Reddit reviews Hacking: The Art of Exploitation, 2nd Edition
We found 101 Reddit comments about Hacking: The Art of Exploitation, 2nd Edition. Here are the top ones, ranked by their Reddit score.
No Starch Press
We found 101 Reddit comments about Hacking: The Art of Exploitation, 2nd Edition. Here are the top ones, ranked by their Reddit score.
Actually, start with some programming, then move on to "The Art of Exploitation" it's the best book on "hacking" I've ever used...
In my opinion; every book in this bundle is a bag of shit.
Here's a list of reputable books, again in my opinion (All links are Non-Affiliate Links):
Web Hacking:
The Web Hackers Handbook (Link)
Infrastructure:
Network Security Assessment (Link)
Please Note: The examples in the book are dated (even though it's been updated to v3), but this book is the best for learning Infrastructure Testing Methodology.
General:
Hacking: The Art of Exploitation (Link)
Grey Hat Hacking (Link)
Linux:
Hacking Exposed: Linux (I don't have a link to a specific book as there are many editions / revisions for this book. Please read the reviews for the edition you want to purchase)
Metasploit:
I recommend the online course "Metaspliot Unleashed" (Link) as opposed to buying the book (Link).
Nmap:
The man pages. The book (Link) is a great reference and looks great on the bookshelf. The reality is, using Nmap is like baking a cake. There are too many variables involved in running the perfect portscan, every environment is different and as such will require tweaking to run efficiently.
Malware Analysis:
Practical Malware Analysis (Link)
The book is old, but the methodology is rock solid.
Programming / Scripting:
Python: Automate the Boring Stuff (Link)
Hope that helps.
Excellent questions! If you are a CS grad you are ahead of the game. However, it all depends on what you want to do. I suggested learning programming/CS principles for two reasons:
If you want to find zero day exploits, yes learn how low level languages work. It would be very helpful in that case.
Otherwise, Learn python (or whatever is popular at the time) to write your own exploit tools....or to modify existing ones.
If you want to be apart of a red team learning lower level languages could make you a better exploiter. However, IMO, I would start with just learning the basics of hacking.
These two books are old but they are absolute standards for anyone starting off:
https://www.amazon.com/dp/1593271441/ref=cm_sw_r_cp_awdb_t1_GYIACb1Z2YXFA
And:
https://www.amazon.com/dp/1593275641/ref=cm_sw_r_cp_awdb_t1_zZIACbMH0WTMP
Also, learn as much as you can on how windows/Linux/virtual machines (and containers) work. The more you know about how an OS works the easier it is to exploit.
Learn to exploit, there are a ton of free sites to help you learn:
http://overthewire.org/wargames/
https://www.cybrary.it
www.vulnhub.com
http://google-gruyere.appspot.com
Learn CTF challenges:
https://ctflearn.com
When you are able to hack take part in real challenges:
https://ctf365.com
Then start your career with a RESPECTED CERT, OSCP:
https://www.offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/
The OSCP is no joke and it is a timed, 24 hour cert test. Yes, you read that right, 24 hours.
Unless you want a government gig stay away from C|EH, it is a joke cert in the community. Again, unless you need to work for a gov agency
Finally, and I cannot stress this enough.....LEARN CLOUD COMPUTING!!! It is here to stay and on-prem systems are dying a slow death. It will change how you exploit systems and how software is engineered/deployed.
HACKING: The Art of Exploitation
There are many books out there that teach you exploits, and most of them are very good. However, this one teaches you how to find them yourself. But despite giving a brief overview of programming in the beginning of the book, it is pretty fast paced. It took me a few weeks to just understand how the registers worked and what they do (though I don't know if you or anyone else would have this problem).
Also, if you are just starting low level programming, do not even think about doing any sort of hacking yet. Before you even think about doing that kind of stuff, you need to know how computers 'think' themselves. Memory management, data structures, basic OS functions, and things like that are important to know before you jump into that kind of stuff. I would actually suggest practicing low level programming on a micro controller. It makes it much easier to start out with.
Here is a "curriculum" of sorts I would suggest, as it's fairly close to how I learned:
Generally you'll probably want to look into IA-32 and the best starting point is the Intel Architecture manual itself, the .pdf can be found here (pdf link).
Because of the depth of that .pdf I would suggest using it mainly as a reference guide while studying "Computer Systems: A Programmers Perspective" and "Secrets of Reverse Engineering".
Of course if you just want to do "pentesting/vuln assessment" in which you rely more on toolsets (for example, Nmap>Nessus>Metasploit) structured around a methodology/framework than you may want to look into one of the PACKT books on Kali or backtrack, get familiar with the tools you will use such as Nmap and Wireshark, and learn basic Networking (a simple CompTIA Networking+ book will be a good enough start). I personally did not go this route nor would I recommend it as it generally shys away from the foundations and seems to me to be settling for becoming comfortable with tools that abstract you from the real "meat" of exploitation and all the things that make NetSec great, fun and challenging in the first place. But everyone is different and it's really more of a personal choice. (By the way, I'm not suggesting this is "lame" or anything, it was just not for me.)
*edited a name out
https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441
The dark side has lot of facets, it depends on what you want to achieve.
If you are already working on web applications and web in general, then you may want to start with the Web Application Hackers Handbook by Dafydd Stuttard and Marcus Pinto.
This is a very valid book and with your existent knowledge it will be a very interesting read: i may also advise you to read The Tangled Web by Michal Zalewski, this instead will give you a very in-depth look of browsers' quirks and their inner working, quirks you'll learn to exploit.. for science!
Then there is the world of binary reverse engineering and exploitation, my preferred literature on this is Hacking: the art of exploitation: keep in mind that the techniques there may be outdated, but the reasoning and much of the concepts are still valid. It's a very specific book with very detailed information and you are required to know a bit of assembler, C and very low-level stuff.
Happy hunting and good luck!
Hey man! I work as Security Analyst - about a year away from graduating with my Bachelors.
I suggest you pick up the CompTIA Security+ Certification, as well as start learning the basics of Networks and how they function. Learn ports and protocols, as well as how IDS/IPS/Firewalls function. This will get you an entry level role as a Jr Analyst. I suggest you use [http://www.professormesser.com/security-plus/sy0-401/sy0-401-course-index/](Professor Messers Security+ Videos) This will teach you the basics of security work, networking concepts, threats, etc.
At the same time start listening to podcasts like Paul's Security Weekly, Down the Security Rabbit Hole, etc. As well as start reading blogs on hacking to get a feel for whats done.
Get a home lab and learn a few tools like Wireshark and Nmap for basic Security Analyst work - to learn how packets work, how they are structured, and how to scan pc's for ports and services. At the same time, focus on learning about threats and vulnerabilities (which are covered in security+).
If you want to get into PenTesting then you need a wide range of knowledge. Pick up and learn a few languages (master the basics and understand what the code does and how to read/interpret it). You need to know: PHP, HTML, SQL, Python (or Ruby), and a basic language like C, or Java.
If you want to dig deeper into PenTesting then start reading: https://www.offensive-security.com/metasploit-unleashed/
Good way to get into the Kali Distro and learn how to run Metasploit against vulnerable VM's.
Take a look at https://www.vulnhub.com/resources/ for books, and vulnerable VM's to practice on.
https://www.cybrary.it/ is also a good place with tons of videos on Ethical Hacking, Post Exploitation, Python for Security, Metasploit, etc.
Pick up some books such as
The Hacker Playbook 2: Practical Guide To Penetration Testing
Hacking: The Art of Exploitation
Black Hat Python: Python Programming for Hackers and Pentesters
Rtfm: Red Team Field Manual
The Hackers Playbook and The Art of Exploitation are great resources to get you started and take you step by step on pen testing that will allow you to alter explore the endless possibilities.
Also a good list of resources that you can learn more about security:
Getting Started in Information Security
Pentester Labs
Awesome InfoSec
Awesome Pentest
Overall experience and certification are what will get you into the door faster. Most employers will look for experience, but if they see you have motivation to learn and the drive to do so, then they might take you. Certifications also are big in the infosec field, as they get you past HR. And having a home lab and doing side projects in security also reflects well.
Two good books I'd recommend for getting started in exploitation:
Both are good resources to start with. Other than that, learn vdb/windbg/ollydbg/your debugger of choice, use it, and start making binaries do your whim. I started by debugging notepad back in the day.
There’s a book called, “Hacking: The Art of Exploitation,” that includes a lot of assembly.
https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441
Go through "Hacking: The Art of Exploitation" by Jon Erickson and learn the skills as needed. When you can make it (and I mean not just do the examples, but understand the how and why in each example) through his book you should have some good base knowledge and an idea what subjects you enjoy, pursue them in that order after that.
amazon link to book
edit formating
Three books I have been using:
The Definitive Guide to How Computers Do Math
Web page here: http://www.diycalculator.com/
Assembly Language Step-by-Step: Programming with Linux
Hacking: The Art of Exploitation, 2nd Edition
The first uses a virtual machine running on Windows, with 5 registers, 65K of virtual memory, a debugger, and will give you a good basic understanding of what is going on. The second book uses Intel X86 on Linux, and gives a solid foundation of the most used instructions. The third book is just good.
Other favorites of mine include "The Art of Debugging" by Norm Matloff (google for his excellent web page) and "Professional Assembly Language" by Richard Blum.
Have fun!
One thing good to learn is social engineering, as its one of the most common threats faced by basically everyone. If you learn how malicious social engineers think (and how they combine knowledge with tech based hacking), you can defend against them better. I enjoyed Unmasking the Social Engineer.
Also, if you're not experienced with low level systems, you should read The Art of Exploitation.
Hey /u/Xerack! I'm the original author of the post linked here.
Appreciate the feedback! If you think I could clarify anything better, please let me know.
As far as resources for Reverse Engineering, I can provide you with a baseline that I would recommend starting with.
x86 Assembly:
If you don't know assembly language at all, this list of videos was where I picked up a decent amount of x86 assembly language.
A few good books would be:
Hands On:
Courses:
Tons of courses on youtube. I learn well from visual, so I recommend these youtube videos:
Beyond that, Google will always be your friend, and /r/reverseengineering. I also have a bunch of material for Malware RE, but that's a bit different than Software RE, though it is relatable.
https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441
Learn C. Eventually Assembly. Buy this book too: http://www.amazon.com/Hacking-The-Art-Exploitation-Edition/dp/1593271441/ref=sr_1_1?ie=UTF8&qid=1334790681&sr=8-1
OSDev - http://wiki.osdev.org/Main_Page
Kernel programming - http://stackoverflow.com/a/12818021
Books:
Hacking the Art of Exploitation - This is a fun book that has a lot to do with programming in C, exploring memory and disassembly.
Practical Reverse Engineering - this is a very informative and short book which is pretty close to the metal in regards to memory and all that but is strongly focused on its namesake so I wouldn't get it if it's not your thing.
LittleOS Book - like 76 pages on building your own OS (also free!).
+1 for mentioning malwareunicorns Reverse Engineering Malware 101 course. I'm pretty excited about starting that after I'm done with some Powershell stuff.
Books for: /u/Kreator333 and /u/curiousdoggo
C/C++:
Assembly/C:
Also OP while your learning the basics here do as many examples as you can. Don't just read it and assume you know everything. For C you can try coding a bunch of classical ciphers and for ASM, debug the assembly of simple programs in gdb. (check out godbolt) or try coding a echo client/server in Nasm.
This is one of my security starter trifecta:
Hacking: The Art of Exploitation
Rtfm: Red Team Field Manual
Blue Team Handbook: Incident Response Edition
wartex8 mentioned it, but I can't speak about Hacking: The Art of Exploitation highly enough...
I may add the book.
Hacking: The Art of Exploitation
https://www.amazon.es/Hacking-2e-Exploitation-Jon-Erickson/dp/1593271441
Buy it, read it, understand it. Skip nothing, and suck it in!
Good? Now go to town on Blowfish at www.smashthestack.org
I was personally recommended by my mentor Hacking: The Art of Exploitation, and The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws
Also some companions sent me some readings on index articles. I'm not so sure of the titles, but just browse around.
http://slav0nic.org.ua/static/books/
http://hackbbs.org/article/book/
Ok I actually understand this, because I took Computer Systems and had to read http://www.amazon.com/Hacking-The-Art-Exploitation-Edition/dp/1593271441. This is awesome.
Given your background as a programmer, I would recommend starting with SQL exploits. You need to have at least a working knowledge in how programs and script work, and it gives you the framework for understand how to be clever with the existing code logic and how to think outside the box.
If that ends up being too easy or once you get a good handle on that, take a look at metasploit and the exploit database associated with that. Rather than just using the exploits, look at the code and get an idea of how the individual exploits work (which are all the same on the base level: using logic in a creative way the original programmers didn't think of or intend).
As for books, I recommend This One as a primer. It's not exactly up to date, but the theory is sound (giving you a solid foundation on how exploits are made and the thought process behind them).
I really like This One for learning metasploit and getting a further understanding of exploit scripts.
And I just love This Book in general. Once you take a look, you'll see why.
Plus one for violent python! Blackhat python is a similar book to violent python too that seems good.
If you're coming from a compsci background or have some C knowledge then "Hacking: The art of Exploitation" is a really good one. I found it pretty hard going not knowing absolutely anything, but revisiting it with what I know now, it really does cover a lot of great topics in really good detail. It's really good at explaining the why of things too, whereas a lot of other materials focus on the how it's done only.
This is a really good book that teaches about software exploitation.
It also includes some great stuff on networking, cryptography etc.
I'm ~70 pages in and it's been invaluable as just a programming resource (C + Assembly) and I haven't even got to the exploitation section yet.
I'd recommend checking the amazon preview of the contents page to see what else it contains. (Bonus, it comes with a linux livecd to help you replicate all the results in the book)
I always liked reading this book. It explains low level concepts well without needing to have a computer in front of me. It definitely has some hands on material but the first 3 chapters or so are solid gold.
https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441
Read Hacking: The Art of Exploitation
Honestly I could recommend this book for the programming section alone.
http://www.amazon.com/Hacking-The-Art-Exploitation-Edition/dp/1593271441
This isn't a bad start. It's like ABC's and 123's. After going through this book, then you can begin more in-depth experimentation.
I know the book Hacking: The Art of Exploitation is often referenced as a book to take you from "I have a little experience" to being a little more comfortable with exploiting system vulnerabilities. Don't know if you have read it yet, but maybe it could help. Though this would likely be more for trying to compromise systems at the OS level rather than cracking specific applications, I imagine the same knowledge could be applied to either case.
One of my favorite definitions of "hacker" comes from one of my favorite technical books - Hacking: The Art of Exploitation.
I just tell people I'm a hacker - it's appropriate if you do pentesting, sysadmin work, IT support, helpdesk, you name it. You run the risk of having people ask about your opinions on Snowden / Wikileaks / the NSA, but for the vast majority people just look mildly terrified and stop bothering you.
Mess around with various programs and operating systems. Learn to program, learn web development, learn scripting languages, learn databasing basics, learn about how networks and computer hardware works. When you have a basic knowledge of any of these areas, see if you actually like them. If you do, learn more of that area. Start to research more of that field, specifically revolving around security. And read. Seriously, find any book on security and read it. "The Art of Exploitation" is an amazing book with a great live CD full of exercises to get you started.
This book is great
This youtube channel is also great.
And r/HowToHack
I don't get how you're in a masters program in cybersec without knowing how to code...
Anyway, if you are leaning towards pentesting/networks, https://www.amazon.ca/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441 as well as black hat python/violent python are what you want to start off, as well as a good book on networking book: https://www.amazon.ca/Computer-Networking-Top-Down-Approach-6th/dp/0132856204.
I'm actually confused about what the content of an msc program could be in cybersec if you don't already know how to code.
With regard to debugging, I would say the major hurdle for me was learning how to deeply inspect and interpret the contents in memory. It's pretty easy to step through a program and see what it's currently doing, but interpreting why it did something it wasn't supposed to do is more challenging. For me, this was a matter of repetitive "learn by doing".
To aid with this, I used gdb as a tool to reverse engineer and write a couple of keygen and serial-cracks for various freemium things randomly downloaded from the internet. This was purely for fun and not connected to my job past learning how to really use gdb. It's not as hard as you might think, though some familiarity with assembly helps. Despite looking like an early 90s bullshit interpretation of computers, this is actually a really great book if you're interested.
As far as testing is concerned, it's not something I had really encountered until my first professional programming job. Testing certainly wasn't taught to me in college. The basics of testing are pretty straight forward. What isn't so straight forward is the skill of writing testable code. It's actually pretty easy to code something up that seems to work but is utterly untestable for a variety of reasons. I think this is the major hurdle when it comes to testing, and a skill I work very hard to teach my junior peers. It just so happens to the case that testable code also tends to be decoupled maintainable code - which is beneficial for obvious reasons.
I really liked the chapter that teaches C in Hacking: The Art of Exploitation, second edition because it also goes over the assembled instructions your CPU is executing and that helps build an understanding of how memory corruption exploits work. Seeing as you're interested in security, that might be a useful path to take.
Note that modern operating systems and compilers have protection against these basic exploitation techniques so they won't work out of the box on a modern machine. You can disable those protections on just about any linux distribution and the book comes with a live linux cd.
https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441
Incredibly good book that gets you started with the fundamentals. This is absolutely barebones fundamentals, and you'll cover a lot of shell scripting and just, in general, what is REALLY happening when someone is "hacking" something.
That is probably a little too low level compared to "cloud security". You could try picking up a CISSP book (don't bother taking the actual exam) and just studying that. Learning how data travels from your application to the OS to the network layer to bare metal onto another computer/machine and back up.
In case you're talking about reverse engineering, malware analysis etc.:
AoE - Hacking - Art of Exploitation
https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441
Also AoE comes with a bootable environment (easy enough to VM). So really if you follow the book your asm should be exact. Follow as prescribed until you understand when you can deviate.
I've only taken an independent study in theoretical crypto, but I quite enjoyed Hacking: The Art of Exploitation. It starts from assembly and works up through buffer overflows, string format exploitations, and various payloads. Also has some crypto at the end. It's certainly not anything like network security, but it's interesting.
+1 for Gray Hat Hacking, the new edition just came out and I haven't had a chance to pick it up yet. Gray Hat Hacking will teach you the fundamentals of writing exploits from scratch.
The sequel to Gray Hat Hacking would have to be Hacking: The Art of Exploitation
I tried starting at H:AOE and it was just too difficult. Picked up Gray Hat and everything made sense!
No problem. I am by no means an expert in writing code or buffer overflows but I have written several myself and even found a few in the wild which was pretty cool. A lot of people want to jump right in to the fun stuff but find out rather quickly that they are missing the skills to perform those tasks. I always suggest to people to start from the ground up when learning to do anything like this. Before going into buffer overflows you need to learn assembly language. Yes, it can be excellent sleep material but it is certainly a must. Once you get an understand of assembly you should learn basic C++. You don't have to be an expert or even intermediate level just learn the basics of it and be familiar with it. The same goes for assembly. Once you get that writing things like shellcode should be no problem. I'll send you some links for a few books I found very helpful. I own these myself and it helped me tremendously.
Jumping into C++: Alex Allain
Write Great Code: Volume1 Understanding the Machine
Write Great Code: Volume2 Thinking Low-Level, Writing High Level
Reversing: Secrets of Reverse Engineering
Hacking: The Art of Exploitation I used this for an IT Security college course. Professor taught us using this book.
The Shellcoders Handbook This book covers EVERYTHING you need to know about shellcodes and is filled with lots of tips and tricks. I use mostly shells from metasploit to plug in but this goes really deep.
.
If you have a strong foundation of knowledge and know the material from the ground-up you will be very successful in the future.
One more thing, I recently took and passed the course from Offensive Security to get my OSCP (Offensive Security Certified Professional). I learned more from that class than years in school. It was worth every penny spent on it. You get to VPN in their lab and run your tools using Kali Linux against a LOT of machines ranging from Windows to Linux and find real vulnerabilities of all kinds. They have training videos that you follow along with and a PDF that teaches you all the knowledge you need to be a pentester. Going in I only had my CEH from eccouncil and felt no where close to being a pentester. After this course I knew I was ready. At the end you take a 24-long test to pass. No questions or anything just hands on hacking. You have 24 hrs to hack into a number of machines and then another 24 hours to write a real pentest report like you would give a client. You even write your own buffer overflow in the course and they walk you through step by step in a very clear way. The course may seem a bit pricey but I got to say it was really worth it. http://www.offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/
Depends on what you want to learn.
Web Application Security?
Exploit Development?
"Pentesting" techniques?
Also check here for tons other of resources.
As for certs, if you are a beginner beginner, then probably stuff like Security+ and Network+. Unlike the guy behind me, I will never get, nor do I really recommend CISSP, unless you are going for strictly blue team (defense) work. I personally enjoy red team (pentesting, etc), so something like OSCP would be more useful.
Like I said in a post above, feel free to PM me with questions. I'm always happy to help others on their quest to learn more about the wide world of infosec :)
Please get cracking then, the only thing stopping you is yourself.
Start here: Hacking Book
Then here is the IP for where imf.org is hosted: 204.180.229.21
http://www.amazon.com/gp/aw/d/1593271441?pc_redir=1396793758&robot_redir=1
Pretty sure that is the text
Frank and beans!
I feel like you're going to learn quite a bit in the course of your degree; however, if you can't wait... I'd recommend this book called Hacking: The Art of Exploitation. The first 70 or so pages are a primer in programming in C. The book then goes into exploit techniques, networking (starting with the OSI model and then going into topics such as sockets, network sniffing, denial of service, port scanning), shell code, countermeasures, and it ends with cryptology.
check it out:
https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441/ref=sr_1_1?ie=UTF8&qid=1526161967&sr=8-1&keywords=hacking+the+art+of+exploitation
keep in mind: this isn't easy, light reading. you will need to work your way sometimes pretty slowly to get a handle on it. so don't be discouraged. reading dense material is a great skill to have, though, and will surely help you in your studies. although, seeing as how you worked your way through a c++ book, you're probably already pretty good at it.
What kind of coding, and what are you interested in regarding security exactly? I would brush up on some python personally.
If you are inclined to read, I think the following are essential.
Hacking: The Art of Exploitation is really inexpensive on Amazon in hard copy. Beautiful Code is also on par with the ebook on their site. I'm not entirely sure how the program works, but someone further down mentioned being able to register a hard copy that was purchased and get the ebook for $5. Probably worth looking into!
Learn about computer programming, networking and Linux. I recommend this book: Hacking: The art of exploitation
I've broken down each of your examples into what I suggest you research in order to create the program. I'm using Python as the language of focus.
Stock Screener:
urllib2
(Programming web interface)Beautifulsoup
(HTML/XML scraper)pygtk
(Graphical interface)Currency Converter:
JSON
(A format for storing information, similar toXML
)pygtk
(Graphical interface)urllib2
,Beautifulsoup
) if you want to take updated currency rates off the internetPen-testing Station:
Grab this http://www.amazon.com/Hacking-The-Art-Exploitation-Edition/dp/1593271441/, read it, then play with the debugger and IDA.
Nmap specifically, I have these three:
For books, I recommend something like Hacking: The Art of Exploitation. This book is famous for being the book about hacking.
http://www.securitytube.net/ has good primers. Hacking: The Art of Exploitation is good, too.
> BTW, this example is garbage for several reasons and it probably means the book is terrible and should be used as a doorstop.
The code seems to come from Hacking: The Art of Exploitation.
"Hacking the art of exploitation" is a book by Jon Erikson
http://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441
It is published by a company called No Starch Press.
They are an amazing publisher and certainly know how to throw a party too!
Went to their party at DEFCON last year and had a blast.
Try checking out Hacking: The Art of Exploitation. In my opinion, it has one of the best overviews of the C language (first chapter) and security is a very relevant application of x86 Assembly knowledge. Plus each concept is interactive.
Might be a heavy read, but if you make sure you learn each concept before moving forward it is very rewarding! Hope this helps :)
An example might be something like a search box, which takes the terms you enter and runs them through a function on the backend to query a database. When a programmer doesn't sanitize input (that is remove special characters) it leaves the possibility that you can reformat the query string and select the data you want returned from the database.
Here is an article that explains how this is done
On the other-side of the coin, are buffer overflow and remote execution exploits. Most of the time, this is going to involve loading a binary in a debugger and setting breakpoints, examining registers and memory locations etc. The goal here is to be able to write certain instructions to memory and get the execution pointer to that memory.. it's much harder than SQL injection.
To do that, you need to understand assembly language, machine code, how instructions are encoded, how memory is stored on big-endian vs little endian.
You should read Hacking: The Art of Exploitation
I’ve been working on this for a while, so I might as well drop it here. It should provide an authoritative answer for “How do I get started in CyberSecurity”
Before I get started, there are a few things I need to explain about cybersecurity - There are a ton of different areas of “CyberSecurity”.
This post is specifically catered around the core concepts of cybersecurity.
The most basic thing you need to understand about cybersecurity: It revolves around stuff communicating with other stuff. Anything from side-channel attacks to large-scale DDoS’ - stuff is insecure because stuff communicates with other stuff. Communication can be hard understand and even harder to define (let alone secure). I know this is a very vague statement, but it’s one of the core, fundamental concepts of cybersecurity.
The second most basic thing about cybersecurity you need to understand - “hacking” (I hate that word) as it’s known is not some bond-villain type activity. It’s intentionally mis-using something that already exists in a way that introduces a security flaw into the environment. Sometimes the right circumstances line up and this flaw can be leveraged into something, but sometimes it can’t.
I split up my resources into offensive-based and defensive-based because it’s important for you to understand that while each of these groups are individually important, each knowledge area is not as effective without the an understanding of the other one.
One other thing to note - Certifications are great, but you need to de-couple the idea that certifications=knowledge/skills in this field. There are certainly certifications that break out of that mold, but for the most part, this holds true. I’ve ordered them in the order in which I used/learned with these resources, so you can follow-along directly in order (if you want to). I learned offense first, so that’s the way I’m laying it out here.
Offensive-Based:
I started my career in InfoSec by studying for the most basic, foundational certification: The Security+. This is the best beginner-level cert that says “I know something about security.”
I learned by going through Professor Messer’s entire course, and I felt pretty ready after I went through it all. Here’s the link to his Sec+ course
Now, lets get into some practical stuff. OverTheWire. These are war-games, or CTF’s - challenges designed to test your practical ability in security, but also designed to help you learn new things. CTF’s are the absolute best way I’ve found to learn security. Here’s the link to OverTheWire in case Google is down. If you get stuck, here are some helpful write-up’s.
Do them in this order:
At this point, you should be set to start with the books and Hacking Labs.
At this point, I’d recommend going for another certification - CEH. Once you have the CEH, you’re ready to move into more practical-based certifications. Here's what I used to learn and practice the CEH:
Now, lets get into some more practical exploitation. PentesterLabs focuses a bit more on WebApp stuff, but I’ve found its the best intro-environment (as it is relatively scripted scenarios, and you don’t have to do as much recon). They're fairly explanatory, and will walk you through the solution if you get stuck.
Next, lets get into HackTheBox (Exploitable virtual machines, ranging in difficulty. You’re going in mostly blind here, so you have to do your own recon and enumeration): HackTheBox
Here are some helpful write-ups (Written Explanations):
Also, there’s some super awesome video explanations by IppSec
After you get through most of these, you should be set to start on your OSCP. The OSCP contains a course (Penetration Testing with Kali), a lab environment (~50-60 vulnerable boxes), and a practical lab test at the end. OSCP
After you’ve completed the OSCP, then you have enough knowledge to continue directly down the cert path, and the courses (in combination with the certs) put out by Offensive Security contain enough good content to where you don’t have to study other resources. The certification path from here on out splits into two different areas: Technical, and management.
If you’re at this point, getting past the OSEE, you can pretty much walk into any offensive-based job, slap you’re cert on the table, and they’ll hire you. You don’t need my help anymore here.
Now, here's the management path:
Having the technical background of the OSCP, plus a CISSP, PMP, and MBA would create an extremely potent executive - one who can understand the technical details and risk, and who then could translate that into verbiage that other executives could understand.
So, you’re overall standard security offensive certification path should look something like:
OR
Now, for the Defensive-based side.
If you're interested in learning more about how exploits are developed, I suggest this nook as a good primer...
http://www.amazon.com/Hacking-The-Art-Exploitation-Edition/dp/1593271441
Would be great if you could explain what it is you actually want to be learning. Are we talking about hacking webapps? IoT-devices? Network hacking?
I think The Art of Exploitation is a great book. Gives you a good idea of the low level stuffz you would need to know if you wish to break into hacking!
Ok. That is very different than most US schools. You're probably going to need to work hard for that one. I would also suggest the Art of Exploitation to brush up on your advanced programming skills https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441. I would also get an account at packt (the free one) and check daily for the free book.
Hacking: The art of exploitation
The Web Application Hackers Handbook
The Tangled Web: A Guide To Securing modern Web Applications
The Hacker Playbook 2
The Hacker playbook 3
Black Hat Python: Python Programming for Hackers and Pentesters
So this is aimed at people in a cyber security degree? What kind of knowledge do they have?
> using all the tools of kali
Pleaseeee no. There are hundreds of programs and scripts in Kali, it would not be feasible to learn and remember them all. Off the top of my head what I would do is:
>Examples of projects I have completed: Coded a basic Linux kernel from the ground up for x86 machines, Working on a basic IRC botnet coded in Python, I have experience in Snort rules and have written Python scripts for log parsing. I have used Wire shark for packet sniffing etc, experience in using IDA for disassembling code for CTFs.
Why on earth would you pursue Sec+ and CISSP if you have experience in those things?
Build a Malware Lab, dude. Check out Practical Malware Analysis and The Art of Memory Forensics. With your experience you could probably wreck those over the summer.
If you want an old school, but relevant (more Red Teamer), you could check out Hacking: The Art of Exploitation and The Shellcoder's Handbook.
Practical Malware Analysis
The Art of Memory Forensics
Hacking
Shellcoder's Handbook
Malware Analyst's Cookbook
I'd recommend Hacking: The Art of Exploitation.
https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441/ref=sr_1_1?ie=UTF8&qid=1510638128&sr=8-1&keywords=hacking+the+art+of+exploitation
This is a very good book overall, but it helps to have a background in Networking.
I’m CompTIA A+ and Network+ certified and finishing a 2 year CS program and Im still learning.
Just learning a couple of languages won't do if your only concern is learning how to exploit. Learning how operating systems work is equally important if not more, though learning a programming language is an obvious first step.
Now, I don't know if these are absolutely necessary but they are helpful anyway.
Also check out http://winocm.moe/research/2013/09/20/resources-for-getting-started/, I might have repeated what she said.
https://www.theiphonewiki.com/wiki/Up_to_Speed is also useful. However The iPhone Wiki again, is outdated.
I would say go with whatever your computer uses so that you can follow along (unless your computer uses something really obsucre).
As for books, I can only really recommend the places I learned X86 from which would be Hacking: the art of exploitation since it puts assembly the context you'll find it most often (looking through assembled code) so you learn many useful tools along the way. Also the textbook I had in college (you can find it cheaper if you look around) which covers many other topics too relating to computer memory and whatnot.
Though for just learning some basic assembly, look for some simple resources online. It's not too hard to learn generally speaking so you should be fine.
I remember this text: http://amzn.com/0123742684
And for the programming side of things:
I haven't been in school for several years... Forensics has changed; but an amazon search yields several results.
No, "THAN in Python". As in it takes longer in C :P
Here's the book: http://amzn.com/1593271441 and yeah, using C definitely places you closer to the bytes, right before assembly. In fact, the book makes you go through the assembly for some programs you write.
No problem dude, I was doing the same. I've been reading through this book:
http://www.amazon.com/Hacking-The-Art-Exploitation-Edition/dp/1593271441/ref=pd_sim_b_2
which I'm liking pretty well. It also goes into linux environment stuff and takes you through several examples on a sample cd. The auther basically wrote a bunch of C programs and takes you through why they do/don't have vulnerabilities and how to exploit them. And all the code works, so far. The disc is actually a linux live cd with his scripts, that I boot up in a vm. I prefer virtual box, but it's really just a matter of opinion.
This book is a good starting point, I can't stress enough how important it is to learn the fundementals and mindset before actually learning techniques, this book will teach you the thought process to ask the right questions....
http://www.amazon.com/Hacking-The-Art-Exploitation-Edition/dp/1593271441/ref=sr_1_1?ie=UTF8&qid=1348231729&sr=8-1&keywords=hacking
This is a throwaway account. I will use it for a little while in case anything else percolates up from this. If you can get even a secret clearance without a lot of trouble that will open a vast array of doors to you. A clearance is a very expensive thing to obtain for most people. You almost always have to be sponsored for it by a large corporation that can afford the cost.
I would just say you should learn the general tools. For those interested in getting into the network security field give the latest incarnation of hacking exposed a good read, try all of those tools and be familiar with the underlying purpose of each of those tools. That book will cover a lot of tools. You may also check out: http://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441/ref=pd_sim_b_1 (non affiliate link) as it covers some topics in pretty good depth.
Your degree in security will definitely help you get into the field. A clearance will only increase the chance you have a job out of college. The CISSP is good for broad coverage... but it is a very easy test to game. The security field does have a wide swath of disciplines from the very business and management oriented policy and risk assessment fields to the incredibly technical vulnerability and exploitation research fields and many points in between (or for a consultant multiple of those points at the same time).
Know the tools of the trade (check out Backtrack 3/4). Understand how to actually evaluate the risk of technical vulnerabilities. Learn what risk really is. Don't be afraid of getting your hands dirty. And decide if you want to go down a more technical or management track and learn appropriately. The management track will involve you learning to do more policy and audit oriented assessments (being a CPA can't hurt here for your long term business goals) or jump into the technical side and go as far down the rabbit hole of technical knowledge as you can. Either way you go I strongly recommend that you have a good understanding of the other side of the fence as they are both sides of the same coin.
I've heard that Hacking: The Art of Exploitation has become dated (lack of real information on basic concepts like ASLR, etc.); is there a better source for someone just getting started in information security or is it still worth reading?
Additionally, do you have any suggestions for practical experience? For example, Microcorruption seems to be a great resource for getting used to debugging/ASM.
Book:
Hacking: the art of exploitation
https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441/ref=sr_1_1?ie=UTF8&qid=1491881386&sr=8-1&keywords=hacking+the+art+of+exploitation
The intro to the book doesn't get technical.
See here: https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441#reader_1593271441
On the left side, click Table of Contents, then click Introduction
This is a good book. Focus is 32-bit x86. Includes C and Assembly.
https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441
I know your target may be MIPS; however, the principals are good as a foundation.
I haven't read it in years, but I remember The C Programming Language being very useful.
If you want to learn more about the low level details of how computers work in general, I own the following books and recommend them:
---
Computer Systems: A Programmers Perspective
Computer Organization and Embedded Systems
Hacking: The Art of Exploitation
Operating System Concepts Essentials
Computer Networking: A Top-Down Approach
I wouldn't take those responses too seriously. K&R is like the holy bible of the C community and Zed Shaw said mean things about it while being, well, Zed Shaw (read: a dick). So naturally they're jumping on the opportunity to shit on him and his book. When I first read Hentenaar's blog post I just kinda rolled my eyes since it was pretty obvious he saw that K&R critique, got irked by it, and then skimmed the alpha (or beta version - I honestly forget which but LCTHW was a WIP at the time) version of Zed's book while cranking the nitpicky pedantry up to 11 trying to find things to criticize.
LCTHW is by no means perfect, but it's a completely acceptable resource to learn C programming. Try picking up the finished version though; the one online seems to be the beta version still. The Art of Exploitation is another good read I'd recommend; it'll teach you how to exploit insecure C code.
Of course, you could always just read both K&R and LCTHW and decide for yourself which is better.
I personally recommend:
CEHv9 https://www.amazon.com/CEH-v9-Certified-Ethical-Version/dp/1119252245/
Hacking the art of exploitation https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/
Penetration Testing: A hand on Introduction to hacking: https://www.amazon.com/Penetration-Testing-Hands-Introduction-Hacking/dp/1593275641/
At UVic, I think there are security specializations for degrees such as the MTIS or the Computer Science Options (such as Network Security -- although I did the Software Engineering option for C.Sc. in my undergrad)
I focused on taking classes, but I did a LOT of my own (legal) research/projects. That "legal" caveat is IMPORTANT. Don't get arrested for a hobby, it doesn't achieve your goal, and it's not worth it. Do things the right way, don't trespass or break the law.
Most of the government cyber defense jobs are in Ontario -- so expect to have to move there if you want to work with them. I hear there are ... "sites" ... elsewhere, but realistically you would have to "do your time" there before anything like that became available.
Business and Finance classes are always a good idea -- not just for business but personal benefit. My wife is an accountant and those skills are really helpful to have for our daily/monthly/etc finances.
Advice
Sorry, this turned into a bit of an essay. I'm just one opinion out there, but hopefully you get something out of this. As always, "trust but verify".
[edit: a word]
How useful do you think books like these to be?
https://www.amazon.com/d/Books/Black-Hat-Python-Programming-Pentesters/1593275900
https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441
I just finished up a mini project in python and am looking for something else to do (other than learning C and another text on data structures). These books seem to be more about pen testing so I'm not sure it's really relevant.
If you're interested in Computer Security I'd recommend learning the C programming language.
A really good book that includes some information on C and Computer Security is Hacking: The Art of Exploitation by Jon Erickson.
Wow, it's really encouraging to see people new to hacking actually following the right path. Far too many people disassociate hacking with what it truly is, but you're not one of them; I see that you've got your answer already, but l feel it's necessary to keep pushing you in the right direction. Good luck in your endeavours :)
Some neat resources for someone interested in Binary Exploitation:
Smash The Stack
And a few books:
Hacking: The Art of Exploitation
The Shellcoders Handbook
I've got both of these books and a few on ASM, so I can vouch for them (as can their reviews and ratings).
Happy Hacking
https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441
You could use the disc that comes with this.
https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441
Debian or Ubuntu LTS is fine.
Learning to program on Linux would be helpful.
Edit: worth mentioning that Ubuntu is based on Debian.
Start here.
Hi! You could think of it like a car:
if PressingOnGas = true {
increase speed
}
If TooMuchTraffic {
change to route
}
i would recommend reading a book on programming, they look thick and boring but you dont need to read the whole thing, watch videos online to help, read others code. Theres a website called code academy to help thats free. https://www.amazon.com/Hacking-Art-Exploitation-2nd-Erickson/dp/1593271441 the beginning of this book talks all about programming and is awesome
If you are interested in learning technquies and want to pratice in a safe and secure environenment I would suggest the use of VMWare. This allows you to install operating systems on virtual machines that work just like standard computers. From there I would suggest use Backtrack 4/5 and start looking at some of the tools pre-installed. VMware also has the added advantage of being able to handle multiple types of networks at the same time. This includes Bridged(the network on the guest OS appears on your Lan), NAT(This acts like a system behind a router requiring port forwarding and other techniques), and Host-Only.
There is also a book I really enjoyed on some of the finer points of hacking called Hacking: The Art of Exploitation. I feel this book does a great job in teaching the concepts behind buffer-overflows, memory mapping, networking, and cryptography.
As far as hacking into particular operating systems, Windows XP SP0 is vulnerable to MS08_067, so if you can manage to obtain an early version of XP. Metasploit which is built into Backtrack has this exploit already loaded.
VMs are the best way to go btw. What are the specs of the system you tried it on?
Web applications hacker hand book is the best book I've read on web application security. Goes very in depth in the types of exploits in web applications, how to exploit them, what to use, and how to prevent them. If you have atleast a basic understanding of programming and are willing to read and understand this book (~1000 pages) you'll get up to speed pretty quick.
Here's the book:
https://g.co/kgs/upO3q
Edit: Not as focused on web applications but in my opinion another top contender:
Hacking: The Art of Exploitation, 2nd Edition https://www.amazon.com/dp/1593271441/ref=cm_sw_r_cp_api_zuDpxbSFKDHB1
Di ko maia-upload lahat ng books kasi around 7gb sya. :( Though yeah may mga mega bundles ng IT books online gaya ng sabi nung isang reply.
Well anyway, if you're into those books, I recommend The Art of Deception by Mitnick and Simon (si Steve Wozniak nag-foreword sa book na 'to haha) tsaka The Art of Exploitation. Di ko tanda kung meron ako nung books pero afaik may mga online pdf copies naman. Happy reading! :D
Are you referring to this book;
http://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441
I see in the description that it says it's not a big deal if you don't know programming. Do you find this to be true?
I've also had
http://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470
Recommended to me. The description talks about html etc. do you need to know these languages before you dive into these book? Or is it more like they teach you just what you need to know about a specific language / vulnerability inside of a language/piece of code.
Thanks
I think Hacking: The Art of Exploitation is a great book worth reading: https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441/
Continue to learn python and c outside of school, go into more depth. May not be what your looking for but try reading hacking the art of exploitation and depending on your current knowledge of python violent python may be good for you.
https://www.amazon.de/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441
Your welcome.
as you i also like the subject.
i found this books to be a good reading:
http://www.amazon.com/The-Hacker-Playbook-Practical-Penetration/dp/1494932636/ref=pd_bxgy_b_img_y
http://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441/ref=sr_1_13?s=books&ie=UTF8&qid=1413800973&sr=1-13&keywords=hackers+play
Have a look at this linux distribution
http://www.kali.org/
Is made for pentesting, it might give u a idea of things and in youtube u will find good tutorials about the tools that come with it.
Have fun
I'm always advocating hak5.org for newbies on here. Though I'd also toss in this: http://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441/ref=sr_1_1?ie=UTF8&qid=1324017233&sr=8-1
One thing to remember as you're getting started: don't expect to become a 1337 hax0r in one tutorial or over a few days. It's going to take time, effort, and lots of reading.
start here, continue here, report back in two months.