The Book
This book was written by a collection of powerhouse security experts. The subject matter is somewhat diverse and, at times, a little chaotic in its presentation. It adds value to a book when multiple authors collaborate, but the segues between chapters and overlap of subject matter needs to be better-coordinated.The authors provide a fairly comprehensive overview of the legal and ethical implications of hacking and how to properly disclose exploit code to vendors without damaging any systems or publicly unleashing security holes which could be used maliciously.
The authors provide a great deal of information on diverse subject areas related to hacking from the legal issues to programming and coding and vulnerability testing as well as provding a look at Linux and Windows exploits and reverse engineering.
My Review
One of the issues I had with the book is that it has multiple personalities, in multiple ways. First, having multiple authors colaborate means that different chapters sometimes have a completely different tone and feel than other chapters. So, you might "click" with one of the authors, but find it difficult to follow a different author's chapter.The other way that the book has multiple personalities is that it seems to try to provide 3 distinct different types of information in the same book. Part of it is reverse-engineering and shell-coding, part of it is programming secure code and part of it is the concepts of hacking and the tools and techniques used.
That has both pros and cons. In some ways it lacks what may be found in books more focused on just one of those topics such as Exploiting Software or Hacking Exposed. But for those looking for breadth of information, this book provides a lot of content in one place.
Issues aside, I thought the information was excellent and I recommend that security administrators and programmers take a look at this book.