Reddit mentions: The best software testing books

We found 105 Reddit comments discussing the best software testing books. We ran sentiment analysis on each of these comments to determine how redditors feel about different products. We found 30 products and ranked them based on the amount of positive reactions they received. Here are the top 20.

🎓 Reddit experts on software testing books

The comments and opinions expressed on this page are written exclusively by redditors. To provide you with the most relevant data, we sourced opinions from the most knowledgeable Reddit users based the total number of upvotes and downvotes received across comments on subreddits where software testing books are discussed. For your reference and for the sake of transparency, here are the specialists whose opinions mattered the most in our ranking.
Total score: 38
Number of comments: 5
Relevant subreddits: 3
Total score: 33
Number of comments: 4
Relevant subreddits: 1
Total score: 24
Number of comments: 5
Relevant subreddits: 1
Total score: 23
Number of comments: 3
Relevant subreddits: 2
Total score: 5
Number of comments: 3
Relevant subreddits: 2
Total score: 5
Number of comments: 3
Relevant subreddits: 2
Total score: 5
Number of comments: 3
Relevant subreddits: 3
Total score: 4
Number of comments: 2
Relevant subreddits: 1
Total score: 3
Number of comments: 2
Relevant subreddits: 2
Total score: 2
Number of comments: 2
Relevant subreddits: 1

idea-bulb Interested in what Redditors like? Check out our Shuffle feature

Shuffle: random products popular on Reddit

Top Reddit comments about Software Testing:

u/princeofpudding · 5 pointsr/cscareerquestions

First up, find where the developers are. I know you said there aren't many jobs in your town/city, but there should be within driving distance.

Most larger cities generally have developer user groups. Find them and start going. Most of them meet once a month. Attend the talks, meet people there (there are often even recruiters), help out where you can. Make it so that people know you by sight (and preferably by name). This will help you get known and you will learn new things.

Get a twitter account. Start following developers in your area (and other areas for that matter). You will learn things and can interact with people in the field you want to be in.

Get a linked in account. Add the people you know. As you meet people at user groups, etc, add them. Linked In is a very useful tool. Among other things, it lets you see who you know that is working for a company that you want to work for. It can help you bypass the trash bin.

Put code on github. It doesn't have to be amazing, but code samples will generally only help. Knowing a VCS is also a job requirement at a lot of places and git is a commonly used VCS, so there's a double win for you.

Mention the fact that you have publicly viewable code on your resume.

Learn how to unit test and do TDD. First off, it will help you find bugs before they bite you in the ass. Secondly, it's yet another skill that a lot of places want you to have. Third, this opens up the realm of doing code kata which will help you get better (since it forces you to write code) and will give you more code samples to put on github.

Code samples - Okay, I know I've said code kata are a good idea and can give you some samples (and it's true). Now, for something heavier, find things that annoy you and write code to make it better. Write a backup program for your computer. Write a program that will let you keep track of where you've applied to jobs, who you've spoken with, etc etc etc.

It doesn't matter much what you code just as long as you do code. Doing it will make you better.

If you're feeling adventurous, start looking at open source projects and seeing if you can contribute. Even if it's just doing grunt work like documentation. And put THAT on your resume.

Get a CodeEval account (it's free). Complete coding challenges in the languages you want to do work in (they range from "hey, this is easy" to "holy shit"). When you get ranked in a top x%, put THAT on your resume. (top percentages on CodeEval start getting awarded at top 20%).

Learn new stuff. For example, if you want to do web dev in the .NET world, you'll want to know C# or VB.NET (preferably C#, at least around here), javascript and jquery, HTML, and CSS.

There are a lot of resources for this. can help you learn HTML, CSS, Javascript, jQuery, PHP, Python and Ruby.

If you're doing C# and want to learn TDD, James Bender's book is a good resource

The C# All in one book from Wiley is a decent overview of C#, and the author, Bill Sempf is very approachable. (I linked the latest version, but the 2010 version is very good as well)

Pluralsight has a lot of great online training on a metric crap ton of subjects as well. If you can't afford it, let's just say that you can find some of the courses on a site that rhymes with "Sky Rats May"

Make StackOvervlow your friend. Create an account, ask questions and, more importantly, when you can, answer them. Helping other people will help make you better too.

There are a lot of resources out there both digital, paper, and people. For the people, you might have to drive an hour or so to get to the user groups, but it can be worth it.

u/CSMastermind · 4 pointsr/learnprogramming

I've posted this before but I'll repost it here:

Now in terms of the question that you ask in the title - this is what I recommend:

Job Interview Prep

  1. Cracking the Coding Interview: 189 Programming Questions and Solutions
  2. Programming Interviews Exposed: Coding Your Way Through the Interview
  3. Introduction to Algorithms
  4. The Algorithm Design Manual
  5. Effective Java
  6. Concurrent Programming in Java™: Design Principles and Pattern
  7. Modern Operating Systems
  8. Programming Pearls
  9. Discrete Mathematics for Computer Scientists

    Junior Software Engineer Reading List

    Read This First

  10. Pragmatic Thinking and Learning: Refactor Your Wetware


  11. Code Complete: A Practical Handbook of Software Construction
  12. Software Estimation: Demystifying the Black Art
  13. Software Engineering: A Practitioner's Approach
  14. Refactoring: Improving the Design of Existing Code
  15. Coder to Developer: Tools and Strategies for Delivering Your Software
  16. Perfect Software: And Other Illusions about Testing
  17. Getting Real: The Smarter, Faster, Easier Way to Build a Successful Web Application

    Understanding Professional Software Environments

  18. Agile Software Development: The Cooperative Game
  19. Software Project Survival Guide
  20. The Best Software Writing I: Selected and Introduced by Joel Spolsky
  21. Debugging the Development Process: Practical Strategies for Staying Focused, Hitting Ship Dates, and Building Solid Teams
  22. Rapid Development: Taming Wild Software Schedules
  23. Peopleware: Productive Projects and Teams


  24. Slack: Getting Past Burnout, Busywork, and the Myth of Total Efficiency
  25. Against Method
  26. The Passionate Programmer: Creating a Remarkable Career in Software Development


  27. The Mythical Man-Month: Essays on Software Engineering
  28. Computing Calamities: Lessons Learned from Products, Projects, and Companies That Failed
  29. The Deadline: A Novel About Project Management

    Mid Level Software Engineer Reading List

    Read This First

  30. Personal Development for Smart People: The Conscious Pursuit of Personal Growth


  31. The Clean Coder: A Code of Conduct for Professional Programmers
  32. Clean Code: A Handbook of Agile Software Craftsmanship
  33. Solid Code
  34. Code Craft: The Practice of Writing Excellent Code
  35. Software Craftsmanship: The New Imperative
  36. Writing Solid Code

    Software Design

  37. Head First Design Patterns: A Brain-Friendly Guide
  38. Design Patterns: Elements of Reusable Object-Oriented Software
  39. Domain-Driven Design: Tackling Complexity in the Heart of Software
  40. Domain-Driven Design Distilled
  41. Design Patterns Explained: A New Perspective on Object-Oriented Design
  42. Design Patterns in C# - Even though this is specific to C# the pattern can be used in any OO language.
  43. Refactoring to Patterns

    Software Engineering Skill Sets

  44. Building Microservices: Designing Fine-Grained Systems
  45. Software Factories: Assembling Applications with Patterns, Models, Frameworks, and Tools
  46. NoEstimates: How To Measure Project Progress Without Estimating
  47. Object-Oriented Software Construction
  48. The Art of Software Testing
  49. Release It!: Design and Deploy Production-Ready Software
  50. Working Effectively with Legacy Code
  51. Test Driven Development: By Example


  52. Database System Concepts
  53. Database Management Systems
  54. Foundation for Object / Relational Databases: The Third Manifesto
  55. Refactoring Databases: Evolutionary Database Design
  56. Data Access Patterns: Database Interactions in Object-Oriented Applications

    User Experience

  57. Don't Make Me Think: A Common Sense Approach to Web Usability
  58. The Design of Everyday Things
  59. Programming Collective Intelligence: Building Smart Web 2.0 Applications
  60. User Interface Design for Programmers
  61. GUI Bloopers 2.0: Common User Interface Design Don'ts and Dos


  62. The Productive Programmer
  63. Extreme Programming Explained: Embrace Change
  64. Coders at Work: Reflections on the Craft of Programming
  65. Facts and Fallacies of Software Engineering


  66. Dreaming in Code: Two Dozen Programmers, Three Years, 4,732 Bugs, and One Quest for Transcendent Software
  67. New Turning Omnibus: 66 Excursions in Computer Science
  68. Hacker's Delight
  69. The Alchemist
  70. Masterminds of Programming: Conversations with the Creators of Major Programming Languages
  71. The Information: A History, A Theory, A Flood

    Specialist Skills

    In spite of the fact that many of these won't apply to your specific job I still recommend reading them for the insight, they'll give you into programming language and technology design.

  72. Peter Norton's Assembly Language Book for the IBM PC
  73. Expert C Programming: Deep C Secrets
  74. Enough Rope to Shoot Yourself in the Foot: Rules for C and C++ Programming
  75. The C++ Programming Language
  76. Effective C++: 55 Specific Ways to Improve Your Programs and Designs
  77. More Effective C++: 35 New Ways to Improve Your Programs and Designs
  78. More Effective C#: 50 Specific Ways to Improve Your C#
  79. CLR via C#
  80. Mr. Bunny's Big Cup o' Java
  81. Thinking in Java
  82. JUnit in Action
  83. Functional Programming in Scala
  84. The Art of Prolog: Advanced Programming Techniques
  85. The Craft of Prolog
  86. Programming Perl: Unmatched Power for Text Processing and Scripting
  87. Dive into Python 3
  88. why's (poignant) guide to Ruby
u/U3011 · 2 pointsr/web_design

Here's a good list I keep posting because people often ask the same question - not like it's a bad thing.

In any case follow the below, but I really suggest for total newbies to first go through the course Codecademy offers. It won't teach you much in how to do things but the syntax education is good. Follow their HTML and CSS courses and when you're done, create a site using just HTML and CSS. Once done, try to emulate a few of your favorite sites using just these two languages.

Once done you should check out the free 30 day Tutsplus courses on HTML/CSS and jQuery. At some point you will want to go back to Codecademy and take their JS course. Syntax and method of doing or starting certain things is important. It's incredibly easy to pickup the actual methods of doing things once your head understands the syntax used.

Any form of education that follows a hierarchical format makes for easy learning.

Codecademy isn't bad. It won't teach you much in the way of doing things but it does teach you the way to type out code, the general process and stuff. I can't speak for myself because I work as a professional developer and have been tinkering with code for 10 years now, but I did give the first lesson to one of my brothers. He's not great with computers or the Internet, but he was able to follow the first two sections of the basic HTML/CSS course and able to make his own site albeit very basic in nature nearly a month later (3 week gap following him doing the lessons). He was able to do a rough basic site of his Facebook profile, and he nailed it. It should open doors for you in terms of having the basic knowledge of how to do things. It'll allow you to read more advanced stuff and pick it up much faster than if you hadn't.

Below is a list I sent to someone on here a while back.


>PHP and MySQL Web Development (4th Edition)
>Beginning PHP and MySQL: From Novice to Professional
>Read the second book, do all the examples, then go back to the first book. Pay a lot of attention toward array manipulation. When you're comfortable with that, get into OOP. Once you do and OOP clicks for you, you'll be able to go to town on anything. I've heard a lot of good about Jefferey Way's video lesson courses over at TutsPlus. I've never used them nor do I need to, but I've never heard a single bad thing about their video courses. Their Javascript and Jquery is a great starting point. This is great stuff too if you're willing to put in the time.
>Professional JavaScript for Web Developers
>JavaScript: The Definitive Guide: Activate Your Web Pages
>Responsive Web Design with HTML5 and CSS3
>The Node Beginner Book
> Professional Node.js: Building Javascript Based Scalable Software
>Paid online "schooling":
>I've got a shit ton (Excuse my French) of books in print and E-Format that I could recommend, but it would span a couple pages. Anything is easy to learn so as long is it's served in a hierarchical format that makes it easy to absorb the information. A year ago I started to learn Ruby and using ROR as a framework. I can say it's been quite fun and I feel confident that I could write a fully complete web app using it. I started node.JS a few months ago, but it's been on break due to being sick and some unexpected events.
>My knowledge is extensive only because I wanted it to be. I'm not gifted by any means nor am I special. Not by a longshot. Some people are gifted when it comes to dev and design, most are not. Most only know one or the other. I forced myself to learn and be good at both. I'm 23, I started when I was about 12. I'm only breathing more comfortably now. I know a load of people on here and other sites who make me look like complete shit.
>Also for what it's worth, sign up to StackOverflow. It's the bible and holy grail rolled up into one site. It's amazing.
>Hattip to /u/ndobie
>> CodeAcademy
Team Treehouse
> CodeSchool. This is more programming but still very useful & has free stuff.
> Google. Probably the best way to find out how to do something specific.
This subreddit. If you have any questions about how to do something, like parallax scrolling, try searching for it, then ask, make sure to include an example of what you want if you don't know what it is called.

u/johnzabroski · 1 pointr/csharp

Can you give me some example business requirements you'd like to test, and I'll start writing a book on how to test them? :)

Joking, but joking seriously. I'd like to prove my mastery as an engineer, and one way I can think of doing that is to write a book with 50+ reviews averaging 4.5* or greater.

My favorite book on testing is actually for F#, not C#: Testing with F# by Michael Lundin - half the book has nothing to do with F# and is full of pragmatic advice.

I _cannot_ recommend The Art Of Unit Testing. Here is just one reason why: In the appendix, the author writes:

>A.3.8 The AutoFixture Helper API
>The AutoFixture helper API is not an assertion API. AutoFixture is designed to make it easier to create objects under test that you don't care about. For example, you need some number or some string. Think of it as a smart factory that can inject objects and input values into your test.
>I've looked at using it, and the thing I find most appealing about it is the ability to create an instance of the class under test without knowing what its constructor signature looks like, which can make my test more maintainable over time. Still, that's not enough reason for me to use it, because I can simply do that with a small factory method in my tests.
>Also, it scares me a bit to inject random values into my tests, because it makes me run a different test each time I run it. It also complicates my asserts, because then I have to calculate that my expected output must be based on the random injected parameters, which may lead to repeating production code logic in my tests.

This is simply horrid advice, based on a complete non-understanding of what AutoFixture does. You cannot simply isolate your constructor signature with a small factory method in your tests, because then you're just re-writing what AutoFixture does for you, in a brittle way.

Just my opinion.

u/jasonswett · 3 pointsr/rails

> I am a relatively new to development

If you're new to development, it's hard enough just to learn Rails by itself. In addition to the Rails concepts (e.g. ActiveRecord, view rendering, etc.) there's Ruby, databases/SQL, servers, HTML, CSS and JavaScript. Even if you're already comfortable with all those things, it's pretty hard to throw testing into the mix. When I first got started my question was, "What do I even test?" Do I write unit tests? Integration tests? View tests? Controller tests?

My advice would be to forget about Rails for a little bit and just practice testing Ruby by itself for a while. Then, once you're comfortable with testing Ruby, it will be easier for you to go back and try to write some tests in Rails.

> What is your recommendation on if I should focus on rspec vs minitest?

A person could make technical arguments for either. Deciding which testing framework to use depends on your objectives. If you're teaching yourself testing to become a more marketable developer, then I would definitely recommend RSpec. Almost every Rails project I've worked on (20+ production projects) has used RSpec. Having said that, it's less important which tool you choose and more important that you have a solid understanding of testing principles. I personally chose RSpec and I'm glad I did.

Here are some testing resources I often come across:

Growing Object-Oriented Software, Guided by Tests (awesome book, highly recommended)

Rails 4 Test Prescriptions (just started it, seems good so far)

Working Effectively with Legacy Code (super good book and more relevant to testing than it might seem like)

Everyday Rails Testing with RSpec (haven't bought it yet but seen it recommended a lot)

Destroy All Software (just bought it today, seems good so far)

Lastly, I myself created what I call a Ruby Testing Micro-Course designed to make it easy for people like you to get started with testing. Feel free to check that out and let me know what you think.

u/ggagagg · 1 pointr/learnpython

the thread about lpthw :

>Yeah, it works, but I feel like I'm not quite grasping how to write elegant code

it is the same problem that i face. so i try these things

  • use pep8 checker. this is minimal requirement.
  • better editor, i use kate at first, and later realize it can't handle python better than my current text editor
  • read a lot of python project. you can tell you are improving, if you have changes you want to make for the bad/smelly code.
  • testing, a lot of testing. my programming class didn't emphasize how important it is.
  • keep up to date. with everyday python news there is always something new and sometime, there is better method you wish you know earlier.
  • e: documentation. if your code can't explain itself, your docs can help it.
  • discipline. codinghorror:Discipline Makes Strong Developers

    right now i am reading shidarta govindaraj's test driven development(amazon), because i need to master some of those method, i said earlier. my code is now more readable, simple, maintainable and efficient
u/_Skeith · 11 pointsr/HowToHack

Both are wanted m8! Seriously there is no shortage for Cyber Security Professionals, there are too many jobs, and too little people to fill them!

Red Team is a little harder to break into then Blue Team is, due to the wide range of knowledge you need. Red Team is more offensive, so you will be hacking companies (legally) and testing for vulnerabilities, misconfigurations, etc.

Blue Team is more defensive, so you will be working for a company internally - basically preventing cyber attacks, setting up firewalls, managing IDS/IPS, tracking malware, working with SIRT on breaches, doing DFIR and Data Recover, etc.

Since you said you want to break into Red team, then I highly suggest you start with the Security+ (as I posted above) so you can get the basics down.

At the same time start listening to podcasts like Paul's Security Weekly, Down the Security Rabbit Hole, etc. As well as start reading blogs on hacking to get a feel for whats done, get a grasp at security terminology, and just recent news overall.

Get a home lab and learn a few tools like Wireshark and Nmap for basic Cyber Security work - to learn how packets work, how they are structured, and how to scan pc's for ports and services. At the same time, focus on learning about threats and vulnerabilities (which are covered in security+).

If you want to get into PenTesting then you need a wide range of knowledge. Pick up and learn a few languages (master the basics and understand what the code does and how to read/interpret it). You need to know: PHP, HTML, SQL, Python (or Ruby), and a basic language like C, or Java (but this is for more advanced topics like buffer overflows and all)

If you want to dig deeper into PenTesting then start reading:

The above is a good way to get into the Kali Distro and learn how to run Metasploit against vulnerable VM's.

Take a look at for books, and vulnerable VM's to practice on. is also a good place with tons of videos on Ethical Hacking, Post Exploitation, Python for Security, Metasploit, etc.

Pick up some books such as

The Hacker Playbook 2: Practical Guide To Penetration Testing

Hacking: The Art of Exploitation

Black Hat Python: Python Programming for Hackers and Pentesters

Rtfm: Red Team Field Manual

The Hackers Playbook is great resources to get you started and take you step by step on pen testing that will allow you to alter explore the endless possibilities. The Art of Exploitation is also very good, but it's more for exploit writing and buffer overflows (much more advanced topic to save for later!)

Also a good list of resources that you can learn more about security:

Getting Started in Information Security

Pentester Labs

Awesome InfoSec

Awesome Pentest

u/tech_tuna · 2 pointsr/softwaretesting

Presumably you know how to code. . . the question is, do you know how to test? Not that knowing how to test is rocket science but I'd say the first thing to embrace is that anything and everything can just break. When you write code, it's easy to focus on the "happy path".

As you might expect, there are tons of resources about testing online. . . including this subreddit and r/QualityAssurance.

Other resources I'd recommend:

u/VividLotus · 3 pointsr/gamedev

For a book that provides both a good introduction to testing terminology and concepts, as well as a fair amount of practical/instructional examples, I really like Software Testing: Fundamental Principles and Essential Knowledge. Also, I'm not sure whether you're wondering about getting started doing QA for your own games, or getting a job at a game company. If the latter, I'd say that the best way to get started depends on what your goals are:

  • If your ultimate goal is to move into a different type of role within the game industry, simply being in the right place at the right time (i.e., an area that has at least a few game companies, during the time when people are hiring testers to get their games in shape for pre-holiday ship dates) and demonstrating that you are a mature and dependable person with good computer skills and a knowledge of basic testing principles may be sufficient. While you're working in an entry-level test role, keep on improving the relevant skills for the type of job you hope to eventually have, and then apply for one of those openings within the company when you're ready. Caveat: this is much more likely to happen at a small to medium-sized game company than at one of the major ones, where entry-level testers are often segregated completely from any development, art, or production people. At small companies, though, I've seen numerous instances of people who started off in manual tester positions while they were in college or otherwise improving their skills eventually move up into art or coding roles.

  • If your eventual goal is to end up at a higher-level testing role within the game industry-- SDET, QA Manager/Lead, etc.-- one thing that can help is starting your career outside of games. My first job out of college was at a company that made medical software; I was able to get some real-world coding, testing, and planning experience, and then managed to skip the entry-level game testing jobs and move directly into higher-level test roles. A lot of other SDETs I've worked with in games have had a similar career path, and I've seen a lot of people with an eventual desire to be SDETs or leads get stuck in more entry-level testing roles when a black box game testing job was their first role within the game industry. I'm not quite sure why this is the case, but this is definitely something I've observed.

    Sorry for the tl;dr, and I hope this helps! If you have any questions about things like finding and applying for QA jobs, I'd be more than happy to answer them.
u/misconfig_exe · 2 pointsr/blackhat

I feel compelled to lead with this:

> I'm sorry, but you really should have been asking this question a year ago, not now as a graduate.

> Other readers: have a career plan in development while you're in school - otherwise you may find yourself left behind when you graduate.

But anyway, I'm a current student, and here's what advice I can give you based on what I have learned.

If you want to learn offensive security, you can take a certification course that includes Lab Sim like PWK for OSCP, but they are an expensive proposition and intimidating to someone without experience.

You could do what I'm doing, and build your own lab. Interview people in the industry that you have made connections with (and if you haven't made those connections by now, get on it!), and learn a bit about what their network environments look like. Then, emulate them, learn to set them up, and then use that lab as a shooting gallery to follow an online penetration testing guide and other self-learning resources such as The Hacker Playbook.

If you can find some in your area, I would highly suggest taking any in-person pentesting courses you can find. I'm lucky enough to live in the LA area to take Peter Kim's training classes. He's the author of the book mentioned above.

Get involved in local groups! Other people in your area are passionate about security too, and they may be learning or teaching exactly what you're interested in. I've had good luck with

u/cquick97 · 3 pointsr/AskNetsec

Depends on what you want to learn.

Web Application Security?

Exploit Development?

"Pentesting" techniques?

Also check here for tons other of resources.

As for certs, if you are a beginner beginner, then probably stuff like Security+ and Network+. Unlike the guy behind me, I will never get, nor do I really recommend CISSP, unless you are going for strictly blue team (defense) work. I personally enjoy red team (pentesting, etc), so something like OSCP would be more useful.

Like I said in a post above, feel free to PM me with questions. I'm always happy to help others on their quest to learn more about the wide world of infosec :)

u/squarefrog · 1 pointr/iOSProgramming

Neat. My first gilding! To add to the comment below I highly recommend NSScreencast. Weekly short videos tackling iOS development. Not much in the way of testing but some good Swift things. In fact there are a few free episodes on Swift if you'd like to try it out.

Test driven iOS development is a good book - but I don't know how useful it'll be for you as its a little old now and focuses on Obj C.

PM me if you have any questions, and don't be afraid to ask on StackOverflow - we all do it!

u/ShortTemperedGeek · 2 pointsr/csharp

I started by reading this book:

Which (for me) was a great way to learn about it. After reading it, I watched some pluralsight courses about it (but there should be some cheap ones on udemy as well if you don't have access to pluralsight).

After that, I just started implementing the things I learned while I work. I wouldn't worry too much about the test driven design aspect at first (writing the tests before you write the code) since that's quite tricky to get the hang of and should only be applied if you know what the code will look like to a great extent.

Having said that, that's what worked for me and it might not work for you. I do recommend the book though, since it was a great and easy read.

u/OSUTechie · 2 pointsr/ITCareerQuestions

Yes, most Gov jobs require at least Sec+.

Depending on how much you did as an LEO you may look into computer forensics. Network Security etc. You may also want to beef up knowledge of networking as well. So either the Net+ and/or CCNE cert.

Books are always a good place to start. I don't know about this one but have read a few other books by this publisher that have been pretty good.

Ones I have read/skimmed:

u/moffetta78 · 1 pointr/hacking

hi, i'm totally NOT an expert, but it's almost a year that i'm trying to study security on my own.

As other said, it will be very useful know programming like python, but also (the very hated)Php it's a plus to know.

It's also a must now REST communication and networking in general

i found this book very useful

also there are a lot of useful video on youtube!

goodluck, mate

u/gmarceau · 2 pointsr/compsci

Like you I work at a tech startup. When we were just starting, our business/strategy people asked the question you just asked. They opened a dialog with development team, and found good answers. I attribute our success in large part to that dialog being eager and open-minded, just as you are being right now. So, it's good tidings that you are asking.

For us, the answer came from conversation, but it also came from reading the following books together:

  • The Soul of a new Machine. Pulitzer Prize Winner, 1981. It will teach you the texture of our work and of our love for it, as well as good role models for how to interact with devs.

  • Coders at Work, reflection on the craft of programming Will give you perspective on the depth of our discipline, so you may know to respect our perspective when we tell you what the technology can or cannot do -- even when it is counter-intuitive, as ModernRonin described.

  • Lean Startup It will teach you the means to deal with the difficult task of providing hyper-detailed requirements when the nature of building new software is always that it's new and we don't really know yet what we're building.

  • Agile Samurai Will teach you agile, which ModernRonin also mentioned.

  • Watch this talk by one of the inventor/popularizer of agile, Ken Schwaber Pay particular attention to the issue of code quality over time. You will soon be surrounded by devs who will be responsible for making highly intricate judgement calls balancing the value of releasing a new feature a tad earlier, versus the potentially crippling long-term impact of bad code. Heed Ken Schwaber's warning: your role as a manager is to be an ally in protecting the long-term viability of the code's quality. If you fail -- usually by imposing arbitrary deadlines that can only be met by sacrificing quality -- your company will die.

u/iownahorseforreal · 1 pointr/hacking

I'm gonna try to give you some real advice, instead of shitting on a newcomer.

First, you really gotta know your systems. You're a software developer, but that doesn't mean you have experience in assembly. Learn assembly. Pick up books on it. Know how overflows work, etc. Also, get a vulnerable system, and start practicing the exploits given to you in Metasploit. Once you feel comfortable exploiting a certain vuln, look at the code for that particular exploit. Learn how it works, what it exploits, etc. Get comfortable with the language.

You also have to figure out what type of hacker you want to be. Do you want to be specialized in host, or web app, network, etc. It really depends. You obviously don't have to pick a specialization up front, but it should guide you on the type of material to learn. In all, it comes with practice. I will copy/paste exactly what I told someone else who asked a few days ago. I feel the list I put together below will get you started.

Offensive Security has some great material for you to browse, and even some lab environments to work in. Read up on Metasploit and OWASP get comfortable with a linux command line, python scripting, and powershell if possible. Other than that, attend security conferences, learn from books, (I personally recommend Hacker Playbook 2) and just learn by practicing on vulnerable boxes like Metasploitable and DVWA
Other than that, you just learn by doing it. Get down a methodology, and learn why and how systems are vulnerable. Further down the road, reverse engineering, static code analysis, and other specialties come into play, but I think thats enough info to get you started. If you need anything else answered, or have any other questions, just DM me.

u/codingspencer · 1 pointr/compsci

Frankly, I didn't understand the project management environment, which always seemed like a missing link between programming as a skill and programming as a profession, so I found The Agile Samurai quite helpful. It outlines the Agile style of project management, which can be useful for negotiating your first few (successful) team projects.

In terms of beginner coding, like others have suggested, The Pragmatic Programmer. It will help you write better code by focusing on good design.

u/Yogurt8 · 0 pointsr/QualityAssurance

Most "schools" that offer QA programs or courses are usually a waste of money. This is due to the fact that there are not many regulations or standards that exist for education in this field. They can teach some extremely outdated syllabus and get away with it because their students and admins do not know any better (look at all the useless certifications out there). Testing is an extremely nuanced and complicated art, it's one of those things that is very easy to get started and do badly, and most people cannot tell the difference. This is an area where I'd like to make a difference later in my career. For now though, if you want to get into testing, I would suggest you to both learn the automation side (even though you didn't pass your java course, you are still probably technically savvy enough to learn the basics and go from there) and the theoretical testing concepts.

You get a lot of devs that do not have a testing mindset or testers without enough technical skills / coding experience. If you can do both really well then you will be looked at like a unicorn and can make a good living (depending on your country/area).

The easiest way to get into automation is learning through a tool like Postman (back end testing) or Selenium. There's tons of Udemy courses and youtube content for these.

Check out Valentin Despa's content for PM, and John Sonmez or Naveem's stuff for selenium.

For testing concepts such as analysis, risk, quality criteria, communication, test design and techniques I would suggest reading the following books:

and consider taking Rapid Software Testing classes from michael bolton or james bach, they get pretty theoretical but are based upon practical work that you will be asked to perform.

These videos can also give you a pretty good sense of the testing role:

u/TonyDKO · 1 pointr/HowToHack

Okay, first install the lab, add Virtual machines of Windows XP, 7, 2008R2, Linux, different servers like Apache, SQL DB.. then go ahead and scan them, see how different Kali tools work.
I recommend you this book

Good Luck

u/yungbole · 1 pointr/hacking

What's Possible With Hacking?:

Things are more possible than you think; the more you know, the more you can do (hacking isn't just one thing to learn, it's a combination of different subjects).

Where can I learn about it?:

I recommend try to learn anything you can get your hands on, E-books, videos, etc. You should take the paid online courses later on, once you advance your knowledge.

!!TIP!!: Recommend reading some questions from him

This book (recommended by a real pentester):

Video on Kali Linux:
(i recommend Kali btw, install it on a virtual machine. )

I got all this just from the internet, the internet has all the information you need; just get it from the right places.

(I know basically squat, i am also starting off as of today) good luck!

u/BasedBarry · 6 pointsr/AirForce

Alright man I was sort of in the same boat.

You don't have to rely on your Airforce job to be your only source of NetSec training.

If NetSec is your passion you should start reading up on Blue team / Red Team type procedures. Get familiar with Firewalls and Cisco equipment. Work on getting maybe a CCNA Sec, work your way to a CISSP. Learn networking itself inside and out, to form a base for the security concepts. Practice Network Forensics, learn about write-blockers, legal procedures to work NetSec, that kinda stuff. If you find the time, learn Python.

If you have Linux experience, a well recognized PenTest OS is Kali Linux. You can use it to practice on a home network, or build your own virtual environment.

I'm finishing my Bachelors in Cyber Security here in May and testing for my CISSP, if you want any more info on programs/certs stuff like that feel free to shoot a PM.

u/crossroads1112 · 1 pointr/teenagers

So what you want to learn is called penetration testing or also known as "pen testing". I recommend this book. The only other thing you'll need that costs money is a network card capable of packet injection. Look it up. You can find an external one that'll plug into your laptop. Also while you can do pen testing on windows, generally Linux is the way to go. There is a particular distribution called Kali Linux, that is specifically for pen testing. The great part about linux is that it's all free (except for some of the enterprise stuff). I use it (not even for pen testing, just for daily use) and love it. Seriously, try it out.

u/[deleted] · 2 pointsr/neuroscience

Neuroscience is increasingly computational, both in the sense of studying the brain as a computer and in the sense of using a computer to study the brain. Learn to use Matlab - I would recommend either MATLAB for Neuroscientists or MATLAB for Psychologists depending on your ability and interests. Knowing programming and learning techniques early on is incredibly valuable. Volunteer in labs and learn these things, get excellent marks and get stellar recommendations. If you do this you should be fine.

EDIT: MATLAB for Neuroscientists is a bit more technical in nature and will require some exposure to calculus and linear algebra. The more complex bits will also likely require some familiarity with differential equations.

u/yiersan · 1 pointr/sysadmin

I am fortunate enough to have some wise vim tutors at work and watching them operate it inspired me to learn it more. It's freaking glorious you guys! A whole new way of life. A good book is practical vim

u/xxzexx · 0 pointsr/hacking

Your welcome.
as you i also like the subject.

i found this books to be a good reading:

Have a look at this linux distribution

Is made for pentesting, it might give u a idea of things and in youtube u will find good tutorials about the tools that come with it.

Have fun

u/sluffmo · 2 pointsr/QualityAssurance

Just looking at it, I would question the value of this. There are plenty of free resources for you to use. GTAC and other videos, software test podcasts (Test Talks), etc.. There are also countless books like how Google tests software that will help point you in the right direction in terms of what you need to learn.

Hell, pick up an ISTQB foundation book. I like this one:

Good luck!

u/GlennPegden · 1 pointr/securityCTF

Wow, the gold was an utterly unexpected and unnecessary move (you did something cool, for free, so YOU deserve the gold!), but Thank You anyway.

In return (now I've a little light OSSEC work on your Reddit account and twigged who you are ... probably) I'll make sure my next amazon order has a copy of this in it - . it's been on my list of possible purchases for a while.

u/roobixx · 2 pointsr/homelab

Sorry this has taken me so long to get too. Been busy.

First, understand that Kali is nothing mote than a collection of tools. Its those tools that you are actually wanting to learn.

KaliTutorials is one place you can start.

Also, there is an abundance of videos on YouTube and if you are serious about wanting to learn penetration testing/security makes sure you book mark Irongeek

Like I said earlier, by the time books are written, edited, and published, they can often be out of date.

If you do want to understand some of the basics, here are books you should look at:

Metasploit: The Penetration Tester's Guide



Basic Security Testing with Kali Linux 2 I havent read this one but I have heard good things

The Hacker Playbook

[The Hacker Playbook 2] (

Also a good list of resources can be found here:

u/materialdesigner · 2 pointsr/rails

Honestly, not really. I've got copies of both The Cucumber Book and The Rspec Book and both are alright, but both are more than likely pretty much out of date. If you're looking for syntax, I'd just suggest reading the documentation for the relevant libraries.

I've heard okay/good things about Rails Test Prescriptions but haven't personally read it.

I have a few blog posts that I enjoy:

u/quellish · 9 pointsr/iOSProgramming

Some suggestions:

WWDC sessions. Even the Mac ones.

The Mobile Application Hacker's Handbook
Has a lot of useful information about security, privacy, and reverse engineering.

XCode 5 Developer Reference

While this was written for Xcode 5, much of it still applies to Xcode 7. It includes information on build configuration files, using breakpoints to trigger scripts and other subjects/techniques that are difficult to find elsewhere.

Test Driven iOS Development

The book is OK, the author did a video series for that was much better and more accessible. Unfortunately it is no longer available.

If you get a 1 month Safari Books trial you can access a lot of content easily (I think all of the ones I listed, and more). Some of them may be available for free (well, parts of them) through Google Books.

You can also look through iOS developer conference videos online. Some will help you level up, some not so much.

u/wuts_interweb · 1 pointr/vim

Not a video, but the book Practical Vim: Edit Text at the Speed of Thought by Drew Neil is the best resource for moving beyond vimtutor I've found. Received 4.7 out of 5 stars on Amazon. (109 reviews)

Edit: Looks like Drew Neil does the Vimcasts linked to in the sidebar to this sub.

u/qasimchadhar · 19 pointsr/hacking

Start with learning computer systems, networking, and Linux. You need to be able to at least read computer code, know how data flows between computer networks, and how to do things in Linux. Here are few links to get you started:

First and foremost, basics and free stuff:

Intro to Linux

Computer Networks

Intro to computer science and programming Python:

Web development -- Will help you when (and if) you go through web pentest route


Once you've covered all above topic, you are ready to enter into pure-hacking learning:

First free stuff:

Following cost money but take you through each and every step of a pentest without distractions:

Hacking Exposed ed.7

The Hacker Playbook

Very expansive but well worth it (Bonus: It's a certification):

u/cloneruler · 3 pointsr/HowToHack

Network+,Security+,Linux+ = Good.

Udemy i'm not exactly sure about, I have no idea how good it is, however Cybrary does have penetration testing courses on there for free and they're decent.

Grey & Black hat python - Great books. I'm currently looking at black hat python, and it's awesome.

Some other books i'd recommend: Hacking: The Art of Exploitation The hacker playbook 2

While i'm not a professional pentester(YET :P) i've learned alot from the books I listed above as well as the cybrary videos. If you really have the money, I recommend the Penetration Testing With Kali Linux Course From Offensive Security It's fairly expensive, but I've heard it's worth it.

u/kristophmatthews · 3 pointsr/rails

Hi there, I recommend this book: Rails 4 Test Prescriptions. It is the best book on testing I've ever read. In my experience, understanding how to write tests was not difficult. It was getting into the habit of testing, and understanding when to write tests and when not to that was a challenging art form. Hope this helps.

u/participationNTroll · 1 pointr/webdev

Systems Analysis and Design in a Changing World (Sixth Edition) <-- this was the version required for a class

Seventh Edition(?)

This book is free from any programming languages and is instead supposed to aide the development of thinking and planning applications.

murach's SQL Server 2012 for developers <-- required for class

murach's SQL Server 2016

Uses SQL to further enforce "forms" for application data structures.

Professional Test Driven Development with C#: Developing Real World Applications with TDD

Book I purchased during my 4000 project class. Team based project where we had to

  1. To plan out the application using skills from System Analysis and Design.

  2. Create a presentation to show to a client.

  3. Create a manual to help onboard developers.

  4. Create a manual for clients.

  5. design and deploy a database (database schematic included in onboarding manual).
  6. Write tests for the application.

  7. Deploy the application to Azure.

    After my research at the time, this book seemed to be the most appropriate for my scenario.

u/petdance · 7 pointsr/vim

I suggest getting a book, since they are typically far more readable.

I first learned Vim with Steve Oualline's book.

More recently, Drew Neil's Practical Vim and Modern Vim are excellent choices.

Your local public library may well have some good books on Vim as well, if not these exact titles.

u/hey-its-matt · 13 pointsr/learnprogramming

Currently learning:

u/dougsec · 1 pointr/computerforensics

Since this is the subreddit for DFIR, that's what you're going to end up with as far as suggestions go. For pentesting stuff, checkout:

-Web Application Hacker's Handbook: (this has some labs, but just reading through the various weaknesses in WebApps will be a great start)

-The Hacker Playbook:

Red Team Field Manual:

Those two are good general pentesting books. You might also try /r/AskNetsec for other suggestions.

u/povilasb · 1 pointr/cpp

I really enjoyed Modern C++ Programming with Test-Driven Development: ( It teaches you TDD and how to write cleaner code using c++11 samples and google mock framework. So it felt like a really modern book :)

u/KillTheMule · 6 pointsr/vim

I suggest buying and reading It's a joy to read, and really valuable to advance your vim-fu.

Also have a look around at

u/iownahorsefurreal · 2 pointsr/hacking

>Where to learn kali

Hacker playbook 2

>What to use it with

Your own virtual machines or desktop machines that YOU OWN. The book covers how to set up those machines

>how to not get the fbi to how up at my door

Don't do anything stupid.. Hack your own equipment from the safety of your own subnet, and you aren't doing anything illegal. Have fun!

u/brutalvandal · 3 pointsr/QualityAssurance

Record and playback is only good for learning and it shouldn't be utilized as a primary method of creating your scripts. read this. It will help you greatly.

u/bridgesro · 2 pointsr/learnprogramming

The book I bought was Rails 4 Test Prescriptions, which explains test-driven development but is very Rails-centric. I had also been looking at BDD In Action, which has good reviews. I can't vouch for it personally but it may be worth looking into.

u/Inji · 2 pointsr/Kalilinux

I've been working with the Hacker Playbook Ver 2. It's pretty good. Has helped me learn a lot.

u/ewan91 · 2 pointsr/QualityAssurance

I did it a few months ago, there is an official BCS book on Amazon as well as practice papers on the BCS website. The questions in the papers were almost replicas of the actual exam. I'd recommend both the book (as new edition was just released) and the practice exam questions that are scattered around the net.
Edit: link

u/sleepybychoice · 2 pointsr/learnprogramming
  • Agile Software Development with Scrum - Less than 200 pages, the authors write in the 1st person from time to time, and have real story-like examples.
  • The Agile Samurai - Around 250 pages, but the tone is very informal and filled with entertaining illustrations comics, dialogues, and examples of the techniques they present.
u/zywrek · 1 pointr/Hacking_Tutorials

Kali is the way to go.

For resources I really recommend getting some proper litterature. The two books below are often recommended (i have them both) as a starting point. Preferably read in the order written.



u/Sjoerder · 2 pointsr/netsec

A pretty recent general purpose hacking book is The Hacker Playbook 2, from June 2015.

u/panupatc · 1 pointr/Python

Thank you! I'm reading the online chapters now. The author seems very likable.

At first I had it mixed up with this book. What do you think about this one?

u/eidolon413 · 1 pointr/QualityAssurance

That is how long the classroom course is. It may take you longer to self study but that depends on you so I couldn't estimate. I would say it is worthwhile though. This is the course book.

u/tactiphile · 1 pointr/vim

If you're into books, I recommend Practical Vim

u/telnetrestart · 19 pointsr/blackhat

I'm taking it right now. The books I read through or started before the OSCP in no particular order:

u/jGuy91 · 2 pointsr/nodejs

Is this it

u/thisisned · 1 pointr/cogneuro

I just finished my Masters and this book helped me enormously with Matlab, which I used to program my dissertation project experiment.

It goes into some depth, but also takes you step-by-step through a few basic psychophysics experiment scripts, so sounds like it'd be right up your street.

u/horsey_jumpy · 4 pointsr/vim

Practical vim is the book I used to learn vim.

u/recrudesce · 5 pointsr/HowToHack

Came here to say the same thing; you don't NEED Kali to pentest, it's really mostly used because it has a lot of tools already included. You can test from a Windows box if you really wanted to.

Kali won't magically make you a pentester, nor will it teach you how to be one as it's just a bundle of tools - there's no tutorials included with those tools. Read Hackers Playbook 2 and Penetration Testing: A Hands-On Introduction to Hacking and do some vulnerable VM's from places like Vulnhub

u/maq0r · 1 pointr/vzla

Que mas quieres hacer? No saques mas nada Cisco si no estas pendiente de hacer networking y aun asi, Cisco no se esta usando tanto como otros (Palo Alto por ejemplo).

Si quieres hacer Incident Response y Pentest, lanzate estos libros

Tienes que definir un poco mas que quieres hacer. Que te atrae mas de cybser security?