Hacking: The Art of Exploitation
2nd Edition
A from-first-principles tour of low-level exploitation that still teaches the mindset two decades later.
As an Amazon Associate we earn from qualifying purchases. The link above is sponsored.
- Authors
- Jon Erickson
- Published
- 2008
- Publisher
- No Starch Press
- Pages
- 488
- Edition
- 2nd Edition
- Language
- English
Table of contents
8 chapters · 46 sections- 0x100
Introduction
- 0x200
Programming
- What is programming?
- Pseudo-code
- Control structures
- More fundamental programming concepts
- Getting your hands dirty
- Back to basics
- Memory segmentation
- Building on basics
- 0x300
Exploitation
- Generalized exploit techniques
- Buffer overflows
- Experimenting with BASH
- Overflows in other segments
- Format strings
- 0x400
Networking
- OSI model
- Sockets
- Peeling back the lower layers
- Network sniffing
- Denial of service
- TCP/IP hijacking
- Port scanning
- Reach out and hack someone
- 0x500
Shellcode
- Assembly vs. C
- The path to shellcode
- Shell-spawning shellcode
- Port-binding shellcode
- Connect-back shellcode
- 0x600
Countermeasures
- Countermeasures that detect
- System daemons
- Tools of the trade
- Log files
- Overlooking the obvious
- Advanced camouflage
- The whole infrastructure
- Payload smuggling
- Buffer restrictions
- Hardening countermeasures
- Nonexecutable stack
- Randomized stack space
- 0x700
Cryptology
- Information theory
- Algorithmic run time
- Symmetric encryption
- Asymmetric encryption
- Hybrid ciphers
- Password cracking
- Wireless 802.11b encryption
- WEP attacks
- 0x800
Conclusion
Prerequisites
Comfort with C, basic shell, and a willingness to read assembly. The included Linux LiveCD makes setup easier but is dated.
Read this if
Self-taught hackers who want to understand what a stack overflow actually is, not just how to invoke msfconsole.
Skip this if
Readers looking for modern exploitation (ASLR, CFI, browser sandboxes). The defenses Erickson covers are now baseline, not frontiers.
Key takeaways
- Exploitation is a way of seeing programs, not a list of techniques.
- Memory corruption is best learned with a debugger open beside the book.
- The first half on C/assembly is worth the price even if you skip the exploits.
Notes
The pedagogy is unusually patient, you compile, disassemble, and watch the stack as your shellcode lands. The exploits target a pre-ASLR era and the LiveCD is a museum piece, but the substrate it teaches (how programs become instructions for a machine) is exactly what every modern offensive resource skips. Read it before LiveOverflow or pwn.college.
What to read before
What to read before Hacking: The Art of Exploitation →Intermediate · 2020
Black Hat Go
Tom Steele, Chris Patten, and Dan Kottmann show how to use Go's networking primitives, concurrency model, and cross-compilation to write offensive tooling that runs almost anywhere.
Intermediate · 2021
Black Hat Python
Justin Seitz and Tim Arnold's hands-on tour of writing offensive tooling in Python: network sniffers, web scrapers, GitHub-based command-and-control, screen capture, keylogging, and Volatility extensions.
Beginner · 2021
Bug Bounty Bootcamp
Vickie Li's pragmatic walk through the bug-bounty workflow, from picking a program and recon to reporting findings that actually pay out.
What to read next
What to read after Hacking: The Art of Exploitation →Advanced · 2017
Attacking Network Protocols
James Forshaw, Project Zero veteran, on how to capture, parse, and break protocols from the wire up to the application layer, with a strong focus on building reusable analysis tooling.
Advanced · 2007
The Shellcoder's Handbook
A foundational text on memory-corruption exploitation across Linux, Windows, Solaris and embedded targets. Pre-modern-mitigations in spirit but still the canonical introduction to the techniques the modern toolchain is built to defeat.
Intermediate · 2020
Black Hat Go
Tom Steele, Chris Patten, and Dan Kottmann show how to use Go's networking primitives, concurrency model, and cross-compilation to write offensive tooling that runs almost anywhere.
Explore similar books
Alternatives to Hacking: The Art of Exploitation →Intermediate · 2021
Black Hat Python
Justin Seitz and Tim Arnold's hands-on tour of writing offensive tooling in Python: network sniffers, web scrapers, GitHub-based command-and-control, screen capture, keylogging, and Volatility extensions.
Intermediate · 2020
Black Hat Go
Tom Steele, Chris Patten, and Dan Kottmann show how to use Go's networking primitives, concurrency model, and cross-compilation to write offensive tooling that runs almost anywhere.
Advanced · 2017
Attacking Network Protocols
James Forshaw, Project Zero veteran, on how to capture, parse, and break protocols from the wire up to the application layer, with a strong focus on building reusable analysis tooling.