DSU Recommended Reading List

CSC 748 – Software Exploitation

The Art of Software Security Assessment (2 Volumes)
Mark Dowd, John McDonald, Justin Schuh 978-0-321-44442-4

  • 1 – Software Security Fundamentals
  • 2 – Design Review
  • 5 – Memory Corruption
  • 6 – C Language Issues
  • 8 – Strings & Metacharacters
  • 11 – Windows I: Objects and the File System
  • 17 – Web Applications

Inside Windows Debugging
Tarik Soulami 978-0735662780

  • 6 – Code Analysis Tools

Understanding Windows Shellcode

  • http://www.hick.org/code/skape/papers/win32-shellcode.pdf

The Shellcoder’s Handbook
Chris Anley 978-0470080238

  • 2 – Stack Overflows
  • 3 – Shellcode
  • 5 – Introduction to Heap Overflows
  • 7 – Windows Shellcode
  • 8 – Windows Overflows
  • 9 – Overcoming Filters
  • 14 – Protection Mechanisms
  • 16 – Fault Injection
  • 17 – The Art of Fuzzing
  • 18 – Source Code Auditing

Understanding Windows Shellcode

INFA 732 – Malware Analysis

Practical Malware Analysis
Mike Sikorski ISBN-13: 978-1593272906

  • 0 – Malware Analysis Primer
  • 1 – Basic Static Techniques
  • 2 – Malware Analysis in Virtual Machines
  • 3 – Basic Dynamic Analysis
  • 4 – A Crash Course in x86 Disassembly
  • 5 – IDA Pro
  • 6 – Recognizing C Code Constructs in Assembly
  • 7 – Analyzing Malicious Windows Programs
  • 8 – Debugging
  • 11 – Malware Behavior
  • 13 – Data Encoding
  • 14 – Malware Focused Network Signatures
  • 18 – Packers and Unpacking
  • 19 – Shellcode Analysis

INFA 754 – Intrusion Detection

CSC 844 – Advanced Reverse Engineering

Gray Hat Hacking – Fifth Edition
Allen Harper, et al
ISBN: 978-1-260-10841-5

  • 1 – Why Gray Hat Hacking? Ethics and Law
  • 2 – Programming Survival Skills
  • 4 – Next-Generation Reverse Engineering
  • 6 – So You Want To Be a Pentester?
  • 7 – Red Teaming Operations
  • 9 – Bug Bounty Programs
  • 10 – Getting Shells Without Exploits
  • 11 – Basic Linux Exploits
  • 12 – Advanced Linux Exploits
  • 13 – Windows Exploits
  • 14 – Advanced Windows Exploitation
  • 16 – Next-Generation Web Application Exploitation
  • 17 – Next-Generation Patch Exploitation
  • 22 – Internet of Things to Be Hacked
  • 23 – Dissecting Embedded Devices
  • 24 – Exploiting Embedded Devices
  • 25 – Fighting IOT Malware

CSC 846 – Advanced Malware

Windows Internals – Part 1
Mark Russinovich, et al 978-0-7356-4873-9

  • 4 – Management Mechanisms

The IDA Pro Book
Chris Eagle 978-1-59327-289-0

  • 21 – Obfuscated Code Analysis

Understanding Windows Shellcode

  • http://www.hick.org/code/skape/papers/win32-shellcode.pdf

CSC 848 – Advanced Exploit

Windows Internals – Part 1
Mark Russinovich, et al 978-0-7356-4873-9

  • 5 – Processes, Threads and Jobs

The IDA Pro Book
Chris Eagle 978-1-59327-289-0

  • 22 – Vulnerability Analysis

The Shellcoder’s Handbook
Chris Anley 978-0470080238

  • 2 – Stack Overflows
  • 3 – Shellcode
  • 5 – Introduction to Heap Overflows
  • 7 – Windows Shellcode
  • 8 – Windows Overflows
  • 9 – Overcoming Filters
  • 14 – Protection Mechanisms
  • 27 – Hacking the Windows Kernel

Windows Internals – Part 2
Mark Russinovich, et al

  • 8 – I/O System
  • 10 – Memory Management
  • 14 – Crash Dump Analysis

Understanding Windows Shellcode

  • http://www.hick.org/code/skape/papers/win32-shellcode.pdf