“I Want My EIP: Buffer Overflow 101” at NolaCon

By Red Siege | February 18, 2020

I Want My EIP: Buffer Overflow 101

Mike Saunders to Speak at NolaCon

Red Siege Information Security Principal Consultant Mike Saunders will present “I Want My EIP: Buffer Overflow 101” at NolaCon, an information security/hacker conference in New Orleans from May 15 – 17.

“When I started learning buffer overflows, I thought it was something everybody else already knew. But the reality is, there are lots of us, just like me, who want to know more but are either overwhelmed by the idea that buffer overflows are beyond their capabilities or just don’t know where to get started,” Saunders said. “This is a 101-level talk; we’ll talk about how a buffer overflow works, how to fuzz an app to identify an overflow opportunity, and how to create a simple overflow that will result in a compromise of a target system.”

Saunders, who has been involved in IT and security for more than 25 years, will bring shirts and stickers to give away. He stressed that the presentation was for buffer overflow beginners, but that for those interested in the subject it would provide immediately usable information.

“If you can already smash the stack, spray the heap, and write ROP chains in your sleep, this isn’t the talk for you. If you want to learn more about how simple buffer overflows work and how to write them, this talk is for you,” Saunders said. “When you leave, you will have the information and resources to help you write your first overflow when you walk out the door.”

NolaCon will be held at the Hyatt Centric in New Orleans with a Training from May 11-14 and Conference from May 15 – 17. 2020 marks the events seventh year, and topics are focused on today’s information security needs including malware, exploits, vulnerabilities, social engineering and forensics. Saunders presentation time has not yet been announced.

About Saunders


Linked In:https://www.linkedin.com/in/mike-saunders-7902631/

Mike Saunders has over 25 years of experience in IT and security and has worked in the ISP, financial, insurance, and agribusiness industries. He has held a variety of roles in his career including system and network administration, development, and security architect. Mike been performing penetration tests for nearly a decade. Mike is an experienced speaker and has spoken at DerbyCon V and VII, BSides MSP, BSides Winnipeg, and the NDSU Cyber Security Conference. He has participated multiple times as a member of NCCCDC Red Team. Mike holds the GCIH, GPEN, GWAPT, GMOB, CISSP, and OSCP certifications.

Introduction to Sliver

By Red Siege | November 7, 2022

By: Justin Palk, Security Consultant Around the time Tim decided he was going to give a Siegecast on selecting a C2, I finished building out a test Windows AD domain […]

Learn More
Introduction to Sliver

Moving beyond T4 – Deconstructing Nmap Tuning

By Red Siege | July 6, 2022

by Alex Norman, Senior Security Consultant Nmap -T4 -iL targets.txt This is a very common scan string that many people use to get initial recon done on assessments and, to […]

Learn More
Moving beyond T4 – Deconstructing Nmap Tuning

Creating a Simple Windows Domain for Offensive Testing: Part 4

By Red Siege | June 23, 2022

By: Justin Palk, Security Consultant This is part four of my series of blog posts on creating a windows domain for offensive security testing. In part 1, I stood up […]

Learn More
Creating a Simple Windows Domain for Offensive Testing: Part 4

Find Out What’s Next

Stay in the loop with our upcoming events.