Переглядів 202,476
Stephen Sims shares his years of experience with us and shows us how we can make money hacking. But be careful - some of the options are not recommended.
// Stephen's Social //
UKposts: www.youtube.com/@OffByOneSecu...
Twitter: / steph3nsims
// Stephen Recommends //
Programming Tools:
Online Compiler, Visual Debugger, and AI Tutor for Python, Java, C, C++, and JavaScript:
pythontutor.com/
PyCharm - Python IDE with Great IDA Pro Support:www.jetbrains.com/pycharm/
VS Code:code.visualstudio.com/
Patch Diffing:
Windows Binary Index for Patch Diffing:winbindex.m417z.com/
BinDiff Tool for IDA Pro, Ghidra, or Binary Ninjawww.zynamics.com/bindiff.html
Diaphora Diffing Tool for IDA Prodiaphora.re/
PatchExtract for Extracting MS Patches from MSU Formatgist.github.com/wumb0/306f97d...
Vulnerable Things to Hack
HackSys Extreme Vulnerable Driver:github.com/hacksysteam/HackSy...
WebGoat - Deliberately Insecure Application:owasp.org/www-project-webgoat/
Damn Vulnerable Web App:github.com/digininja/DVWA
Buggy Web App:itsecgames.com/
Gruyere Cheesy Web App:google-gruyere.appspot.com/
Metasploitable:sourceforge.net/projects/meta...
Damn Vulnerable iOS App:resources.infosecinstitute.co...
OWASP Multillidae:github.com/webpwnized/mutillidae
Online CTF’s and Games:
SANS Holiday Hack 2023 and Prior:www.sans.org/mlp/holiday-hack... www.holidayhackchallenge.com/...
CTF Time - A great list of upcoming and previous CTF’s!:ctftime.org/
UKposts Channels:
/ @davidbombal
/ @nahamsec
/ @offbyonesecurity
/ @_johnhammond
/ @ippsec
www.youtube.com/@LiveOverflow...
Free Learning Resources:
SANS Free Resources - Webcasts, Whitepapers, Posters & Cheat Sheets, Tools, Internet Storm Center:www.sans.org/security-resources/
Shellphish - Heap Exploitation:github.com/shellphish/how2heap
Exploit Database - Downloadable Vulnerable Apps and Corresponding Exploits:www.exploit-db.com/
Google Hacking Database (GHDB):www.exploit-db.com/google-hac...
Google Cybersecurity Certificate:grow.google/certificates/cybe...
Phrack Magazine:www.phrack.org/
Kali Linux:www.kali.org/get-kali/#kali-p...
Slingshot Linux:www.sans.org/tools/slingshot/
Books & Articles:
Gray Hat Hacking Series: amzn.to/3B1FeIK
Hacking: The Art of Exploitation: amzn.to/3Us9Uts
A Guide to Kernel Exploitation: amzn.to/3vfY8vu
Smashing the Stack for Fun and Profit - Old, but a classic:inst.eecs.berkeley.edu/~cs161...
Understanding Windows Shellcode - Old, but still good:www.hick.org/code/skape/paper...
Great list of exploitation paper links from Shellphish!:github.com/shellphish/how2hea...
// Stephen’s previous videos with David //
Free Exploit development training (beginner and advanced) • How to make Millions $...
Buffer Overflow Hacking Tutorial (Bypass Passwords): • Buffer Overflow Hackin...
// David's SOCIAL //
Discord: / discord
X / Twitter: / davidbombal
Instagram: / davidbombal
LinkedIn: / davidbombal
Facebook: / davidbombal.co
TikTok: / davidbombal
// MY STUFF //
www.amazon.com/shop/davidbombal
// SPONSORS //
Interested in sponsoring my videos: sponsors@davidbombal.com
// MENU //
00:00 - Coming Up
00:00 - Intro
01:11 - Stephen's Experience
03:10 - How to Change Careers
05:39 - How do I Become an Expert?
08:01 - Cyber Crime
12:47 - Ransomware
16:42 - Ransomware with A.I
23:15 - Bug Bounties & Disclosures
28:22 - Web Bug Bounties
33:45 - Binary Exploitation
41:18 - Patching and n-Day Exploits
48:56 - What is the Patch Level in the Target Org?
51:47 - Diffing Example
55:40 - Professional Services
01:03:34 - Exploit Sales Considerations
01:13:07 - The Golden Era of Hacking
01:15:00 - Zero to Hero
01:27:01 - OffByOneSecurity
01:37:42 - Conclusions
01:39:43 - Outro
apple
ios
android
samsung
exploit
exploit development
zero day
0day
1day
dark web
microsoft
macos
apple
linux
kali linux
Disclaimer: This video is for educational purposes only.
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
#android #ios #hacker