Is there anyone out there who has taken the Ptrace Security’s Advanced Software Exploitation training? If so, do you have any recommendation on books, articles, or blog posts to read before I take the class?
Looking at the course syllabus and searching for the covered examples that are used during the training, you can find some tutorials and further explanations that deal with the same vulnerabilities online. For example, for “Module 3: ActFax (OSVDB 89944)” a tutorial is provided by Craig himself (assuming it is the same vulnerability that he discovered) as well as by others. The same applies to other examples covered such as “Mozilla Firefox (CVE-2011-2371)” (see here and here).
If you decide to take the course it would be great to see a review. 🙂