Here are 24 books that The Hardware Hacking Handbook fans have personally recommended if you like
The Hardware Hacking Handbook.
Shepherd is a community of 12,000+ authors and super readers sharing their favorite books with the world.
I’ve been playing with computers and electronics since childhood. I even supported the people in my village with their computer issues back then. During my studies in electrical engineering, I learned how to solve technical challenges with structured approaches. At this time, I became fascinated by topics like cryptography and embedded system security. The books on this list helped me understand important concepts and practical real-world obstacles. I hope they are also of value to you!
When I take this book off my shelf, the probability that I find the answer I'm looking for is very high. Yes, it's a big book, and I'm pretty sure I haven't read every single page yet, but because of its broad coverage of security engineering knowledge, from crypto to real-world processes, it is an invaluable reference for teaching and practical cyber security.
Now that there's software in everything, how can you make anything secure? Understand how to engineer dependable systems with this newly updated classic
In Security Engineering: A Guide to Building Dependable Distributed Systems, Third Edition Cambridge University professor Ross Anderson updates his classic textbook and teaches readers how to design, implement, and test systems to withstand both error and attack.
This book became a best-seller in 2001 and helped establish the discipline of security engineering. By the second edition in 2008, underground dark markets had let the bad guys specialize and scale up; attacks were increasingly on users rather than…
It is April 1st, 2038. Day 60 of China's blockade of the rebel island of Taiwan.
The US government has agreed to provide Taiwan with a weapons system so advanced that it can disrupt the balance of power in the region. But what pilot would be crazy enough to run…
I’ve been playing with computers and electronics since childhood. I even supported the people in my village with their computer issues back then. During my studies in electrical engineering, I learned how to solve technical challenges with structured approaches. At this time, I became fascinated by topics like cryptography and embedded system security. The books on this list helped me understand important concepts and practical real-world obstacles. I hope they are also of value to you!
I love this book because it has the power to pull even technical people out of their “security technology will save the world” bubble. I regularly encounter engineers randomly throwing countermeasures like strong encryption, secure boot, and TPMs at devices without knowing why.
This book provided me with a set of methods and practical hints for identifying and assessing relevant security threats—a much better starting point than penetration testing!
The only security book to be chosen as a Dr. Dobbs Jolt Award Finalist since Bruce Schneier's Secrets and Lies and Applied Cryptography! Adam Shostack is responsible for security development lifecycle threat modeling at Microsoft and is one of a handful of threat modeling experts in the world. Now, he is sharing his considerable expertise into this unique book. With pages of specific actionable advice, he details how to build better security into the design of systems, software, or services from the outset. You'll explore various threat modeling approaches, find out how to test your designs against threats, and learn…
I’ve been playing with computers and electronics since childhood. I even supported the people in my village with their computer issues back then. During my studies in electrical engineering, I learned how to solve technical challenges with structured approaches. At this time, I became fascinated by topics like cryptography and embedded system security. The books on this list helped me understand important concepts and practical real-world obstacles. I hope they are also of value to you!
When I first heard about cryptography at university, it sounded like mathematical magic. After looking into some randomly chosen crypto books, I was discouraged from digging deeper because they were full of math details.
Understanding Cryptography was different. It was aimed at engineering students like me, and it provided me with the most relevant facts necessary for designing secure devices. Since then, it has always been a great reference book for me.
Cryptography is now ubiquitous - moving beyond the traditional environments, such as government communications and banking systems, we see cryptographic techniques realized in Web browsers, e-mail programs, cell phones, manufacturing systems, embedded software, smart buildings, cars, and even medical implants. Today's designers need a comprehensive understanding of applied cryptography.
After an introduction to cryptography and data security, the authors explain the main techniques in modern cryptography, with chapters addressing stream ciphers, the Data Encryption Standard (DES) and 3DES, the Advanced Encryption Standard (AES), block ciphers, the RSA cryptosystem, public-key cryptosystems based on the discrete logarithm problem, elliptic-curve cryptography (ECC), digital…
A Duke with rigid opinions, a Lady whose beliefs conflict with his, a long disputed parcel of land, a conniving neighbour, a desperate collaboration, a failure of trust, a love found despite it all.
Alexander Cavendish, Duke of Ravensworth, returned from war to find that his father and brother had…
I’ve been playing with computers and electronics since childhood. I even supported the people in my village with their computer issues back then. During my studies in electrical engineering, I learned how to solve technical challenges with structured approaches. At this time, I became fascinated by topics like cryptography and embedded system security. The books on this list helped me understand important concepts and practical real-world obstacles. I hope they are also of value to you!
I love thinking about potential vulnerabilities and threat scenarios in IoT devices, because they are everywhere and they have already gained a significant amount of power.
Practical IoT Hacking is a wonderful read that stimulates my imagination about how to tackle devices and systems, but it doesn’t stop there: it even addresses the practical security analysis needs of my students and me.
Geared towards security researchers, IT teams, and penetration testers, application testers, developers, and IT administrators, this book teaches readers how to get started with hacking Internet connected devices. Readers dig deep into technical (and related legal) issues, as they learn what kinds of devices to use as hacking tools and which make the best targets. The authors, all experts in the field, cover the kinds of vulnerabilities found in IoT devices, explain how to exploit their network protocols, and how to leverage security flaws and certain hardware interfaces found in the physical devices themselves.
Researching DevilsGame, about an Internet meltdown caused by an unknown evil, I exposed myself to some harrowing truths. I learned how astonishingly frail our internet ecosystem is and how imperiled it is by bad actors who have burrowed deeply and often invisibly into its infrastructure. So, beyond writing a fictional thriller, I was moved to ring a warning bell! And I hope by formatting DevilsGame as “hyperlinked fiction,” mixing real news sites with fictional sites created for the novel, readers will experience the story in a way that parallels and parodies the way we experience real, live crises these days: navigating from fact to fiction, often without observing the boundaries.
I found the gist of this powerful book to best summed up by former National Cybersecurity Center director Rod Beckstrom's maxim: (1) anything connected to the Internet can be hacked; (2) everything is being connected to the Internet; (3) as a result, everything is becoming vulnerable.
I was shocked by the harrowing detail with which the author demonstrates our vulnerabilities: Our medical and financial information is potentially held hostage by our internet connectivity, as evidenced by innumerable ransomware attacks worldwide, and the internet dependence of our utilities, our factories, our ports, and our military imperils our physical existence.
I also took away powerful insights offered by Schneider, who blames "surveillance capitalism" for an internet that has gotten out of control and provides practical pathways for re-establishing our control.
We have created the ultimate hive-mind robot: an Internet of interconnected devices that senses, thinks and acts. Bruce Schneier calls it the "World-Sized Web". It includes everything from driverless cars to smart thermostats, from billboards that respond to specific people to drones equipped with their own behavioural algorithms. While the World-Sized Web carries enormous potential, Schneier argues that we are unprepared for the vulnerabilities it brings. Cutting-edge digital attackers can now crash your car, pacemaker and home security system and everyone else's.
Click Here to Kill Everybody explores the risks and security implications of the World-Sized Web and lays out…
As a kid, I used to do all the math problems in my textbooks just for fun, even if they weren’t part of a homework assignment. My grandchildren cringe when I tell them this. I am a researcher and educator in secure software engineering and have enjoyed a productive career in software development and management, software engineering and software security research, and software and secure software engineering education.
This book is a “how-to” guide for teams developing secure software. Written by a team of experts, it covers the important issues in developing software that is better able to prevent successful attacks. The book contains many references, a strategy, and an implementation guide with cross-references. For each topic, the maturity of practice at the time of writing is provided, as well as an indication of the audience.
"This book's broad overview can help an organization choose a set of processes, policies, and techniques that are appropriate for its security maturity, risk tolerance, and development style. This book will help you understand how to incorporate practical security techniques into all phases of the development lifecycle."
-Steve Riley, senior security strategist, Microsoft Corporation
"There are books written on some of the topics addressed in this book, and there are other books on secure systems engineering. Few address the entire life cycle with a comprehensive overview and discussion of emerging trends and topics as well as this one."
The Duke's Christmas Redemption
by
Arietta Richmond,
A Duke who has rejected love, a Lady who dreams of a love match, an arranged marriage, a house full of secrets, a most unneighborly neighbor, a plot to destroy reputations, an unexpected love that redeems it all.
Lady Charlotte Wyndham, given in an arranged marriage to a man she…
I have been an information technology and cybersecurity professional for over two decades. I’ve learned over and over again that “people are the weakest link.” You can build the most secure system in the world, with stringent password requirements. But if the user writes their password down and leaves it where someone else can see it, system security is irrelevant! The easiest way to gain access to a system is via “social engineering” – to trick a human being into giving you the access you need, rather than trying to hack the systemitself. The books on this list will help the reader lower their chances of being exploited like this.
Kevin Mitnick is often called the “world’s most famous hacker,” and he spent years in prison for his crimes. However, he’s since reformed, and now advises individuals and corporations on how to protect their data. In this book, he talks about strategies that we can all use to better protect our data from exploitation by corporations and governments. Although it’s never possible to be truly “invisible” (despite the title of his book) he presents some great strategies to lower your risk profile.
Like it or not, your every move is being watched and analyzed. Consumer's identities are being stolen, and a person's every step is being tracked and stored. What once might have been dismissed as paranoia is now a hard truth, and privacy is a luxury few can afford or understand.
In this explosive yet practical book, Kevin Mitnick illustrates what is happening without your knowledge--and he teaches you "the art of invisibility." Mitnick is the world's most famous--and formerly the Most Wanted--computer hacker. He has hacked into some of the country's most powerful and seemingly impenetrable agencies and companies, and…
I love a good, clean mystery/suspense story that's light enough to be escape fiction but has enough heart that I engage with the characters. Let me root for them and watch them grow. Give me hope and a happy ending. Bonus if there are some quirky ones who make me smile or some snappy dialogue. Double bonus if it's Christian fiction with an organic, non-preachy faith element and characters who grow spiritually. Why leave faith out of our fiction if it's part of our lives? I hope you'll make some new imaginary friends in the books I've listed!
I held my breath for some of Desiree's daring cat-burglar-type acts. I found this one a fun, fast ride, but again, the character makes it work for me. I love how, in the middle of her drive to do the right thing, Desiree is real enough to have self-doubts and struggle with applying faith to life.
Her sense of humor adds that little extra to satisfy me, and I like the attraction that grows between her and the FBI agent who appears at the most inconvenient times.
Surrounded by no good options, much less safe ones, Desiree Jacobs knows that no matter what she must protect her father's reputation and his legacy.
If Desiree Jacobs knows anything, it’s art. Her father, whose security company is internationally renowned, taught her everything he knew. Most of all, he taught her about honor. Integrity. Faith. So surely God will forgive her for despising the one man--Special Agent Tony Lucano, who's determined to destroy her father’s good name?
Agent Lucano knows that Hiram Jacobs is an art thief. But what he can’t figure out is Desiree. Is she an innocent victim…or…
Being able to understand and change reality through our knowledge and skill is literal magic. We’re building systems with so many exciting and unexpected properties that can be exploited and repurposed for both good and evil. I want to keep some of that magic and help people engineer – build great systems that make people’s lives better. I’ve been securing (and breaking) systems, from operating rooms to spaceships, from banks to self-driving cars for over 25 years. The biggest lesson I’ve learned is that if security is not infused from the start, we’re forced to rely on what ought to be our last lines of defense. This list helps you infuse security into your systems.
When I worked in application security at Microsoft, we still had products that shipped every few years. I learned to scale application security in that world, but many people live in a different world now. AAS helped me understand which of our approaches translated well, which had to be transformed, and which needed to be discarded or replaced. I regularly refer back to it, even a few years later.
Agile continues to be the most adopted software development methodology among organizations worldwide, but it generally hasn't integrated well with traditional security management techniques. And most security professionals aren't up to speed in their understanding and experience of agile development. To help bridge the divide between these two worlds, this practical guide introduces several security tools and techniques adapted specifically to integrate with agile development.
Written by security experts and agile veterans, this book begins by introducing security principles to agile practitioners, and agile principles to security practitioners. The authors also reveal problems they encountered in their own experiences with…
This book follows the journey of a writer in search of wisdom as he narrates encounters with 12 distinguished American men over 80, including Paul Volcker, the former head of the Federal Reserve, and Denton Cooley, the world’s most famous heart surgeon.
In these and other intimate conversations, the book…
Paul de Mann once wrote that any book with a cover page was always, in part, autobiographical. The same could also be said of this book list. It captures the way my work sits between China Studies, social theory, culture, and area studies. The two China area studies texts (Schoenhals and Wakeman) reflect my interest in Chinese policing, the texts by Pashukanis and Foucault represent something of a personal transition from Marxism to postmodern concerns, while the Schmitt book signals my ongoing focus and fascination with the concept of the political.
There is something of a maverick lurking in the shadows of this enormously erudite and linguistically brilliant scholar who is widely respected within the China studies field. In writing this particular book, Schoenhals scoured endless Chinese book and junk markets, picking out diaries, files, and details that few before him had thought important enough to gather and examine carefully.
As a result, Schoenhals work breaks new ground without really trying, or without making a theoretical fuss about it. As the father of ‘garbology’ in Chinese studies, he has attracted some criticism, but, as the old saying goes, the proof is in the pudding, and few would doubt that in Schoenhals’s book, the proof is offered in remarkable empirical detail.
Since the end of the Cold War, the operations of secret police informers have come under the media spotlight and it is now common knowledge that vast internal networks of spies in the Soviet Union and East Germany were directed by the Communist Party. By contrast, very little historical information has been available on the covert operations of the security services in Mao Zedong's China. However, as Michael Schoenhals reveals in this intriguing and sometimes sinister account, public security was a top priority for the founders of the People's Republic and agents were recruited from all levels of society to…
