This free Computer Ebooks and tutorial download site provides free e-books in Core JAVA, J2EE, Advanced, J2ME, JSP Ebooks and Tutorial, CCIE, CCNA, CCIP, CCNP, CCDP, CCSP Ebooks and Tutorial & Ebook references, Basic Electronics, Computer Hardware, Microprocessor, System programming, Oracle, Mysql, Ms sql, sybase, db2 Ebooks and Tutorial, Networking Ebooks and Tutorials, Data Structure and Algorithms Ebooks and Tutorial, CSS, HTML, Javascript, CGI,cisco,php,SAP.

Thursday, October 11, 2007

Syngress - Writing Security Tools and Exploits

Syngress - Writing Security Tools and Exploits

# Format: Adobe Reader (PDF)
# Printable: Yes. This title is printable
# Mac OS Compatible: OS 9.x or later
# Windows Compatible: Yes
# Handheld Compatible: Yes. Adobe Reader is available for PalmOS, Pocket PC, and Symbian OS.
# File Size: 6725 KB
# Digital: 664 pages
# Publisher: SYNGRESS; 1 edition (April 6, 2006)
# In-Print Editions: Paperback (Illustrated) | All Editions

Book Description :

Software exploits are being created more easily and faster than ever, while attackers are launching more sophisticated attacks for financial gain. This book will teach readers HOW these exploits were developed, WHY the code was vulnerable to begin with, and WHAT they can do to stop the next exploit.

Would like just to tell how good this book is (and it is indeed), but I am very disappointed by the fact that no CD is actually included and the companion Web site doesn't seem to exist either. !!

The Editorial review claims:

"The book is accompanied with a companion Web site containing both commented and uncommented versions of the source code examples presented throughout the book. In addition to the book source code, the CD also contains a copy of the author-developed Hacker Code Library v1.0."

Well, sorrily, that's NOT true.

Perhaps this confusion is due to changes resulting from the merge of Syngress with ORA, but still not fair with buyers.

Otherwise, if you, like me, are a researcher (or just interested) in the "secure code" area, then buy the book in spite of all.

By far it is the very best book written about these issues. Best in the sense of most useful. Well designed organized, with in deep study of vulnerabilities and associated exploit codes. Shellcode is explained in a rich and fresh way and the Why, How and When of shellcode are explained under an integrated framework.

NASL and MSF are explained and used in detailed and useful examples, and IMHO, this book presents the most easy, clear and condensed explanation about the Race Conditions, Format Strings, and Buffer Overflows problems I ever read yet.

Warning: Not an entry level book. You need to be familiar with several software and hardware architecture concepts to obtain full benefits from it.

BigDownload link :


Digg this

No comments: