Cyber Shelf

// Alternatives

Alternatives to The Hacker Playbook 3

Books in our catalog with overlapping topics and a similar reading level to The Hacker Playbook 3. If The Hacker Playbook 3 is the wrong fit at intermediate level, start here.

PentestingRed TeamOffensive

  1. 01 · 2017

    Advanced Penetration Testing

    A red-teamer's tour of getting into high-security targets without Metasploit, leaning on custom C2, social engineering, and tradecraft. Strong ideas, uneven execution.

    Advanced
    3/5Wil Allsopp

  2. 02 · 2025

    Metasploit

    The second edition of the definitive No Starch guide to the Metasploit Framework, updated by the project's original maintainers and newer contributors for the modern Framework.

    Intermediate
    4/5David Kennedy, Mati Aharoni, Devon Kearns, Jim O'Gorman, Daniel G. Graham

  3. 03 · 2022

    Sécurité informatique - Ethical Hacking

    The French-language reference for offensive security: a thick, lab-heavy tour of the attacker's toolkit, maintained across editions by the ACISSI collective under the motto “learn the attack to better defend.”

    Intermediate
    4/5ACISSI

  4. 04 · 2018

    Pentesting Azure Applications

    Matt Burrough on attacker behaviour against Azure tenants: identity, storage, VMs, key material handling, and the recon paths that work against real subscriptions.

    Intermediate
    3/5Matt Burrough

  5. 05 · 2013

    Hacking

    A hands-on French guide to building a virtual lab (Proxmox) and using it to audit application, web and system flaws — then implement countermeasures.

    Intermediate
    3/5Franck Ebel, Jérôme Hennecart

  6. 06 · 2014

    Penetration Testing

    Georgia Weidman's lab-driven introduction to pentesting, walking the reader from setting up a target environment through scanning, exploitation, post-exploitation, and reporting.

    Beginner
    4/5Georgia Weidman

  7. 07 · 2024

    Black Hat Bash

    Nick Aleks and Dolev Farhi on getting offensive work done with the shell: privilege escalation tooling, lateral movement, and pipelining bash with the rest of the toolkit.

    Intermediate
    4/5Nick Aleks, Dolev Farhi

  8. 08 · 2008

    Hacking: The Art of Exploitation

    A from-first-principles tour of low-level exploitation that still teaches the mindset two decades later.

    Intermediate
    5/5Jon Erickson

  9. 09 · 2023

    Black Hat GraphQL

    Aleks and Farhi on attacking GraphQL specifically: introspection abuse, batching, depth and complexity attacks, auth flaws, and the differences from REST that make GraphQL pentests their own discipline.

    Intermediate
    4/5Nick Aleks, Dolev Farhi

  10. 10 · 2022

    Hacking APIs

    Corey Ball's structured approach to attacking REST and GraphQL APIs: enumeration, auth flaws, business logic, mass assignment, and the testing harness around them.

    Intermediate
    4/5Corey J. Ball
Back to The Hacker Playbook 3What to read after The Hacker Playbook 3