I Want My EIP: Buffer Overflow 101
Mike Saunders to Speak at NolaCon
Red Siege Information Security Principal Consultant Mike Saunders will present “I Want My EIP: Buffer Overflow 101” at NolaCon, an information security/hacker conference in New Orleans from May 15 – 17.
“When I started learning buffer overflows, I thought it was something everybody else already knew. But the reality is, there are lots of us, just like me, who want to know more but are either overwhelmed by the idea that buffer overflows are beyond their capabilities or just don’t know where to get started,” Saunders said. “This is a 101-level talk; we’ll talk about how a buffer overflow works, how to fuzz an app to identify an overflow opportunity, and how to create a simple overflow that will result in a compromise of a target system.”
Saunders, who has been involved in IT and security for more than 25 years, will bring shirts and stickers to give away. He stressed that the presentation was for buffer overflow beginners, but that for those interested in the subject it would provide immediately usable information.
“If you can already smash the stack, spray the heap, and write ROP chains in your sleep, this isn’t the talk for you. If you want to learn more about how simple buffer overflows work and how to write them, this talk is for you,” Saunders said. “When you leave, you will have the information and resources to help you write your first overflow when you walk out the door.”
NolaCon will be held at the Hyatt Centric in New Orleans with a Training from May 11-14 and Conference from May 15 – 17. 2020 marks the events seventh year, and topics are focused on today’s information security needs including malware, exploits, vulnerabilities, social engineering and forensics. Saunders presentation time has not yet been announced.
Mike Saunders has over 25 years of experience in IT and security and has worked in the ISP, financial, insurance, and agribusiness industries. He has held a variety of roles in his career including system and network administration, development, and security architect. Mike been performing penetration tests for nearly a decade. Mike is an experienced speaker and has spoken at DerbyCon V and VII, BSides MSP, BSides Winnipeg, and the NDSU Cyber Security Conference. He has participated multiple times as a member of NCCCDC Red Team. Mike holds the GCIH, GPEN, GWAPT, GMOB, CISSP, and OSCP certifications.