My only fear about all this is that we suck at defense. I'm not sure we (USA)  could withstand a serious attack...

That article you posted is interesting, they certainly have points. However, this report is based on a lot of data. The keyboard layouts that came across the RDP sessions didn't indicate Russian, they indicated Chinese. Just like in a court case, sometimes even if you don't have an actual video showing a person doing something, they can be convicted. IN this case, there is in fact a video to back it up, however we don't see the actual actor, which one could argue the video was fabricated. I for one, believe the data.

There is no doubt the US is doing similar activities, however, I don't believe they're stealing trade secrets unless its military secrets from other nations. I don't buy into the US using it for anything other than military purposes.

It's fascinating. The level of detail is unbelievable.

That is a a GREAT deal. We paid significantly more. We had to bring Peter to us, which is probably why. I suspect with all the extra free press he gets being at a Con, and larger classes maybe, he can bring the price down.


***

oops, just realized you said euros.... that's still a little cheaper, but not as big of a break as I thought...

There have been a few posts lately about the Corelan live exploit dev training course. I thought this would help you make your decision if you're on the fence. The metasploit guys just took his course, and if they give it the thumbs up, you know its good. I'm just relieved to hear  that they also took 28 hours, not just our crew

https://community.rapid7.com/community/metasploit/blog/2013/02/15/weekly-update

Rumors are there is a real exploit floating around.

When I looked at this to see if exploitation was possible, I started with a 2 second packet capture of the RDP protocol, saw 10K packets in wireshark and said, well effff this bug. I'm out.

There is a lot of overlap and in many cases they compliment each other. We had a thread on here somewhere where we got into the nitty gritty. For example, OSCE covers no ROP exploitation but Corelan does. Corelan is 110% exploit dev. OSCE is 90%. If possible, do them both!!

ajohnson just knocked out OSCE and recently did Corelan, he might have a fresher perspective...

I know, but on his blog he basically says he only used their VMs. http://strategicsec.com/blog/ - that's what I'm saying, his rebuttal doesn't make any sense.

He addressed it on his blog but still, why would he put his entire reputation at risk if all he did was use their VMs? Just seems like he must have done more, or, it was just an extremely stupid move. I just don't understand why you would jeopardize everything to save like a day or two of work.

@ajohnson I've had it for so long, I completely forgot where it came from. This is it: http://www.redteamsecure.com/labs/post/18/build-your-own-ftp-fuzzer

Editing the post now to reflect that!

If you haven't heard, Mr. McCray is in a bit of hot water in regards to this course...Google full fu. (Damn dumbphone)

I literally just had this last problem on the latest bug I posted. Just slapped together a blog post last night: http://www.pwnag3.com/2013/02/actfax-raw-server-exploit.html

Bottom line, you can cut up the payload easily. However, if you mess with the payload being sent sometimes the memory layout/registers will be completely different and show you something better or worse. In my case, 4 bytes literally changed the entire structure...

@H1t M0nk3y

OSCE is hard. Best advice I can give looking back is to simply practice. I used to go to exploit db, pull down exploits, strip out all the stuff in the middle and start with a simple crash. From there, rebuild the exploit. If you do that 100 times, you're in good shape

The course material is merely supplemental to what's needed for the exam, assuming you have no experience prior. Go for it though, even if you fail, keep going because it's really really good stuff. You'll eventually get it.

When I say "get into the field" I mean try to get into a company that does some sort of infosec. Ideal situation would be to get  into one that does more than one thing...hopefully including pen testing so you could maybe get over to that part of the company.

While education and certs help you learn and help "check boxes" for HR, you should really try to get into the field as soon as possible. The hardest part about getting into pen testing, is getting into pen testing. If you can afford to get in as entry level/associate level, you should do so. You may come to find that no one wants to hire you, so you'll have to figure out a way to prove to a prospective company that #1 you love this stuff, #2 you have the drive and #3 you have a hunger to learn.

My advice, keep getting as much education as you can but also try to get into the field asap.