Hacker News Comments on
The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities (Volume 1 of 2)
·
6
HN comments
- This course is unranked · view top recommended courses
Hacker News Stories and Comments
All the comments and stories posted to Hacker News that reference this book.The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities by Mark Dow et al. https://www.amazon.com/dp/0321444426/ (https://www.amazon.com/dp/0321444426/)This book will give you the fundamentals of application security testing.
The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilitieshttp://www.amazon.com/The-Software-Security-Assessment-Vulne...
In my opinion, the most helpful text for transitioning from development to security would be:http://www.amazon.com/The-Software-Security-Assessment-Vulne...
Beyond that add in a bit of system administration knowledge e.g. in-depth knowledge of operating systems and networking, and you have everything you need to break many many systems!
without a doubt, the best book on the topic is:http://www.amazon.com/Art-Software-Security-Assessment-Vulne...
Mark is one of the best vulnerability researchers in the world. We used to hang in the same groups, and I remember that there was a 2-3 month period where he found and wrote exploits for vulnerabilities in almost a dozen different operating systems on 5-6 different architectures. the guy is a god
Back then the only way to learn was to try it out yourself. there were no books, only phrack, IRC, and setting up boxes on your own network and having a go at them with a debugger running. you really have to be motivated, as the work is laborious, but worthwhile because there is nothing better than the rush you get from developing your own exploit. it is awesome that ppl like Mark are now writing books and dumping the knowledge they have gained through decades of real experience
there are different types and categories of exploit. local apps and targeting privilege escalation, kernel exploits, server daemons (ie. anything that has a port opening and waiting for a connection), crypto implementation exploits and then webapps and browsers (more popular today).
then there are different discovery methods: black box testing, where you throw data at an unknown system and through known inputs and outputs figure out what is in the box. white box testing, where it is still closed source, but you are able to attach a debugger, and then code auditing - which is simply going through the source code and attempting to find common errors that you can exploit.
you will find that you will levitate to one particular type as you learn. for eg. for me personally it was IIS server (found and developed 6 diff vulnerabilities for IIS 4.0 and 5.0), NT kernel and web apps. good luck with it - if you find something, send it to me :)
I think a good start would be to read http://www.amazon.com/Art-Software-Security-Assessment-Vulne...