The Shellcoder's Handbook: Discovering and Exploiting Security Holes, 2nd Edition
Be the First to Write a Review and tell the world about this title!People who purchase this book frequently purchase: - Reversing: Secrets of Reverse Engineering; Eldad Eilam, $24.95, 38% Off!
- Hacking: The Art of Exploitation, 2nd Edition; Jon Erickson, $30.95, 38% Off!
- The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws; Dafydd Stuttard, et al, $30.95, 38% Off!
- Security Power Tools; Bryan Burns, et al, $37.50, 37% Off!
Books on similar topics, in best-seller order:Books from the same publisher, in best-seller order:
This much-anticipated revision, written by the ultimate group of top security
experts in the world, features 40 percent new content on how to find security
holes in any operating system or application
New material addresses the many new exploitation techniques that have been discovered
since the first edition, including attacking "unbreakable" software
packages such as McAfee's Entercept, Mac OS X, XP, Office 2003, and Vista
Also features the first-ever published information on exploiting Cisco's IOS,
with content that has never before been explored
The companion Web site features downloadable code files
Table of Contents
About the Authors.
Acknowledgments.
Introduction to the Second Edition.
Part I: Introduction to Exploitation: Linux on x86.
Chapter 1: Before You Begin.
Chapter 2: Stack Overflows.
Chapter 3: Shellcode.
Chapter 4: Introduction to Format String Bugs.
Chapter 5: Introduction to Heap Overflows.
Part II: Other Platforms—Windows, Solaris, OS/X, and Cisco.
Chapter 6: The Wild World of Windows.
Chapter 7: Windows Shellcode.
Chapter 8: Windows Overflows.
Chapter 9: Overcoming Filters.
Chapter 10: Introduction to Solaris Exploitation.
Chapter 11: Advanced Solaris Exploitation.
Chapter 12: OS X Shellcode.
Chapter 13: Cisco IOS Exploitation.
Chapter 14: Protection Mechanisms.
Part III: Vulnerability Discovery.
Chapter 15: Establishing a Working Environment.
Chapter 16: Fault Injection.
Chapter 17: The Art of Fuzzing.
Chapter 18: Source Code Auditing: Finding Vulnerabilities in C-Based Languages.
Chapter 19: Instrumented Investigation: A Manual Approach.
Chapter 20: Tracing for Vulnerabilities.
Chapter 21: Binary Auditing: Hacking Closed Source Software.
Part IV: Advanced Materials.
Chapter 22: Alternative Payload Strategies.
Chapter 23: Writing Exploits that Work in the Wild.
Chapter 24: Attacking Database Software.
Chapter 25: Unix Kernel Overflows.
Chapter 26: Exploiting Unix Kernel Vulnerabilities.
Chapter 27: Hacking the Windows Kernel.
Index.
About the Authors
Chris Anley is a founder and director of NGSSoftware, a UK-based security software,
consultancy, and research company.
John Heasman is the Director of Research at NGSSoftware.
Felix "FX" Linder leads SABRE Labs GmbH, a Berlin-based security
consulting company.
Gerardo Richarte is a co-founder of Core Security Technologies, creators of
the revolutionary CORE IMPACT penetration testing tool.
|
