The Hacker Playbook 3
Level: Beginner Friendly!
The Hackers Playbook 3 is the natural evolution of its predecessor The Hackers Playbook 2. This is easily in the top 3 of my favorite Hacking Books of all time. I have read both books and the third one even tops the second one by a notch.
Peter takes you on a journey through all the phases of a penetration test. He helps you to set up your pentesting environment and then takes you through all the steps of a penetration test, Reconnaissance, Web Application Exploitation, Compromising Networks, Social Engineering techniques, Physical Attacks, avoiding AV’s and IDS and of course, Exploitation.
This book has a great introduction to Web Application testing, there is a vulnerable Web Application included in this book that teaches you some newer techniques that are used nowadays. On top of that, there are attacks against NodeJS, SQL Injection, and some advanced XSS techniques. Many of my friends have read this book as well and highly recommend it for every beginner.
I learned a ton from this book. I worked through it several times because the techniques taught in it are extremely valuable to sharpen your skills. Peter Kim is an excellent teacher.
I will mention that this book is harder than the second edition. The techniques here are more sophisticated, so you would really benefit from reading the second edition before buying the third one. There is also a lot of information about what it means to be a Red Teamer vs. a Penetration Tester, which is really interesting to learn.
In the end, you need to know how to report your findings to your clients, this book teaches you that as well.
I do highly recommend to add this book to your Ethical Hacking Books library!