’t just focus on learning, focus on having fun too, and this book definitely is fun! A must read for any aspiring hacker!
by the way, kevin has been a very successful security consultant since 2000, advising fortune 500 companies and… the fbi (lol). As he can see, he has grown up and now works as an ethical hacker. he also published a couple of other books on things like social engineering and staying safe online. I won’t list them here because I haven’t read them yet, but you can find them in my amazon store.
11 – Advanced Penetration Testing: Hacking the World’s Most Secure Networks
by will allsopp
level: advanced
I had to include at least one more advanced book in this list of hacking books to satisfy everyone. but no, really, advanced penetration testing has gained a lot of traction lately. covers atp (advanced penetration testing). this means that it teaches you real-world techniques far beyond the usual kali linux tool. you will learn how the tools actually work and also how to write your own tools from start to finish.
This helps you better understand how the tools you use actually work, giving you an advantage over anyone who can only use out-of-the-box tools.
also covers a bit of social engineering. many more advanced people have recommended this book to me.
This would be a good book to read after you finish working through the Hacker’s Playbook and the Web Application Hacker’s Handbook. but really, beware, this is for advanced people only!
12 – honorable mention: hacking with metasploit
by michael messner
See Also: 9 of George Orwell&039s Books Ranked in Order | Book Analysis
level: beginner-advanced
language: German
Now, unfortunately for all of you who don’t speak German, hacking mit metasploit is not for you, except you can translate it. I want to mention it here, because it is, without a doubt, the best book on metasploit I have ever read. The author, Michael Messner, is a developer on the metasploit team and continually contributes to the project.
He has a deep understanding of the metasploit framework and has a great way of teaching you everything you need to know about metasploit.
I want to mention it there for everyone who is able to speak German, and I hope there will be an English release of the book one day for everyone to enjoy.
ethical hacking courses
Since publishing this post, I’ve received a lot of questions from people who prefer video content to written content. Since I have taken many ethical hacking courses, I want to share my favorites with you.
my favorite ethical hacking courses are the ones created by heath adams, better known as the cyber mentor. no course I’ve taken online has improved my skills more than your excellent ethical hacking hands-on course, hands down.
some other great courses are:
- the ethical hacking tutorial – heath adams
- linux 101 – brent eskridge
- windows privilege escalation – heath adams
- escalation linux privileges – heath adams
There is also an option to get access to all courses for around $30 per month. I can’t recommend tcm academy highly enough.
where to buy
you can find all the books in this article in my
amazon store
If you shop through this store, I get a small commission from your purchase which helps me a lot to keep my bills paid. thanks!
conclusion
now this should give you a good idea of which hacking books you should read and which you should read first. In my opinion, learning from books is still very valuable today. I think it’s even my preferred way because I can work with the material in a certain structured way and I like that a lot.
Let me know in the comments what your favorite ethical hacking books are and I might check them out and add them to the list. Please bookmark this article and be sure to check back regularly as I will update this list as time goes on.
👀 this tutorial has some related articles! 👉 Getting Started With Cyber Security: The Complete Guide 👉 Getting Started With Bug Bounties 👉 Terminal Customization Series 👉 Best Ethical Hacking Books 👉 Download Kali Linux Safe & easy👉 best ethical hacking tools👉 install vscode on kali linux👉 dual boot kali linux with windows👉 install kali linux on windows – complete guide for beginners👉 best things to do after installing kali linux👉 wifi adapter for kali linux – the ultimate guide👉 nmap beginners guide series👉 metasploit tutorial series👉 burp suite beginners guide
See Also: The Best Books for New Homeowners!