Hacking: The Art of Exploitation: The Art of Exploitation and over one million other books are available for Amazon Kindle. Learn more
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See all 2 images
Sell yours for a Gift Card
We'll buy it for $11.58
Learn More
Trade in now
Have one to sell? Sell on Amazon

Hacking: The Art of Exploitation, 2nd Edition Paperback – January 11, 2008

ISBN-13: 978-1593271442 ISBN-10: 1593271441 Edition: 2nd
Buy new
Used & new from other sellers Delivery options vary per offer
126 used & new from $17.91
Rent from Amazon Price New from Used from
"Please retry"
"Please retry"
$22.61 $17.91
Free Two-Day Shipping for College Students with Amazon Student Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student

Hero Quick Promo
Save up to 90% on Textbooks
Rent textbooks, buy textbooks, or get up to 80% back when you sell us your books. Shop Now
$28.97 FREE Shipping on orders over $35. In Stock. Ships from and sold by Amazon.com. Gift-wrap available.

Frequently Bought Together

Hacking: The Art of Exploitation, 2nd Edition + The Hacker Playbook: Practical Guide To Penetration Testing + Rtfm: Red Team Field Manual
Price for all three: $60.46

Buy the selected items together

Editorial Reviews

About the Author

Jon Erickson has a formal education in computer science and has been hacking and programming since he was five years old. He speaks at computer security conferences and trains security teams around the world. Currently, he works as a vulnerability researcher and security specialist in Northern California.


Shop the new tech.book(store)
New! Introducing the tech.book(store), a hub for Software Developers and Architects, Networking Administrators, TPMs, and other technology professionals to find highly-rated and highly-relevant career resources. Shop books on programming and big data, or read this week's blog posts by authors and thought-leaders in the tech industry. > Shop now

Product Details

  • Paperback: 488 pages
  • Publisher: No Starch Press; 2nd edition (February 4, 2008)
  • Language: English
  • ISBN-10: 1593271441
  • ISBN-13: 978-1593271442
  • Product Dimensions: 7 x 1.2 x 9.2 inches
  • Shipping Weight: 1.9 pounds (View shipping rates and policies)
  • Average Customer Review: 4.5 out of 5 stars  See all reviews (111 customer reviews)
  • Amazon Best Sellers Rank: #5,623 in Books (See Top 100 in Books)

More About the Author

Jon Erickson has a formal education in computer science and speaks frequently at computer security conferences around the world. He currently works as a cryptologist and security specialist in Northern California.

Customer Reviews

4.5 out of 5 stars

Most Helpful Customer Reviews

122 of 127 people found the following review helpful By Henrik Lund Kramshøj on March 27, 2008
Format: Paperback
This is the second edition of a well known book about hacking and contains a lot about hacking. Jon Erickson has expanded the book from the first edition doubling the number of pages to 450 pages and a Linux based Live-CD is also included.

I don't own the first edition, since I had to choose between Hacking by Jon Erickson and The Shellcoders Handbook (first edition, it is also in 2nd ed. now). I choose the Shellcoders handbook, which I have considered my bible for buffer overflows and hacking.

Now that I have read Jon Ericksons book about hacking I have two bibles, both excellent and well written, both covering some of the same stuff - but in very different ways.

This book details the steps done to perform buffer overflows on Linux on the x86 architecture. So detailed that any computer science student can do it, and they should. Every computer science student or aspiring programmer should be forced to read this book along with another book called 19 deadly sins of software programming.

That alone would improve internet security and program reliability in the future. Why you may ask, because this book teaches hacking, and how you can get started hacking.

Not hacking as doing criminal computer break ins, but thinking like an old-school hacker - doing clever stuff, seeing the things others don't. This book contains the missing link back to the old days, where hackers were not necessarily bad guys. Unfortunately today the term hacker IS dead in the public eye, it HAS been maimed, mutilated and the war about changing it back to the old meaning is over. (Actually this war was fought in the 1990's but some youngsters new to hacking still think it can be won, don't waste your time.
Read more ›
1 Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
61 of 65 people found the following review helpful By Richard Bejtlich on July 27, 2011
Format: Paperback
This is the last in a recent collection of reviews on "hacking" books. Jon Erickson's Hacking, 2nd Ed (H2E) is one of the most remarkable books in the group I just read. H2E is in some senses amazing because the author takes the reader on a journey through programming, exploitation, shellcode, and so forth, yet helps the reader climb each mountain. While the material is sufficiently technical to scare some readers away, those that remain will definitely learn more about the craft.

H2E accomplishes a very difficult task. The book strives to take readers with little to no real "hacking" knowledge to a level where they can at least understand, if not perform, fairly complicated digital security tasks. Other books aren't as successful, e.g., "Gray Hat Hacking," which features material on C, assembly, Python, etc. into one short chapter. In contrast, H2E, in my opinion, does a credible job leading the reader from pseudo-code to C and assembly. Now, I would not recommend this book as a reader's sole introduction to programming, let alone C or assembly. Please see my older reviews for recommendations on books devoted to those topics. Still, H2E credibly integrates programming into the hacker narrative in a compelling and educational manner.

The author also has a great eye for consistency and style. I welcomed reading his examples using gdb, where he presented code, explained it, stepped through execution, showed memory, transitioned from displaying source, then assembly, and so on. This was a compelling teaching method that technical authors should try to emulate.

Overall I really liked H2E, hence the 5 star review. My only main gripe was the author seems to believe that it's in society's benefit for black hats to test and exploit defenses.
Read more ›
1 Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
37 of 43 people found the following review helpful By Lance C. Hibbeler on January 20, 2009
Format: Paperback Verified Purchase
The easiest way to sum up this book is simply "wow." Erickson discusses the fundamentals of exploits (hacks) on local machines and remote machines, and also hits on a bit of cryptology. The meat of book is sandwiched by something of an inner dialogue and history of hacking, which alone are worth the cost of the book. This book is not for the layman or the faint of heart- you have to know how to write code, and you have to at least know how to read Intel x86 assembly, if not write it. It also doesn't hurt to know how programs are actually executed- beyond just double-clicking an icon- I'm talking about stacks and heaps and everything else. The second chapter is possibly the most elegant summary of programming and the C language I have ever seen, ever, but nothing beats a few years "in the trenches."

So once you've refreshed your basics of programming, Erickson gets right into it, discussing buffer overflows. He builds up from the most simple concepts into more and more complicated tools- which seems to be exactly how we have arrived at modern exploits; the hackers and the anti-hackers have been co-evolving over the years. Next comes hacking remote machines, including how to cover your tracks- which I found to be some of the most devious ideas presented. If you take your time, and run some of the exploits yourself on the included CD, you will come away with an incredible knowledge of how many exploits work from their most fundamental level. If you're anything like me, you will enjoy the "hunt" of trying to counter the exploit before Erickson explains the solution. Also, if you're anything like me, you will walk away from the book shaking your head at the rut called ASCII that we've worked ourselves into.
Read more ›
3 Comments Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Most Recent Customer Reviews

Set up an Amazon Giveaway

Amazon Giveaway allows you to run promotional giveaways in order to create buzz, reward your audience, and attract new followers and customers. Learn more
Hacking: The Art of Exploitation, 2nd Edition
This item: Hacking: The Art of Exploitation, 2nd Edition
Price: $28.97
Ships from and sold by Amazon.com