This is the second step in learning the world of exploit development. This class will continue to teach you how to write stack based exploits on the Linux and Win32 platforms. We will learn about topics such as Return Oriented Programming (ROP), Stack Pivots, defeating DEP, Egg hunters and more. This will be a hands-on class, so prepare to get your feet wet. Please join me fall further down the rabbit hole.
Mainframes, and specifically z/OS, represents a massive blind spot when it comes to penetration testing. People lack the capabilities and language to properly test the security of these corporate mainstays. As it stands today these system sit largely untouched by IT security professionals, until, that is, a breach occurs, such as the breach of a bank and government mainframe in Europe leading to the potential loss of a million USD. If your company has a mainframe chances are it’s never been given it’s proper day in the sun. We’ve heard all the excuses ranging from “system outage” to “we don’t know how”. This training aims to tackle the excuses by demonstrating that mainframes are just computers like everything else, providing the attendees with the language and knowledge to start testing their own mainframes. Arming them with the appropriate responses and tools to tackle every excuse in the book.
The Charlotte Metro Information Systems Security Association (ISSA) is pleased to announce the ISSA Information Security Conference to be held on May 18th 2017 at the Charlotte Convention Center. This day-long event is designed to provide a forum in which industry leaders, policy makers, and regional peers can share information regarding emerging technologies, trends, and best practices within Information Security and related fields. The Conference features a full day of talks and presentations as well as educational opportunities with hands-on workshops, demonstrations of new technology, peer networking, and the opportunity to exchange the latest security information, strategies and techniques. A number of nationally acclaimed information security experts and media personalities are slated to deliver keynote addresses in addition to an array of technical presentations in areas such as: Audit / Compliance, Vulnerability / Risk Management, OS Security, Identity and Access management, Hands-on Attacks, Forensics / Incident Response, and Future Challenges.