San Francisco, CA, October 13, 2011—In the high-stakes game of security research, a vulnerability in the wrong hands can be a nightmare. For a bug hunter, though, locating these vulnerabilities is all in a day's work. But bug hunting can be a black art—one that's difficult to learn without a mentor.
In (, November 2011, 208 pp., $39.95, ISBN 9781593273859), readers are offered the rare opportunity to observe a professional bug hunter in action. As they read the diary of security expert Tobias Klein, they're taken inside the bug hunting process, as if they're Klein's apprentice and he their mentor. Readers peer over Klein's shoulder as he explains how he tracks down and exploits bugs in software that's used daily by millions of people—like Apple's iOS, the VLC media player, web browsers, and even the Mac OS X kernel. Entries focus on real bugs, detailing the steps Klein takes to find and exploit them, as well as vendors' responses to his disclosing the bugs he finds.
According to Founder Bill Pollock, "used in this way, the diary format is a brilliant and groundbreaking approach to teaching. So much of the learning in the computer security field happens at the feet of masters, but so few have that privileged access. brings that access to anyone willing to take the time to dig into its compelling pages. And most important, the book teaches readers to think like a bug hunter."
Readers learn how to:
- Use field-tested techniques to find bugs, such as identifying and tracing user input data and reverse engineering
- Exploit vulnerabilities like NULL pointer dereferences, buffer overflows, and type conversion flaws
- Develop proof-of-concept code to verify security flaws
- Report bugs to vendors or third-party brokers
is already exciting the security community because it's the first book to take readers inside the bug hunting process. At last, aspiring bug hunters have that mentor they've been looking for, between the pages of Tobias Klein's .
For more information or to request a review copy of , contact Travis Peterson at No Starch Press (nostarchpr@oreilly.com, +1.415.863.9900, x108), or visit .
Additional Resources
(PDF)
(PDF)
(PDF)
|
Publisher: No Starch Press By Tobias Klein ISBN 9781593273859, $39.95 USD November 2011, 208 pp. order@oreilly.com 1-800-998-9938 1-707-827-7000  |
Available in fine bookstores everywhere, from , or directly from No Starch Press (, orders@nostarch.com, 1-800-420-7240).
About No Starch Press
Founded in 1994, No Starch Press is one of the few remaining independent computer book publishers. We publish the finest in geek entertainment—unique books on technology, with a focus on open source, security, hacking, programming, alternative operating systems, LEGO, science, and math. Our titles have personality, our authors are passionate, and our books tackle topics that people care about. Visit for a complete catalog.
About O’Reilly
O’Reilly Media spreads the knowledge of innovators through its books, online services, magazines, and conferences. Since 1978, O’Reilly Media has been a chronicler and catalyst of cutting-edge development, homing in on the technology trends that really matter and spurring their adoption by amplifying “faint signals” from the alpha geeks who are creating the future. An active participant in the technology community, the company has a long history of advocacy, meme-making, and evangelism.