The books listed below are books that I have personally found to be helpful. This list will continue to be updated.
- Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software by Michael Sikorski and Andrew Honig
- Practical Forensic Imaging: Securing Digital Evidence with Linux Tools by Bruce Nikkel
- Incident Response & Computer Forensics by Jason Luttgens, Matthew Pepe, and Kevin Mandia
- Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems by Chris Sanders
- Automate the Boring Stuff with Python: Practical Programming for Total Beginners by Al Sweigart.
- The Practice of Network Security Monitoring: Understanding Incident Detection and Response by Richard Bejtlich
- Blue Team Field Manual (BTFM) by Alan White and Ben Clark
- NMAP Network Scanning by Gordon “Fyodor” Lyon
- Practical Reverse Engineering by Bruce Dang, Alexandre Gazet & Elias Bachaalany
- CompTIA CySA+ Study Guide by Mike Chapple and David Seidl
- CCNA Cyber Ops (SECFND #210-250 and SECOPS #210-255) Official Cert Guide Library by Omar Santos, Joseph Muniz, & Stefano De Crescenzo
- Linux Basics for Hackers by OccupyTheWeb
- Learning Malware Analysis by Monnappa K A
- Applied Incident Response by Steve Anson
- Investigating Windows Systems by Harlan Carvey
DFIR Training has a DFIR Book Share Challenge.
More books at AboutDFIR.