Dailydave mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Immunity Certified Network Offense Professional

From: "Paul Melson" <pmelson () gmail com>
Date: Sun, 13 Jul 2008 18:57:22 -0400
On Sun, Jul 13, 2008 at 2:07 PM, Pusscat <pusscat () metasploit com> wrote:

- Decide if a crash is exploitable at all
- Make a judgement about the reliability of any exploits written
- Debug the crash to see what input caused the crash in a reasonable time limit
- Discuss possible fixes intellegently
- Apply knowledge of the crash to other areas of the program to ensure
that the bug isn't repeated and that the fix is in fact complete


All of the above can be done without any shellcode, just your favorite
compiler/interpreter and a  debugger.  And with commonly available
tools like Metasploit's shellcode generator, it's trivial to weaponize
your overflow, especially on Win2K.  All of this adds up to a
successful penetration test, providing value to the client.  But it
wouldn't get you a NOP cert.  Who cares?  If you're doing this in the
field already, who's asking you for a cert?  Are there pen-testing
firms that are A) any good at it and B) clamoring for their staff to
have certifications?  Just folks dealing with the 8570.1M mandate,
right?



Exploitation of a simple vuln requires only simple knowledge of how
x86 systems and the windows OS works, and some experience makimaking
effective use of your tools work in a timely fashion.  In my oppinion
Dave's cert is just an effective test of basic knowledge and skills in
one tiny package.


No, Immunity's cert is a test of how good you are at it using
Immunity's products.  Which is fine, every vendor with a cert does
exactly this.  Let's not make it something it's not.

PaulM
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave
Previous By Date Next
Previous By Thread Next

Current thread: