xorl %eax, %eax

Book: The Art of Software Security Assessment

with 3 comments

This is my third time reading the entire book. It is doubtless one of my favorite ones (if not the one). So, once again thanks to tping for his suggestion on reading it and here is my review.


Title: The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities
Authors: Mark Dowd, John McDonald, and Justin Schuh

This book was written by some of the most respected people in their fields. Some of you might know them from their underground background in security from ADM, unfortunately I’m not that old. All of them are amazing security researchers and this book has so much information on vulnerability discovery and software security assessment in general that makes it look like a bible to me. Specifically, its 6th chapter which you can download it for free here is just awesome. I can’t wait for their next edition. Another great thing is that throughout the book, authors use real world examples to demonstrate different vulnerabilities. However, if you’re interested explicitly in exploitation then this is not the right book for you. This book assists in gaining knowledge in vulnerability discovery from basic level like common buffer overflows because of insecure library functions to advanced vulnerabilities like inconsistencies between pointers that can lead to code execution, network level bugs and design flaws in protocols etc.
Well, chapter six is a representative sample of the quality of the information provided by that book. Just read it and you will be amazed (well… you should). I’m sorry for not being strict and factual in this review but as I said, for me this is like a bible. I cannot be unbiased in my review.

Written by xorl

May 19, 2009 at 22:08

Posted in books

3 Responses

Subscribe to comments with RSS.

  1. Yeah I agree with you. This is one of the best books about software security vulnerabilities ever. And by the way: John McDonald a.k.a horizon has been prophiled in Phrack #60.


    May 19, 2009 at 22:47

  2. This book is a bible for anyone who reads it.


    May 19, 2009 at 22:51

  3. I recommend it too. This is a great book indeed, written by a very professional individuals.


    May 20, 2009 at 04:41

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s