Reading Hacking-The Art of Exploitation

Ralph DeFrangesco

I have seen Hacking-The Art of Exploitation, by Jon Erickson, on bookstore shelves many times and have always wanted to pick up a copy, but for some reason I just never did. Until now. I have to admit right up front that I was a little intimated, starting with chapter two. A good portion of the book consists of examples written in the C programming language. It has been some time since I have programmed in C, so I had some difficulty following the included examples.


Chapter two starts out simply enough with basic programming techniques, but then it jumps heavily into analyzing compiled binaries, using a debugger for stepping through compiled code, and looking even at Assembly language. And as if that were not enough, you'll finish the chapter decomposing memory segments and the heap. And again, that's just chapter two.


In chapter three, the author starts discussing exploit techniques, again using examples written in C. Chapter four covers the OSI model and how packets travel up and down the OSI layers. Chapter five discusses the power of shell code, written in Assembly, of course. Chapter six does a great job discussing intrusion detection and using countermeasures to respond against an attacker. Finally, chapter seven covers cryptology. The author covers one-time pads, symmetric and asymmetric encryption, and man-in-the-middle attacks, all written in plain English.


If you are the geeky type of person that likes digging into the bits and bytes of how things work, this is the book for you.

Add Comment      Leave a comment on this blog post
Jan 20, 2009 3:23 AM Mike Pilaitis Mike Pilaitis  says:
Do you feel this book would be beneficial for a security professional build adequate defenses?Mike Pilaitis Reply
Jan 22, 2009 3:03 AM devendra devendra  says:
could you plz tell me the price ? Reply
Jan 22, 2009 9:25 AM Ralph DeFrangesco Ralph DeFrangesco  says:
Mike,I do see value in the book. If you can get past the 'C' programming part, you can really learn a lot about hacking from the inside out. I think for an administrator, you would do better with one the books geared to security adminstration. Keep reading the blog and I will make some book suggestions in the coming months.-Ralph Reply
Jan 22, 2009 9:32 AM Ralph DeFrangesco Ralph DeFrangesco  says:
Devendra,I checked on Amazon and you can but it new for as cheep as $33.62 USD. Here is the link: Reply

Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.