In this series, I asked infosec professionals to name 3 books that changed their life. This entry includes picks from our favorite as-Seen-on-TV security consultant, author and friend, Dave Kennedy.
Dave is another person I’d consider to be a bit of an anomaly in our world; combining finely-tuned technical skills with a keen business sense. He’s just one of those guys you can’t help but like. An ex-Marine… err, sorry… a no-longer-active-duty Marine, husband and father, Dave loves long walks on the beach, Dr. Who, and videos of cute animals. I didn’t know what to expect from Dave on this assignment; given his varied background, business success, and strong family values, his picks could have spanned any topic. If you want a chuckle, know that Dave responded with a full narrative and photos to my initial request in less than 22 minutes. I emailed back to ask if he happened to have a top 3 book list waiting around, but he didn’t; he typed it all that quickly. Always the over-achiever!
Let’s see what this entrepreneur shared.
1. Rework
My number one go-to book still is a book called Rework by Jason Fried and David Hansson. I was introduced to this book by Chris Nickerson a number of years ago when I was the CSO over at Diebold. I was in a point where I was getting bogged down on a regular basis by political meetings and not actually able to make the impact or change that I wanted. I read this book and shifted my direction and how I viewed things in order to make it a success. Since then, I read Rework every quarter just to remind me where I’m at. Some of the key take-aways from rework are quick, standing meetings – only focus on the important stuff – and working 12 hours a day makes you ineffective as a person, leader, and an individual. Here is a picture of Chris Nickerson in his alternate personality DJ Slurp who graced us with his presence at DerbyCon: |
|
2. Hacking Exposed – Second Edition
While an oldie – still an amazing book for methodologies. When I was beginning to learn offensive capabilities, what I really struggled with was understanding how to identify exposures and exploit them. Still to this day – one of the most common questions I get asked is how do I even get started in pentesting. My answer back is first understand how to establish raw methodologies that fit your way of thinking. Hacking Exposed by Stuart McClure, Joel Scambray, and George Kurtz was one of those books that stuck with me as an individual and helped me expand my knowledge on methodical approaches to attacking systems. Had the Hacking Exposed book in the jeep of this car when we first invaded Baghdad Iraq when I was in the Marines. A young me with hair on top – weird. |
|
3. Beginning Python: From Novice to Professional
I started off with the first edition of this book, but wanted to pick up Python. Already knew a couple programming languages but wanted to learn Python based on one of my heroes Mati Aharoni from Whoppix and iWhax (at the time) and most notably Kali Linux today. I still remember to this day when I was in an IRC chat room talking to Muts. He was a big python fanatic and asked him where I should head as someone starting off. He explained to me, the way I do it is just picture something that I’ve always wanted to do and have no idea how to do it. Figure out how to do it in whatever way you want and just do it. From there, I started off programming one of my first open source tools called Fast-Track which landed me a spot at Defcon and Shmoocon and kicked off my career as you see it today. This book is great (there’s a second edition that’s updated) for learning Python from the basics and building you up. If I could give any advice if you are looking to learn to program – come up with an idea of something you want to build, and figure out a way to build it. It will be awful, barely work, and be full of mistakes – but what you learned doing it will make you stronger and better as you go along. Here’s a photo from my first talk I ever gave at Defcon – more nervous then I could ever explain and of course, all the demos failed! :) |
Where to find Dave Kennedy:
- Dave Kennedy at TrustedSec
- Twitter: @HackingDave
- Dave Kennedy on LinkedIn
Go to “3 Books That Changed My Life” series introduction post.
[…] Dave Kennedy: 3 Books that Changed My Life […]