Having completed my Network+/Security+ certifications near the end of October, I’ve been trying to put together a sort of plan of study, or things to start learning about; to become more well rounded and get about doing my own research.

I have a couple of things, which I might briefly touch on, but for now, some books to potentially work through:

  • Linux Basics for Hackers by OccupyTheWeb
  • The Linux Command Line by William Shotts (free online, want to contribute to a Spanish translation in future)
  • Practical Packet Analysis by Chris Sanders
  • Wireshark for Security Professionals by Jessey Bullock w/ Jeff T. Parker
  • Attacking Network Protocols by James Forshaw
  • Practical SQL: A Beginner’s Guide to Storytelling with Data by Anthony DeBarros
  • Malware Data Science : Attack Detection and Attribution by Joshua Saxe & Hillary Sanders
  • Advanced Penetration Testing: Hacking the World’s Most Secure Networks by Wil Allsopp
  • Linux Server Security: Hack & Defend by Chris Binnie
  • Penetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman
  • Web Application Hacker’s Handbook 2nd Ed by Dafydd Stuttard & Marcus Pinto and/or the Portswigger Web Security Academy

This list is pretty tentative, and since first written has probably changed a bit in my mind. I realize it might not be possible time wise, I might not get to go through all of them, and I might not be technically apt to work through all successfully, but in combination to random projects and stuff I look at, watch, etc.; I think it can be a good foundation.  I’ll try to post more lists of tentative things I want to do.

For example, use my Raspbery Pi for something, maybe do pwnagotchi, set up IDS, play with a SIEM or do a free Splunk course, etc.