Fans pick 81 books like Hacking

By Jon Erickson,

Here are 81 books that Hacking fans have personally recommended if you like Hacking. Shepherd is a community of 12,000+ authors and super readers sharing their favorite books with the world.

When you buy books, we may earn a commission that helps keep our lights on (or join the rebellion as a member).

Book cover of The Elements of Computing Systems: Building a Modern Computer from First Principles

Nora Sandler Author Of Writing a C Compiler: Build a Real Programming Language from Scratch

From my list on systems and system failures for programmers.

Why am I passionate about this?

I love computers, and especially computer systems. I’m interested in how different pieces of hardware and software, like processors, operating systems, compilers, and linkers, work together to get things done. Early in my career, as a software security tester, I studied how different components interacted to find vulnerabilities. Now that I work on compilers, I focus on the systems that transform source code into a running program. I’m also interested in how computer systems are shaped by the people who build and use them—I believe that creating safer, more reliable software is a social problem as much as a technical one.

Nora's book list on systems and system failures for programmers

Nora Sandler Why did Nora love this book?

Before I read this book, I knew a bunch of facts about the different pieces of computer systems. After I read it, I understood how those pieces fit together. Building all those pieces myself, starting from the simplest logic gates and working my way up, made some fundamental concepts finally click—like how a processor decodes an instruction.

I especially loved the book’s hands-on structure: each chapter is a project where you get a specification and test suite for the component you need to build, but you have to figure out exactly how to build it for yourself. Completing the projects often felt like solving a fun puzzle, and it made the concepts stick in a way that just reading about them wouldn’t have.

By Shimon Schocken, Noam Nisan,

Why should I read it?

1 author picked The Elements of Computing Systems as one of their favorite books, and they share why you should read it.

What is this book about?

A textbook with a hands-on approach that leads students through the gradual construction of a complete and working computer system including the hardware platform and the software hierarchy.

In the early days of computer science, the interactions of hardware, software, compilers, and operating system were simple enough to allow students to see an overall picture of how computers worked. With the increasing complexity of computer technology and the resulting specialization of knowledge, such clarity is often lost. Unlike other texts that cover only one aspect of the field, The Elements of Computing Systems gives students an integrated and rigorous picture…


Book cover of Twitter and Tear Gas: The Power and Fragility of Networked Protest

Nora Sandler Author Of Writing a C Compiler: Build a Real Programming Language from Scratch

From my list on systems and system failures for programmers.

Why am I passionate about this?

I love computers, and especially computer systems. I’m interested in how different pieces of hardware and software, like processors, operating systems, compilers, and linkers, work together to get things done. Early in my career, as a software security tester, I studied how different components interacted to find vulnerabilities. Now that I work on compilers, I focus on the systems that transform source code into a running program. I’m also interested in how computer systems are shaped by the people who build and use them—I believe that creating safer, more reliable software is a social problem as much as a technical one.

Nora's book list on systems and system failures for programmers

Nora Sandler Why did Nora love this book?

This book gave me a new framework for thinking about how political change happens and how technology shapes our society. It analyzes how social media platforms like Facebook have helped antiauthoritarian movements achieve dazzling success almost overnight—and how those platforms have weakened and endangered those same movements. I loved that this book was clear and readable without oversimplifying the topic. It showed—as Tufecki writes, quoting another scholar—that “technology is neither good nor bad; nor is it neutral.”

This isn’t exactly a book about computer systems, but I decided to include it because it gave me a deeper understanding of how technological and social systems influence each other—which I hope will change how I write software myself.

By Zeynep Tufekci,

Why should I read it?

3 authors picked Twitter and Tear Gas as one of their favorite books, and they share why you should read it.

What is this book about?

From New York Times opinion columnist Zeynep Tufekci, an firsthand account and incisive analysis of the role of social media in modern protest

"[Tufekci's] personal experience in the squares and streets, melded with her scholarly insights on technology and communication platforms, makes [this] such an unusual and illuminating work."-Carlos Lozada, Washington Post

"Twitter and Tear Gas is packed with evidence on how social media has changed social movements, based on rigorous research and placed in historical context."-Hannah Kuchler, Financial Times

To understand a thwarted Turkish coup, an anti-Wall Street encampment, and a packed Tahrir Square, we must first comprehend the…


Book cover of Meltdown: Why Our Systems Fail and What We Can Do About It

Nora Sandler Author Of Writing a C Compiler: Build a Real Programming Language from Scratch

From my list on systems and system failures for programmers.

Why am I passionate about this?

I love computers, and especially computer systems. I’m interested in how different pieces of hardware and software, like processors, operating systems, compilers, and linkers, work together to get things done. Early in my career, as a software security tester, I studied how different components interacted to find vulnerabilities. Now that I work on compilers, I focus on the systems that transform source code into a running program. I’m also interested in how computer systems are shaped by the people who build and use them—I believe that creating safer, more reliable software is a social problem as much as a technical one.

Nora's book list on systems and system failures for programmers

Nora Sandler Why did Nora love this book?

This isn’t a technical book, but it gets to the heart of why so much software is fragile and insecure. This book examines spectacular failures of all sorts, from nuclear meltdowns to plane crashes to oil spills, but I loved it because its message resonated with my own experience writing and debugging code. It argues that complex, tightly coupled systems involving hidden interactions and close coordination between lots of different parts are more likely to fail catastrophically. It also talks about strategies to make those systems safer, like doing “premortems,” getting advice from outsiders, and building diverse teams.

My big takeaway? Technical solutions alone won’t make software (or other complex systems) safer. We need to change how we build and how our organizations work, too.

By Chris Clearfield, András Tilcsik,

Why should I read it?

1 author picked Meltdown as one of their favorite books, and they share why you should read it.

What is this book about?

A groundbreaking take on how complexity causes failure in all kinds of modern systems—from social media to air travel—this practical and entertaining book reveals how we can prevent meltdowns in business and life.

A crash on the Washington, D.C. metro system. An accidental overdose in a state-of-the-art hospital. An overcooked holiday meal. At first glance, these disasters seem to have little in common. But surprising new research shows that all these events—and the myriad failures that dominate headlines every day—share similar causes. By understanding what lies behind these failures, we can design better systems, make our teams more productive, and…


Book cover of Recoding America: Why Government Is Failing in the Digital Age and How We Can Do Better

Nora Sandler Author Of Writing a C Compiler: Build a Real Programming Language from Scratch

From my list on systems and system failures for programmers.

Why am I passionate about this?

I love computers, and especially computer systems. I’m interested in how different pieces of hardware and software, like processors, operating systems, compilers, and linkers, work together to get things done. Early in my career, as a software security tester, I studied how different components interacted to find vulnerabilities. Now that I work on compilers, I focus on the systems that transform source code into a running program. I’m also interested in how computer systems are shaped by the people who build and use them—I believe that creating safer, more reliable software is a social problem as much as a technical one.

Nora's book list on systems and system failures for programmers

Nora Sandler Why did Nora love this book?

Although I don’t work in government, this is a book I’ll come back to whenever I need a reminder to put user needs ahead of process or wisdom about how to work inside a large bureaucracy to make that happen. Where Meltdown focuses on spectacular blow-ups, this book explores run-of-the-mill failures—like long, complicated online forms and websites that only load in specific, outdated browsers. (Though bigger failures, like the launch of healthcare.gov, get airtime too.)

I appreciated this book’s thoughtful analysis of how government software gets built—it goes beyond the stereotype of the incompetent government employee and digs into the underlying reasons that even competent and dedicated public servants can struggle to deliver critical software. Many of those reasons apply to private companies, too. 

By Jennifer Pahlka,

Why should I read it?

1 author picked Recoding America as one of their favorite books, and they share why you should read it.

What is this book about?

Learn more about Jennifer Pahlka's work at recodingamerica.us.

"The book I wish every policymaker would read."
-Ezra Klein, The New York Times

A bold call to reexamine how our government operates-and sometimes fails to-from President Obama's former deputy chief technology officer and the founder of Code for America

Just when we most need our government to work-to decarbonize our infrastructure and economy, to help the vulnerable through a pandemic, to defend ourselves against global threats-it is faltering. Government at all levels has limped into the digital age, offering online services that can feel even more cumbersome than the paperwork that…


Book cover of Software Security Engineering: A Guide for Project Managers

Nancy R. Mead Author Of Cyber Security Engineering: A Practical Approach for Systems and Software Assurance

From my list on software security engineering.

Why am I passionate about this?

As a kid, I used to do all the math problems in my textbooks just for fun, even if they weren’t part of a homework assignment. My grandchildren cringe when I tell them this. I am a researcher and educator in secure software engineering and have enjoyed a productive career in software development and management, software engineering and software security research, and software and secure software engineering education.  

Nancy's book list on software security engineering

Nancy R. Mead Why did Nancy love this book?

This book is a “how-to” guide for teams developing secure software. Written by a team of experts, it covers the important issues in developing software that is better able to prevent successful attacks. The book contains many references, a strategy, and an implementation guide with cross-references. For each topic, the maturity of practice at the time of writing is provided, as well as an indication of the audience.  

By Julia H. Allen, Sean Barnum, Robert J. Ellison , Gary McGraw , Nancy R. Mead

Why should I read it?

1 author picked Software Security Engineering as one of their favorite books, and they share why you should read it.

What is this book about?

"This book's broad overview can help an organization choose a set of processes, policies, and techniques that are appropriate for its security maturity, risk tolerance, and development style. This book will help you understand how to incorporate practical security techniques into all phases of the development lifecycle."

-Steve Riley, senior security strategist, Microsoft Corporation



"There are books written on some of the topics addressed in this book, and there are other books on secure systems engineering. Few address the entire life cycle with a comprehensive overview and discussion of emerging trends and topics as well as this one."

-Ronda Henning,…


Book cover of Agile Application Security: Enabling Security in a Continuous Delivery Pipeline

Adam Shostack Author Of Threat Modeling: Designing for Security

From my list on application security for builders.

Why am I passionate about this?

Being able to understand and change reality through our knowledge and skill is literal magic. We’re building systems with so many exciting and unexpected properties that can be exploited and repurposed for both good and evil. I want to keep some of that magic and help people engineer – build great systems that make people’s lives better. I’ve been securing (and breaking) systems, from operating rooms to spaceships, from banks to self-driving cars for over 25 years. The biggest lesson I’ve learned is that if security is not infused from the start, we’re forced to rely on what ought to be our last lines of defense. This list helps you infuse security into your systems.

Adam's book list on application security for builders

Adam Shostack Why did Adam love this book?

When I worked in application security at Microsoft, we still had products that shipped every few years. I learned to scale application security in that world, but many people live in a different world now. AAS helped me understand which of our approaches translated well, which had to be transformed, and which needed to be discarded or replaced. I regularly refer back to it, even a few years later.

By Laura Bell, Michael Brunton-Spall, Rich Smith , Jim Bird

Why should I read it?

1 author picked Agile Application Security as one of their favorite books, and they share why you should read it.

What is this book about?

Agile continues to be the most adopted software development methodology among organizations worldwide, but it generally hasn't integrated well with traditional security management techniques. And most security professionals aren't up to speed in their understanding and experience of agile development. To help bridge the divide between these two worlds, this practical guide introduces several security tools and techniques adapted specifically to integrate with agile development.

Written by security experts and agile veterans, this book begins by introducing security principles to agile practitioners, and agile principles to security practitioners. The authors also reveal problems they encountered in their own experiences with…


Book cover of Investments Unlimited: A Novel About DevOps, Security, Audit Compliance, and Thriving in the Digital Age

Tanya Janca Author Of Alice and Bob Learn Application Security

From my list on DevSecOps (it is just like DevOps, done securely).

Why am I passionate about this?

I have worked in IT for over 25 years, creating and securing software. I am completely obsessed with ensuring that our software is more reliable, that its integrity can be trusted, and that it keeps our secrets safe. I am not only a computer scientist but an ethical hacker who works hard to create a dialogue between software developers and all of the people who work in our security industry. I am a teacher, a community leader, and a computer nerd who shares messages and lessons wherever she goes.

Tanya's book list on DevSecOps (it is just like DevOps, done securely)

Tanya Janca Why did Tanya love this book?

This book is set in the same universe as The Phoenix Project and The Unicorn Project, but it's at a new company named investments unlimited.

It's also a fictitious story, but with all brand new characters, and brand new problems! In this book they cover security much more deeply than any of the other previous books, talking about how compliance and audit can work together with the information security and DevOps teams.

They talk about common problems that I have faced in many organizations, and a lot of the stories feel so familiar I wonder if the authors have followed me around throughout my career.

Although of course they save the day in the end, there are many parts of the book where we're not quite sure if they're going to make it or not with various characters learning to see things in new ways, so that they can make…

By Helen Beal, Bill Bensing, Jason Cox , Michael Edenzon , John Willis

Why should I read it?

1 author picked Investments Unlimited as one of their favorite books, and they share why you should read it.

What is this book about?

In the vein of the bestselling The Phoenix Project and The Unicorn Project, Investments Unlimited radically rethinks how organizations can handle the audit, compliance, and security of their software systems-even in highly regulated industries. By introducing concepts, tools, and ideas to reimagine governance, Investments Unlimited catalyzes a more humane way to enable high-velocity software delivery that is inherently more secure.

Investments Unlimited, Inc. has accomplished what many other firms in their industry have failed to do: they have successfully navigated the transition from legacy ways of working to the digital frontier. With the help of DevOps practices, Investments Unlimited delivers…


Book cover of Battlefield Cyber: How China and Russia are Undermining Our Democracy and National Security

Michael Wolk

From my list on feed your internet paranoia.

Why am I passionate about this?

Researching DevilsGame, about an Internet meltdown caused by an unknown evil, I exposed myself to some harrowing truths. I learned how astonishingly frail our internet ecosystem is and how imperiled it is by bad actors who have burrowed deeply and often invisibly into its infrastructure. So, beyond writing a fictional thriller, I was moved to ring a warning bell! And I hope by formatting DevilsGame as “hyperlinked fiction,” mixing real news sites with fictional sites created for the novel, readers will experience the story in a way that parallels and parodies the way we experience real, live crises these days: navigating from fact to fiction, often without observing the boundaries.

Michael's book list on feed your internet paranoia

Michael Wolk Why did Michael love this book?

I was stunned by the authors' dire and dramatic warning that the interests and methods of two mighty authoritarian regimes–China and Russia–are increasingly coming into alignment, and this alignment is spawning increasingly deadly threats to, and attacks on, the very foundations of our democracy and national security.

I found myself agreeing as the authors demonstrate how the United States government is failing to fully acknowledge and effectively respond to these massive threats–but I was also somewhat encouraged, as they do offer solutions and provide a ray of hope that we can restructure our approach to Chinese and Russian threats by streamlining our bureaucratic agencies and purpose-building them to directly confront them.

By Michael McLaughlin, William J. Holstein,

Why should I read it?

1 author picked Battlefield Cyber as one of their favorite books, and they share why you should read it.

What is this book about?

The United States is being bombarded with cyber-attacks. From the surge in ransomware groups targeting critical infrastructure to nation states compromising the software supply chain and corporate email servers, malicious cyber activities have reached an all-time high. Russia attracts the most attention, but China is vastly more sophisticated. They have a common interest in exploiting the openness of the Internet and social media—and our democracy—to erode confidence in our institutions and to exacerbate our societal rifts to prevent us from mounting an effective response. Halting this digital aggression will require Americans to undertake sweeping changes in how we educate, organize…


Book cover of Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

Eric J. Rzeszut Author Of 10 Don'ts on Your Digital Devices: The Non-Techie's Survival Guide to Cyber Security and Privacy

From my list on to help you protect your personal information.

Why am I passionate about this?

I have been an information technology and cybersecurity professional for over two decades. I’ve learned over and over again that “people are the weakest link.” You can build the most secure system in the world, with stringent password requirements. But if the user writes their password down and leaves it where someone else can see it, system security is irrelevant! The easiest way to gain access to a system is via “social engineering” – to trick a human being into giving you the access you need, rather than trying to hack the system itself. The books on this list will help the reader lower their chances of being exploited like this.

Eric's book list on to help you protect your personal information

Eric J. Rzeszut Why did Eric love this book?

Security expert Bruce Schneier wrote this excellent book, talking about the “Goliaths” who are looking to exploit individuals’ data. Focusing more on politics (specifically US politics) than the other books on this list, Schneier talks about the Edward Snowden classified information reveal. He talks about mass surveillance conducted by the US and other governments around the world, and lays out in detail why this should concern us all.

By Bruce Schneier,

Why should I read it?

1 author picked Data and Goliath as one of their favorite books, and they share why you should read it.

What is this book about?

Data is everywhere. We create it every time we go online, turn our phone on (or off) or pay with a credit card. This data is stored, studied, bought and sold by companies and governments for surveillance and for control. "Foremost security expert" (Wired) Bruce Schneier shows how this data has led to a double-edged Internet-a Web that gives power to the people but is abused by the institutions on which those people depend.

In Data and Goliath, Schneier reveals the full extent of surveillance, censorship and propaganda in society today, examining the risks of cybercrime, cyberterrorism and cyberwar. He…


Book cover of Practice of Cloud System Administration, The: DevOps and SRE Practices for Web Services, Volume 2

Yevgeniy Brikman Author Of Fundamentals of DevOps and Software Delivery: A Hands-On Guide to Deploying and Managing Software in Production

From my list on practical, hands-on books on DevOps and software delivery.

Why am I passionate about this?

I’ve spent more than a decade working on infrastructure, from my early days at LinkedIn, where we had to do a massive DevOps transformation to save the company, to co-founding Gruntwork, where I had the opportunity to work with hundreds of companies on their software delivery practices. From all of this, I can say the following with certainty: the DevOps best practices that a handful of the top tech companies have figured out are not filtering down to the rest of the industry. This is making the entire software industry slower, less effective, and less secure—and I see it as my mission to fix that.

Yevgeniy's book list on practical, hands-on books on DevOps and software delivery

Yevgeniy Brikman Why did Yevgeniy love this book?

This book felt like a chance to sit with a few experienced Ops people and hear their war stories.

The book is full of concrete, actionable learnings that are essential for running software, including operational requirements (e.g., configuration, draining, hot swaps, feature toggles, graceful degradation, etc.), software architecture (e.g., three-tier web service, four-tier web service, load balancing models etc.), scaling patterns (e.g., horizontal duplication, service splits, caching, etc.), resiliency patterns (software vs hardware resiliency, spare capacity, failure domains, etc.), and much more.

I loved being able to pick up decades of experience and hard-won knowledge by just flipping through a few pages of a book! 

By Thomas Limoncelli, Strata Chalup, Christina Hogan

Why should I read it?

1 author picked Practice of Cloud System Administration, The as one of their favorite books, and they share why you should read it.

What is this book about?

"There's an incredible amount of depth and thinking in the practices described here, and it's impressive to see it all in one place."

-Win Treese, coauthor of Designing Systems for Internet Commerce

The Practice of Cloud System Administration, Volume 2, focuses on "distributed" or "cloud" computing and brings a DevOps/SRE sensibility to the practice of system administration. Unsatisfied with books that cover either design or operations in isolation, the authors created this authoritative reference centered on a comprehensive approach.

Case studies and examples from Google, Etsy, Twitter, Facebook, Netflix, Amazon, and other industry giants are explained in practical ways that…


Book cover of The Elements of Computing Systems: Building a Modern Computer from First Principles
Book cover of Twitter and Tear Gas: The Power and Fragility of Networked Protest
Book cover of Meltdown: Why Our Systems Fail and What We Can Do About It

Share your top 3 reads of 2024!

And get a beautiful page showing off your 3 favorite reads.

1,592

readers submitted
so far, will you?

5 book lists we think you will like!

Interested in computer networks, hackers, and computer security?

Hackers 16 books