Resources

                                                           has picked up speed over the last several years and shows no sign of slowing down. Even after formal academia catches up, the greatest professionals will be the hobbyists who took their curiosity and creativity and ran with it. Despite degrees and certifications being frequent flyers on employers' "desired qualifications" list, this is a field anybody can get into so long as they have a natural technical inclination and a curiosity for how things work.

To that point, I have yet to discover a body of people that are more passionate and driven by their work. The community largely reflects this because of its self-help nature. Hidden all over the internet are forums and groups whose exclusive purposes are to share experience and provide guidance. Most of these assets are provided for free.

The best advice I could offer anybody trying to break into security is this: When I was first starting I would often run into things I didn't fully understand and, rather than seeing that task all the way through, I would pursue what I believed were the prerequisites to my problem. Instead of focusing on one thing until I fully grasped the concept, I would lose concentration and chase after other things. But in my pursuit of other things, that problem reanimated itself over and over again and I was never giving myself a foundation to build on. Once I began finishing what I started, I found myself understanding how things work and why they work the way that they do. If you don't have a desire to learn both, you'll never make it.

Information Security

All that being said, here is a comprehensive list of items that have helped me thus far:

Books

  • Jon Erickson, Hacking - The Art of Exploitation

  • Keir Thomas, Ubuntu Pocket Guide and Reference

  • Christopher Hadnagy, Social Engineering - The Art of Human Hacking

  • Ross Anderson, Security Engineering, Second Edition

  • Michael Sikorski and Andrew Honig, Practical Malware Analysis

  • Dafydd Stuttard and Marcus Pinto, The Web Application Hacker's Handbook, Second Edition

  • Daniel Regalado et al, Gray Hat Hacking

  • James Lewis, Linux Shell Scripting Bootcamp

  • Kevin Mitnick, The Art of Deception

  • Daniel Dieterle, Basic Security Testing With Kali Linux 2

  • Sean-Philip Oriyano, Penetration Testing Essentials

  • Eric Matthes, Python Crash Course

  • William Shotts, The Linux Command Line

  • Norman Matloff and Peter Salzman, The Art of Debuging

  • TJ O'Connor, Violent Python

Forums and Communities:

Frameworks and Regulations

(Regulations are largely specific to US)