Cyber Shelf

// What to read next

What to read after Social Engineering

Where to go after Social Engineering, picked from our catalog. The next step up from intermediate level, weighted toward the topics this book covers.

Social EngineeringFoundations

  1. 01 · 2009

    Les virus informatiques : théorie, pratique et applications

    Éric Filiol's reference French-language treatment of computer virology. Formal theory, infection mechanisms, offensive and defensive applications, with academic rigor rare on the topic.

    Advanced
    5/5Éric Filiol

  2. 02 · 2005

    Silence on the Wire

    Michal Zalewski's classic on the indirect attack surface: timing channels, protocol-stack fingerprinting, and the often-overlooked side data leaked by every layer of a stack.

    Advanced
    5/5Michal Zalewski

  3. 03 · 2002

    The Art of Deception

    Kevin Mitnick and William Simon's case-study collection of social-engineering attacks: PBX scams, helpdesk impersonation, dumpster-diving, the casual lies that sound true. The technology dates the book; the human side is timeless.

    Beginner
    4/5Kevin Mitnick, William L. Simon

  4. 04 · 2022

    Practical Social Engineering

    Joe Gray's working manual for the social-engineering side of red team and threat intel: OSINT-driven recon, pretexting, phishing infrastructure, and the legal and ethical boundaries that separate professional work from criminal activity.

    Intermediate
    4/5Joe Gray

  5. 05 · 2017

    Attacking Network Protocols

    James Forshaw, Project Zero veteran, on how to capture, parse, and break protocols from the wire up to the application layer, with a strong focus on building reusable analysis tooling.

    Advanced
    5/5James Forshaw

  6. 06 · 2020

    Building Secure and Reliable Systems

    Google's site-reliability and security teams jointly write down what it actually takes to build systems that are both safe and dependable, from threat models and design reviews to rollback culture and crisis response.

    Advanced
    5/5Heather Adkins, Betsy Beyer, Paul Blankinship, Piotr Lewandowski, Ana Oprea, Adam Stubblefield

  7. 07 · 2018

    Practical Binary Analysis

    Dennis Andriesse on the binary toolchain you can actually script: ELF internals, dynamic taint analysis, symbolic execution and instrumentation with concrete code-along examples.

    Advanced
    5/5Dennis Andriesse

  8. 08 · 2023

    Security Chaos Engineering

    Kelly Shortridge and Aaron Rinehart on treating security as a property of complex adaptive systems: instead of preventing failure, you continuously simulate it, and design the organization to learn from each result.

    Advanced
    5/5Kelly Shortridge, Aaron Rinehart
Back to Social EngineeringAlternatives to Social Engineering