What other resources did you use to learn buffer overflows?

I have about 5 links but any other suggestions would be nice.

After hearing and reading so many positive reviews over the past year, I decided to take the plunge. I received my materials late Saturday (08/04) evening, which was technically 08/05 00:00 GMT. So far I have about 8 hours invested into the course and I have enjoyed everything so far. At first, I started reading the modules in order (lab pdf) but then I decided to briefly fly through the entire lab pdf, just to see exactly what I will be learning. Sooo..I've been reading/slighty skimming through the lab for about 4-6 hours and I'm only on module 8, so that should give people an indication to how much material is packed into the lab pdf.

Just like so many people have mentioned, I can get through the first five modules pretty easy (learning backtrack, learning some BASH/python, port scanning, enumeration, etc..)but from module six and on, I know I will have to do A LOT of outside research...which I'm completely fine with. I'm not going to lie, going through the buffer overflow section for the first time was like reading Japanese.

The further I get into the Lab pdf, the more I feel a little overwhelmed. I kind of wish OffSec would give you the choice of going through the PDF and Video's for a week or two, then starting the lab time. The material is totally worth it but I can't help but think I'm losing money by reading, researching, and watching video's..rather than messing with the lab.

My personal goal is to get everything done within 60 lab days and take the test some time after that.

Well I better get back to the pdf. Any comments are welcomed.

I just sent an email, I would definitely be interested.

@ docrice,

Thank you for your input, I always find your information very helpful and useful on here and techexams.

@j0rDy,

Thank you for your input as well. I do not plan on applying for a security job for at least 1.5-2 years but I like looking at the job postings, just so I know what's out there. My next career move is to probably move into a Linux Admin position with my current company and keep the computer forensic internship (just like I'm doing now with my NOC position).

 I recently started a computer forensic internship, so I am gaining the oh so valuable experience...but I still can't decide if I want to have a career in computer forensics or pentesting. I've been searching keywords of CF and pentest jobs on Dice, Indeed, and Simply Hired and there are a few things that scare me about the two fields.

#1. The number of jobs for each CF and Pentration testing. I would hate to spend so much time and effort on learning and certs, to find I can't land a job in the field I love.

**What's your opinion on the career outlook for either job?

#2. Salary; I know money isn't everything but I definitely want to make a good living for myself and future family. When I google "computer forensic" and "penetration tester" salaries, I get different numbers from every website.

**I know it depends on so many factors, but from your experience how much should a professional with 0-5 years make per year?

#3. Here are the words I use to search for jobs, let me know if there are some words I should add.

**CF: EnCE, GCFA, GCFE, GREM, EnCase, FTK, CCE, CHFI, computer forensics, digital forensics

**Pentesting: OSCP, OSCE, GPEN, GWAPT, metasploit, CISSP, pentration tester, ethical hacker, backtrack, wireshark, CEH, vulnerability

Please add any other comments that could help, thanks again everybody .

http://www.cnn.com/2012/04/30/world/al-qaeda-documents-future/index.html?hpt=hp_c1

This article isn't necessarily heavy in technical info but I'm assuming computer forensic techniques were performed to find the documents within the porn video.

When I type GREM into www.indeed.com, I get about 80 results. If I type in CREA, I barely get any results. As of right now, GREM is the certification you would want to get.

Thank you to everyone who replied and gave their input.

I'm going to take the next month or so to learn the main concepts of ASM and C++, just to make sure I get the most out of this book.

I hope to take the GREM by the end of the year 

To become a great malware analyst, do I need to know how to read assembly language or actually know how to program in assembly language. Kind of the same question for C++ as well ?

Have a safe trip and let us know what the job is like.

+1 lol

If you need help learning assembly, security tube has some good assembly primer videos.

I just bought the book. It will be here on Saturday 

Do you have to know programming pretty well to understand most of the topics covered in this book?

Damn, I'm sorry to hear that Jamie.R. If you don't mind me asking, what certs and  work experience did you have before the job? And did they tell you which skill or skills that were not up to their liking?

If I were in your position, I would still apply for security jobs...but you'll probably want to apply for other jobs as well (like whatever else you use to do before the pentesting job?). Keep your head up, I'm hoping the 6 months of pentesting experience will land you other pentesting/ security gigs.