Cyber Shelf

// Prerequisites

What to read before Penetration Testing

If Penetration Testing feels too steep at beginner level, here is what to read first. Lighter books in the same topics that build the prerequisites this one assumes.

PentestingOffensiveTooling

  1. 01 · 2025

    Metasploit

    The second edition of the definitive No Starch guide to the Metasploit Framework, updated by the project's original maintainers and newer contributors for the modern Framework.

    Intermediate
    4/5David Kennedy, Mati Aharoni, Devon Kearns, Jim O'Gorman, Daniel G. Graham

  2. 02 · 2021

    Bug Bounty Bootcamp

    Vickie Li's pragmatic walk through the bug-bounty workflow, from picking a program and recon to reporting findings that actually pay out.

    Beginner
    4/5Vickie Li

  3. 03 · 2025

    Linux Basics for Hackers

    OccupyTheWeb's introduction to Linux from the angle that hackers and pentesters actually need it: shells, networking, scripting, and Kali tooling.

    Beginner
    4/5OccupyTheWeb

  4. 04 · 2019

    Real-World Bug Hunting

    Peter Yaworski breaks down real disclosed reports across major bug bounty programs, organized by vulnerability class, so readers can pattern-match real findings rather than learn classes from textbook examples.

    Beginner
    4/5Peter Yaworski

  5. 05 · 2005

    The Art of Intrusion

    Mitnick and Simon's follow-up to The Art of Deception: third-party stories from working hackers — casino slot exploits, prison-network breaches, post-9/11 intelligence ops — reconstructed and annotated by Mitnick.

    Beginner
    4/5Kevin Mitnick, William L. Simon

  6. 06 · 2024

    Black Hat Bash

    Nick Aleks and Dolev Farhi on getting offensive work done with the shell: privilege escalation tooling, lateral movement, and pipelining bash with the rest of the toolkit.

    Intermediate
    4/5Nick Aleks, Dolev Farhi

  7. 07 · 2020

    Black Hat Go

    Tom Steele, Chris Patten, and Dan Kottmann show how to use Go's networking primitives, concurrency model, and cross-compilation to write offensive tooling that runs almost anywhere.

    Intermediate
    4/5Tom Steele, Chris Patten, Dan Kottmann

  8. 08 · 2021

    Black Hat Python

    Justin Seitz and Tim Arnold's hands-on tour of writing offensive tooling in Python: network sniffers, web scrapers, GitHub-based command-and-control, screen capture, keylogging, and Volatility extensions.

    Intermediate
    4/5Justin Seitz, Tim Arnold
Back to Penetration TestingWhat to read after Penetration Testing