IT Audit
Security Training
Security Certification
Internet Storm Center
Cyber Security Graduate School
Security Awareness Training
ICS/SCADA
Penetration Testing
Cyber Defense Foundations
Computer Forensics
Software SecurityOver the past few weeks I've been completing work on a Secure C/C++ Coding course. The course is for programmers and code reviewers, helping to prepare them for the Secure Coding certification and to teach them how to avoid the most common coding errors in C.
Along the way, I created a module in the course to demonstrate how vulnerabilities are exploited. In the meantime I got an invitation to do an evening presentation at the SANS New Orleans and Orlando conferences, so I turned it into a "How to Find and Exploit Buffer Overflows Step by Step." As long as I was going to all of that work, I decided it would be worthwhile to add a few slides to demonstrate how to turn it into a Metasploit exploit module.
The screencast should be pretty easy to follow, but if you have any questions, please feel free to post them here as comments!
For a comprehensive course on how to identify critical controls, validate that the correct controls are in place and validate processes, consider the SANS 6 day course, "Advanced System & Network Auditing". David Hoelzer is theSANS IT Audit Curriculum Lead and the author of several SANS IT Audit related courses.
Posted April 05, 2010 at 9:36 PM | Permalink | Reply
uberVU - social comments
<strong>Social comments and analytics for this post...</strong>
This post was mentioned on Twitter by it_audit: How to create an exploit and turn it into a Metasploit module! http://bit.ly/5Cx1A5...