Leanpub Header

Skip to main content

Buffer Overflow Exploitation and Defense Evasion

A Deep Dive into Memory Corruption Vulnerabilities, Exploitation, and Defense

This book is 100% completeLast updated on 2026-07-11

Memory corruption remains one of the most significant classes of software vulnerabilities. This book explores the foundations of memory corruption, modern exploitation techniques, and the defenses designed to stop them, providing security professionals and researchers with a deep understanding of how these vulnerabilities work and how to mitigate them effectively.

Minimum price

$19.00

$29.00

You pay

Author earns

$

Also available for 1 book credit with a Reader Membership

PDF
EPUB
WEB
APP
About

About

About the Book

This book provides a comprehensive, technically rigorous treatment of memory corruption vulnerabilities, from the CPU architecture foundations that make them possible to the advanced exploitation techniques and modern defenses that define today's security landscape. Beginning with computer memory architecture, process layout, and assembly language fundamentals, it progresses through stack-based and heap-based buffer overflows, use-after-free, format string vulnerabilities, and related memory corruption bugs. The book covers exploit development concepts including shellcode, return-oriented programming, jump-oriented programming, and information leaks across both Windows and Linux platforms. Modern mitigations such as DEP/NX, ASLR, stack canaries, Intel CET, ARM PAC, and Control Flow Integrity are examined in depth, along with the ongoing arms race between exploitation research and defense mechanisms. The final chapters address vulnerability research methodologies, fuzzing, secure coding practices, and incident response. This book is intended for security professionals, reverse engineers, vulnerability researchers, and advanced students who want to understand memory corruption at the deepest level for defensive purposes. All techniques described are presented in the context of ethical security research and responsible disclosure.

Bundle

Bundles that include this book

Author

About the Author

Steve T. Publications

Steve T. brings nearly two decades of deep cybersecurity experience to the complex world of memory corruption. With 18 years dedicated to analyzing, understanding, and navigating low-level system security, his expertise spans vulnerability research, exploit development, and the intricacies of modern defense mechanisms. This book distills his extensive practical knowledge, offering readers a clear and authoritative guide through the challenging landscape of buffer overflows, defense evasion, and the perpetual arms race between attackers and defenders.

Contents

Table of Contents

A Deep Dive into Memory Corruption Vulnerabilities, Exploitation, and Defense

Introduction

Chapter 1: Computer Memory Architecture and CPU Fundamentals

  1. The Von Neumann Architecture and Memory Addressing
  2. CPU Registers and Their Roles
  3. Instruction Execution and the Fetch-Decode-Execute Cycle
  4. Endianness and Data Representation
  5. Privilege Levels and Ring Architecture
  6. Memory Mapping at the Hardware Level

Chapter 2: Process Memory Layout and Operating System Memory Management

  1. Virtual Memory and Address Translation
  2. The Text, Data, BSS, Heap, and Stack Segments
  3. Shared Libraries and Dynamic Linking
  4. Memory Allocation: malloc, free, and the Allocator
  5. Page Tables and the MMU
  6. Cross-Platform Differences: Linux vs Windows Memory Layout

Chapter 3: Assembly Language Essentials and Calling Conventions

  1. x86 and x86_64 Instruction Set Overview
  2. Common Instructions for Exploit Development
  3. The Stack Frame: Prologue, Epilogue, and Local Variables
  4. System V AMD64 ABI Calling Convention
  5. Windows x64 Calling Convention
  6. Position-Independent Code and Relocations

Chapter 4: Debugging Workflows and Binary Analysis Foundations

  1. GDB Essentials for Security Research
  2. WinDbg, x64dbg, and Mona.py on Windows
  3. Memory Inspection and Breakpoint Strategies
  4. Reverse Engineering with radare2 and Ghidra
  5. Static Analysis: objdump, readelf, and PE Tools
  6. Dynamic Analysis and Instrumentation with Frida

Chapter 5: Stack-Based Buffer Overflows

  1. Anatomy of a Stack-Based Overflow
  2. Return Address Overwriting and Control Flow Hijacking
  3. Finding the Offset: Pattern Creation and Crash Analysis
  4. NOP Sleds and Shellcode Placement
  5. Environment Variables and Stack Spraying
  6. Impact on Windows and Linux Systems
  7. Walkthrough: Complete Stack Overflow Exploit with Shellcode Injection

Chapter 6: Heap-Based Buffer Overflows and Heap Manipulation

  1. How Memory Allocators Work: glibc ptmalloc and Windows Heap
  2. Heap Chunk Metadata and Free List Management
  3. Heap Overflow Exploitation Techniques
  4. Bin Sorting and Consolidation Attacks
  5. House of Force, House of Spirit, and Named Heap Techniques
  6. Walkthrough: Fastbin Attack with Arbitrary Write Primitive

Chapter 7: Related Memory Corruption Vulnerabilities

  1. Off-by-One Errors and Their Exploitation
  2. Integer Overflows Leading to Memory Corruption
  3. Use-After-Free Vulnerabilities
  4. Double-Free and Freed Pointer Manipulation
  5. Format String Vulnerabilities
  6. Out-of-Bounds Reads and Writes
  7. Race Conditions Affecting Memory Safety
  8. Walkthrough: Tcache Poisoning UAF with Vtable Overwrite
  9. Walkthrough: Format String Arbitrary Write via GOT Overwrite

Chapter 8: Shellcode Fundamentals and Control Flow Hijacking

  1. What Is Shellcode and Why It Matters
  2. Writing Position-Independent Shellcode
  3. Syscall-Based Shellcode for Linux
  4. Windows API Resolution and LoadLibrary Techniques
  5. Null Byte Handling and Encoding
  6. Polymorphic and Encoded Payloads
  7. Walkthrough: Building and Executing Shellcode in a Stack Overflow

Chapter 9: Return-Oriented Programming and Code Reuse Attacks

  1. The Problem DEP Solved and the ROP Solution
  2. Building ROP Chains: Gadgets, Pivots, and Registers
  3. Finding Gadgets with ropper and ROPgadget
  4. ROP on Linux: System Call Construction
  5. ROP on Windows: VirtualAlloc and WinExec
  6. Walkthrough: Complete ROP Chain Against a Hardened Binary
  7. Jump-Oriented Programming (JOP)
  8. Signal-Oriented Programming (SROP)
  9. Oriented Return Composition (ORC)

Chapter 10: Information Leaks and Address Disclosure

  1. Why ASLR Makes Exploitation Harder
  2. Heap Spraying and Deterministic Memory Layout
  3. Format String Information Disclosure
  4. Return-to-PLT and GOT Overwrite for Leaks
  5. Walkthrough: Multi-Stage Exploit Chain with ASLR Bypass
  6. Windows ASLR Bypass Techniques
  7. Partial Overwrites and Reduced Entropy
  8. Cross-Process Information Gathering

Chapter 11: Modern Defenses and Mitigations

  1. DEP/NX: Non-Executable Memory Pages
  2. ASLR: Address Space Layout Randomization
  3. Stack Canaries and ProPolice
  4. PIE, RELRO, and GOT Protection
  5. SafeSEH and CFG on Windows
  6. Control Flow Integrity (CFI)
  7. Intel CET: Shadow Stacks and Indirect Branch Tracking
  8. ARM Pointer Authentication (PAC)
  9. Sandboxing and Process Isolation

Chapter 12: Bypass Research and the Exploit-Mitigation Arms Race

  1. The Timeline: From Stack Smashing to Modern Defenses
  2. Canary Bypass Techniques
  3. ASLR Entropy Analysis and Bypass
  4. Full RELRO and GOT Write Limitations
  5. CFI Bypass Research
  6. CET Bypass Approaches
  7. PAC Bypass on ARM
  8. The Future: What Comes Next

Chapter 13: Vulnerability Research Methodologies

  1. Fuzzing Strategies: Coverage-Guided and Mutation-Based
  2. Walkthrough: Setting Up and Running a Fuzzing Campaign
  3. Crash Triage and Root Cause Analysis
  4. Binary Analysis: Symbolic Execution and Concolic Testing
  5. Memory Sanitizers: ASan, MSan, UBSan
  6. Differential Fuzzing and Cross-Platform Comparison
  7. Responsible Disclosure and CVE Assignment

Chapter 14: Secure Coding Practices and Compiler Hardening

  1. Safe String and Memory Functions
  2. Bounds Checking and Safe Integer Arithmetic
  3. Compiler Flags: FORTIFY_SOURCE, StackProtector, CFProtection
  4. Memory-Safe Languages: Rust as an Alternative
  5. Code Review Techniques for Memory Safety
  6. Static Analysis Tools: Clang Analyzer, Coverity, PVS-Studio

Chapter 15: Exploit Detection, Incident Response, and Forensics

  1. Detecting Buffer Overflow Attacks in the Wild
  2. EDR and Behavioral Monitoring for Memory Corruption
  3. Core Dump Analysis and Post-Mortem Debugging
  4. Network-Level Exploit Detection
  5. Incident Response Playbooks for RCE Events
  6. Forensic Timeline Reconstruction
  7. Lessons from Major Exploit Incidents
  8. Walkthrough: Forensic Analysis of a Stack Overflow Exploit

Conclusion

References

Get the free sample chapters

Click the buttons to get the free sample in PDF or EPUB, or read the sample online here

The Leanpub 60 Day 100% Happiness Guarantee

Within 60 days of purchase you can get a 100% refund on any Leanpub purchase, in two clicks.

See full terms...

Earn $8 on a $10 Purchase, and $16 on a $20 Purchase

We pay 80% royalties on purchases of $7.99 or more, and 80% royalties minus a 50 cent flat fee on purchases between $0.99 and $7.98. You earn $8 on a $10 sale, and $16 on a $20 sale. So, if we sell 5000 non-refunded copies of your book for $20, you'll earn $80,000.

(Yes, some authors have already earned much more than that on Leanpub.)

In fact, authors have earned over $15 million writing, publishing and selling on Leanpub.

Learn more about writing on Leanpub

Free Updates. DRM Free.

If you buy a Leanpub book, you get free updates for as long as the author updates the book! Many authors use Leanpub to publish their books in-progress, while they are writing them. All readers get free updates, regardless of when they bought the book or how much they paid (including free).

Most Leanpub books are available in PDF (for computers) and EPUB (for phones, tablets and Kindle). The formats that a book includes are shown at the top right corner of this page.

Finally, Leanpub books don't have any DRM copy-protection nonsense, so you can easily read them on any supported device.

Learn more about Leanpub's ebook formats and where to read them

Write and Publish on Leanpub

You can use Leanpub to easily write, publish and sell in-progress and completed ebooks and online courses!

Leanpub is a powerful platform for serious authors, combining a simple, elegant writing and publishing workflow with a store focused on selling in-progress ebooks.

Leanpub is a magical typewriter for authors: just write in plain text, and to publish your ebook, just click a button. (Or, if you are producing your ebook your own way, you can even upload your own PDF and/or EPUB files and then publish with one click!) It really is that easy.

Learn more about writing on Leanpub