Joe McCray’s Exploit Development Workshop

This topic contains 26 replies, has 12 voices, and was last updated by  superkojiman 6 years, 9 months ago.

  • Author
    Posts
  • #8139
     superkojiman 
    Participant

    Saw this on LinkedIn today. Joe McCray of Strategic Security is going to be holding a course on exploit development starting February. It’s four courses for $100USD. Might be of some interest to budding exploit developers.

    http://strategicsec.com/2013/01/12/exploit-development-workshop/

  • #51471
     Don Donzal 
    Keymaster

    Love Joe, but this isn’t “News Items and General Discussion About EH-Net.”

    I moved it to the Malware Board unless you’d like it better in the Programming Board?

    Don

  • #51472
     superkojiman 
    Participant

    @don wrote:

    Love Joe, but this isn’t “News Items and General Discussion About EH-Net.”

    I moved it to the Malware Board unless you’d like it better in the Programming Board?

    Don

    Thanks for moving it Don, I wasn’t sure where to put it. Malware board should be fine.

  • #51473
     caissyd 
    Participant

    Too bad it’s between noon to 4:00pm, I am busy at work during those hours… :-

    But Joe is very good, so go ahead if you can!

  • #51474
     alucian 
    Participant

    It’s Saturday, so .. I suppose you’re not working 🙂

  • #51475
     rattis 
    Participant

    I’ll be busy with practical packet analysis with wireshark and “not all about me” book study groups through Feb, so I won’t play.

    I just hope that Joe has better luck with this, than his CTF class.

  • #51476
     caissyd 
    Participant

    It’s Saturday, so .. I suppose you’re not working

    Oups, I misread my calendar! Thanks Lucian!!

  • #51477
     lorddicranius 
    Participant

    @chrisj wrote:

    I’ll be busy with […] “not all about me” book study groups through Feb, so I won’t play.

    That’s a GREAT book, enjoy it!

    @chrisj wrote:

    I just hope that Joe has better luck with this, than his CTF class.

    That CTF class was the second class of Joe’s I had signed up for and made it the second fail.  He does some great DEFCON talks, but the labs for his online classes just never seem to work out :-

  • #51478
     rattis 
    Participant

    @lorddicranius wrote:

    @chrisj wrote:

    I’ll be busy with […] “not all about me” book study groups through Feb, so I won’t play.

    That’s a GREAT book, enjoy it!

    It is. Which is why I’m running the EMU IASA through it. Read it when it came out. Have 2 hard copies and 1 kindle version. Gave out copies of it to my team at work.

    @lorddicranius wrote:

    That CTF class was the second class of Joe’s I had signed up for and made it the second fail.  He does some great DEFCON talks, but the labs for his online classes just never seem to work out

    That sucks to hear. I think he’s got a great idea, and it’s more affordable than the others trying to do it. I’m not expecting OSCP cert greatness, but would like to seem him create a good learning ground, so people can build skills before they go after the big cert programs.

  • #51479
     the_Grinch 
    Participant

    Anyone sign up for this?  I did and haven’t received an email in regards to how to access the webinar on Saturday.

  • #51480
     the_Grinch 
    Participant

    Got the email today, going to be a great class!

  • #51481
     cd1zz 
    Participant

    If you haven’t heard, Mr. McCray is in a bit of hot water in regards to this course…Google [s:2tvtf9ab]full[/s:2tvtf9ab] fu. (Damn dumbphone)

  • #51482
     Dark_Knight 
    Participant

    WOW….it was him???? I saw the tweets but thought oh well…..interesting

  • #51483
     MaXe 
    Participant

    Worst part is, despite I have seen some of this talks and liked the way he presents, and I hope he will continue to do so, the way that strategicsec is run, is startling as what has recently just been mentioned in the news, is like nothing. I’m surprised this “trend” hasn’t been caught yet.

  • #51484
     Dark_Knight 
    Participant

    This has got to be a MISTAKE!!!!! Given the likes of attrition.org and the infosec community at large, why would any sane individual in the community so BLATANTLY rip off some else’s work? And then go on to charge for it? Seriously??

    Why would someone go to such great lengths at advertising a course that they STOLE? How could someone be so brazen?

    Makes no sense….

  • #51485
     superkojiman 
    Participant

    @cd1zz wrote:

    If you haven’t heard, Mr. McCray is in a bit of hot water in regards to this course…Google [s:2jwkvhe5]full[/s:2jwkvhe5] fu. (Damn dumbphone)

    Just read the blog posts on it. Bit disappointing. Still, I hope he comes up with his own material and starts over.

  • #51486
     cd1zz 
    Participant

    He addressed it on his blog but still, why would he put his entire reputation at risk if all he did was use their VMs? Just seems like he must have done more, or, it was just an extremely stupid move. I just don’t understand why you would jeopardize everything to save like a day or two of work.

  • #51487
     Dark_Knight 
    Participant

    Based on this http://blog.exploitlab.net/2013/02/defending-our-work-part-2-exploit-lab.html he did a whole lot more than just use the VM’s

  • #51488
     cd1zz 
    Participant

    I know, but on his blog he basically says he only used their VMs. http://strategicsec.com/blog/ – that’s what I’m saying, his rebuttal doesn’t make any sense.

  • #51489
     Dark_Knight 
    Participant

    None of it makes sense………

  • #51490
     MaXe 
    Participant

    @dark_knight wrote:

    This has got to be a MISTAKE!!!!! Given the likes of attrition.org and the infosec community at large, why would any sane individual in the community so BLATANTLY rip off some else’s work? And then go on to charge for it? Seriously??

    Why would someone go to such great lengths at advertising a course that they STOLE? How could someone be so brazen?

    Makes no sense….

    No it’s not. Many people defy attrition.org and the infosec community at large still. The length at which strategisec ripped off others’ work is not just limited to a single episode. It’s spread out across multiple vendors.

    However, most of the “students” who are also doing all the hard work, are simply taking other infosec courses and rewriting them into strategisec courses, easy way to minimize the amount of work you have to do.

    @cd1zz wrote:

    I know, but on his blog he basically says he only used their VMs. http://strategicsec.com/blog/ – that’s what I’m saying, his rebuttal doesn’t make any sense.

    It doesn’t make sense any sane infosec professional would do this, but this is the case and it is not the only case. The only thing that makes sense, is simply that it shortens the time needed to come up with new courseware. It’s the easy way to make money. Use others’ courseware, modify it so it looks like your own, sell it cheap, profit. It’s almost like the botnet business and I know this sounds harsh, but it’s about cutting corners and taking shortcuts.

    @dark_knight wrote:

    None of it makes sense………

    It does make sense. I am not sure who authorized to copy other vendors’ courseware, but if it was Joe McCray himself, he may not be the whitehat / ethical hacker other people believe he is. I myself, do not know. I only know that this has been going on for months.

    Fun side-note:

    TheMatrix wrote:
    Neo: Right now we’re inside a computer program?
    Morpheus: Is it really so hard to believe? Your clothes are different. The plugs in your arms and head are gone. Your hair is changed. Your appearance now is what we call residual self image. It is the mental projection of your digital self.
    Neo: This…this isn’t real?

    What is real? How do you define real? If you’re talking about what you can feel, what you can smell, what you can taste and see, then real is simply electrical signals interpreted by your brain.

  • #51491
     DragonGorge 
    Participant

    Uh, I think I’ll take a pass on Mr. McCray’s offerings…

    Wow, reads like an article in the enquirer.
    http://strategicsec.com/2013/02/12/the-final-statement-on-this-issue/

    At this point I didn’t care anymore, I was so angry with him for being such a cowardly bitch that I couldn’t stand it. I swore that the next time I see him there was gonna be some furniture moving. Yes ChrisJohnRiley THIS IS THE NEW BLACK I was 2 seconds away from whooping  Saumil’s ass. I was ready to put my foot so far up his ass that his breath would smell like shoe polish!

    I told him explicitly (yes that means I dropped a lot of F-Bombs) how I felt, and that I’m not paying him the remaining money because he and Hiren are both some bitches.  After that – all of these notes I rewrote, scripts I ported from perl to python, lab manuals that I wrote – for him as a gift to show my appreciation that he mentions in his blog post, and yes his precious virtual machines – I used them in classes, webinars, and workshops I taught. I did it to spite him. I was pissed at him – immature I realize – but at least it’s the truth. I might as well try to make my money back after all of this mess.

    Saumil and anybody else for that matter – you can write whatever you want about me. You can put me on what ever page you want, talk about me on twitter, but at the end of the day Saumil can have a hot steamy cup of FUCK YOU! At this point I flat out don’t care how many people you tell, how many people talk about this on twitter. I hope that every single human being on this earth learns how much of a whining wimpy little bitch you are, and knows that I can’t stand you and I would rather eat hot shit before I’d even acknowledge that you are a fucking human being let alone speak to you.

    No I’m not paying you, and I sincerely feel bad for every single incident of a people loosing respect for me with regard to this issue, I know that I will never do it again because there is no HUMAN being that would ever be the way that he was to me, but I refuse to continue to talk to people like you are a good person when I know you are not.

    So Saumil, and Hiren – I just want you to know what I think of you personally, and professionally.

    From the bottom of my heart…

    FUCK YOU!

    Joe

  • #51492
     MaXe 
    Participant

    He’s beginning to sounds more and more like Gregory D. Evans.
    (http://attrition.org/errata/charlatan/gregory_evans/) Except that Joe, actually knows something.

  • #51493
     dynamik 
    Participant

    That’s too bad about McCray. He seemed like a pretty cool dude the times I’ve heard him interviewed, attended webinars, etc. All those issues explain a bit of the flakiness he’s had with courses and events. He could have made the same points using a bit more tact.

    @maxe: Yea, he’s definitely not a charlatan. I guess everyone has a breaking point and just needs to vent… I probably wouldn’t have used a corporate blog through :-

  • #51494
     MaXe 
    Participant

    Using a corporate blog in that way has just severely damaged their reputation more than it already is, and writing “fuck you” and threats of physical violence only attracts trolls and those who may want to prove Joe wrong that he’s not the smartest nor the strongest guy in the world.
    If he makes a response video (which I doubt as he’s not Greg Evans), it will most likely become viral and be “songified” or perhaps even get unwanted attention from organisations/hives/groups such as Anonymous.

    I do however, look forward to how the aftermath will unroll. Personally I’m hoping for drama, popcorn, perhaps even a movie. Mostly because of the other affected vendors.

  • #51495
     DragonGorge 
    Participant

    @maxe wrote:

    He’s beginning to sounds more and more like Gregory D. Evans.
    (http://attrition.org/errata/charlatan/gregory_evans/) Except that Joe, actually knows something.

    Hard to believe that Anonymous hasn’t taken this guy down already. World’s #1 Hacker indeed. http://gregorydevans.com/

    He could have made the same points using a bit more tact.

    Never a good idea to drive, e-mail, or blog angry.

    I’m thinking McCray has some other things going on in his life besides the financial troubles and (intense) dislike for the folks at exploitlabs.

  • #51496
     superkojiman 
    Participant

    @dragongorge wrote:

    Uh, I think I’ll take a pass on Mr. McCray’s offerings…

    Wow, reads like an article in the enquirer.
    http://strategicsec.com/2013/02/12/the-final-statement-on-this-issue/

    At this point I didn’t care anymore, I was so angry with him for being such a cowardly bitch that I couldn’t stand it. I swore that the next time I see him there was gonna be some furniture moving. Yes ChrisJohnRiley THIS IS THE NEW BLACK I was 2 seconds away from whooping  Saumil’s ass. I was ready to put my foot so far up his ass that his breath would smell like shoe polish!

    I told him explicitly (yes that means I dropped a lot of F-Bombs) how I felt, and that I’m not paying him the remaining money because he and Hiren are both some bitches.  After that – all of these notes I rewrote, scripts I ported from perl to python, lab manuals that I wrote – for him as a gift to show my appreciation that he mentions in his blog post, and yes his precious virtual machines – I used them in classes, webinars, and workshops I taught. I did it to spite him. I was pissed at him – immature I realize – but at least it’s the truth. I might as well try to make my money back after all of this mess.

    Saumil and anybody else for that matter – you can write whatever you want about me. You can put me on what ever page you want, talk about me on twitter, but at the end of the day Saumil can have a hot steamy cup of FUCK YOU! At this point I flat out don’t care how many people you tell, how many people talk about this on twitter. I hope that every single human being on this earth learns how much of a whining wimpy little bitch you are, and knows that I can’t stand you and I would rather eat hot shit before I’d even acknowledge that you are a fucking human being let alone speak to you.

    No I’m not paying you, and I sincerely feel bad for every single incident of a people loosing respect for me with regard to this issue, I know that I will never do it again because there is no HUMAN being that would ever be the way that he was to me, but I refuse to continue to talk to people like you are a good person when I know you are not.

    So Saumil, and Hiren – I just want you to know what I think of you personally, and professionally.

    From the bottom of my heart…

    FUCK YOU!

    Joe

    Daaayuuum…

You must be logged in to reply to this topic.

Copyright ©2019 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?