Customer Reviews


3 Reviews
5 star:
 (2)
4 star:
 (1)
3 star:    (0)
2 star:    (0)
1 star:    (0)
 
 
 
 
 
Average Customer Review
Share your thoughts with other customers
Create your own review
 
 
Most Helpful First | Newest First

1 of 1 people found the following review helpful
4.0 out of 5 stars Good for reference, not a tutorial, 28 Aug 2012
By 
M. SMITH - See all my reviews
(REAL NAME)   
Verified Purchase(What is this?)
This review is from: The Shellcoder's Handbook: Discovering and Exploiting Security Holes (Paperback)
This book is a good reference to have to hand if you are trying to write or understand shellcode. Initially it shows the basic stack overflow techniques of old, I worked through these examples using Dam Vulnerable Linux, because every other system will be well protected against these bugs. I got a bit too bogged down with trying to reverse engineer the code and understand every assembly instruction at this point, which i wouldn't recommend.

The book then goes into different operating systems and the basics of how to write shellcode for it. Covering Windows, Linux, Solaris, and OSX. This is where i got the most benefit from understanding why Windows shellcode looks and acts the way it does.
I would advise not to read this book in order but to go directly to the information that you need. It is not a step by step or a training text. Chapter 15 Establishing a Working Environment is a good place to start if you want to get a machine up and running with the relevant tools you require.

This book also helped to make assembler more interesting. Chapter 21, Binary Auditing, shows how various C and C++ statements look once they have been compiled and then decompiled.

One interesting concept briefly mentioned is by tracking advisories and bug reports you may be able to identify patterns of similar bugs or problems occurring.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


5.0 out of 5 stars Dated but still very relevant, 17 Jun 2013
By 
Robert C. B. Larsen (Denmark) - See all my reviews
(REAL NAME)   
Verified Purchase(What is this?)
I really love this book. If you're into binary exploitation, this is a must even thou it is six years old (at the time of this writing).
New security techniques have appeared and data is often times no longer executable but all the stuff in the book lays the ground for more modern techniques. Still today you need to understand how shellcode works, how a simple buffer overflow can overwrite critical information and so on.

I would love to see a third edition covering return oriented programming, heap feng shui, heap/JIT spraying and other modern techniques.

The book focuses entirely on binary exploitation so no attention at all is paid to SQL injection, XSS and the like.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


5.0 out of 5 stars Five Stars, 24 July 2014
By 
Verified Purchase(What is this?)
This review is from: The Shellcoder's Handbook: Discovering and Exploiting Security Holes (Paperback)
Perfect introduction
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


Most Helpful First | Newest First

This product

The Shellcoder's Handbook: Discovering and Exploiting Security Holes
The Shellcoder's Handbook: Discovering and Exploiting Security Holes by Gerardo Richarte (Paperback - 10 Aug 2007)
£21.75
In stock
Add to basket Add to wishlist
Only search this product's reviews