I Want My EIP: Buffer Overflow 101
Mike Saunders to Speak at NolaCon
Red Siege Information Security Principal Consultant Mike Saunders will present “I Want My EIP: Buffer Overflow 101” at NolaCon, an information security/hacker conference in New Orleans from May 15 – 17.
“When I started learning buffer overflows, I thought it was something everybody else already knew. But the reality is, there are lots of us, just like me, who want to know more but are either overwhelmed by the idea that buffer overflows are beyond their capabilities or just don’t know where to get started,” Saunders said. “This is a 101-level talk; we’ll talk about how a buffer overflow works, how to fuzz an app to identify an overflow opportunity, and how to create a simple overflow that will result in a compromise of a target system.”
Saunders, who has been involved in IT and security for more than 25 years, will bring shirts and stickers to give away. He stressed that the presentation was for buffer overflow beginners, but that for those interested in the subject it would provide immediately usable information.
“If you can already smash the stack, spray the heap, and write ROP chains in your sleep, this isn’t the talk for you. If you want to learn more about how simple buffer overflows work and how to write them, this talk is for you,” Saunders said. “When you leave, you will have the information and resources to help you write your first overflow when you walk out the door.”
NolaCon will be held at the Hyatt Centric in New Orleans with a Training from May 11-14 and Conference from May 15 – 17. 2020 marks the events seventh year, and topics are focused on today’s information security needs including malware, exploits, vulnerabilities, social engineering and forensics. Saunders presentation time has not yet been announced.
Mike Saunders has over 25 years of experience in IT and security and has worked in the ISP, financial, insurance, and agribusiness industries. He has held a variety of roles in his career including system and network administration, development, and security architect. Mike been performing penetration tests for nearly a decade. Mike is an experienced speaker and has spoken at DerbyCon V and VII, BSides MSP, BSides Winnipeg, and the NDSU Cyber Security Conference. He has participated multiple times as a member of NCCCDC Red Team. Mike holds the GCIH, GPEN, GWAPT, GMOB, CISSP, and OSCP certifications.
Related StoriesView More
Introduction to Sliver
By Red Siege | November 7, 2022
By: Justin Palk, Security Consultant Around the time Tim decided he was going to give a Siegecast on selecting a C2, I finished building out a test Windows AD domain […]Learn More
Moving beyond T4 – Deconstructing Nmap Tuning
By Red Siege | July 6, 2022
by Alex Norman, Senior Security Consultant Nmap -T4 -iL targets.txt This is a very common scan string that many people use to get initial recon done on assessments and, to […]Learn More
Creating a Simple Windows Domain for Offensive Testing: Part 4
By Red Siege | June 23, 2022
By: Justin Palk, Security Consultant This is part four of my series of blog posts on creating a windows domain for offensive security testing. In part 1, I stood up […]Learn More