RE: Good advice: Learn Assembly




You never had to learn assembly. It is no different now than it used to be. If you do not learn assembly your creative potential will be seriously blunted and you will never be on the cutting edge. In other words you will always be relying on the work of others. Assembly is powerful enough that it will grant you the independence to work by your imagination and carry out your own ideas. However, fuzzers and python POCs don't fit into these categories at all. The bottom line is, if you do not learn assembly you are blocking yourself out to an entire world of the computer security field where the truly creative work. Assembly is actually an easy language to learn but hard to master, I suggest "The Art of Assembly".

From: macubergeek@xxxxxxxxxxx
To: pen-test@xxxxxxxxxxxxxxxxx
Subject: Good advice: Learn Assembly
Date: Sat, 16 Aug 2008 14:18:42 -0400

I have a personal goal of learning how to find vulnerabilities with
fuzzers and code POCs (preferably in Python).

Now I've gotten the traditional advice of "learn assembly" from a
couple of folks. I wonder if that is necessary these days.
I always thought one needed to learn assembly to code shell code.
With the capabilities of Metasploit, I wonder if this is still true?
Do you need to know assembly coding to decipher the output of
disassemblers like IDA Pro or debuggers like Olly?

Setting aside the logistical problems of finding a local college that
still teaches assembly....am I overlooking something here?

All comments welcome.

Jim

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------

_________________________________________________________________
Talk to your Yahoo! Friends via Windows Live Messenger. Find out how.
http://www.windowslive.com/explore/messenger?ocid=TXT_TAGLM_WL_messenger_yahoo_082008
------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------



Relevant Pages