This much-anticipated revision, written by the ultimate group of top security experts in the world, features 40 percent new content on how to find security holes in any operating system or application
New material addresses the many new exploitation techniques that have been discovered since the first edition, including attacking ΓΓé¼┼ôunbreakableΓΓé¼┬¥ software packages such as McAfeeΓΓé¼Γäós Entercept, Mac OS X, XP, Office 2003, and Vista
Also features the first-ever published information on exploiting CiscoΓΓé¼Γäós IOS, with content that has never before been explored
The companion Web site features downloadable code files
From the Back Cover
The black hats have kept up with security enhancements. Have you?
In the technological arena, three years is a lifetime. Since the first edition of this book was published in 2004, built-in security measures on compilers and operating systems have become commonplace, but are still far from perfect. Arbitrary-code execution vulnerabilities still allow attackers to run code of their choice on your systemΓΓé¼ΓÇ¥with disastrous results.
In a nutshell, this book is about code and data and what happens when the two become confused. YouΓΓé¼Γäóll work with the basic building blocks of security bugsΓΓé¼ΓÇ¥assembler, source code, the stack, the heap, and so on. YouΓΓé¼Γäóll experiment, explore, and understand the systems youΓΓé¼Γäóre runningΓΓé¼ΓÇ¥and how to better protect them.
Become familiar with security holes in Windows, Linux, Solaris, Mac OS X, and CiscoΓΓé¼Γäós IOS
Learn how to write customized tools to protect your systems, not just how to use ready-made ones
Use a working exploit to verify your assessment when auditing a network
Use proof-of-concept exploits to rate the significance of bugs in software youΓΓé¼Γäóre developing
Assess the quality of purchased security products by performing penetration tests based on the information in this book
Understand how bugs are found and how exploits work at the lowest level
Paperback: 744 pages
Publisher: Wiley; 2nd Edition (August 2007)