{"product":{"product_id":"1593271441","title":"Hacking: The Art of Exploitation, 2nd Edition","price":"30.06","image_url":"https://m.media-amazon.com/images/I/61WRz4V+ADL._SL500_.jpg","url":"https://www.amazon.com/dp/1593271441"},"comments":[{"body":"Yeah sounds like you have enough background now to be able to successfully make a move into netsec, it's not something that day 1 IT staff can expect to be good at or move into and is really a more advanced career path.\r\n\r\nSounds like your linux, and programming experience will give you an edge that direction.\r\n\r\nA good book/resource is hacking art of exploitation\r\nhttps://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441","subreddit_name":"ITCareerQuestions","author":"GullibleDetective"},{"body":"[\"Hacking: The Art of the Exploit\"](https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441#) is a great book for foundations in low level C. It teaches C at the beginning but only very briefly (still enough with some practice) and then goes on about the inner workings of UNIX environments, Networks, Cryptograhpy and how to abuse them. Although it is an introduction to binary exploitation it should be of interest to every C programmer. It focuses mainly on UNIX systems but that is probably the way you want to go anyways with low level development since on Windows you need a little more skill to go any deeper than the API allows. Its also by far the best book I have ever read.","subreddit_name":"C_Programming","author":"MagisterHegoDamaskII"},{"body":"Not necessarily, there is a reason why they are different professions. If you just want to learn how to defend and not spend a lot of time on the subject look into device and OS secuirty as well as IPS/IDS. \r\n\r\nIf you want to learn hacking from a deep level I'd suggest learning assembly language. Although it doesn't have many practical uses.\r\n\r\nIm reading this book currently: Hacking : The Art of Exploitation, 2nd Edition https://www.amazon.ca/dp/1593271441/ref=cm_sw_r_apan_glc_i_AFXT12YS0Q6PSFT1Z6GT\r\n\r\nAnd trying to complete Over The Wire CTF challenges when I can. \r\n\r\n\r\nThere's some things you may have to learn on your own like social engineering.  But I would just read about anything you're interested  in learning. \r\n\r\nHate to go on a rant, but I'm probably the same as you. I know how to boot kali, scan networks, find vulns and use Metasploit to exploit a system.","subreddit_name":"cybersecurity","author":"Flaky-Angle4528"},{"body":"I'm a Linux admin who would rather be a developer than an admin. My job already requires development in a variety of languages, like C, Python, Java, Perl, PHP, and JavaScript. One of my most major work projects is a client/server written in C. When I dip my toe into the job market, most employers don't care about my C experience. At a hiring event last year, most employers hiring for the back end were looking for Java. A few wanted Python or Ruby experience. For the most part, the Java shops dismissed my programming experience as just scripting as soon as they heard the word \"Python\", didn't believe I knew any Java even though I did, and expressed confusion at C.\r\n\r\nC is used in embedded development and low-level OS development. I haven't seen many jobs available for it, but I haven’t looked in niche jobs. Personally, I like C. If you want to do more with it, you could look into kernel hacking. Other interesting topics that use C are compiler construction and exploitation/security. [*Hacking: The Art of Exploitation*](https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441) is on my to-do list. ","subreddit_name":"cscareerquestions","author":"burdalane"},{"body":"Hi! You could think of it like a car:\r\nif PressingOnGas = true {\r\nincrease speed\r\n}\r\n\r\nIf TooMuchTraffic {\r\n\r\nchange to route\r\n}\r\n i would recommend reading a book on programming, they look thick and boring but you dont need to read the whole thing, watch videos online to help, read others code. Theres a website called code academy to help thats free. https://www.amazon.com/Hacking-Art-Exploitation-2nd-Erickson/dp/1593271441 the beginning of this book talks all about programming and is awesome\r\n\r\n","subreddit_name":"IAmA","author":"exbobsmog"},{"body":"I wouldn't take those responses too seriously. K\u0026amp;R is like the holy bible of the C community and Zed Shaw said mean things about it while being, well, Zed Shaw (read: a dick). So naturally they're jumping on the opportunity to shit on him and his book. When I first read Hentenaar's blog post I just kinda rolled my eyes since it was pretty obvious he saw that K\u0026amp;R critique, got irked by it, and then skimmed the **alpha** (or beta version - I honestly forget which but LCTHW was a WIP at the time) version of Zed's book while cranking the nitpicky pedantry up to 11 trying to find things to criticize.\r\n\r\nLCTHW is by no means perfect, but it's a completely acceptable resource to learn C programming. Try picking up the finished version though; the one online seems to be the beta version still. [The Art of Exploitation](http://www.amazon.com/Hacking-The-Art-Exploitation-Edition/dp/1593271441) is another good read I'd recommend; it'll teach you how to exploit insecure C code.\r\n\r\nOf course, you could always just read both K\u0026amp;R and LCTHW and decide for yourself which is better.","subreddit_name":"programming","author":"SirNeon"},{"body":"Actually, start with some programming, then move on to [\"The Art of Exploitation\"](https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441) it's the best book on \"hacking\" I've ever used...","subreddit_name":"HowToHack","author":"Any0nymouse"},{"body":"By reading:\r\n\r\n[Hacking: The Art of Exploitation, 2nd Edition]( https://www.amazon.com/dp/1593271441/ref=cm_sw_r_cp_apa_SPEyBb15C89E4)\r\n\r\n[CEH v9: Certified Ethical Hacker Version 9 Kit]( https://www.amazon.com/dp/1119314003/ref=cm_sw_r_cp_apa_LQEyBb0E15854)\r\n\r\nOne of my favorites: [Designing BSD Rootkits: An Introduction to Kernel Hacking]( https://www.amazon.com/dp/1593271425/ref=cm_sw_r_cp_apa_nSEyBbA59B1F4)\r\n\r\nThen set up your own lab (can just be a few VMs) and hack yourself.\r\n\r\nThen take your Security+ and CEH exams. And don't forget to subscribe to the 2600!","subreddit_name":"compsci","author":"sailorcire"},{"body":"Excellent questions!  If you are a CS grad you are ahead of the game.  However, it all depends on what you want to do.  I suggested learning programming/CS principles for two reasons:\r\n\r\n1.  The more you understand how computers, code, compliers, software, stacks, memory randomization, CPU protection rings, and the such work the better you are at hacking.  You can find novel ways to get into systems and exploit them, etc.\r\n\r\n2.  You can write basic tools on the fly.   It is amazing the tools you can create with a few lines of code when you have access to nothing but a GCC compiler in a *nix environment.\r\n\r\nIf you want to find zero day exploits, yes learn how low level languages work.  It would be very helpful in that case.\r\n\r\nOtherwise, Learn python (or whatever is popular at the time) to write your own exploit tools....or to modify existing ones.\r\n\r\n\r\nIf you want to be apart of a red team learning lower level languages could make you a better exploiter.  However, IMO, I would start with just learning the basics of hacking.\r\n\r\n\r\nThese two books are old but they are absolute standards for anyone starting off:\r\n\r\nhttps://www.amazon.com/dp/1593271441/ref=cm_sw_r_cp_awdb_t1_GYIACb1Z2YXFA\r\n\r\nAnd:\r\n\r\nhttps://www.amazon.com/dp/1593275641/ref=cm_sw_r_cp_awdb_t1_zZIACbMH0WTMP\r\n\r\n\r\nAlso, learn as much as you can on how windows/Linux/virtual machines (and containers) work.  The more you know about how an OS works the easier it is to exploit.\r\n\r\nLearn to exploit, there are a ton of free sites to help you learn:\r\n\r\nhttp://overthewire.org/wargames/\r\n\r\n\r\nhttps://www.cybrary.it\r\n\r\n\r\n\r\nwww.vulnhub.com\r\n\r\n\r\nhttp://google-gruyere.appspot.com\r\n\r\n\r\n\r\nLearn CTF challenges:\r\n\r\nhttps://ctflearn.com\r\n\r\n\r\nWhen you are able to hack take part in real challenges:\r\n\r\n\r\nhttps://ctf365.com\r\n\r\n\r\nThen start your career with a RESPECTED CERT, OSCP:\r\n\r\n\r\nhttps://www.offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/\r\n \r\nThe OSCP is no joke and it is a timed, 24 hour cert test.  Yes, you read that right, 24 hours.  \r\n\r\nUnless you want a government gig stay away from C|EH, it is a joke cert in the community.  Again, unless you need to work for a gov agency \r\n\r\n\r\n\r\nFinally, and I cannot stress this enough.....LEARN CLOUD COMPUTING!!!   It is here to stay and on-prem systems are dying a slow death.  It will change how you exploit systems and how software is engineered/deployed.\r\n\r\n","subreddit_name":"MrRobot","author":"FunkyCannaHigh"},{"body":"https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441","subreddit_name":"hacking","author":"trivigy"},{"body":"There’s a book called, “Hacking: The Art of Exploitation,” that includes a lot of assembly. \r\nhttps://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441","subreddit_name":"HowToHack","author":"cookenmeth"},{"body":"Hacking the art of exploitation [(Amazon)](https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441) [(No Starch)](https://nostarch.com/hacking2.htm) is good for learning the foundation stuff. Its getting a bit old but the foundations are still the same there are just more defenses for some of the techniques now","subreddit_name":"HowToHack","author":"nopX0f"},{"body":"[this book](https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441) taught me a bit about it. It was interesting to say the least. It gives examples of exploits, like how pointers can totally ruin someone's day.\r\n\r\nWarning, it'll make you peek at some assembly. You don't really need to understand it fully to get the jist tho.\r\n\r\nComputerphile also has some good videos on this [topic](https://www.youtube.com/watch?v=ciNHn38EyRc), and how people \"attack\". It may give you an idea.\r\n\r\nI don't know a lot, but this is how I learned about it to some degree until I swapped to a different education path.","subreddit_name":"computerscience","author":"nuisanceIV"},{"body":"I can talk to Cyber Security as I have a bachelors degree in Computer Science and a masters degree in Cyber Security. \r\n\r\nCyber Security is a touchy subject to teach for high schoolers as they are naturally curious. Therefore, I highly recommend subjects on legality, tools, and programming. \r\n\r\nNow, what is your goal for the course? Are you looking to teach secure software development? Using security tools / penetration testing? Are you looking to teach reverse engineering? \r\n\r\nMy favorite resources for Cyber Security:\r\n\r\n[https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441](https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441)\r\n\r\n[https://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470/ref=pd\\_sbs\\_5/144-9213172-2106151?pd\\_rd\\_w=GyQ9C\u0026amp;pf\\_rd\\_p=180628c6-6f13-4dbf-9213-f09cdedc7815\u0026amp;pf\\_rd\\_r=J9RET29A4MBRZH323BXY\u0026amp;pd\\_rd\\_r=afcd1c56-ab30-4368-b1d0-d1aa66a3f235\u0026amp;pd\\_rd\\_wg=YfzAt\u0026amp;pd\\_rd\\_i=1118026470\u0026amp;psc=1](https://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470/ref=pd_sbs_5/144-9213172-2106151?pd_rd_w=GyQ9C\u0026amp;pf_rd_p=180628c6-6f13-4dbf-9213-f09cdedc7815\u0026amp;pf_rd_r=J9RET29A4MBRZH323BXY\u0026amp;pd_rd_r=afcd1c56-ab30-4368-b1d0-d1aa66a3f235\u0026amp;pd_rd_wg=YfzAt\u0026amp;pd_rd_i=1118026470\u0026amp;psc=1)\r\n\r\nand Gray Hat Hacking the Ethical Hackers Handbook.","subreddit_name":"learnprogramming","author":"Altruistic_Raise6322"},{"body":"I have this one Learn Ethical Hacking From Scratch.\r\n\r\nI think its not bad but course content is a little bit poor and hacking methods old.\r\n\r\nIf you want to start hacking\r\n\r\n[Hacking Art Of Explotiation](https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441/ref=zg_bs_3648_29/136-2078883-0595219?_encoding=UTF8\u0026amp;psc=1\u0026amp;refRID=ZANZ2ZN36JJHSEBJ9X8Z)\r\n\r\n[The Hacker Playbook](https://www.amazon.com/Hacker-Playbook-Practical-Penetration-Testing/dp/1980901759/ref=sr_1_20?keywords=hacking\u0026amp;qid=1551906016\u0026amp;s=books\u0026amp;sr=1-20)\r\n\r\nthis books very good. Also u dont have money you can also find it on Google..\r\n\r\n\u0026amp;#x200B;","subreddit_name":"Hacking_Tutorials","author":"tugberkgunver"}]}