Hacking: The Art of Exploitation

March 18, 2008
By Jon Erickson
ISBN: 978-1-59327-144-2

Any book that numbers its chapters in hexadecimal can’t be that bad.

Actually the book is quite good. It should prove invaluable to any except those already well versed in the art of exploitation. It can be especially useful to also any C/C++ programmer that wants to avoid problems or at least make it harder for someone to attack their application.

Erickson presents a variety of methods of attack. Some are common such as buffer overflows. Others are less common or have fallen out of vogue for various reasons but the book does more than just cover the basic what and how. While it is definitely not a tome for script kiddies, it is a more thoughtful presentation of the mechanics that are often overlooked in most programming texts. Programmers and security professionals should get a good bit from this book.

Having a background in C/C++ is pretty much a requirement and any exposure to assembler will help. The examples center on the x86 architecture, but most of the open source tools will work on a range of Linux platforms. These include things like a hex editor, dissassembler, and network manipulation and sniffing tools.

The chapter on buffer overflows is probably the most useful and interesting. The sections on networking and shellcode may be the most useful to non-programmers. The Countermeasures chapter varies depending upon the topic but overall it is very good. The cryptography chapter is just right for someone getting started with encryption but this is a complex topic that has a number of books written about the subject already.

This book will take any programmer well beyond the usual programming techniques covered in conventional programming books. It should be viewed as a good introductory text making it a good prerequisite for most programmers in training.

Sponsored Recommendations

What are the Important Considerations when Assessing Cobot Safety?

April 16, 2024
A review of the requirements of ISO/TS 15066 and how they fit in with ISO 10218-1 and 10218-2 a consideration the complexities of collaboration.

Wire & Cable Cutting Digi-Spool® Service

April 16, 2024
Explore DigiKey’s Digi-Spool® professional cutting service for efficient and precise wire and cable management. Custom-cut to your exact specifications for a variety of cable ...

DigiKey Factory Tomorrow Season 3: Sustainable Manufacturing

April 16, 2024
Industry 4.0 is helping manufacturers develop and integrate technologies such as AI, edge computing and connectivity for the factories of tomorrow. Learn more at DigiKey today...

Connectivity – The Backbone of Sustainable Automation

April 16, 2024
Advanced interfaces for signals, data, and electrical power are essential. They help save resources and costs when networking production equipment.


To join the conversation, and become an exclusive member of Electronic Design, create an account today!