A Bug Hunter's Diary

A Bug Hunter's Diary

3.86 (161 ratings by Goodreads)
By (author) 

List price: US$39.95

Currently unavailable

We can notify you when this item is back in stock

Add to wishlist

AbeBooks may have this title (opens in new window).

Try AbeBooks

Description

"This is one of the most interesting infosec books to come out in the last several years." Dino Dai Zovi, Information Security Professional

"Give a man an exploit and you make him a hacker for a day; teach a man to exploit bugs and you make him a hacker for a lifetime." Felix 'FX' Lindner

Seemingly simple bugs can have drastic consequences, allowing attackers to compromise systems, escalate local privileges, and otherwise wreak havoc on a system.

A Bug Hunter's Diary follows security expert Tobias Klein as he tracks down and exploits bugs in some of the world's most popular software, like Apple's iOS, the VLC media player, web browsers, and even the Mac OS X kernel. In this one-of-a-kind account, you'll see how the developers responsible for these flaws patched the bugs or failed to respond at all. As you follow Klein on his journey, you'll gain deep technical knowledge and insight into how hackers approach difficult problems and experience the true joys (and frustrations) of bug hunting.

Along the way you'll learn how to:

Use field-tested techniques to find bugs, like identifying and tracing user input data and reverse engineeringExploit vulnerabilities like NULL pointer dereferences, buffer overflows, and type conversion flawsDevelop proof of concept code that verifies the security flawReport bugs to vendors or third party brokers A Bug Hunter's Diary is packed with real-world examples of vulnerable code and the custom programs used to find and test bugs. Whether you're hunting bugs for fun, for profit, or to make the world a safer place, you'll learn valuable new skills by looking over the shoulder of a professional bug hunter in action.

"
show more

Product details

  • Paperback | 200 pages
  • 149.86 x 226.06 x 20.32mm | 317.51g
  • No Starch Press,US
  • San Francisco, United States
  • English
  • black & white line drawings, figures
  • 1593273851
  • 9781593273859
  • 265,014

About Tobias Klein

Tobias Klein is a security researcher and founder of NESO Security Labs, an information security consulting and research company based in Heilbronn, Germany. As a vulnerability researcher, Tobias has identified and helped to fix numerous security vulnerabilities. He is the author of two other information security books published in German by dpunkt.verlag of Heidelberg, Germany.
show more

Table of contents

Acknowledgments
Introduction
Chapter 1: Bug Hunting
Chapter 2: Back to the 90s
Chapter 3: Escape from the WWW Zone
Chapter 4: NULL Pointer FTW
Chapter 5: Browse and You're Owned
Chapter 6: One Kernel to Rule Them All
Chapter 7: A Bug Older Than 4.4BSD
Chapter 8: The Ringtone Massacre
Appendix A: Hints for Hunting
Appendix B: Debugging
Appendix C: Mitigation
Index
show more

Rating details

161 ratings
3.86 out of 5 stars
5 23% (37)
4 47% (76)
3 24% (39)
2 4% (7)
1 1% (2)
Book ratings by Goodreads
Goodreads is the world's largest site for readers with over 50 million reviews. We're featuring millions of their reader ratings on our book pages to help you find your new favourite book. Close X