A Bug Hunter's Diary: A Guided Tour Through the Wilds of Software Security (Paperback)
暫譯: 漏洞狩獵者的日記:軟體安全的探索之旅 (平裝本)
Tobias Klein
- 出版商: No Starch Press
- 出版日期: 2011-10-11
- 售價: $1,470
- 貴賓價: 9.5 折 $1,397
- 語言: 英文
- 頁數: 200
- 裝訂: Paperback
- ISBN: 1593273851
- ISBN-13: 9781593273859
-
相關分類:
資訊安全
已絕版
買這商品的人也買了...
-
密碼學與網路安全(第四版) (Cryptography and Network Security: Principles and Practice, 4/e)$680$646 -
網路免費資源行銷術─部落格 + Facebook + 微網誌超 Easy$360$281 -
網路創業就靠企劃力$250$198 -
InDesign CS5 創意設計經典技法$580$493 -
Dreamweaver CS5 網頁製作─為網站提供創新而專業的設計平台$450$356 -
塗鴉牆的秘密-Facebook Graph API 實戰開發手冊$580$493 -
PHP + MySQL 與 Dreamweaver 互動網站程式設計$520$411 -
網路開店 X 拍賣王─創業成功年收百萬商機大公開$420$332 -
Eclipse 完全攻略-從基礎 Java 到 PDE 外掛開發$600$468 -
Windows Phone 開發實戰 (Beginning Windows Phone 7 Development, 2/e)$680$537 -
深入淺出 Python (Head First Python)$780$616 -
24 小時不打烊的雲端服務-專家教你用 CentOS 架設萬年不掛的伺服器$680$530 -
Android 4.X 手機/平板電腦程式設計入門、應用到精通, 2/e (適用 Android 1.X~4.X)$520$411 -
版本控制使用 Git (Version Control with Git: Powerful Tools and Techniques for Collaborative Software Development)$580$458 -
打造安全無虞的 Web Applications-從策略制定、程式開發,到防止惡意攻擊之必備對策白皮書$560$437 -
App 程式設計入門-iPhone、iPad, 2/e$490$387 -
HTML5.CSS3 精緻範例辭典$480$408 -
《超強圖解》前進 Android Market!Google Android SDK 實戰演練, 2/e (適用2.X/3.X/4.X)$750$593 -
精通 Objective-C 程式設計, 4/e (Programming in Objective-C, 4/e)$580$458 -
iOS 創意程式設計家─ iPhone + iPad 跨平台通用, 3/e$580$458 -
JavaScript 設計模式 (JavaScript Patterns)$480$379 -
雲端工作術:Google 教我的 100 個工作方法$320$253 -
iOS SDK 開發範例大全 (The iOS 5 Developer's Cookbook: Core Concepts and Essential Recipes for iOS Programmers, 3/e)$850$672 -
超圖解 Arduino 互動設計入門, 2/e$680$578 -
DDoS 分散式阻斷服務攻擊深度解析$350$277
商品描述
"Give a man an exploit and you make him a hacker for a day; teach a man to exploit bugs and you make him a hacker for a lifetime."
–Felix 'FX' Lindner
Seemingly simple bugs can have drastic consequences, allowing attackers to compromise systems, escalate local privileges, and otherwise wreak havoc on a system.
A Bug Hunter's Diary follows security expert Tobias Klein as he tracks down and exploits bugs in some of the world's most popular software, like Apple's iOS, the VLC media player, web browsers, and even the Mac OS X kernel. In this one-of-a-kind account, you'll see how the developers responsible for these flaws patched the bugs—or failed to respond at all. As you follow Klein on his journey, you'll gain deep technical knowledge and insight into how hackers approach difficult problems and experience the true joys (and frustrations) of bug hunting.
Along the way you'll learn how to:
- Use field-tested techniques to find bugs, like identifying and tracing user input data and reverse engineering
- Exploit vulnerabilities like NULL pointer dereferences, buffer overflows, and type conversion flaws
- Develop proof of concept code that verifies the security flaw
- Report bugs to vendors or third party brokers
A Bug Hunter's Diary is packed with real-world examples of vulnerable code and the custom programs used to find and test bugs. Whether you're hunting bugs for fun, for profit, or to make the world a safer place, you'll learn valuable new skills by looking over the shoulder of a professional bug hunter in action.
商品描述(中文翻譯)
「給一個人一個漏洞,他會成為一天的駭客;教一個人如何利用漏洞,他會成為一生的駭客。」
—Felix 'FX' Lindner
看似簡單的漏洞可能會帶來嚴重的後果,讓攻擊者能夠入侵系統、提升本地權限,並對系統造成破壞。
《漏洞獵人的日記》跟隨安全專家 Tobias Klein,追蹤並利用一些世界上最受歡迎的軟體中的漏洞,如 Apple 的 iOS、VLC 媒體播放器、網頁瀏覽器,甚至是 Mac OS X 核心。在這本獨特的書中,你將看到負責這些缺陷的開發者如何修補漏洞——或根本沒有回應。隨著你跟隨 Klein 的旅程,你將獲得深入的技術知識,了解駭客如何處理困難的問題,並體驗漏洞獵捕的真正樂趣(和挫折)。
在這個過程中,你將學會如何:
- 使用經過實地測試的技術來尋找漏洞,例如識別和追蹤用戶輸入數據以及逆向工程
- 利用漏洞,如 NULL 指標解引用、緩衝區溢出和類型轉換缺陷
- 開發驗證安全缺陷的概念驗證代碼
- 向供應商或第三方經紀人報告漏洞
《漏洞獵人的日記》充滿了現實世界中脆弱代碼的範例以及用於尋找和測試漏洞的自訂程式。無論你是為了樂趣、獲利,還是為了讓世界變得更安全,你都將通過觀察專業漏洞獵人的實際行動,學到寶貴的新技能。
