Hacking: The Art of Exploitation
Anyway, this book describes much more sophisticated techniques starting with ...more
I read this book with the aim to learn more about assembly language and (broadly speaking) the hardware / software interface. I learned more than I ever cared to know about either of these things and so much more. It should be said, prior to purchasing this book, my ...more
I enjoyed reading and practicing while reading and my only beef with this book is that in my o ...more
While other books merely show how to run existing exploits, Hacking: The Art of Exploitation broke ground as the first book to explain how hacking and software exploits work and how readers could develop and implement their own. In the extensively updated and expanded second edition, author Jon Erickson again uses practical examples to illustrate the most common computer security issues in three related fields: programming, networking and cryptography. Includes a live CD, which provides a Linux...more
Jon Erickson's Hacking is a precious resource for anyone wishing to develop a comprehensive understanding of IT security. It covers the development of exploits on the lowest level, that is, with a detailed analysis of the memory layouts of programs, how their stacks and heaps work, up to some tinkering with TCP/IP data on the level of individual bytes. What is not covered by this book are higher level attacks such as cross site s ...more
Erickson's book is simply a masterpiece - a very cleanly written book yet comprehensive which introduces many concepts of hacking to the reader in an effective manner. It will likely be quite a challenging read for the inexperienced reader but well worth the effort for those attempting to get into cybersecurity. I also highly recommend this to many C and C++ programmers who ar ...more
the techniques shown in the book will not work on most modern Linux distributions without crippling the security features that are baked into them (ASLR, stack canaries, DEP, etc)
the book focuses on teaching you the concepts without having you worry about turning off security features on Linux. While most of these techniques are outdated
The book does not cover Windows exploitation at all
after all i enjoyed reading it an ...more
If you're looking for a general overview of security (buffer overflows, encryption, passwords, wireless networks, network-enabled apps...), I think this is still a great resource. ...more
The only missing part I think is:
- no integer overflow exploitation
- no details about recent techniques to bypass ASLR
- some chapters are not about exploits or memory corruptions ...more
Unlike other books about hacking, this book focuses on the technical details about exploits rather than using them with other tools. But this additional depth comes at a price: First of all, such low-level approaches are not very practical in many situations - rather than building your own port scanner, you would use a prebuilt one so you can focus on other things. Second, several exploits which are discussed in depth are limited to C because higher-level languages like ...more
The first chapter gets into C as simple as could be. May quite possibly be the only C programming book one could ever need. The others showed me a side of the internet and networking protocols that blew me away. You really see the technicalities behind the information systems we take for granted.
A lot of the chapters are daunting at a glance but are really simple if you proceed slowly. I suggest following along with the examples especially on the networking session. ...more
Understanding some of the code might strain your neurons depending on your understanding of C, and especially ugly bit-level hacking in C.
Purely of practice, learning or historical interest, as the techniques learned here are for exploiting bugs that are long patched on an even minimally recent and secure system, ...more
Erickson also takes you through the ‘history’ of an exploit, with step by step guides that build on each other. It’s fascinating to see how ‘small’ ideas turn into really powerful tools.
Not a life changing masterpiece but a good insight into the ‘hacker’ mindset, without skimping on the technical information.
Yes, many of the exploits presented are indeed outdated, but what is important is the logic behind them. It only took 2 chapters and 1 buffer overflow exploit to get me hooked.
|The Corliss Group Latest Tech Review: Unternehmen, die gezielt durch Hacker||1||5||Sep 10, 2014 06:12PM|
|Abney And Associates: Abney and Associates Cyber Security Warning: Hacking problem all sides need to tackle||2||6||Mar 22, 2013 06:14PM|
Goodreads is hiring!
Learn more »