Vulnerability War: The Essence of Software Vulnerabilities Analysis systematically explain all kinds of tools, techniques and practical methods in software vulnerability analysis and exploit, mainly related to Windows and Android platform. The book is classfied according to the different vulnerabilities, such as stack overflow, sandbox escape, types confusion, UAF , kernel vulnerability etc., at the same time, in view of the current popular mobile security, add Android platform vulnerability analysis and exploit into it. The author carefully chosen classic Vulnerabilities to share analysis techniques and tools about the cause of these vulnerabilities analysis, exploit and fix methods in detail. The biggest characteristic of this book is the actual combat based on the various types of classical vulnerabilities and discard useless theory, it’s almost “a book written out by debugger”.
This book is suitable for students of computer science related, somebody worked in information security, software security and mobile security related areas, software developer and hackers to read.
Table of Contents
Chapter 1: Basic Knowledge
1.1 The Concepts of Vulnerability 1.1.1 What is The Vulnerability 1.1.2 The Value of Vulnerabilities 1.1.3 0day Vulnerability 1.1.4 PoC and Exploit 1.2 Why to analysis vunerabilities 1.3 The commonly analysis tools 1.3.1 IDA: the disassembly tool 1.3.2 OllyDbg: the crack and reverse analysis tool 1.3.3 Immunity Debugger: vulnerability analysis debugger 1.3.4 Windbg: Microsoft Windows Debugger 1.3.5 GDB: Linux Debugger 1.3.6 JEB: Android Decompilater 1.3.7 Other 1.4 The common vulnerability analysis method 1.4.1 Static analysis 1.4.2 Dynamic debugging 1.4.3 Source code analysis 1.4.4 Patch compare 1.4.5 Taint track 1.5 Learning resources 1.5.1 Some security sites 1.5.2 Recommended books 1.6 Summary