Recommended Books & Developer Gear
Books and gear I actually use and reach for — grouped by the same topics as the tools on this site.
Every pick below is here because it is genuinely useful for the kind of work this site is built around — JSON and data modeling, web security, cryptography, networking, regex, and the day-to-day craft of writing software. These are the references I would hand to someone learning the topic a tool on this site touches, not a list optimized for clicks.
Some links on this page are Amazon affiliate links. As an Amazon Associate, Online Dev Tools earns from qualifying purchases — at no extra cost to you. Recommendations are chosen on merit; nothing here is paid placement.
JSON, data & APIs
The data structures and API design behind the JSON, schema, and TypeScript-generation tools.
- Designing Data-Intensive Applications — Martin Kleppmann, the modern reference on how data systems actually store, move, and reconcile information.
- Database Internals — Alex Petrov, a deep look at storage engines and distributed databases for when the abstractions leak.
- API Security in Action — Neil Madden, practical coverage of tokens, scopes, and auth that pairs well with the JWT tools here.
TypeScript & JavaScript
Sharper typing and language fundamentals behind the JSON-to-TypeScript and editor tools.
- Effective TypeScript — Dan Vanderkam, 62 specific ways to use the type system without fighting it.
- Programming TypeScript — Boris Cherny, a thorough ground-up tour of the language and its type model.
Web security
Threat models and attack surfaces behind the CSP analyzer and secure-handoff tools.
- Web Application Security — Andrew Hoffman, a balanced recon-attack-defense walkthrough for engineers.
- The Web Application Hacker's Handbook — Stuttard & Pinto, the long-standing field guide to finding and exploiting web flaws.
- The Tangled Web — Michal Zalewski, the definitive tour of browser security quirks and why the platform is the way it is.
Cryptography
The primitives behind the hash generator, JWT, and secure-paste tools — explained correctly.
- Serious Cryptography — Jean-Philippe Aumasson, a modern, readable foundation in how real crypto works and fails.
- Real-World Cryptography — David Wong, focused on the protocols and constructions you actually ship.
Cybersecurity & certifications
Offensive, defensive, and certification study — for going deeper than the security tools on this site.
- CompTIA Security+ Get Certified Get Ahead — Darril Gibson, the most-recommended Security+ study guide for breaking into the field.
- CISSP Official (ISC)² Study Guide — the standard reference for the CISSP, covering the full security-management body of knowledge.
- The Hacker Playbook 3 — Peter Kim, a hands-on, practical walkthrough of offensive security and red-team workflows.
- Practical Malware Analysis — Sikorski & Honig, the go-to introduction to reversing and analyzing malicious software.
- Blue Team Handbook: Incident Response Edition — Don Murdoch, a field reference for defenders and SOC/IR work.
Regex & the command line
Backing the regex tester and the text-wrangling tools, plus the shell where most of this work happens.
- Mastering Regular Expressions — Jeffrey Friedl, the book that turns regex from guesswork into a skill.
- The Linux Command Line — William Shotts, a complete, approachable path to real fluency in the shell.
Networking
The protocols and addressing behind the CIDR, IP-conversion, WHOIS, and DNS tools.
- TCP/IP Illustrated Volume 1 — W. Richard Stevens, the classic packet-level walkthrough of the protocols.
- Computer Networking: A Top-Down Approach — Kurose & Ross, the standard text that builds intuition from the application layer down.
- High Performance Browser Networking — Ilya Grigorik, essential for understanding latency, TLS, and HTTP on the web.
- CCNA 200-301 Official Cert Guide — Wendell Odom, structured fundamentals for anyone formalizing their networking knowledge.
DevOps, infra & observability
Running and operating the systems these tools are typically used to debug.
- Kubernetes Up & Running — Burns, Beda & Hightower, a practical on-ramp from the people who helped build it.
- Infrastructure as Code — Kief Morris, patterns for managing cloud infrastructure as reliable, repeatable code.
- Observability Engineering — Majors, Fong-Jones & Miranda, how to actually understand systems in production.
- Site Reliability Engineering — Beyer, Jones, Petoff & Murphy, the foundational SRE text from Google.
Engineering craft
The habits and judgment that outlast any single tool or language.
- The Pragmatic Programmer — Hunt & Thomas, a timeless collection of practices for building software that lasts.
- Clean Code — Robert C. Martin, a much-debated but worth-reading take on writing readable, maintainable code.
Developer gear
Hardware that makes long sessions at the keyboard safer, faster, and more comfortable.
- YubiKey 5 hardware security key — phishing-resistant hardware MFA that pairs naturally with the security tools on this site.
- Mechanical keyboard for programming — tactile keys that hold up to all-day typing.
- Vertical ergonomic mouse — a wrist-friendly grip that helps stave off strain.
- 4K monitor for coding — crisp text and the screen real estate to keep code and logs side by side.
- USB-C docking station — one cable for displays, peripherals, and power at the desk.
- Laptop stand — raises the screen to eye level for better posture and cooling.