Penetration Testing mailing list archives

RE: Good advice: Learn Assembly

From: John Vill <kalookalaa () hotmail com>
Date: Mon, 18 Aug 2008 23:44:17 -0400


You never had to learn assembly.  It is no different now than it used to be.  If you do not learn assembly your 
creative potential will be seriously blunted and you will never be on the cutting edge.  In other words you will always 
be relying on the work of others.  Assembly is powerful enough that it will grant you the independence to work by your 
imagination and carry out your own ideas.  However, fuzzers and python POCs don't fit into these categories at all.  
The bottom line is, if you do not learn assembly you are blocking yourself out to an entire world of the computer 
security field where the truly creative work.  Assembly is actually an easy language to learn but hard to master, I 
suggest "The Art of Assembly".

From: macubergeek () comcast net
To: pen-test () securityfocus com
Subject: Good advice: Learn Assembly
Date: Sat, 16 Aug 2008 14:18:42 -0400

I have a personal goal of learning how to find vulnerabilities with
fuzzers and code POCs (preferably in Python).

Now I've gotten the traditional advice of "learn assembly" from a
couple of folks. I wonder if that is necessary these days.
I always thought one needed to learn assembly to code shell code.
With the capabilities of Metasploit, I wonder if this is still true?
Do you need to know assembly coding to decipher the output of
disassemblers like IDA Pro or debuggers like Olly?

Setting aside the logistical problems of finding a local college that
still teaches assembly....am I overlooking something here?

All comments welcome.

Jim

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------

_________________________________________________________________
Talk to your Yahoo! Friends via Windows Live Messenger.  Find out how.
http://www.windowslive.com/explore/messenger?ocid=TXT_TAGLM_WL_messenger_yahoo_082008
------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------

Current thread:

Good advice: Learn Assembly Jim Kelly (Aug 16)
- Re: Good advice: Learn Assembly Jan Muenther (Aug 16)
- Re: Good advice: Learn Assembly Joel Jose (Aug 16)
- Re: Good advice: Learn Assembly Micheal Cottingham (Aug 16)
- Re: Good advice: Learn Assembly Omar Herrera (Aug 16)
- Re: Good advice: Learn Assembly Colin Copley (Aug 17)
- Re: Good advice: Learn Assembly Sanjay R (Aug 17)
- RE: Good advice: Learn Assembly John Vill (Aug 19)