|
I'm quite interested in gaining a better understanding on what security holes are common in executables, and how one usually would exploit such holes. Which books should I read? Are there any videos on the subject?
This question is marked "community wiki".
|
|
Besides the Art of Exploitation, which is the easiest starter book. Two other books should be mentioned Grey Hat Hacking and Shellcoders Handbook. Shellcoders Handbook is very hands-on and is quickly past shellcode and into the swamp of Windows shellcodes. Grey Hat Hacking is really aimed at pentesters, starting with two chapters about how to social engineer and dumpster diving and such(if these terms means nothing to you, dont worry, it has nothing to do with computer science), but strides on to conquest both shellcode and String programming. But start with a wargame!(IO is good) |
|
If you need to learn the basics, you really should join a community of hackers such as Pwnies. It will accelerate your learning process considerably, and it would be easier to assess how you continue learning. If you prefer to be alone, you could look at https://github.com/mortenbp/Zomg-Pwnies. You could also look at The Art of Exploitation. The trouble with hacking literature, is that it is not that friendly towards newbies - most is either terribly advanced or too pop-sciency (or both). In any case, the most effective way of learning is by doing, so I would recommend that you look at link:IO. |
