The Shellcoder's Handbook: Discovering and Exploiting Security Holes


  • Examines where security holes come from, how to discover them, how hackers exploit them and take control of systems on a daily basis, and most importantly, how to close these security holes so they never occur again
  • A unique author team-a blend of industry and underground experts- explain the techniques that readers can use to uncover security holes in any software or operating system
  • Shows how to pinpoint vulnerabilities in popular operating ...
See more details below
Available through our Marketplace sellers.
Other sellers (Paperback)
  • All (9) from $1.99   
  • New (2) from $44.82   
  • Used (7) from $1.99   
Sort by
Showing 11 – 10 of 0
We’re having technical difficulties. Please try again shortly.
Showing 11 – 10 of 0
Sort by
Sending request ...


  • Examines where security holes come from, how to discover them, how hackers exploit them and take control of systems on a daily basis, and most importantly, how to close these security holes so they never occur again
  • A unique author team-a blend of industry and underground experts- explain the techniques that readers can use to uncover security holes in any software or operating system
  • Shows how to pinpoint vulnerabilities in popular operating systems (including Windows, Linux, and Solaris) and applications (including MS SQL Server and Oracle databases)
  • Details how to deal with discovered vulnerabilities, sharing some previously unpublished advanced exploits and techniques
Read More Show Less

Editorial Reviews

From Barnes & Noble
The Barnes & Noble Review
Every day, someone discovers a critical new security flaw in software you depend on. Quite often, those flaws appear first on Bugtraq, the world’s No. 1 vulnerability tracking maillist. Now, some of Bugtraq’s leading contributors show you exactly how they discover those holes -- and how to exploit them. Along the way, they reveal some never-before-published bugs -- including holes they claim are big enough to “take down the Internet.”

The authors cover platforms ranging from Windows to Solaris. They start with Linux on x86, where it’s easiest to understand the hacks because you can get inside the source code. Here, they introduce memory management and stack buffer overflows, format string overflows, and heap-based overflows. They also introduce basic shellcoding: how to write instructions that directly manipulate registers and a program’s functions. This can’t be done with high-level languages: We’re talking hexadecimal opcodes.

Next, the authors move on to Windows. Here, until recently, shellcoding was a true black art. Win32 doesn’t provide direct access to system calls, so more complex techniques are required. (As an example, the authors show how to bypass the vaunted stack protection Microsoft added to Windows 2003 Server.)

The authors then turn to the tools and techniques of vulnerability discovery: fault injection, fuzzing, source code auditing in C-based languages, instrumented investigation, tracing, and binary auditing of closed-source software. The book concludes with several especially sophisticated techniques, ranging from alternative payload strategies and database attacks to Unix kernel exploits. This stuff’s the real deal. Bill Camarda

Bill Camarda is a consultant, writer, and web/multimedia content developer. His 15 books include Special Edition Using Word 2003 and Upgrading & Fixing Networks for Dummies, Second Edition.

Read More Show Less

Product Details

  • ISBN-13: 9780764544682
  • Publisher: Wiley
  • Publication date: 4/2/2004
  • Edition number: 1
  • Pages: 644
  • Product dimensions: 9.25 (w) x 7.50 (h) x 1.37 (d)

Meet the Author

Jack Koziol, the lead author of The Shellcoder’s Handbook, is a Senior Instructor and Security Program Manager at InfoSec Institute, a provider of advanced ethical hacking training. He regularly is called upon to train members of the United States intelligence community, military, and federal law enforcement agencies. Additionally, Jack provides training for Fortune 500 companies, such as Microsoft, HP, and Citibank, on how to better secure their networks and applications. When not teaching hacking classes, Jack regularly performs penetration tests and application security assessments for a number of clients. He has years of private vulnerability development and exploitation experience for his customers and himself.
Jack is also the author of Intrusion Detection with Snort, one of the best-selling security books in its first year of publication (2003). The book has been translated into several languages, including French and Japanese, and has received rave reviews from Linux Journal, Slashdot, and Information Security magazine.
Jack has appeared in USA Today, CNN, MSNBC, First Business, and other media outlets for his expert opinions on information security. He lives in Oak Park, Illinois, in the shadow of Frank Lloyd Wright’s home and studio, with his girlfriend Tracy and dog Quasi.

David Litchfield is the world’s leading computer security vulnerability researcher and one of the five founding members of NGSSoftware. David has discovered and published over 100 major security vulnerabilities in many different products, including most notably Apache, Microsoft Internet Information Server, Oracle, and Microsoft SQL Server. With his vast experience of network and application penetration testing, David is a permanent presenter to the Black Hat Briefings. He is also the lead author of SQL Security (Osborne/ McGraw-Hill).

Dave Aitel is the author of SPIKE and the founder of the NYC-based Internet security company Immunity, Inc. His research has incorporated exploitation of both Windows and Unix vulnerabilities, and advanced methodologies for finding new vulnerabilities.

Chris Anley is a Director of Next Generation Security Software, a U.K.-based security consulting, research, and software company. Chris is actively involved in vulnerability research and has published several white papers and security advisories on a number of products, including PGP, Windows, SQL Server, and Oracle. He splits his time evenly between research, coding, consulting, and drinking, and hopes at some point to add sleeping to the list.

Sinan Eren is a security researcher based in the Bay Area. He has done extensive work regarding exploitation of Unix vulnerabilities, developed advanced and robust methodologies for exploiting Kernel-level holes, and found many high-profile bugs in commercial and open source Unix software.

Neel Mehta works as an application vulnerability researcher at ISS X-Force, and, like many other security researchers, comes from a reverse-engineering background. His reverse-engineering experience was cultivated through extensive consulting work in the copy protection field, and has more recently been focused on application security. Neel has done extensive research into binary and source-code auditing and has applied this knowledge to find many vulnerabilities in critical and widely deployed network applications.

Riley Hassell, a Senior Researcher Engineer at eEye Digital Security, is responsible for the design and implementation of eEye Digital Security’s QA and research tool suite. He is responsible for the discovery of several highly exposed vulnerabilities released by eEye Digital Security.

Read More Show Less

Table of Contents

About the Authors.



Part 1: Introduction to Exploitation: Linux on x86.

Chapter 1: Before You Begin.

Chapter 2: Stack Overflows.

Chapter 3: Shellcode.

Chapter 4: Introduction to Format String Bugs.

Chapter 5: Introduction to Heap Overflows.

Part 2: Exploiting More Platforms: Windows, Solaris, and Tru64.

Chapter 6: The Wild World of Windows.

Chapter 7: Windows Shellcode.

Chapter 8: Windows Overflows.

Chapter 9: Overcoming Filters.

Chapter 10: Introduction to Solaris Exploitation.

Chapter 11: Advanced Solaris Exploitation.

Chapter 12: HP Tru64 Unix Exploitation.

Part 3: Vulnerability Discovery.

Chapter 13: Establishing a Working Environment.

Chapter 14: Fault Injection.

Chapter 15: The Art of Fuzzing.

Chapter 16: Source Code Auditing: Finding Vulnerabilities in C-Based Languages.

Chapter 17: Instrumented Investigation: A Manual Approach.

Chapter 18: Tracing for Vulnerabilities.

Chapter 19: Binary Auditing: Hacking Closed Source Software.

Part 4: Advanced Materials.

Chapter 20: Alternative Payload Strategies.

Chapter 21: Writing Exploits that Work in the Wild.

Chapter 22: Attacking Database Software.

Chapter 23: Kernel Overflows.

Chapter 24: Exploiting Kernel Vulnerabilities.


Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star


4 Star


3 Star


2 Star


1 Star


Your Rating:

Your Name: Create a Pen Name or

Barnes & Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation


  • - By submitting a review, you grant to Barnes & and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Terms of Use.
  • - Barnes & reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously

    If you find inappropriate content, please report it to Barnes & Noble
    Why is this product inappropriate?
    Comments (optional)