Hacking: The Art of Exploitation, 2nd Edition

I've read quite a few books on hacking, many of which focus on specific technologies—such as using tools to perform reconnaissance on websites and identify potential attack targets. This book, however, takes a different approach. It starts by teaching the fundamentals of assembly and C programming, then moves on to help you identify programs vulnerable to buffer overflows. You'll learn how to write shellcode to exploit these vulnerabilities.What sets this book apart is its minimal reliance on abstractions. For instance, it teaches you how to build your own simple web server, which you can then exploit. Need to perform a SYN flood against a target? No problem—you'll write your own in C to fully understand the process. This hands-on approach will give you a solid understanding of networking. There's even a chapter dedicated to cryptography, which will deepen your knowledge in this critical area.To top it off, the book culminates in a project where you'll learn to crack WEP encryption—not with third-party tools, but by exploiting weak initialization vectors (IVs) and doing it all yourself.While some of the examples, such as the buffer overflow scenarios, may not work in real-world environments, this book is still an invaluable resource. It covers essential foundational knowledge that will serve you well on your hacking journey. There are books that quickly get outdated because they teach you how to use tools. This book is a classic. It teaches you understanding. After reading this, you’ll have a better understanding of how third-party tools work, or you can write your own!

This is a 'real' hacking book, not another high level concepts book. It examines low level exploits, mostly via assembly language and C code examples.By page 21, Jon is walking the user through an object dump of a C program, by page 25 explaining the Intel assembly language.We have all heard of buffer overflow exploits, shellcodes. Jon provides detailed coding examples, teaching the reader about registers, memory locations - all in exacting, working detail.My favorite part of the book is when Jon, wanting to reduce the footprint of a sample exploit program's code, reverses a loop's order, shortening a section of code from 5 to 4 instructions! Super clever.

I had the first edition copy of this book that I studied. This second edition has a lot more knowledge and sets the mindset to have. It’s very insightful and tackles concept in an easy to grasp way.The first edition had a CD in the back, but since then they have gone away with the physical disk and have a link in the back of the book to set up your vm or machine to practice the concepts in a safe environment.This is a great addition to anyone curious about computers and wanting to do a hands on approach. I’d recommend for beginners up to advanced. It’s a handy reference and great for getting your feet wet.

Amazing book. Really gets you thinking the correct way for coding with C / C++. The book was in decent shape, definitely used, but still in decent condition. Haven't found scribbles or tears. So very acceptable shape.

I picked this book up a number of years ago when I got interested in understanding exploits. I've got experience writing code, and even some basic knowledge of networking. However it was difficult to get past the first 3 chapters. I stopped, and started elsewhere.This book will cover everything you need to know, and while that sounds great it's not for beginners or people looking to start quickly.I recommend seeking introductory knowledge elsewhere, C, OSI, TCP/IP, operating systems etc. Penetration Testing a Hands on Guide by Georgia Weidmam is a good way to get started with just getting hands on practice.Once I went back and got a grip on these concepts and had some practice the book was easier to understand and I came to appreciate it much more.Its not an easy read, and you need to have some solid understanding of the machine as a whole. After I played with buffer overflows in a VM I went back and appreciated chapter 0x200s coverage of registers and what they do.Buy this book only if you have a solid understanding of the computer as a whole, or will develop it alongside.The book will not get you started. It will definitely help you develop the understanding of why a buffer overflow script written in Python works, and how. If you want to get up and running quickly look elsewhere. But that doesn't mean it's a bad text, it's well done, insightful, and will help you understand the why of exploiting software.