Top Hacking Books for 2024 (plus Resources): FREE and Paid

Get Proton Mail for FREE: davidbombal.wiki/protonmail2
Big thanks to Proton for Sponsoring the video!
This is an amazing collection of books and resources - both free and paid. Big thanks to Jason Haddix for sharing his knowledge to help us learn in 2024!
// Books and Resources //
Web application hacker's handbook: amzn.to/48sUNYb
Web security academy, Port Swigger: portswigger.net/web-security
OWASP Web Security Testing Guide: owasp.org/www-project-web-security-testing-guide/
Web Security Testing Guide Ellie Saad and Rick Mitchell v4.2: owasp.org/www-project-web-security-testing-guide/v42/
Real world bug hunting: amzn.to/3TK1mSd
Bug Bounty Bootcamp: amzn.to/41DW38B
Red Team Field Manual: amzn.to/48ul0pl
Red Team Development and Operations: A practical guide: amzn.to/3vez1Jl
Operator Handbook: Red Team + OSINT + Blue Team Reference: amzn.to/3vemAgC
Tribe of Hackers Red Team: amzn.to/47ef8zv
The Pentester Blueprint: amzn.to/3tvA8E6
OSINT Techniques: Resources for uncovering online information: amzn.to/3S6xw9j
Evading EDR: amzn.to/3toESeL
Attacking Network Protocols: amzn.to/3TEFvv7
Black Hat GraphQL: amzn.to/47gHl8C
Hacking API’s: amzn.to/3TzS0Z5
APISEC University: www.apisecuniversity.com/
Black Hat Go: amzn.to/3RXV13W
Black Hat Python: amzn.to/3NHFnHo
Black Hat Bash: nostarch.com/black-hat-bash
Zseano’s methodology: www.bugbountyhunter.com/methodology/zseanos-methodology.pdf
Breaking into information security: amzn.to/3TI4n5h
Expanding your security horizons: amzn.to/3GU07Iq
Wiki Book Pentest living document: github.com/nixawk/pentest-wiki/blob/master/Books/README.md
HackTRICKS: book.hacktricks.xyz/welcome/readme
Fuzzing lists: github.com/secfigo/Awesome-Fuzzing
Sec Lists: github.com/danielmiessler/SecLists
Payloads all the things: github.com/swisskyrepo/PayloadsAllTheThings
Pentester Lab: pentesterlab.com/
Try Hack Me: Red Team Fundamentals: tryhackme.com/module/red-team-fundamentals
HTB Academy: academy.hackthebox.com/
Hacktivity: hackerone.com/hacktivity/overview
Vulnerable U: vulnu.mattjay.com/
Grzegorz Niedziela: members.bugbountyexplained.com/premium/
Or ruclips.net/user/BugBountyReportsExplained
Sharing what matters in security: securib.ee/newsletter/
Intigriti: www.intigriti.com/
tl;dr sec: tldrsec.com/
Unsupervised learning: danielmiessler.com/subscribe
Pentest Book: pentestbook.six2dez.com/
Bugcrowd: bugcrowd.com/crowdstream
Trickest: trickest.com/
// Jason Haddix SOCIAL //
RUclips: ruclips.net/user/jhaddix
LinkedIn: www.linkedin.com/in/jhaddix
Twitter: twitter.com/Jhaddix
Github: github.com/jhaddix
Boddobot: buddobot.com/
The Bug Hunters Methodology Live: tbhmlive.com/56
// David's SOCIAL //
Discord: discord.com/invite/usKSyzb
X / Twitter: twitter.com/davidbombal
Instagram: instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
RUclips: www.youtube.com/@davidbombal
// MY STUFF //
www.amazon.com/shop/davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
// MENU //
00:00 - Introduction
04:11 - The Web Application Hacker's Handbook
07:16 - PortSwigger Web Security Academy
08:57 - OWASP Testing Guide
12:18 - Real-World Bug Hunting
13:35 - Bug Bounty Bootcamp
14:25 - Red Team Field Manual
16:09 - Red Team Development and Operations
17:24 - Operator Handbook
18:15 - Tribe of Hackers: Red Team
19:14 - The Pentester Blueprint
20:10 - OSINT Techniques
21:32 - Evading EDR
22:28 - Black Hat GraphQL
24:00 - Hacking APIs
26:17 - Black Hat Go
26:39 - Black Hat Python
27:41 - Black Hat Bash
29:04 - zseano's methodology
30:59 - Breaking Into Information Security
32:22 - Jason's Pentester Story
34:32 - Pentest Book
35:36 - HackTricks
36:48 - SecLists
37:23 - SecLists Origin Story
40:27 - Payload All The Things
41:43 - Unsupervised Learning
42:27 - tl;dr sec
43:21 - Bug Bytes Newsletter
44:10 - InsiderPhD
44:21 - High Five Newsletter
44:37 - Grzegorz Niedziela
45:26 - Vulnerable U
47:24 - Hacktivity
50:23 - HTB Academy & Try Hack Me
51:44 - PentesterLab
52:30 - The Bug Hunters Methodology Live
56:01 - Where to Start
58:11 - Attacking Network Protocols
hacking books
hack
hacker
hacking
python
python hacking
black hat python
gray hat hacking
linux
linux for hackers
bug bounty
nsa
nsa hacker
nsa hacking
ethical hacking
ceh
oscp
ine
try hack me
hack the box
hacking
ethical hacker
oscp certification
ctf for beginners
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

David bombal is the best channel I found in 2023 ❤

0:33 so sorry to occupy the web but this man is by far my favorite guest of David's! Just listen to this man talk, he actually goes so far in depth in subjects I've been searching for over a decade for and tells me precisely what I need to find them what I need to succeed them when I need to become a civil engineer and my worth work ethic literally knows no bounds when it comes anything I want to learn and become an absolute savant so I have no problem
I just like to say thank you so much for both of you gentlemen sharing your knowledge

Thank you David for the effort you put into these videos just for us and our benefit. It means the world to us.😊😊❤❤❤

I’m glad he mentioned the one guy who hated career pentesting, so many people think working in cyber means not working with people and I keep explaining 1. We are a support function 2 . If you want to “make the money” and have manageable hours you are going to pivot into more non technical roles , but yes you still need the knowledge and experience … the money is actually working with people

Who needs cable tv when you can get content like this? Thanks a lot Dave, keep up the great work.

I appreciate what you do for your subscribers Sir.🙂🤞👍

I just watched your 2023 video on the same topic and now I am watching this one for 2024. I am more impressed with this one, somehow I have more confidence in this guest to point me in the right direction. Thank you. Love your channel.

Thanks.just downloaded web application hand book .will go through it .

Undoubtedly one of the finest interviews and resources, well done as always!

David is single handedly responsible to education of tens if not hundreds of thousands of people

love your word David, proud South African here

I would recommend "Bob and Alice Learn Application Security" too.

I am a complete newbie in this space. Thank you David. I have some catching up to do.

David and Jason, you are both legends. Thank you so much for this informative & amazing show

THANKS A LOT FOR THIS, I'M STARTING MY JOURNEY FROM THIS YEAR

Thank you so much for Jason and David, this is absolutely a very fruitful videos for us.
Your fan from Malaysia

Two amazing people talking about hacking!!! Once someone told me try to learn from the best, so here i am , learning from the best people!!! Thank you both!!!

Good to learn something new everyday through your shots❤

This is a goldmine, thanks a lot, David!

Thanks to both of you
This channel and you gentlemen are amazing!

Hey David,I was just wondering if you would be able to bring us Chris Hadnagy on the show ,I would simply LOVE to see you colab with him and talk about social engineering a little bit ,I always feel like it's always talked about least and yet I personally feel like SE is the most important thing in Red teaming/pentesting,I'd love to see you interview him and share some insight on SE in the future !
As always great content ,I just can't miss a video ,thank you !

David, your channel is a treasure I'm so glad I've come across

David Bombalbee hit the nail again. This is the video I was waiting for. Thank you.

Have a great year ahead sir 👏🏾🎊 got so much information

Thanks for another informative video, David. The RTFM sounds interesting, I'm going to have to give it a read.

Jason did an amazing video w microsoft. Very helpful.

Thank you David for all you do sir for the community!

Thanks a lot David. I'm 15 and I have been into tech, programming and hacking since I was 12. Your videos have helped me with my learning so thank you for helping the community with your content.

David you are just so phenomenal. Your channel has taught me about hacking and cybersecurity in general more than any other. Thank you for everything you do.

Thank you both for this wonderful information, I really enjoyed this

My question is what pre-requisites or how much code or computer knowledge is necessary to even start to embark on this journey and work thru these resources?

Great list of resources. Thanks David!

Loving the content so far David! I'd love it if yourself or even with Occupy With the Web if you could look into and explore Responder attacks. Again thanks for the content👍

Hope We Would Have an Interview With Michael Bazzell on the Channel Soon , Thanks David for the efforts on the channel

The best channel I would recommend for anyone getting into security, love your work. keep up the good work! ❤

WOW, this video is amazing. We appreciate you guys, Steve and Jason.

Love from India ❤️🇮🇳

👏 👏👏👏👏 your videos are right on the money David thank you

David, thanks much for the help and amazing content you provide. Greatly appreciated. 🙂

Thank you, David and Jason!

Learning a lot from you, Mr Bombal 🙏.

"Real World Bug Hunting " by Peter Yaworski is really good i've read it -- thanks for the other resources

best video i ever saw got me updated on so much even after 10 months love the work david

Great video! Thank you for all the info!

🙏Thank you, David and Jason. Very helpful.

So much good content. Thanks David.

no idea when to read the WSTG - but a useful information source indeed. thx!

I gotta lot of reading to do!

You're mindset is superior and inspiration, thank you 😐😌

Jason's mind is a treasure trove!

I love the ground up approach you're taking for 2024 considering the constantly changing climate of this field. Appreciate all your efforts. p.s. Glad to see those suppressed networker yawns at a hacker making the edit :D

Hei David i am from India(kerala you should come visit here great place 😄), i love your videos they are perfect . I am gonna attend the C EH in a few days i am preparing for it. Thanks again for providing us such quality content. You can't even imagine how much I respect you. Thank you sir❤... thanks for your efforts.🙂

Wow, one of the best video I watched! Thanks

I really appreciate what you do 😊. If I may ask 🙏. Can you please do some videos for digital forensics 🙂😊 please 🥺

Hello David, love you man❤
I am a new learner. at this time this video is very important for me. maybe it can change my life.

Fantastic video!!! Free resource is the heaven for my bugget! It would be great if you could also create a video on how hacking victims should respond! Thank you Jason and David!!!

Thank you for the various books as the hour was beneficial.
Any chance that you can get someone from a Blue Team books Practioner as already downloaded and noted the books to purchase as started on the Andy Gill book, but if you could get a list of blue defence books would be much appreciated as thank you both as well worth listening to and getting the books.

Great stuff as always❤❤

DAVID! Has anyone told you that you are the freakin man?! Cause you are the freakin man!!!

Very excited about Black Hat Bash book!

My question David, To what extent can we trust end-to-end products?

Great video guys. Wish I found it earlier before it was too late for me.

David, I feel like rate limiting you with this amount of content lol .. amazing work! p.s love Jason..what an outstanding guest! Final thought: THM has the worst customer service I've ever come across. HTB is a million times better.

Using the Web App book, how do you practice the content for out of date material?

Amazing information, thank you!

I thank you Professor David ❤. Love to learn.#David . I so appreciate you and your mission to educate others and help people grow l thank you.

Absolutely loved the video🤩🤩🤩! The content was amazing. Could you please tell me the name of the product mentioned at 49:28 ? Thanks!

thanks for sharing the resource

Thank you,David

thanks david for sharing to us useful content will you please recommend me the best place to learn python programming with realword projects for free for me i dont like books i like tutorials

Great and Worth watching podcast

I appreciate you ❤
Thanks so much ❤
To start all this project as I 2 laptop and server are needed

Hi David this is so awesome work thank's

Hey should i give a shot on ccna exam in 2024 or should i wait until the new version comes out

What is the best book for defense and SOC?

Very good bombal sir! But, what about you? What do you think is best in terms of you?

Great resources here!

another amazing video from bombal and friends.

Thank you for this information

Im wondering you havent mentioned "Hack the planet" books

hello sir, i want to make a career in clod computing specifically as solutions architect role do i need to have a networking knowledge to become solutions architect associate if yes the which networking certification should i go for and on which topics i should focus more??

Keep going ur a legend David

Super helpful video.. We have a lot to do

awesome and great content .. bravo

TO learn CS or hacking do i have to understand API ,stuff which is taught in Computer science

There is no link to Gwendal's sick dot tools!!!

once again thank you ❤

I would love to learn how to do this from you

Hi David I want to be hacker how long does it take from me to be able doing hacking operations

EC concile ceh book is really good.

This list is for total beginners?

Thanks for the shout @jhaddix! Appreciate you. +1 to all the resources Jason mentioned as well.

Amazing Video ❤

hey david can you make a video on ccna 2024

Great stuff again

Ohh this guy is a legend

hello i have a problem with kali llinux wifi adapter it says its no wireless extensions but it worked once can you help me fix this problem

With so much info how do you go through it all??? I have many of the books this channel recommended and feel a bit info overloaded.

Let's gooo David exploiting zero day exploits all 2024