Gray Hat Hacking: The Ethical Hacker’s Handbook, Fifth Edition

Praise for Gray Hat Hacking: The Ethical Hacker’s Handbook, Fifth Edition

“The Gray Hat Hacking book series continue to provide an up-to-date and detailed view on a large variety of offensive IT security disciplines. In this fifth edition, a group of respected infosec professionals spared no effort to share their experience and expertise on novel techniques to bypass security mechanisms.

The exploit development chapters, written by Stephen Sims, reveal in great detail what it takes to write an exploit for modern applications. In Chapter 14, Stephen uses a recent vulnerability in a major web browser to demystify the complexity of writing modern exploits for heap-related memory corruptions, bypassing memory protections along the road.

This book is a must read for anyone who wants to step up and broaden their skills in infosec.”

—Peter Van Eeckhoutte

Corelan Team (@corelanc0d3r)

“One of the few book series where I ALWAYS buy the updated version. Learn updated exploit-dev techniques from the best instructors in the business. The volume of new information available to the average information security practitioner is staggering. The authors, who are some of the best in their respective fields, help us stay up to date with current trends and techniques. GHH’s updates on Red Team Ops, Bug Bounties, PowerShell Techniques, and IoT & Embedded Devices are exactly what infosec practitioners need to add to their tool kits.”

—Chris Gates

Sr. Security Engineer (Uber)

“Never before has there been so much technology to attack nor such high levels of controls and prevention mechanisms. For example, the advancements in modern operating systems and applications to protect against exploitation are very impressive, yet time and time again with the right conditions they are bypassed. Amongst a litany of modern and up-to-date techniques, Gray Hat Hacking provides detailed and informative walkthroughs of vulnerabilities and how controls like ASLR and DEP are bypassed. Filled with real examples you can follow if you are seeking to upgrade your understanding of the latest hacking techniques—this is the book for you.”

—James Lyne

Global Research Advisor (Sophos) and Head of R&D (SANS Institute)