Goodreads helps you keep track of books you want to read.
Start by marking “A Bug Hunter's Diary: A Guided Tour Through the Wilds of Software Security” as Want to Read:
A Bug Hunter's Diary: A Guided Tour Through the Wilds of Software Security
Enlarge cover
Rate this book
Clear rating
Open Preview

A Bug Hunter's Diary: A Guided Tour Through the Wilds of Software Security

3.91  ·  Rating details ·  215 ratings  ·  12 reviews
"This is one of the most interesting infosec books to come out in the last several years."
–Dino Dai Zovi, Information Security Professional

"Give a man an exploit and you make him a hacker for a day; teach a man to exploit bugs and you make him a hacker for a lifetime."
–Felix 'FX' Lindner

Seemingly simple bugs can have drastic consequences, allowing attackers to compromise s
...more
Paperback, 208 pages
Published November 11th 2011 by No Starch Press (first published October 22nd 2011)
More Details... Edit Details

Friend Reviews

To see what your friends thought of this book, please sign up.

Reader Q&A

To ask other readers questions about A Bug Hunter's Diary, please sign up.

Be the first to ask a question about A Bug Hunter's Diary

Community Reviews

Showing 1-30
Average rating 3.91  · 
Rating details
 ·  215 ratings  ·  12 reviews


More filters
 | 
Sort order
Start your review of A Bug Hunter's Diary: A Guided Tour Through the Wilds of Software Security
javier
Apr 09, 2012 rated it liked it
This book is a good read as far as technical books go, however it has something lacking. It feels as though more time could be spent analyzing closed source programs rather than the examples chosen: VLC, Solaris, etc.

Thy said, the presentation is great. Each example has a very clear approach and methodology.

If you are new to bug hunting, or want to get a taste of what bug hunting is about, this book is for you. If you are a seasoned veteran of bugs, your time is probably better spent developin
...more
Pablo
Oct 13, 2018 rated it it was amazing
A good trip over common and uncommon techniques to find bugs, and the way to think around them. It's a book for people interested into finding vulnerabilities in software. It might not teach you anything new in terms of technical concepts but a great down to earth explanation of the process, the challenges and how to train your own ideas for bug hunting.

I would recommend this book to anyone interested in Security and specially to those who are willing to learn more on how to grow as bug hunters.
...more
Brian Palmer
Aug 08, 2018 rated it it was amazing
Presented in the form of case studies, complete with motivations for why the author started exploring these and some trial programs to explore the parameter space, this was a nice collection to pick up and get motivated in finding exploits. Compare and contrast with the Shellcoder's Handbook..

Not the end all and be all, but a useful book to communicate an *approach*, rather than specific exploits.
Petr
Dec 23, 2019 rated it liked it
Shelves: ebook, turingy
The book content is already basically 10 years old, but the insights into the art of bug hunting are still incredible. Klein presents clearly initial thoughts, exploration, testing, and bug exploitation examples. He does not present actual code for legal reasons, but great information for anyone who wishes to hunt for bugs. What I loved were the summaries of lessons at the end of each entry which present lessons for all the relevant parties (e.g. users and programmers).
Pete
Oct 23, 2019 rated it it was amazing  ·  review of another edition
Fabulous

This books offers an excellent introduction to the process of discovering and initiating fileless attacks on computer operating systems. It is a concise and well written book - highly recommended.
Matías
May 08, 2019 rated it liked it
I don't actually remember much of it, more than it was easy to read, and straight to the point.
Hugh Smalley
Sep 14, 2016 rated it liked it

"Give a man an exploit and you make him a hacker for a day; teach a man to exploit bugs and you make him a hacker for a lifetime."

–Felix 'FX' Lindner

\n

A Bug Hunter's Diary follows security expert Tobias Klein as he tracks down and exploits bugs in some of the world's most popular software.



"This is one of the most interesting infosec books to come out in the last several years."
**–Dino Dai Zovi, Information Security Professional**


"Give a man an exploit and you make him a hacker for a day; teach

...more
Julio Biason
Oct 15, 2016 rated it really liked it
Shelves: kindle, it
For a long time you keep hearing things like "don't use this 'cause it can be exploited", but you really never saw something like that being exploited. And then comes this book and shows how someone can use everything you know you can't use to actually call something it wasn't expected to be called.

Confusing? Well, it's a very complex issue that involves the call stack and assembly and registers and all that. But the book goes into length explaining and showing those things (so, yeah, some know
...more
Ayoub
Oct 04, 2015 rated it it was ok
gives you an insight into how the finest of reverse engineering think and process those bugs, most importantly coding the exploit. Brief but not concise, Tobias claims that the reason is due to the cyber law in germany.
Andy Parkes
Aug 03, 2016 rated it it was ok
Shelves: 2016-reading
Giving two stars purely based on my own experience with this. I'm clearly not target audience for this. An interesting read but way past my level of technical competence to fully understand it.
J. Alberto
Aug 19, 2016 rated it liked it
Not for everyone... very interesting
عَبدُالكَرِيمْ
I absolutely loved this book!
It clears much of the magic behind those elite hackers and how they discover high profile vulns
Mesut
rated it really liked it
Aug 09, 2013
mm
rated it it was amazing
Feb 01, 2014
Zazkia
rated it really liked it
Dec 16, 2015
Sergio Prado
rated it really liked it
Dec 15, 2019
Eric Gragsone
rated it liked it
Mar 08, 2014
Jay
rated it really liked it
Mar 07, 2017
Fatih Erdogan
rated it it was amazing
Feb 27, 2017
Ledio
rated it really liked it
May 11, 2012
Dean Macaulay
rated it liked it
Sep 22, 2018
Athanasios
rated it liked it
Jan 21, 2016
Jacqueline
rated it really liked it
May 16, 2014
Gábor
rated it liked it
Aug 10, 2016
Russ
rated it it was amazing
Sep 07, 2014
Gerard
rated it it was amazing
Mar 25, 2016
Carla
rated it liked it
Dec 31, 2013
Markku
rated it it was amazing
Jun 22, 2019
Stuart
rated it really liked it
Aug 29, 2014
« previous 1 3 4 5 6 7 8 next »
There are no discussion topics on this book yet. Be the first to start one »

Readers also enjoyed

  • Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks
  • Red Team Field Manual (RTFM)
  • Hacking: The Art of Exploitation
  • The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws
  • Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon
  • Threat Modeling: Designing for Security
  • Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software
  • The Tangled Web: A Guide to Securing Modern Web Applications
  • The Practice of Network Security Monitoring: Understanding Incident Detection and Response
  • The Infinite Game
  • The Man Who Solved the Market: How Jim Simons Launched the Quant Revolution
  • Social Engineering: The Art of Human Hacking
  • How To: Absurd Scientific Advice for Common Real-World Problems
  • One Piece, Volume 2: Buggy the Clown
  • The Inevitable: Understanding the 12 Technological Forces That Will Shape Our Future
  • Ultralearning: Master Hard Skills, Outsmart the Competition, and Accelerate Your Career
  • The Ride of a Lifetime: Lessons Learned from 15 Years as CEO of the Walt Disney Company
  • The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography
See similar books…

Goodreads is hiring!

If you like books and love to build cool products, we may be looking for you.
Learn more »

Related Articles

San Francisco is a gold rush town. There aren’t many books about people in their 20s who move to Silicon Valley with dreams of earning a living wag...
34 likes · 1 comments