I’ll be blogging about exploit development for a course I’m taking at the University of Utah. It’s an independent study with Dr. Matt Might on security exploits. I’ll be using the following books in the course
A comprehensive introduction to the techniques of exploitation and creative problem-solving methods commonly referred to as “hacking.” It shows how hackers exploit programs and write exploits, instead of just how to run other people’s exploits. This book explains the technical aspects of hacking, including stack based overflows, heap based overflows, string exploits, return-into-libc, shellcode, and cryptographic attacks on 802.11b.
The Shellcoder’s Handbook: Discovering and Exploiting Security Holes (Paperback)
By (author): Jack Koziol, David Litchfield, Dave Aitel, Chris Anley, Sinan “noir” Eren, Neel Mehta, Riley Hassell
- Examines where security holes come from, how to discover them, how hackers exploit them and take control of systems on a daily basis, and most importantly, how to close these security holes so they never occur again
- A unique author team-a blend of industry and underground experts- explain the techniques that readers can use to uncover security holes in any software or operating system
- Shows how to pinpoint vulnerabilities in popular operating systems (including Windows, Linux, and Solaris) and applications (including MS SQL Server and Oracle databases)
- Details how to deal with discovered vulnerabilities, sharing some previously unpublished advanced exploits and techniques