The books listed below are books that I have personally found to be helpful so far. This list will continue to be updated.
DIGITAL FORENSICS & INCIDENT RESPONSE BOOKS
- Practical Forensic Imaging: Securing Digital Evidence with Linux Tools by Bruce Nikkel
- Investigating Windows Systems by Harlan Carvey
- Incident Response & Computer Forensics by Jason Luttgens, Matthew Pepe, and Kevin Mandia
- Applied Incident Response by Steve Anson
- Hands-On Network Forensics by Nipun Jaswal
- Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems by Chris Sanders
- The Practice of Network Security Monitoring: Understanding Incident Detection and Response by Richard Bejtlich
- Blue Team Field Manual (BTFM) by Alan White and Ben Clark
- NMAP Network Scanning by Gordon “Fyodor” Lyon
- CompTIA CySA+ Study Guide by Mike Chapple and David Seidl
- CCNA Cyber Ops (SECFND #210-250 and SECOPS #210-255) Official Cert Guide Library by Omar Santos, Joseph Muniz, & Stefano De Crescenzo
MALWARE ANALYSIS & REVERSE ENGINEERING BOOKS
- Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software by Michael Sikorski and Andrew Honig
- Learning Malware Analysis by Monnappa K A
- Malware Analysis and Detection Engineering by Abhijit Mohanta, and Anoop Saldanha
- Practical Reverse Engineering by Bruce Dang, Alexandre Gazet & Elias Bachaalany
- Automate the Boring Stuff with Python: Practical Programming for Total Beginners by Al Sweigart.
- The Art of Assembly Language by Randall Hyde
- C Programming: Absolute Beginners Guide by Greg Perry and Dean Miller
- Open Source Intelligence Techniques by Michael Bazzell
For More DFIR Books:
DFIR Training has a DFIR Book Share Challenge.
See more books at AboutDFIR.