“I Want My EIP: Buffer Overflow 101” at NolaCon

By Red Siege | February 18, 2020

I Want My EIP: Buffer Overflow 101

Mike Saunders to Speak at NolaCon

Red Siege Information Security Principal Consultant Mike Saunders will present “I Want My EIP: Buffer Overflow 101” at NolaCon, an information security/hacker conference in New Orleans from May 15 – 17.

“When I started learning buffer overflows, I thought it was something everybody else already knew. But the reality is, there are lots of us, just like me, who want to know more but are either overwhelmed by the idea that buffer overflows are beyond their capabilities or just don’t know where to get started,” Saunders said. “This is a 101-level talk; we’ll talk about how a buffer overflow works, how to fuzz an app to identify an overflow opportunity, and how to create a simple overflow that will result in a compromise of a target system.”

Saunders, who has been involved in IT and security for more than 25 years, will bring shirts and stickers to give away. He stressed that the presentation was for buffer overflow beginners, but that for those interested in the subject it would provide immediately usable information.

“If you can already smash the stack, spray the heap, and write ROP chains in your sleep, this isn’t the talk for you. If you want to learn more about how simple buffer overflows work and how to write them, this talk is for you,” Saunders said. “When you leave, you will have the information and resources to help you write your first overflow when you walk out the door.”

NolaCon will be held at the Hyatt Centric in New Orleans with a Training from May 11-14 and Conference from May 15 – 17. 2020 marks the events seventh year, and topics are focused on today’s information security needs including malware, exploits, vulnerabilities, social engineering and forensics. Saunders presentation time has not yet been announced.

About Saunders


Linked In:https://www.linkedin.com/in/mike-saunders-7902631/

Mike Saunders has over 25 years of experience in IT and security and has worked in the ISP, financial, insurance, and agribusiness industries. He has held a variety of roles in his career including system and network administration, development, and security architect. Mike been performing penetration tests for nearly a decade. Mike is an experienced speaker and has spoken at DerbyCon V and VII, BSides MSP, BSides Winnipeg, and the NDSU Cyber Security Conference. He has participated multiple times as a member of NCCCDC Red Team. Mike holds the GCIH, GPEN, GWAPT, GMOB, CISSP, and OSCP certifications.

Attacking SAML implementations

By Red Siege | November 2, 2021

SAML and SAML Attacks Recently a client mentioned that they wanted me to pay particular attention to the SAML authentication on an app I was going to be testing. It’s […]

Learn More
Attacking SAML implementations

Bypassing Signature-Based AV

By Red Siege | August 25, 2021

If you want to execute arbitrary code on an endpoint during a penetration test, red team, or assumed breach, chances are you’ll have to evade some kind of antivirus solution. […]

Learn More
Bypassing Signature-Based AV

Sans Core Netwars Tournament of Champions Europe

By Red Siege | August 9, 2021

From Justin Palk, Security Consultant: I’ll be honest, it feels good to win. Popping a shell sends a shiver down my spine. But getting into a duel with another team […]

Learn More
Sans Core Netwars Tournament of Champions Europe

Find Out What’s Next

Stay in the loop with our upcoming events.