Tobias Klein 德國著名信息安全谘詢與研究公司NESO安全實驗室創始人,資深軟件安全研究員,職業生涯中發現的軟件安全漏洞無數,更曾為蘋果、微軟等公司的産品找齣不少漏洞。除本書外,還齣版過兩本信息安全方麵的德文作品。
張伸 不閤格碼農。愛咖啡,愛葡萄酒。愛聽布魯斯,也愛吃巧剋力。不小資,不文青,隻是喜歡收藏圖書和CD。慢生活,每天聽相聲纔能入睡。twitter和新浪微博:@loveisbug。
"Give a man an exploit and you make him a hacker for a day; teach a man to exploit bugs and you make him a hacker for a lifetime." -Felix 'FX' Lindner Seemingly simple bugs can have drastic consequences, allowing attackers to compromise systems, escalate local privileges, and otherwise wreak havoc on a system. A Bug Hunter's Diary follows security expert Tobias Klein as he tracks down and exploits bugs in some of the world's most popular software, like Apple's iOS, the VLC media player, web browsers, and even the Mac OS X kernel. In this one-of-a-kind account, you'll see how the developers responsible for these flaws patched the bugs-or failed to respond at all. As you follow Klein on his journey, you'll gain deep technical knowledge and insight into how hackers approach difficult problems and experience the true joys (and frustrations) of bug hunting. Along the way you'll learn how to: * Use field-tested techniques to find bugs, like identifying and tracing user input data and reverse engineering * Exploit vulnerabilities like NULL pointer dereferences, buffer overflows, and type conversion flaws * Develop proof of concept code that verifies the security flaw * Report bugs to vendors or third party brokers A Bug Hunter's Diary is packed with real-world examples of vulnerable code and the custom programs used to find and test bugs. Whether you're hunting bugs for fun, for profit, or to make the world a safer place, you'll learn valuable new skills by looking over the shoulder of a professional bug hunter in action.
我看过了 我看过了 我看过了 我看过了 我看过了 我看过了 我看过了 我看过了 我看过了 我看过了 我看过了 我看过了 我看过了 我看过了 我看过了 我看过了 我看过了 我看过了 我看过了 我看过了 我看过了 我看过了 我看过了 我看过了 我看过了 我看过了 我看过了 我看过了 我看...
評分对于苦逼的IT男而言,对下面这个场景应该感到亲切。发出去的软件版本出现了bug,事情很紧急,于是大佬召集所谓一堆专家头脑风暴寻求解bug的思路,各路专家你一言我一语各抒己见,最终在众人齐心协力下,终于在最后关头定位出了根因。没有解不了的bug,只有不努力的coder。 然而...
評分Mark Dowd et al The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities (Addison-Wesley, 2007) Fuzzing Michael Sutton et al Fuzzing: Brute Force Vulnerability Discovery
評分地铁里看完的第一章,捉虫子,这个最原始的概念让我对今天的工作又燃起了激情。 感觉这是个好的开始,可以重新培养地铁看书的习惯。 里面的空指针、缓冲区溢出等信息,让我冒出一头冷汗,太久太久没接触这些东西了, 能不能看懂?但还是从中慢慢感受到力量充实进来,process ...
評分Mark Dowd et al The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities (Addison-Wesley, 2007) Fuzzing Michael Sutton et al Fuzzing: Brute Force Vulnerability Discovery
作者有那麼點囉嗦,但講得真心清楚,作為小白也能看
评分還行
评分八個defect的發掘過程,比偵探小說還要引人入勝,妙趣橫生
评分還行
评分還行
本站所有內容均為互聯網搜索引擎提供的公開搜索信息,本站不存儲任何數據與內容,任何內容與數據均與本站無關,如有需要請聯繫相關搜索引擎包括但不限於百度,google,bing,sogou 等
© 2025 qciss.net All Rights Reserved. 小哈圖書下載中心 版权所有