>From: "Jim Kelly" <macubergeek (at) comcast (dot) net [email concealed]>
>Subject: Good advice: Learn Assembly
>I have a personal goal of learning how to find vulnerabilities with fuzzers and code POCs
>(preferably in Python).
>
> Now I've gotten the traditional advice of "learn assembly" from a couple of folks. I wonder if
> that is necessary these days.
> I always thought one needed to learn assembly to code shell code. With the capabilities of
> Metasploit, I wonder if this is still true? Do you need to know assembly coding to decipher the
> output of disassemblers like IDA Pro or debuggers like Olly?
>
> Setting aside the logistical problems of finding a local college that still teaches
> assembly....am I overlooking something here?
Hi,
For Windows / PE /even some ODBC, there's Iczelion's Win32 Assembly Homepage.
http://win32assembly.online.fr 35+ tutorials, 50 odd source code examples, some other papes, links
and stuff,
and all the downloads you need to start programming in assembly, even i think an IDE (but i couldn't
get it working - notepad does anyhow). Worth looking at.
>Subject: Good advice: Learn Assembly
>I have a personal goal of learning how to find vulnerabilities with fuzzers and code POCs
>(preferably in Python).
>
> Now I've gotten the traditional advice of "learn assembly" from a couple of folks. I wonder if
> that is necessary these days.
> I always thought one needed to learn assembly to code shell code. With the capabilities of
> Metasploit, I wonder if this is still true? Do you need to know assembly coding to decipher the
> output of disassemblers like IDA Pro or debuggers like Olly?
>
> Setting aside the logistical problems of finding a local college that still teaches
> assembly....am I overlooking something here?
Hi,
For Windows / PE /even some ODBC, there's Iczelion's Win32 Assembly Homepage.
http://win32assembly.online.fr 35+ tutorials, 50 odd source code examples, some other papes, links
and stuff,
and all the downloads you need to start programming in assembly, even i think an IDE (but i couldn't
get it working - notepad does anyhow). Worth looking at.
Cheers
Colin
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides
www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
[ reply ]