Cyber Shelf

// By year

Best cybersecurity books from 2024

10 cybersecurity books published in 2024, ranked by rating. Each entry is an opinionated review with who the book is for.

  1. 01 · 2024

    Extreme Privacy

    What It Takes to Disappear

    Michael Bazzell's defender-side companion to OSINT Techniques: a step-by-step program for removing yourself from data brokers, public records, and the everyday surveillance economy without going off-grid.

    Intermediate
    5/5Michael Bazzell

  2. 02 · 2024

    OSINT Techniques

    Resources for Uncovering Online Information

    Michael Bazzell's relentlessly updated technical manual for finding people, accounts, breach data, geolocation evidence, and online identifiers — the de facto reference of the modern OSINT field.

    Intermediate
    5/5Michael Bazzell

  3. 03 · 2024

    Serious Cryptography

    A Practical Introduction to Modern Encryption

    Jean-Philippe Aumasson's working introduction to modern cryptography, written for engineers who need both intuition and enough mathematical depth to evaluate the choices a library is making for them.

    Intermediate
    5/5Jean-Philippe Aumasson

  4. 04 · 2024

    Windows Security Internals

    A Deep Dive into Windows Authentication, Authorization, and Auditing

    Forshaw takes apart the Windows security model from the SRM and access tokens up through Kerberos, with live PowerShell you can run against your own machine. The most authoritative single source on how Windows actually decides who can do what.

    Advanced
    5/5James Forshaw

  5. 05 · 2024

    Black Hat Bash

    Creative Scripting for Hackers and Pentesters

    Nick Aleks and Dolev Farhi on getting offensive work done with the shell: privilege escalation tooling, lateral movement, and pipelining bash with the rest of the toolkit.

    Intermediate
    4/5Nick Aleks, Dolev Farhi

  6. 06 · 2024

    Evading EDR

    The Definitive Guide to Defeating Endpoint Detection Systems

    A component-by-component teardown of how modern EDR sensors actually collect telemetry, and where each data source can be starved, blinded, or bypassed.

    Advanced
    4/5Matt Hand

  7. 07 · 2024

    Evasive Malware

    A Field Guide to Detecting, Analyzing, and Defeating Advanced Threats

    Kyle Cucci on the anti-analysis arms race: sandbox detection, anti-debug, anti-VM, packing, and the analyst-side tooling and tradecraft that get past those layers.

    Advanced
    4/5Kyle Cucci

  8. 08 · 2024

    Hacks, Leaks, and Revelations

    The Art of Analyzing Hacked and Leaked Data

    Micah Lee on the operational craft of working with leaked datasets: authentication, OPSEC for sources and journalists, and the Python tooling to actually parse what arrives in your dropbox.

    Beginner
    4/5Micah Lee

  9. 09 · 2024

    Locksport

    A Hackers Guide to Lockpicking, Impressioning, and Safe Cracking

    Five-author primer on the physical-security craft community: pin-tumbler internals, picking and impressioning technique, and competitive locksport.

    Beginner
    4/5Jos Weyers, Matt Burrough, Walter Belgers, BandEAtoZ, Nigel K. Tolley

  10. 10 · 2024

    Technopolitique

    Comment la technologie fait de nous des soldats

    A sharp, current essay on how digital technology, AI and platform power have turned citizens into actors in a permanent informational and geopolitical conflict, by a prominent French tech-politics scholar.

    Intermediate
    4/5Asma Mhalla

Other years

20232025

Related topics

CryptographyDefensiveDetectionGeopoliticsInvestigationsJournalismLinuxLockpickingMalwareOSINTOffensiveOperational Security