Dailydave mailing list archives
Re: Immunity Certified Network Offense Professional
From: Dave Aitel <dave () immunityinc com>
Date: Sat, 12 Jul 2008 15:30:44 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Thomas Ptacek wrote: |> > Specifically, to obtain the certification you will need to write a |> > buffer overflow from scratch within a certain time period. You will |> > first find the buffer overflow by reverse engineering a target program, |> > and then obtain a shell from it or execute a command. This is a hands-on |> > certification, not a paper test. |> Sounds like potentially a meaningful, if narrow, test. | | Some of the most effective pentesters I've met would not be able to | pass this. This is the problem with all certifications. Then they'd fail. There's no excuse for not being able to write a simple Windows stack overflow in this day and age. I don't see this part as a problem. Even web attackers need to know how to do that. It is hard, of course, to isolate a hands on test from the tools you have to use to do that test. VisualSploit and Immunity Debugger are really easy to use, but if you are only capable of using WinDBG then you might fail as well. In that case, you'd need to learn how to pick up new tools faster. We'll have an instruction book available at the table. :> - -dave -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIeQZjtehAhL0gheoRAvtcAKCGJUNoPLtsEEyKio9y5jOnuYBM2wCfQY3k CtWVHv6SwDthKJorIEWlwg8= =O5qQ -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Immunity Certified Network Offense Professional Dave Aitel (Jul 11)
- Re: Immunity Certified Network Offense Professional Blue Boar (Jul 11)
- Re: Immunity Certified Network Offense Professional Thomas Ptacek (Jul 11)
- Re: Immunity Certified Network Offense Professional Alexander Sotirov (Jul 11)
- Re: Immunity Certified Network Offense Professional Rodney Thayer (Jul 12)
- Re: Immunity Certified Network Offense Professional root (Jul 12)
- Re: Immunity Certified Network Offense Professional Dave Aitel (Jul 12)
- Re: Immunity Certified Network Offense Professional Thomas Ptacek (Jul 13)
- Re: Immunity Certified Network Offense Professional Pusscat (Jul 13)
- Re: Immunity Certified Network Offense Professional Thomas Ptacek (Jul 13)
- Re: Immunity Certified Network Offense Professional matthew wollenweber (Jul 13)
- Re: Immunity Certified Network Offense Professional Thomas Ptacek (Jul 13)
- Re: Immunity Certified Network Offense Professional Thomas Ptacek (Jul 11)
- Re: Immunity Certified Network Offense Professional val smith (Jul 14)
- Re: Immunity Certified Network Offense Professional Blue Boar (Jul 11)
- Re: Immunity Certified Network Offense Professional Paul Melson (Jul 13)
- Re: Immunity Certified Network Offense Professional drraid (Jul 13)
- Re: Immunity Certified Network Offense Professional Thomas Ptacek (Jul 13)
- Re: Immunity Certified Network Offense Professional root (Jul 14)