Resources: Books and how to find research papers
As I'm packing up I've seen a bunch of books and papers I've used this past year. So I wanted to post about some books and research topics. Most of these resources I got from suggestions of others. I'll try to tell you the why behind buying them but at this point some of the whys are no longer valid. Let's begin...
As stated, I started school to study hardware security. In the mist of me trying to find a professor to research under I was told there was reserch involving biochips. That being said I went out to find some info before determining I wanted to move to network security. The following is a progression of research topics I put into google:
- medical devices
- medical device security
- medical device pentesting
- medical device security
Now I made a begineer mistake in only printing out these resources and not saving them for the future in pdf form. When making these types of searches make sure your using Google's Scholar Search Engine. I would also like to point out that I got a bunch of these resources from the IEEE portal. Another great resource was meeting a mechanical engineer doing reserch of biochips and the fluid dynamic things behind the scenes.
The following books are useful for different things. Some where "mistake" buys so if the reasoning is bad I apologize.
Black Hat Python
Everyone in security talks about pentesting. This book is highly recommended so I thought "I don't have a cert so this could be useful." I bought this book and it was great. I think you should read through it first and then go back through to implement things. I realized this book was great but I felt like I was missing something. There is a powerful tool called Metasploit and I thought I should understand more as I found that it is one of the top security tools.
Metasploit: The Penetration Tester's Guide
So first off I want to s/o and thank Arlan of Backstage Capital for buying this book for me. I vow to pay it forward hopefully this year. Anyways this book is a deep dive into the metasploit tool. I like it because I don't feel like I'm just copying things. I'm actually learning where things are and how I can customize it for things I might need.
Schaum's Outline of Signals and Systems
I got this book because....well I can't remember. I think it had something to do with the biochip reserch but I'm not sure.
Schaum's Outline of Digital Signal Processing
I also don't know why I got this book. DSP is one of the core courses in my program but it is more for electrical engineers. I thought I might want to take this course or learn the material. I still might down the line as I can see how this might be important to medical devices but it's no longer in my focus.
Schaum's Outline of Probability, Random Variables, and Random Processes
I bought this book because I was struggling in class (this is also the reason you shouldn't get use to not buying math books). I didn't have enough working knowledge of probability and I was taking this and Machine Learning all at once since the math is the same. Now I understand more of the basics and can complete the book. At the time the book helped me learn a half a semester of material in a week. Schaum's is a good resource for anyone in Engineering and I highly recommend them.
The Hacker Playbook 2: Practical Guide To Penetration Testing
I saw this book come up a lot on instagram. I had alreday read black hat python but it felt like I was missing the beginning on pentest setup. I think this book is a great starting point for wanna-be pentesters.
Grey Hat Python
I don't have this book yet but it's on my list to get. I want to start participating in CTFs (Capture the Flags) and I think this will be a great book to have in my toolbox.
Hacking: The Art of Exploitation
I also see this book recommended a lot by security people so I want to read it as well. Exploitation is going to be something very important for me to learn as I'm looking at medical devices. I mean it's important in general but for me if I can understand the mindset one is in when looking for exploits I think it will be easier to patch and might even make a great paper in the future.
CISSP All-in-One Exam Guide
Also need to s/o someone else here. My dad's linebrother, Mr. S, was kind enough to buy this for me when I was fed up with my job. I haven't take the proper time to fully start studying for this test but I do plan on having it by the end of 2019. CISSP is like the highest certification one can have in the security field. I am studying for a network+ certification but that's just a stepping stone. To be honest I'm scared to take this test. It's expensive and you need a sponsor but I believe getting this certification and a amsters degree will really help push my career in this industry.