"A book this good is a rare find, and certainly worth the read for any individual interested in security. Rating: 9/10"
—Slashdot (Read More)
"We can surely say that this book is one of the essential hacking books of all time."
"This book does a great job of covering C programming, assembly programming, vulnerability discovery, and exploitation all in one. If you are going to read only one book, start here."
—Dino Dai Zovi
"Anyone can read this book to get a good understanding of how network hacking was started . . . if you want to know early 20’s hacking theories, this book is for you!"
—Mic Johnson, Latest Hacking News, "Five Best Hacking Books That Are Still Relevant in 2021"
"Like all good books, Hacking: The Art of Exploitation, 2nd Edition encourages you to get your hands dirty. Each chapter focuses on a series of examples with finely worded guidance from Erickson. It's not a beast of a read either; it is highly accessible with an emphasis on allowing practice of the examples rather than drowning the reader in hacking theory."
—The Register (Read More)
"With especially clear coverage of heap and stack overflows, this book not only explains what's involved in hacking, but walks readers through common tools and techniques."
—InformIT (Read More)
"A security professional's paradise, burrowing down to the code level of dozens of different loopholes and explaining the underlying logic behind the attacks."
—GeekDad on Wired.com (Read More)
"This is a good book. It does a great job of first establishing the mindset of a hacker and then walking the reader step by step through the various techniques of finding interesting ways to solve problems. This in itself is what the author claims is the defining characteristic of a hacker, and I agree."
—;login: The USENIX Magazine (Read More)
"This book will take any programmer well beyond the usual programming techniques covered in conventional programming books."
—Electronic Design (Read More)
"Those whose jobs are to protect computer systems and applications must understand these flaws and techniques in order to fix, prevent and protect against them. This does not only apply to computing, but to any other field where a 'bad guy' can take advantage of a system for their own selfish reasons. Once knowledge has been released, it becomes very difficult to put it back in its box. This book is just knowledge wrapped in a different package. We recommend you strongly consider this title if you would like to enter this field or add to your repertoire."
—Gizmos for Geeks (Read More)
"Jon Erickson has completed the second edition of his seminal work, Hacking: The Art of Exploitation, adding a significant amount of text to the original work. In doing so, he has created a work that will quickly become a "go-to" guide for anyone wanting to learn hacking, or who wants to understand the hacking mindset."
—Blogcritics.org (Read More)
"Personally, this is a book I am extremely glad to own. I see it as a powerful tool in the arsenal of both sysadmins and developers alike in guarding their applications and systems from these attacks, as well as understanding what to look for, how they can happen, and the mindset of those trying them out."
—Cory Foy, software developer (Read More)
"This fantastic little book - actually not so little anymore at 488 pages - is a real gem for the serious code geek, or those in search of their inner code geek."
—The IT Security Guy (Read More)
"I now recommend this book for the Exploitation chapter alone. This chapter covers buffer and function overflows and the format string vulnerability. Buy the book and discover why strings should be formatted like this:
and never like this:
—Linux Pro Magazine (Read More)
"Probably the most detailed, thorough, and lucid coverage of 'the fundamental techniques of serious hacking.'"
—Major Keary, Linux and Open Source SIG (Read More)
"The most important book on a real hacker's library. . . . I like to think that this book resembles the Holy Grail of Hacking."
"Hacking: The Art of Exploitation will cover everything you need to know, however this book is extremely technical and seriously in depth, definitely not for script kiddies. Starts simple and ramps up very fast. I give five stars and a (black) hat off."
Selected by Cyber Defense Magazine as 1 of 100 Best CyberSecurity Books