Table of Contents

Section 1 – 0-day Basics Introduction ; Security Coding ; NASL ; Section 2 – Networking 0-Day Code Introduction ; BSD Sockets ; Winsock ; Java Sockets ; Section 3 - Shellcode Introduction ; Shellcode Techniques ; Writing Shellcode ; Section 4 – Universal Exploitation Introduction ; Writing Portable Code ; Writing Portable Network Code ; Section 5 - Automation Introduction ; Automating Exploits I ; Automating Exploits II ; Automating Exploits III ; Automating Security Components ; Automating Identification Tools Appendices: A – Glossary ; B - Technical Publications and References ; C - Tool and Application Compedium ; D - LibWhisker Primer ; E - Exploit Archives ; F - Useful Syscalls ; G - The Complete Data Conversion Table

About the Author

James C. Foster, Fellow, is the Deputy Director of Global Security Solution Development for Computer Sciences Corporation where he is responsible for the vision and development of physical, personnel, and data security solutions. Preceding CSC, Foster was the Director of Research and Development for Foundstone Inc. and was responsible for all aspects of product, consulting, and corporate R&D initiatives. Prior to joining Foundstone, Foster was an Executive Advisor and Research Scientist with Guardent Inc. and an adjunct author at Information Security Magazine, subsequent to working as Security Research Specialist for the Department of Defense. Foster is also a well published author with multiple commercial and educational papers; and has authored, contributed, or edited for major publications to include Snort 2.1 Intrusion Detection (Syngress, ISBN: 1-931836-04-3), Hacking Exposed, Fourth Edition, Anti-Hacker Toolkit, Second Edition, Advanced Intrusion Detection, Hacking the Code: ASP.NET Web Application Security (Syngress, ISBN: 1-932266-65-8), Anti-Spam Toolkit, Google Hacking for Penetration Techniques (Syngress, ISBN: 1-931836-36-1), and Sockets, Shellcode, Porting and Coding (Syngress ISBN: 1-597490-05-9).