• Archivo PDF

Libros de Seguridad de la Información y Ciberseguridad
Barrett, D. J., Silverman, R. E., & Byrnes, R. G. (2005). SSH, the secure shell: The definitive guide (2nd ed.). O'Reilly Media.
Engebretson, P. (2013). The basics of hacking and penetration testing: Ethical hacking and penetration testing made easy (2nd ed.). Syngress.
García-Cerecignon, M., & Alegre Ramos, M. (2010). Seguridad informática. Paraninfo.
Kaufman, C., Perlman, R., & Spencer, M. (2002). Network security: Private communication in a public world (2nd ed.). Prentice Hall.
Kim, K., & Solomon, S. (2016). Fundamentals of information systems security (3rd ed.). Jones & Bartlett Learning.
PSILON. (2011). Seguridad informática - Ethical hacking. ACISSI.
Stallings, W. (2017). Network security essentials: Applications and standards (6th ed.). Pearson Education.
Weidman, G. (2014). Penetration testing: A hands-on introduction to hacking. No Starch Press.
Weidman, G. (2017). Advanced penetration testing: Hacking the world's most secure networks. Wiley.
Whitman, M. E., & Mattord, H. J. (2018). Principles of information security (6th ed.). Cengage Learning.

Criptografía
Aguirre, J. R. (2006). Libro electrónico de seguridad informática y criptografía. Universidad Politécnica de Madrid. http://www.criptored.upm.es/guiateoria/gt_m001a.htm
Lucena López, M. J. (2007). Criptografía y seguridad en computadores (4ª ed.). http://www.criptored.upm.es/
National Institute of Standards and Technology. (2001). Advanced encryption standard (AES) (FIPS PUB 197). https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf
National Institute of Standards and Technology. (2015). Secure hash standard (SHS) (FIPS PUB 180-4). https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf
Schneier, B. (1996). Applied cryptography: Protocols, algorithms, and source code in C (2nd ed.). John Wiley & Sons.
Stallings, W. (2020). Cryptography and network security: Principles and practice (8th ed.). Pearson Education.
Zimmermann, P. (1999). An introduction to cryptography. Network Associates. ftp://ftp.pgpi.org/pub/pgp/6.5/docs/english/IntroToCrypto.pdf
Hacking Ético y Metodologías de Pentesting
EC-Council. (2019). Certified ethical hacker (CEH) official training guide (11th ed.). Cengage Learning.
ISECOM. (2010). Open source security testing methodology manual (OSSTMM) (Version 3). https://www.isecom.org/OSSTMM.3.pdf
OWASP. (2020). OWASP testing guide (Version 4.2). https://owasp.org/www-project-web-security-testing-guide/
The Penetration Testing Execution Standard (PTES). (n.d.). Penetration testing execution standard. http://www.pentest-standard.org/
Herramientas y Tecnologías
Borges, C. (n.d.). theHarvester - E-mails, subdomains and names harvester [Software]. GitHub. https://github.com/laramies/theHarvester
DigiNinja. (n.d.). CeWL - Custom word list generator [Software]. GitHub. https://github.com/digininja/CeWL
Lyon, G. F. (2009). Nmap network scanning: The official Nmap project guide to network discovery and security scanning. Insecure.Com LLC.
Offensive Security. (2024). Kali Linux documentation. https://www.kali.org/docs/
THC-Hydra Development Team. (n.d.). THC-Hydra [Software]. GitHub. https://github.com/vanhauser-thc/thc-hydra
Wireshark Foundation. (2024). Wireshark user's guide. https://www.wireshark.org/docs/wsug_html_chunked/
Protocolos Seguros (SSH)
Eastlake, D. (2005). Domain name system security extensions (RFC 4033). Internet Engineering Task Force. https://www.rfc-editor.org/rfc/rfc4033
Mockapetris, P. (1987). Domain names - Implementation and specification (RFC 1035). Internet Engineering Task Force. https://www.rfc-editor.org/rfc/rfc1035
Ylonen, T., & Lonvick, C. (2006a). The secure shell (SSH) authentication protocol (RFC 4252). Internet Engineering Task Force. https://www.rfc-editor.org/rfc/rfc4252
Ylonen, T., & Lonvick, C. (2006b). The secure shell (SSH) protocol architecture (RFC 4251). Internet Engineering Task Force. https://www.rfc-editor.org/rfc/rfc4251
Normas y Estándares de Seguridad
International Organization for Standardization. (2013). ISO/IEC 27001:2013 - Information technology - Security techniques - Information security management systems - Requirements.
International Organization for Standardization. (2022). ISO/IEC 27002:2022 - Information security, cybersecurity and privacy protection - Information security controls.
National Institute of Standards and Technology. (2018). Framework for improving critical infrastructure cybersecurity (Version 1.1). https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04162018.pdf
Amenazas y Ransomware
Bhardwaj, S. (2016). Ransomware: A rising threat of new age digital extortion. International Journal of Computer Science and Mobile Computing, 5(4), 796-803.
Kaspersky Lab. (2024). What is ransomware? - Definition and explanation. https://www.kaspersky.com/resource-center/definitions/what-is-ransomware
Python para Seguridad
O'Connor, T. J. (2012). Violent Python: A cookbook for hackers, forensic analysts, penetration testers and security engineers. Syngress.
Ortega, J. M. (2018). Mastering Python for networking and security. Packt Publishing.
Bases de Datos de Vulnerabilidades
Exploit Database. (n.d.). Offensive Security's exploit database archive. https://www.exploit-db.com/
MITRE Corporation. (n.d.). Common vulnerabilities and exposures (CVE). https://cve.mitre.org/
Reportes y Recursos Públicos
Fort, J. C. (n.d.). Public penetration testing reports [Repository]. GitHub. https://github.com/juliocesarfort/public-pentesting-reports
Haverickadams. (n.d.). TCM Security sample pentest report. GitHub. https://github.com/hmaverickadams/TCM-Security-Sample-Pentest-Report
Pentest Reports. (n.d.). Penetration testing report templates. https://pentestreports.com/templates/
Google Hacking
Long, J. (2004). Google hacking for penetration testers. Syngress.
Offensive Security. (n.d.). Google Hacking Database (GHDB). https://www.exploit-db.com/google-hacking-database