InfoSec Institute plagiarized course material from

Sat Oct 29 16:34:38 CDT 2011

An independent source was informed about the infringement of InfoSec Institute and took it upon himself to document it and submit it to the Errata project. In addition to the text written by this source you will find 2 letters sent to InfoSec Institute by the legal representatives of Corelan, the official copyright registration for the Corelan content and a full scan of the lab manual used during the Expert Penetration Tester course.

Update: On November 17, and ISI announced that a settlement had been reached: ISI Announcement, Announcement.

This story starts in September 2010, when a member of the well-known and respected Corelan crew ( receives a copy of the lab-book for InfoSec Institute's ("Expert Penetration Tester" course. Within minutes it is clear that the document is an almost verbatim copy of the Corelan tutorials which are, to date, publicly available on the Corelan website. Tutorials that anybody who has ever had the faintest interest in exploit development has undoubtly run across. Content, publicly available to the infosec community, that took close to 24 months to develop. [..]

Continue reading about the plagiarism, e-mails and legal battle. [Download PDF]

Update: Two days after this article was published, InfoSec Institute published an apology, that has since been updated twice, and then removed completely when the 'resources' site was taken offline due to further plagiarism concerns.

Supporting documentation:

Copyright registration for Exploit Writing Tutorial by Peter Van Eeckhoutte / corelanc0d3r [PDF]

Letter to Jack Koziol / InfoSec Institute from van Eeckhoutte's lawyer (2010.12.17) [PDF]

Letter to Jack Koziol / InfoSec Institute from van Eeckhoutte's lawyer (2011.03.29) [PDF]

InfoSec Institute Expert Penetration Testing Lab Manual [PDF]

Note: Lab #8 in the Lab Manual is taken from Buffer Overflow Attacks: Detect, Exploit, Prevent by James C. Foster.

main page ATTRITION feedback