A Bug Hunter's Diary: A Guided Tour Through the Wilds of Software Security

A Bug Hunter's Diary: A Guided Tour Through the Wilds of Software Security

Tobias Klein

"This is likely one of the finest infosec books to come back out within the final numerous years."
–Dino Dai Zovi, details safety Professional

"Give a guy an take advantage of and also you make him a hacker for an afternoon; train a guy to use insects and also you make him a hacker for a lifetime."
–Felix 'FX' Lindner

Seemingly easy insects could have drastic outcomes, permitting attackers to compromise structures, expand neighborhood privileges, and differently wreak havoc on a system.

A malicious program Hunter's Diary follows safety professional Tobias Klein as he tracks down and exploits insects in a number of the world's preferred software program, like Apple's iOS, the VLC media participant, internet browsers, or even the Mac OS X kernel. during this specific account, you will see how the builders accountable for those flaws patched the bugs—or didn't reply in any respect. As you stick to Klein on his trip, you are going to achieve deep technical wisdom and perception into how hackers procedure tough difficulties and event the real joys (and frustrations) of malicious program hunting.

Along the way in which you are going to learn the way to:

  • Use field-tested strategies to discover insects, like opting for and tracing consumer enter info and opposite engineering
  • Exploit vulnerabilities like NULL pointer dereferences, buffer overflows, and sort conversion flaws
  • Develop evidence of inspiration code that verifies the protection flaw
  • Report insects to proprietors or 3rd occasion brokers

A trojan horse Hunter's Diary is jam-packed with real-world examples of weak code and the customized courses used to discover and try out insects. no matter if you are searching insects for enjoyable, for revenue, or to make the area a more secure position, you will examine worthy new talents by means of taking a look over the shoulder of a pro trojan horse hunter in action.

Show sample text content

Download sample