“…80%…anyone developing their own software may be surprised by how easily flaws can be exploited and fixed…” (PC Utilities, July 2004)
“…essential for administrators who want to secure computer systems under their management…” (Computer Weekly, March 2004)
"...has caused some raised eyebrows in the technical community..." (www.infoworld.com, 17 March 2004)
From the Back Cover
Every day, patches are created to cover up security holes in software applications and operating systems. But by the time you download a patch, it could be too late. A hacker may have already taken advantage of the hole and wreaked havoc on your system. This innovative book will help you stay one step ahead. It gives you the tools to discover vulnerabilities in C-language-based software, exploit the vulnerabilities you find, and prevent new security holes from occurring.
The Shellcoder’s Handbook is written by a unique author team, consisting of "white hat" corporate security experts and underground hacker-cracker types, who are the most respected contributors to Bugtraq, a vulnerability tracking mailing list. They take you from introductory-level exploitation and exposing vulnerabilities in binaries to advanced content on kernel overflows. In addition, they provide you with advanced techniques to close new security holes that are not yet known to the public but could cause devastating consequences. With all this information, you'll be able to develop your own discovery process and quickly determine whether a security hole is truly exploitable. The methods discussed will also dramatically improve your penetration testing skills in order to achieve a "100% Penetration Rate Guaranteed."
The Shellcoder's Handbook shows you how to:
- Find out where security holes come from and how to close them so they never occur again
- Pinpoint vulnerabilities in popular operating systems (including Windows®, Linux®, and SolarisTM) and applications (including MS SQL Server and Oracle® databases)
- Write exploits for use with filters and hack closed source systems to understand what countermeasures need to be taken
- Deal with discovered vulnerabilities using previously unpublished advanced exploits and techniques