Book: The Shellcoder’s Handbook (second edition)
Despite what most people think, the second edition of this book is slightly different from the first edition. Some chapters from the first edition were removed and others were added. I will only comment on the chapters that differ from the previous release.
Title: The Shellcoder’s Handbook: Discovering and Exploiting Security Holes
Authors: Chris Anley, John Heasman, Felix “FX” Linder, Gerardo Richarte
Part I: Introduction to Exploitation: Linux on x86
Chapter 1: Before You Begin
Chapter 2: Stack Overflows
Chapter 3: Shellcode
Chapter 4: Introduction to Format String Bugs
Chapter 5: Introduction to Heap Overflows
Part II: Other Platforms – Windows, Solaris, OS/X, and Cisco
Chapter 6: The Wild World of Windows
Chapter 7: Windows Shellcode
Chapter 8: Windows Overflows
Chapter 9: Overcoming Filters
Chapter 10: Introduction to Solaris Exploitation
Chapter 11: Advanced Solaris Exploitation
Chapter 12: OS X Shellcode
This is a new chapter that deals with Mac OS X shellcoding. A good thing about it is that it has information for both Intel and PowerPC architectures and even for cross-platform shellcode.
Chapter 13: Cisco IOS Exploitation
Another very innovative chapter for such exploit development books. All the major steps along with numerous examples are included in this chapter. This means everything from Cisco IOS essentials, vulnerabilities, reverse engineering and both stack and heap exploitation.
Chapter 14: Protection Mechanisms
Most common (for the time the book was published) protection mechanisms are discussed here. Some of them are non-executable stack, W^X, ASLR, Windows SEH, etc.
Part III: Vulnerability Discovery
Chapter 15: Establishing a Working Environment
Chapter 16: Fault Injection
Chapter 17: The Art of Fuzzing
Chapter 18: Source Code Auditing: Finding Vulnerabilities in C-Based Languages
Chapter 19: Instrumented Investigation: A Manual Approach
Chapter 20: Tracing for Vulnerabilities
Chapter 21: Binary Auditing: Hacking Closed Source Software
Part IV: Advanced Materials
Chapter 22: Alternative Payload Strategies
Chapter 23: Writing Exploits that Work in the Wild
Chapter 24: Attacking Database Software
Chapter 25: Unix Kernel Overflows
Chapter 26: Exploiting Unix Kernel Vulnerabilities
Chapter 27: Hacking the Windows Kernel
Another new chapter this time for Windows kernel exploitation. It is a good reading that goes through the basics of Windows kernel programming and exploitation of stack and heap based buffer overflows.
So, as you can see it is another very good book but it lacks some important parts of the previous edition. In my opinion, nowadays it is a little bit outdated but it has some parts like the CISCO IOS chapter that are otherwise not well documented (from an exploit developer’s point of view).