Intended for software security professionals, this guide explains the techniques used by malicious hackers against software, describes specific attack patterns, and shows how to uncover new software vulnerabilities. The authors discuss the difference between implementation bugs and architectural flaws, reverse engineering tools, the weaknesses in server and client software, malicious input attacks, buffer overflows, and the construction of a simple Windows XP kernel rootkit that can hide processes and directories.