Exploiting Software: How to Break Code

"Exploiting Software," by Greg Hoglund and Gary McGraw, is an in-depth look at black hat techniques for finding and exploiting software vulnerabilities.I find myself deeply conflicted by this book: it's hard to square how genuinely useful and informative it is with how atrociously it is written. While it is chock full of concrete nuggets for analyzing code and developing exploits, the good bits are embedded in pages and pages of repetitive, sometimes irrelevant, sometimes even contradictory padding.Techies frequently dismiss "word-smithing" as frivolous. But if you have trouble making sense of a book, or if it misinforms - if it lacks clarity, accuracy, succinctness, and readability - then why bother with it? Not including the references and index, my edition is 445 pages. I would love to read the worthwhile content extracted from the surrounding cruft, which I imagine would be a booklet of about 50 pages.On a minor note, the book is now a bit long in the tooth. At the time it was written, the authors referred to 2010 as "the far future", a point where predictions would be hazardous. Yet despite the frequent references to "NT", I think that the approaches it shows to software cracking remain viable.So, with these reservations, I think that this is a book that should be read by black hats and white hats alike. My advice is to skim through it quickly until a concrete example is found. Work through that, then skim on to the next example.

Still in chapter one, but so far so good! I'll come back and update my review once I get through the book. Thx.

Excellent!! Good Deal, Very Fast Shipping. 5 Stars Seller. Thank You Very Much.

Exploiting Software is a great reference both for reverse engineering beginners and for coders who have done some reversing. The book includes some great example code very helpful for explaining the concepts and as a starting point for exploit development.

I work in IT, for 22 years as a computer programmer ("software engineer") and now in IT Security as an Application Security Engineer (focusing on Web applications, thanks..) so this book is near and dear to me in both capacities. I highly recommend it. Highly technical, profoundly educational... relevant, intelligently written... just a great book. Buy it.

This book is a great review of software security and deserves to be on any security professional's bookshelf. The chapter on Rootkits (Chapter 8) is well worth the price of the book. While the book isn't too long (at just over 400 pages) it does deliver in a concise, easy to read format that makes the book a rewarding read.

The one major strength of this book, from a computer science viewpoint, is its emphasis on "attack patterns". This systemization of these issues really differentiates this book from many of its competitors (which tend to be either the latest 500 hacks or descriptions of standards). Put simply CS is the study of algorithms, and this book fits nicely into that tradition.

I read Exploiting Software (ES) last year but realized I hadn't reviewed it yet. Having read other books by these authors, like McGraw's Software Security and Hoglund's Rootkits, I realized ES was not as good as those newer books. At the time ES was published (2004) it continued to define the software exploitation genre begun in Building Secure Software. However, I don't think it's necessary to pay close attention to ES when newer books by McGraw and Hoglund are now available.On the positive side, I appreciate three aspects of ES. First, I like the attention paid to attack patterns. This concept makes sense and should be used by other authors who want to describe a means to exploit a target. Second, I am impressed that ES features a whole chapter (5) on attacking client software. When ES was published, client-side attacks were just becoming popular. Discussing this problem shows great insights on the part of the authors. Third, several of the examples in ES are great case studies on exploiting software. When explained in sufficient detail they make for educational reading.On the down side, I agree with several other reviewers that the book seems somewhat erratic. Attack patterns that are two sentences long are probably candidates for inclusion in a chart, not listed in the main text. I don't think the predictions found in ch 1 were necessary, and I think some of the criticism of detection methods in ch 6 border on the ignorant. I agree that perfect detection is impossible, but there are plenty of methods that work in the real world. They may not be real-time, but no intruder is perfectly stealthy in all aspects of an attack.Regarding chapters 7 and 8, on buffer overflows and rootkits -- at 170 pages, those could almost have been their own book. The material doesn't seem to match the rest of the book, and it's obviously Hoglund's work. Add in a like-minded chapter on reverse engineering (3) at 74 pages and you definitely have a stand-alone book!It's probably sufficient to read Building Secure Software, Software Security, and Rookits if you like the McGraw/Hoglund approach to attacking and defending software. Take a quick look at the attack pattern material to get a feel for that concept.

Sicuramente un libro non per tutti, ma solo per esperti del settore, però è molto utile per studiare la sicurezza