New Book Reviews -

"Microsoft Windows Internals"

by Solomon and Russinovich-

a must buy for anyone interested in how Windows really works at a deep level. Very useful for security types getting started with Windows, for instance.

There are not a lot of good books on proprietary OS internals in general, and the authors have definitely created a excellent one.

the author's writing style will either enthrall or annoy you. They use a simple, conversational tone that means you can pretty much understand the book on a first reading.

The downside is that the information is much less dense, which is annoying for people who are fans of books like K&R or SICP. They still cover everything they should cover, however, it just means the book is damn big as a result.

"Buffer Overflow Attacks", by Foster et al.

Good beginner book on buffer overflows.

not spectactular in any way.

for real bibles of exploitation, try "The Shellcoder's Handbook" and "Exploiting Software".

Getting this book means you can skip getting "Hacking: The Art of Exploitation" for it's buffer overflow section, but the book has lots of good info otherwise and is still worth getting for that reason.

I did not like "Exploiting Software". There is way too much long, complicated code in the text of the book that pads it out. A lot of the code uses the Win32 API and requires you to know a little about that. And there are lengthy sections of stuff no one cares about, like writing scripts for a specific debugger product. There is good stuff too, but I would pick something else like Shellcoder's Handbook.

"Exploiting Software" is the only book with good coverage of rootkits and embedded hardware attacks.

I don't know much Win32 either, but I should be learning it if I want to say I really know what is going on.