PART 1 INTRO TO EXPLOITATION ON LINUX x86
1) Before You Begin
2) Stack Overflows
3) Shellcode
4) Introduction to Format String Bugs
5) Introduction to Heap Overflows
PART 2 EXPLOITING MORE PLATFORMS: Windows, Solaris, and Tru64
6) The Wild World of Windows
7) Windows Shellcode
8) Windows Overflows
9) Overcoming Filters
10) Introduction to Solaris Exploitation
11) Advanced Solaris Exploitation
12) HP Tru64 Unix Exploitation
PART 3 VULNERABILITY DISCOVERY
13) Establishing a Working Environment
14) Falut Injection
15) The Art of Fuzzing
16) Souce Code Auditing: Finding Vulnerabilities in C-based Languages
17) Instrumented Investigation: A manual approach
18) Tracing for Vulnerabilities
19) Binary Auditing: Hacking Closed Source Software
PART 4 ADVANCED MATERIALS
20) Alternative Payload Strategies
21) Writing Exploits that Work in the Wild
22) Attacking Database Software
23) Kernel Overflows
24) Exploiting Kernel Vulnerabilities
This is not just another security book! The wizards from bugtraq have shared a significant portion of their craft and tools with us in this book. For that, I am most grateful. Given the technical prowess of many of the authors, I was pleasantly supprised by their willingness and ability to explain concepts in very detailed, clear, and concise manner.
After spending some time with this book, I became somewhat disappointed by the number of errors it contains. A few solid technical reviewers could have easily caught these errors and made the end product much better. Another disappoint is that all of the stuff that the book promises at the website still hasn't appeared.
This book is not for beginners. This book assumes reasonable competence with C, Assemply, and computer architecture... all at an intermediate level.
This book stands out for the info it provides. Other books have tease and hint at some of these concepts for maybe a sentence or two, but they never truly explain any of them. It's rare to find explanations of this material. There is no fluff and no confusion (except for errors in the examples). This is well done, and a joy to read. It is the definitivie text book for students of vulnerability discovery.
# Paperback: 718 pages
# Publisher: Wiley; 2 edition (August 20, 2007)
# Language: English
# ISBN-10: 047008023X
# ISBN-13: 978-0470080238
# Product Dimensions: 9.1 x 7.4 x 1.6 inches
# Shipping Weight: 2.4 pounds
CITEC File Hosting
**Hidden Content: To see this hidden content your post count must be 30 or greater.**
Reply With Quote
