Using techniques to change the behavior of an application or application component in order to use it to ones advantage. When used it is often referred to software exploitation where an attacker can take control of an applications execution flow in order to run arbitrary code.
Exploit is the term used for a piece of code that (often maliciously) abuses vulnerabilities in code. This often affects the security of the vulnerable application or system and allows attackers to gain privileges they would otherwise be barred from etc.
One of the most notorious types of exploits is the so-called uncontrolled format string which makes a whole class of functions (printf, sprintf, etc.) vulnerable across a variety of programming languages and systems.
Many more types of exploits exist. TBD
Recommended books:
- Exploiting Software: How to Break Code
- Gray Hat Hacking: The Ethical Hackers Handbook
- A Bug Hunter's Diary: A Guided Tour Through the Wilds of Software Security
External references:
- Exploit (Computer Security) on Wikipedia
- Metasploit, a framework to create, refine and share exploits
