Cyber Shelf

// What to read next

What to read after The Hacker Playbook 3

Where to go after The Hacker Playbook 3, picked from our catalog. The next step up from intermediate level, weighted toward the topics this book covers.

PentestingRed TeamOffensive

  1. 01 · 2017

    Advanced Penetration Testing

    A red-teamer's tour of getting into high-security targets without Metasploit, leaning on custom C2, social engineering, and tradecraft. Strong ideas, uneven execution.

    Advanced
    3/5Wil Allsopp

  2. 02 · 2025

    Metasploit

    The second edition of the definitive No Starch guide to the Metasploit Framework, updated by the project's original maintainers and newer contributors for the modern Framework.

    Intermediate
    4/5David Kennedy, Mati Aharoni, Devon Kearns, Jim O'Gorman, Daniel G. Graham

  3. 03 · 2022

    Sécurité informatique - Ethical Hacking

    The French-language reference for offensive security: a thick, lab-heavy tour of the attacker's toolkit, maintained across editions by the ACISSI collective under the motto “learn the attack to better defend.”

    Intermediate
    4/5ACISSI

  4. 04 · 2013

    Hacking

    A hands-on French guide to building a virtual lab (Proxmox) and using it to audit application, web and system flaws — then implement countermeasures.

    Intermediate
    3/5Franck Ebel, Jérôme Hennecart

  5. 05 · 2018

    Pentesting Azure Applications

    Matt Burrough on attacker behaviour against Azure tenants: identity, storage, VMs, key material handling, and the recon paths that work against real subscriptions.

    Intermediate
    3/5Matt Burrough

  6. 06 · 2017

    Attacking Network Protocols

    James Forshaw, Project Zero veteran, on how to capture, parse, and break protocols from the wire up to the application layer, with a strong focus on building reusable analysis tooling.

    Advanced
    5/5James Forshaw

  7. 07 · 2024

    Windows Security Internals

    Forshaw takes apart the Windows security model from the SRM and access tokens up through Kerberos, with live PowerShell you can run against your own machine. The most authoritative single source on how Windows actually decides who can do what.

    Advanced
    5/5James Forshaw

  8. 08 · 2024

    Evading EDR

    A component-by-component teardown of how modern EDR sensors actually collect telemetry, and where each data source can be starved, blinded, or bypassed.

    Advanced
    4/5Matt Hand
Back to The Hacker Playbook 3Alternatives to The Hacker Playbook 3