Best Offensive books

Attacking Network Protocols

A Hacker's Guide to Capture, Analysis, and Exploitation

James Forshaw, Project Zero veteran, on how to capture, parse, and break protocols from the wire up to the application layer, with a strong focus on building reusable analysis tooling.

Hacking: The Art of Exploitation

A from-first-principles tour of low-level exploitation that still teaches the mindset two decades later.

Metasploit

The Penetration Tester's Guide

The second edition of the definitive No Starch guide to the Metasploit Framework, updated by the project's original maintainers and newer contributors for the modern Framework.

Black Hat Bash

Creative Scripting for Hackers and Pentesters

Nick Aleks and Dolev Farhi on getting offensive work done with the shell: privilege escalation tooling, lateral movement, and pipelining bash with the rest of the toolkit.

Black Hat GraphQL

Attacking Next Generation APIs

Aleks and Farhi on attacking GraphQL specifically: introspection abuse, batching, depth and complexity attacks, auth flaws, and the differences from REST that make GraphQL pentests their own discipline.

Hacking APIs

Breaking Web Application Programming Interfaces

Corey Ball's structured approach to attacking REST and GraphQL APIs: enumeration, auth flaws, business logic, mass assignment, and the testing harness around them.

Black Hat Python

Python Programming for Hackers and Pentesters

Justin Seitz and Tim Arnold's hands-on tour of writing offensive tooling in Python: network sniffers, web scrapers, GitHub-based command-and-control, screen capture, keylogging, and Volatility extensions.

Bug Bounty Bootcamp

The Guide to Finding and Reporting Web Vulnerabilities

Vickie Li's pragmatic walk through the bug-bounty workflow, from picking a program and recon to reporting findings that actually pay out.

Black Hat Go

Go Programming For Hackers and Pentesters

Tom Steele, Chris Patten, and Dan Kottmann show how to use Go's networking primitives, concurrency model, and cross-compilation to write offensive tooling that runs almost anywhere.

Real-World Bug Hunting

A Field Guide to Web Hacking

Peter Yaworski breaks down real disclosed reports across major bug bounty programs, organized by vulnerability class, so readers can pattern-match real findings rather than learn classes from textbook examples.

The Hacker Playbook 3

Practical Guide to Penetration Testing — Red Team Edition

Peter Kim's hands-on red-team field manual: assumed-breach scenarios, lateral movement, AV/EDR evasion, and the operational rhythm of a real engagement rather than a checklist of CVEs.

Penetration Testing

A Hands-On Introduction to Hacking

Georgia Weidman's lab-driven introduction to pentesting, walking the reader from setting up a target environment through scanning, exploitation, post-exploitation, and reporting.

A Bug Hunter's Diary

A Guided Tour Through the Wilds of Software Security

Tobias Klein walks through seven real vulnerabilities he found and exploited, in the form of personal lab notes, what he tried, what failed, and what eventually shipped to vendors.

The Web Application Hacker's Handbook

Finding and Exploiting Security Flaws

The exhaustive reference for web app pentesting, comprehensive but increasingly a historical document.

The Shellcoder's Handbook

Discovering and Exploiting Security Holes

A foundational text on memory-corruption exploitation across Linux, Windows, Solaris and embedded targets. Pre-modern-mitigations in spirit but still the canonical introduction to the techniques the modern toolchain is built to defeat.

Pentesting Azure Applications

The Definitive Guide to Testing and Securing Deployments

Matt Burrough on attacker behaviour against Azure tenants: identity, storage, VMs, key material handling, and the recon paths that work against real subscriptions.