What’s a good book on hacking/web for recreational reading?

This page summarizes the projects mentioned and recommended in the original post on /r/hacking
Openbsd computer-science Interview programming-interviews study-plan

InfluxDB
Our great sponsors
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • WorkOS - The modern identity platform for B2B SaaS
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • coding-interview-university

    A complete computer science study plan to become a software engineer.

    • x86 based binary exploitation: Intel Software Development Manual https://www.intel.com/content/www/us/en/developer/articles/technical/intel-sdm.html Skim through K&R C, then pick up and read Effective C by Robert Seacord, then pick up any of the books or online resources listed here: https://github.com/jwasham/coding-interview-university. Read OpenBSD's code https://github.com/openbsd/src Python: https://www.python.org/doc/ Pwntools: https://docs.pwntools.com/en/stable/ Aleph One on stack buffer overflows: https://packetstormsecurity.com/files/13875/Smashing-The-Stack-For-Fun-And-Profit.html w00w00 on heap overflows: https://packetstormsecurity.com/files/13877/w00w00-on-Heap-Overflows.html Pick up Hacking: The Art of Exploitation by Jon Erickson and give it a good read More heap fun: https://github.com/shellphish/how2heap Return Oriented Programming: https://github.com/spartansecurity/Hack-Nights/blob/master/ROP/Return_Oriented_Exploitation.pdf ret2csu: https://i.blackhat.com/briefings/asia/2018/asia-18-Marco-return-to-csu-a-new-method-to-bypass-the-64-bit-Linux-ASLR-wp.pdf Printf format string vulnerability: https://www.exploit-db.com/docs/english/28476-linux-format-string-exploitation.pdf Binwalk for extracting files, file systems, executable code from images: https://github.com/ReFirmLabs/binwalk

  • src

    Read-only git conversion of OpenBSD's official CVS src repository. Pull requests not accepted - send diffs to the tech@ mailing list.

    • x86 based binary exploitation: Intel Software Development Manual https://www.intel.com/content/www/us/en/developer/articles/technical/intel-sdm.html Skim through K&R C, then pick up and read Effective C by Robert Seacord, then pick up any of the books or online resources listed here: https://github.com/jwasham/coding-interview-university. Read OpenBSD's code https://github.com/openbsd/src Python: https://www.python.org/doc/ Pwntools: https://docs.pwntools.com/en/stable/ Aleph One on stack buffer overflows: https://packetstormsecurity.com/files/13875/Smashing-The-Stack-For-Fun-And-Profit.html w00w00 on heap overflows: https://packetstormsecurity.com/files/13877/w00w00-on-Heap-Overflows.html Pick up Hacking: The Art of Exploitation by Jon Erickson and give it a good read More heap fun: https://github.com/shellphish/how2heap Return Oriented Programming: https://github.com/spartansecurity/Hack-Nights/blob/master/ROP/Return_Oriented_Exploitation.pdf ret2csu: https://i.blackhat.com/briefings/asia/2018/asia-18-Marco-return-to-csu-a-new-method-to-bypass-the-64-bit-Linux-ASLR-wp.pdf Printf format string vulnerability: https://www.exploit-db.com/docs/english/28476-linux-format-string-exploitation.pdf Binwalk for extracting files, file systems, executable code from images: https://github.com/ReFirmLabs/binwalk

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • how2heap

    A repository for learning various heap exploitation techniques.

    • x86 based binary exploitation: Intel Software Development Manual https://www.intel.com/content/www/us/en/developer/articles/technical/intel-sdm.html Skim through K&R C, then pick up and read Effective C by Robert Seacord, then pick up any of the books or online resources listed here: https://github.com/jwasham/coding-interview-university. Read OpenBSD's code https://github.com/openbsd/src Python: https://www.python.org/doc/ Pwntools: https://docs.pwntools.com/en/stable/ Aleph One on stack buffer overflows: https://packetstormsecurity.com/files/13875/Smashing-The-Stack-For-Fun-And-Profit.html w00w00 on heap overflows: https://packetstormsecurity.com/files/13877/w00w00-on-Heap-Overflows.html Pick up Hacking: The Art of Exploitation by Jon Erickson and give it a good read More heap fun: https://github.com/shellphish/how2heap Return Oriented Programming: https://github.com/spartansecurity/Hack-Nights/blob/master/ROP/Return_Oriented_Exploitation.pdf ret2csu: https://i.blackhat.com/briefings/asia/2018/asia-18-Marco-return-to-csu-a-new-method-to-bypass-the-64-bit-Linux-ASLR-wp.pdf Printf format string vulnerability: https://www.exploit-db.com/docs/english/28476-linux-format-string-exploitation.pdf Binwalk for extracting files, file systems, executable code from images: https://github.com/ReFirmLabs/binwalk

  • Hack-Nights

    • x86 based binary exploitation: Intel Software Development Manual https://www.intel.com/content/www/us/en/developer/articles/technical/intel-sdm.html Skim through K&R C, then pick up and read Effective C by Robert Seacord, then pick up any of the books or online resources listed here: https://github.com/jwasham/coding-interview-university. Read OpenBSD's code https://github.com/openbsd/src Python: https://www.python.org/doc/ Pwntools: https://docs.pwntools.com/en/stable/ Aleph One on stack buffer overflows: https://packetstormsecurity.com/files/13875/Smashing-The-Stack-For-Fun-And-Profit.html w00w00 on heap overflows: https://packetstormsecurity.com/files/13877/w00w00-on-Heap-Overflows.html Pick up Hacking: The Art of Exploitation by Jon Erickson and give it a good read More heap fun: https://github.com/shellphish/how2heap Return Oriented Programming: https://github.com/spartansecurity/Hack-Nights/blob/master/ROP/Return_Oriented_Exploitation.pdf ret2csu: https://i.blackhat.com/briefings/asia/2018/asia-18-Marco-return-to-csu-a-new-method-to-bypass-the-64-bit-Linux-ASLR-wp.pdf Printf format string vulnerability: https://www.exploit-db.com/docs/english/28476-linux-format-string-exploitation.pdf Binwalk for extracting files, file systems, executable code from images: https://github.com/ReFirmLabs/binwalk

  • binwalk

    Firmware Analysis Tool

    • x86 based binary exploitation: Intel Software Development Manual https://www.intel.com/content/www/us/en/developer/articles/technical/intel-sdm.html Skim through K&R C, then pick up and read Effective C by Robert Seacord, then pick up any of the books or online resources listed here: https://github.com/jwasham/coding-interview-university. Read OpenBSD's code https://github.com/openbsd/src Python: https://www.python.org/doc/ Pwntools: https://docs.pwntools.com/en/stable/ Aleph One on stack buffer overflows: https://packetstormsecurity.com/files/13875/Smashing-The-Stack-For-Fun-And-Profit.html w00w00 on heap overflows: https://packetstormsecurity.com/files/13877/w00w00-on-Heap-Overflows.html Pick up Hacking: The Art of Exploitation by Jon Erickson and give it a good read More heap fun: https://github.com/shellphish/how2heap Return Oriented Programming: https://github.com/spartansecurity/Hack-Nights/blob/master/ROP/Return_Oriented_Exploitation.pdf ret2csu: https://i.blackhat.com/briefings/asia/2018/asia-18-Marco-return-to-csu-a-new-method-to-bypass-the-64-bit-Linux-ASLR-wp.pdf Printf format string vulnerability: https://www.exploit-db.com/docs/english/28476-linux-format-string-exploitation.pdf Binwalk for extracting files, file systems, executable code from images: https://github.com/ReFirmLabs/binwalk

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

    WorkOS logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts