Home > Software Quality Tips > Application Security Book Excerpts > Exploiting Software: How to Break Code -- Chapter 7, Buffer Overflow
Software Quality Tips:
EMAIL THIS
 TIPS & NEWSLETTERS TOPICS 

APPLICATION SECURITY BOOK EXCERPTS

Exploiting Software: How to Break Code -- Chapter 7, Buffer Overflow


Greg Hoglund and Gary McGraw
01.11.2006
Rating: -4.00- (out of 5)


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



As a registered member of SearchAppSecurity.com, you're entitled to a complimentary copy of Chapter 7 of Exploiting Software: How to Break Code written by Greg Hoglund and Gary McGraw and published by Addison-Wesley Professional.

This chapter, "Buffer Overflow," discusses what buffer overflow attacks are, how to combat them and why they remain the crown jewel of attacks, and are likely to remain so for years to come.


Exploiting Software: How to Break Code

Book description:

How does software break? How do attackers make software break on purpose? Why are firewalls, intrusion detection systems and antivirus software not keeping out the bad guys? What tools can be used to break software? This book provides the answers.

Exploiting Software is loaded with examples of real attacks, attack patterns, tools, and techniques used by bad guys to break software. If you want to protect your software from attack, you must first learn how real attacks are really carried out.

This must-have book may shock you -- and it will certainly educate you. Getting beyond the script kiddie treatment found in many hacking books, you will learn about

  • Why software exploit will continue to be a serious problem
  • When network security mechanisms do not work
  • Attack patterns
  • Reverse engineering
  • Classic attacks against server software
  • Surprising attacks against client software
  • Techniques for crafting malicious input
  • The technical details of buffer overflows
  • Rootkits

Exploiting Software is filled with the tools, concepts, and knowledge necessary to break software.

>> Read "Chapter 7: Buffer Overflow" now.

>> Buy the book

Rate this Tip
To rate tips, you must be a member of SearchSoftwareQuality.com.
Register now to start rating these tips. Log in if you are already a member.




Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



RELATED CONTENT
Application Security Book Excerpts
Cybersecurity czar candidate questions clout of new position
Commonly-overlooked security flaws in rich Internet applications
Common mistakes in real-time Java programming
Web Security Testing Cookbook sample recipe
Fuzzing for Software Security Testing and Quality Assurance: Chapter 3, Testing for Quality
Software Security Engineering: A Guide for Project Managers -- Chapter 3, Requirements Engineering for Secure Software
InfoSecurity 2008 Threat Analysis, Chapter 4: XSS Theory
Google Hacking for Penetration Testers, Volume 2: Chapter 6, Locating Exploits and Finding Targets
Ajax Security -- Chapter 6, Transparency in Ajax Applications
Fuzzing: Brute Force Vulnerability Discovery -- Chapter 12, Fuzzing Frameworks

Security Vulnerabilities
InfoSecurity 2008 Threat Analysis, Chapter 4: XSS Theory
Cross Site Scripting Attacks: XSS Exploits and Defense -- Chapter 5, Advanced XSS Attack Vectors
Input Validation Attacks -- Chapter 6, Hacking Exposed Web Applications, Second Edition
How to Break Web Software: Functional and Security Testing of Web Applications and Web Services -- Chapter 4: State-Based Attacks

Hiring, mentoring and training for software projects
Is your software test team rigorously incompetent?
Advice on how to enter the software technology field
Optimizing project management using text messaging, IMs, and Skype
How to get a software testing job in a recession
Does Microsoft offer an international testing certification?
How to handle IT project management in a recession
How teams transition to agile development methodologies
Do security certifications really matter? Yes, really
Cutting staff for a more agile software development team
Software development lifecycle (SDLC) trends 2009: Requirements, agile

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
Project Management Professional (PMP)  (SearchSoftwareQuality.com)

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary

DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.



Software Design & Testing - Project Management
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2006 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts