Programming Books C Java PHP Python Learn more Browse Programming Books
Hacking: The Art of Exploitation: The Art of Exploitation and over one million other books are available for Amazon Kindle. Learn more

Sorry, this item is not available in
Image not available for
Image not available

To view this video download Flash Player


Sign in to turn on 1-Click ordering
Sell Us Your Item
For a $10.78 Gift Card
Trade in
More Buying Choices
Have one to sell? Sell yours here
Start reading Hacking: The Art of Exploitation: The Art of Exploitation on your Kindle in under a minute.

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Hacking: The Art of Exploitation, 2nd Edition [Paperback]

Jon Erickson
4.5 out of 5 stars  See all reviews (81 customer reviews)

Buy New
$28.97 & FREE Shipping on orders over $35. Details
$15.99 - $17.00
Temporarily out of stock.
Order now and we'll deliver when available. We'll e-mail you with an estimated delivery date as soon as we have more information. Your account will only be charged when we ship the item.
Ships from and sold by Gift-wrap available.
In Stock.
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
Free Two-Day Shipping for College Students with Amazon Student


Amazon Price New from Used from
Kindle Edition $22.99  
Paperback $28.97  
Shop the New Digital Design Bookstore
Check out the Digital Design Bookstore, a new hub for photographers, art directors, illustrators, web developers, and other creative individuals to find highly rated and highly relevant career resources. Shop books on web development and graphic design, or check out blog posts by authors and thought-leaders in the design industry. Shop now

Book Description

January 11, 2008 1593271441 978-1593271442 2nd

Hacking is the art of creative problem solving, whether that means finding an unconventional solution to a difficult problem or exploiting holes in sloppy programming. Many people call themselves hackers, but few have the strong technical foundation needed to really push the envelope.

Rather than merely showing how to run existing exploits, author Jon Erickson explains how arcane hacking techniques actually work. To share the art and science of hacking in a way that is accessible to everyone, Hacking: The Art of Exploitation, 2nd Edition introduces the fundamentals of C programming from a hacker's perspective.

The included LiveCD provides a complete Linux programming and debugging environment-all without modifying your current operating system. Use it to follow along with the book's examples as you fill gaps in your knowledge and explore hacking techniques on your own. Get your hands dirty debugging code, overflowing buffers, hijacking network communications, bypassing protections, exploiting cryptographic weaknesses, and perhaps even inventing new exploits. This book will teach you how to:

  • Program computers using C, assembly language, and shell scripts
  • Corrupt system memory to run arbitrary code using buffer overflows and format strings
  • Inspect processor registers and system memory with a debugger to gain a real understanding of what is happening
  • Outsmart common security measures like nonexecutable stacks and intrusion detection systems
  • Gain access to a remote server using port-binding or connect-back shellcode, and alter a server's logging behavior to hide your presence
  • Redirect network traffic, conceal open ports, and hijack TCP connections
  • Crack encrypted wireless traffic using the FMS attack, and speed up brute-force attacks using a password probability matrix

Hackers are always pushing the boundaries, investigating the unknown, and evolving their art. Even if you don't already know how to program, Hacking: The Art of Exploitation, 2nd Edition will give you a complete picture of programming, machine architecture, network communications, and existing hacking techniques. Combine this knowledge with the included Linux environment, and all you need is your own creativity.

Frequently Bought Together

Hacking: The Art of Exploitation, 2nd Edition + The Hacker Playbook: Practical Guide To Penetration Testing + Rtfm: Red Team Field Manual
Price for all three: $58.33

Some of these items ship sooner than the others.

Buy the selected items together

Editorial Reviews

About the Author

Jon Erickson has a formal education in computer science and has been hacking and programming since he was five years old. He speaks at computer security conferences and trains security teams around the world. Currently, he works as a vulnerability researcher and security specialist in Northern California.

Product Details

  • Paperback: 488 pages
  • Publisher: No Starch Press; 2nd edition (January 11, 2008)
  • Language: English
  • ISBN-10: 1593271441
  • ISBN-13: 978-1593271442
  • Product Dimensions: 9.2 x 7 x 1.2 inches
  • Shipping Weight: 1.9 pounds (View shipping rates and policies)
  • Average Customer Review: 4.5 out of 5 stars  See all reviews (81 customer reviews)
  • Amazon Best Sellers Rank: #11,966 in Books (See Top 100 in Books)

More About the Author

Jon Erickson has a formal education in computer science and speaks frequently at computer security conferences around the world. He currently works as a cryptologist and security specialist in Northern California.

Customer Reviews

Most Helpful Customer Reviews
99 of 104 people found the following review helpful
5.0 out of 5 stars clever tricks and easy to follow exercises March 27, 2008
This is the second edition of a well known book about hacking and contains a lot about hacking. Jon Erickson has expanded the book from the first edition doubling the number of pages to 450 pages and a Linux based Live-CD is also included.

I don't own the first edition, since I had to choose between Hacking by Jon Erickson and The Shellcoders Handbook (first edition, it is also in 2nd ed. now). I choose the Shellcoders handbook, which I have considered my bible for buffer overflows and hacking.

Now that I have read Jon Ericksons book about hacking I have two bibles, both excellent and well written, both covering some of the same stuff - but in very different ways.

This book details the steps done to perform buffer overflows on Linux on the x86 architecture. So detailed that any computer science student can do it, and they should. Every computer science student or aspiring programmer should be forced to read this book along with another book called 19 deadly sins of software programming.

That alone would improve internet security and program reliability in the future. Why you may ask, because this book teaches hacking, and how you can get started hacking.

Not hacking as doing criminal computer break ins, but thinking like an old-school hacker - doing clever stuff, seeing the things others don't. This book contains the missing link back to the old days, where hackers were not necessarily bad guys. Unfortunately today the term hacker IS dead in the public eye, it HAS been maimed, mutilated and the war about changing it back to the old meaning is over. (Actually this war was fought in the 1990's but some youngsters new to hacking still think it can be won, don't waste your time.
Read more ›
Was this review helpful to you?
49 of 52 people found the following review helpful
5.0 out of 5 stars Excellent book for the right kind of reader July 27, 2011
This is the last in a recent collection of reviews on "hacking" books. Jon Erickson's Hacking, 2nd Ed (H2E) is one of the most remarkable books in the group I just read. H2E is in some senses amazing because the author takes the reader on a journey through programming, exploitation, shellcode, and so forth, yet helps the reader climb each mountain. While the material is sufficiently technical to scare some readers away, those that remain will definitely learn more about the craft.

H2E accomplishes a very difficult task. The book strives to take readers with little to no real "hacking" knowledge to a level where they can at least understand, if not perform, fairly complicated digital security tasks. Other books aren't as successful, e.g., "Gray Hat Hacking," which features material on C, assembly, Python, etc. into one short chapter. In contrast, H2E, in my opinion, does a credible job leading the reader from pseudo-code to C and assembly. Now, I would not recommend this book as a reader's sole introduction to programming, let alone C or assembly. Please see my older reviews for recommendations on books devoted to those topics. Still, H2E credibly integrates programming into the hacker narrative in a compelling and educational manner.

The author also has a great eye for consistency and style. I welcomed reading his examples using gdb, where he presented code, explained it, stepped through execution, showed memory, transitioned from displaying source, then assembly, and so on. This was a compelling teaching method that technical authors should try to emulate.

Overall I really liked H2E, hence the 5 star review. My only main gripe was the author seems to believe that it's in society's benefit for black hats to test and exploit defenses.
Read more ›
Was this review helpful to you?
28 of 33 people found the following review helpful
4.0 out of 5 stars Find out how deep the rabbit hole really goes January 20, 2009
Format:Paperback|Verified Purchase
The easiest way to sum up this book is simply "wow." Erickson discusses the fundamentals of exploits (hacks) on local machines and remote machines, and also hits on a bit of cryptology. The meat of book is sandwiched by something of an inner dialogue and history of hacking, which alone are worth the cost of the book. This book is not for the layman or the faint of heart- you have to know how to write code, and you have to at least know how to read Intel x86 assembly, if not write it. It also doesn't hurt to know how programs are actually executed- beyond just double-clicking an icon- I'm talking about stacks and heaps and everything else. The second chapter is possibly the most elegant summary of programming and the C language I have ever seen, ever, but nothing beats a few years "in the trenches."

So once you've refreshed your basics of programming, Erickson gets right into it, discussing buffer overflows. He builds up from the most simple concepts into more and more complicated tools- which seems to be exactly how we have arrived at modern exploits; the hackers and the anti-hackers have been co-evolving over the years. Next comes hacking remote machines, including how to cover your tracks- which I found to be some of the most devious ideas presented. If you take your time, and run some of the exploits yourself on the included CD, you will come away with an incredible knowledge of how many exploits work from their most fundamental level. If you're anything like me, you will enjoy the "hunt" of trying to counter the exploit before Erickson explains the solution. Also, if you're anything like me, you will walk away from the book shaking your head at the rut called ASCII that we've worked ourselves into.
Read more ›
Was this review helpful to you?
Most Recent Customer Reviews
5.0 out of 5 stars very informative
Great book, very informative
Published 1 hour ago by Tactical Keychains
4.0 out of 5 stars Bought this for my husband
According to what he said, it's a great book so far (he hasn't finished reading it yet). But since he already knew how to program and uses Linux as his main operating system... Read more
Published 20 days ago by Kaitlin
3.0 out of 5 stars A Little Outdated
Alright, pros first.

- Very solid material
- Covers both programming and hacking, though it would be good to have C background
- Comes with a CD for... Read more
Published 1 month ago by Peter Barnett
5.0 out of 5 stars Great book, require investment of time and effort.
As the book mentioned, hacking is the creative art of problem solving. By that spirit, anybody who tries to solve a problem beyond the original intent of the object could be... Read more
Published 1 month ago by Eric Chou
4.0 out of 5 stars Very good, but dense.
Great explanations of technique and tech. Text is dense and closer to text book then light reading as you would want.
Also a great crash course in GDB. Read more
Published 2 months ago by drew
5.0 out of 5 stars The Best Book
This book is a masterpiece! An absolute guide into the journey of exploitation from the very basics. Read more
Published 2 months ago by Osanda
5.0 out of 5 stars Amazing book a must read for any developer
This was recommended to me by our security department where I do development work and I'm pretty blown away by this book. Read more
Published 2 months ago by AgentK
5.0 out of 5 stars The Story
This book is extremely technical. I've actually had it for about a year or two already, but it was hard to understand, so I just kept it on the bookshelf and read a little here and... Read more
Published 3 months ago by Robert
5.0 out of 5 stars Great Beginner Level Book
This book is great if you have a grasp on C/C++ and want to get into exploitation. It provides code examples and a Live CD. Read more
Published 4 months ago by Reeko
3.0 out of 5 stars CD came in cracked
The book that was shipped to me came in fair condition. The cover's plastic was peeling off in certain areas but it's the content that counts right? Read more
Published 4 months ago by Mr.Bill
Search Customer Reviews
Search these reviews only


There are no discussions about this product yet.
Be the first to discuss this product with the community.
Start a new discussion
First post:
Prompts for sign-in

Look for Similar Items by Category