#509: AI + Metasploit = Terrifyingly Easy Hacking is here (demo)

Never make this mistake in the job interview process! Make sure you know how to negotiate for more money in 2023. Make sure you know to succeed in 2023 - ace the job interview, negotiate more money and change your life. Sort of time? Go to 18:48 (Never answer this question! ) Chloé Messdaghi shares her tips for job success in 2023. She also discuss the issues with Ethical Hacking and how you need to protect yourself. // MENU // 00:00 - Intro 00:31 - Chloé Messdaghi Introduction 00:37 - Advice on Where to Start 04:02 - Tribe of Hackers 04:56 - Blue Team vs Red Team 08:07 - Degrees or Certs or Both? 09:01 - Common Mistakes 11:45 - Alternative Training Paths 14:17 - How to Recognise a Good Company 17:11 - Salary vs Equity 18:48 - Salary Ranges and Negotiations 23:04 - Interview Tips 24:31 - Company Red Flags 26:25 - Hacking is Not a Crime 29:28 - 2017 Equifax Data Breach 30:07 - DJI Bug Bounty Case 33:47 - Hackers Don't wear Hoodies, They wear Capes 35:33 - Aaron Swartz Case 39:11 - Reagan Watches Wargames // CFAA 40:17 - What is the DMCA 41:16 - DMCA // Right to Repair Movement 43:23 - Are Hacker Rights Improving? 47:03 - Bug Bounty Programmes 47:27 - Closing Thoughts 49:33 - Outro // Books and courses // Tribe of Hackers: Cybersecurity Advice from the Best Hackers in the World: https://amzn.to/3EVnbVS Tribe of Hackers Blue Team: https://amzn.to/3Vt7BYy Tribe of Hackers Red Team: https://amzn.to/3OXhGdz Tribe of Hackers for Security Leaders: https://amzn.to/3B0xtmg Portswigger course: https://portswigger.net/web-security // Chloé's Social // Twitter: https://twitter.com/ChloeMessdaghi LinkedIn: https://www.linkedin.com/in/chloemess... Linktr: https://linktr.ee/chloemessdaghi // David's Social // Discord: https://discord.gg/davidbombal Twitter: https://www.twitter.com/davidbombal Instagram: https://www.instagram.com/davidbombal LinkedIn: https://www.linkedin.com/in/davidbombal Facebook: https://www.facebook.com/davidbombal.co TikTok: http://tiktok.com/@davidbombal YouTube Main Channel: https://www.youtube.com/davidbombal YouTube Tech Channel: https://youtube.com/channel/UCZTIRrEN... YouTube Clips Channel: https://www.youtube.com/channel/UCbY5... YouTube Shorts Channel: https://www.youtube.com/channel/UCEyC... Apple Podcast: https://davidbombal.wiki/applepodcast Spotify Podcast: https://open.spotify.com/show/3f6k6gE... jobs cybersecurity cybersecurity jobs infosec careers 2023 best careers 2023 best jobs 2023 infosec jobs jobs 2023 hacking ethical hacking hacking jobs hack the box try hack me pico ctf htb thm cyber security career cybersecurity cybersecurity careers ceh oscp ine elearn security ejpt oscp oscp certification ctf for beginners first job cybersecurity job kali kali linux #jobs #hacking #cybersecurity

5 Dec 202249min

I talk about the future with Mikko Hyppönen, the author of "If it's Smart, it's Vulnerable" - we discuss the huge risks of having smart devices (and dumb devices getting smart connectivity). What does this mean for your privacy and security? Is the future just gloom and doom? Mikko Hyppönen is a Finnish computer security expert, speaker and author. He is known for the Hyppönen Law about IoT security, which states that whenever an appliance is described as being "smart", it is vulnerable. He works as the Chief Research Officer at WithSecure (former F-Secure for Business) and as the Principal Research Advisor at F-Secure. Source: Wikipedia. // TED Talks // - How the NSA betrayed the world's trust -- time to act: https://youtu.be/9CqVYUOjHLw - Living in a surveillance state: https://youtu.be/lHj7jgQpnBM The Internet is on fire: https://youtu.be/QKe-aO44R7k - Fighting viruses, defending the net: https://youtu.be/cf3zxHuSM2Y - Three types of online attack: https://youtu.be/VM7HQ_zbdIw // DEFCON Talks // - The history and evolution of computer viruses: https://youtu.be/1y36gnV5DNw // Mikko's SOCIAL // Twitter: https://twitter.com/mikko Wikipedia: https://en.wikipedia.org/wiki/Mikko_H... // David's SOCIAL // Discord: https://discord.gg/davidbombal Twitter: https://www.twitter.com/davidbombal Instagram: https://www.instagram.com/davidbombal LinkedIn: https://www.linkedin.com/in/davidbombal Facebook: https://www.facebook.com/davidbombal.co TikTok: http://tiktok.com/@davidbombal YouTube Main Channel: https://www.youtube.com/davidbombal YouTube Tech Channel: https://youtube.com/channel/UCZTIRrEN... YouTube Clips Channel: https://www.youtube.com/channel/UCbY5... YouTube Shorts Channel: https://www.youtube.com/channel/UCEyC... Apple Podcast: https://davidbombal.wiki/applepodcast Spotify Podcast: https://open.spotify.com/show/3f6k6gE... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com wifi bluetooth hue tv cctv monitor camera hack hacker hacking cybersecurity infosec iot nsa nsa hacking rsa rsa conference internet of things iot vulnerable internet of things vulnerability iot hacking iot hacker iot devices camera smart tv tv smart speaker encryption apple google degoogle phone degoogling a phone ios skynet robocop pine phone privacy online privacy online privacy guide internet security tracking online privacy for kids online privacy and security online privacy it doesnt exist online privacy tips online privacy ted talk online privacy guide online privacy for students internet security tutorial edward snowden naomi brockwell privacy five eyes 5 eyes brave browser tor protonvpn protonmail duckduckgo google online tracking ios android graphite phone privacy browser privacy browser ios privacy broke privacy browser for pc anonymous hide online hidden identity hide identity online data hack identity internet privacy social change technology Disclaimer: This video is for educational purposes only. Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! #hacking #wifi #iot

15 Nov 20221h 1min

What are the top hacking books to get started? Practical and good hacking books? OTW discusses his favourite Hacking and cybersecurity books with me. Do you agree with him? Did we miss any great books? // MENU // 00:00 - Coming Up 00:20 - Intro 00:25 - Welcome Back OccupyTheWeb 00:55 - Network Basics for Hackers 02:04 - Other Books Releasing 02:51 - OccupyTheWeb Book Recommendations 03:22 - Linux Basics for Hackers 05:02 - Gray Hat Hacking 05:52 - This is How They Tell Me the World Ends 07:49 - Hands On Hacking 09:33 - Penetration Testing 10:56 - Getting Started Becoming a Master Hacker 12:11 - The Science of Human Hacking 14:01 - Black Hat Python 15:25 - TikTok 16:15 - Hacking Connected Cars 17:47 - Hacking: The Art of Exploitation 18:29 - Pentesting Blueprint 19:21 - Hacking APIs 19:54 - Bug Bounty Bootcamp 21:02 - Books Conclusion 21:46 - Networking 22:58 - Conclusion 23:55 - Web Hacker's Handbook 24:29 - Go 25:39 - Hacker's Playbook 26:45 - Outro // BOOKS // - Linux basics for hackers by Occupy the Web: https://amzn.to/3A2oJM1 - Gray Hat Hacking Sixth Edition, The Ethical Hacker’s Handbook by Various Authors: https://amzn.to/3TkI0Pr - This is how they tell me the world ends by Nicole Perlroth: https://amzn.to/3NWj3st - Hands on Hacking by Matthew Hickey and Jennifer Arcuri: https://amzn.to/3WImAia - Penetration Testing by Georgia Weidman: https://amzn.to/3UL1i1D - The Science of Human Hacking by Christopher Hadnagy (social engineering): https://amzn.to/3UssbaM - Getting started becoming a master hacker by Occupy the Web: https://amzn.to/3EmguNa - Black Hat Python by Justin Seitz and Tim Arnold: https://amzn.to/3yQIdTD - Hacking Connected Cars by Alissa Knight: https://amzn.to/3G5cRN5 - Hacking: The Art of Exploitation by Jon Erickson: https://amzn.to/3ElVhTI - The Pentester Blueprint by Phillip L. Wylie and Kim Crawley: https://amzn.to/3WIoGP4 - Hacking API’s by Corey J.Ball: https://amzn.to/3EfXDT5 - Bug Bounty Bootcamp by Vickie Li: https://amzn.to/3GlG8U3 - Network basics for hackers by Occupy the Web (coming in 2023) // Videos mentioned // - Hacking Cars like Mr Robot: https://www.youtube.com/watch?v=5LvqU... - Hacking Cell phones like Mr Robot: https://youtu.be/bK1lsI-ehL8 - Nicole Perlroth: Cybersecurity and the weapons of Cyberwar: https://youtu.be/hy2G3PhGm-g - Best Hacking Python Book: https://www.youtube.com/watch?v=2B76C... - Hacking API’s and Cars: You need to learn this in 2022 https://www.youtube.com/watch?v=4VaHN... - Free API Hacking Course https://www.youtube.com/watch?v=CkVvB... - Bug Bounty Bootcamp https://www.youtube.com/watch?v=QqrK2... - Top 5 hacking books with Neal Bridges: https://youtu.be/VrayWzHKVw4 // David's SOCIAL // Discord: https://discord.com/invite/usKSyzb Twitter: https://www.twitter.com/davidbombal Instagram: https://www.instagram.com/davidbombal LinkedIn: https://www.linkedin.com/in/davidbombal Facebook: https://www.facebook.com/davidbombal.co TikTok: http://tiktok.com/@davidbombal YouTube: https://www.youtube.com/davidbombal // Occupy The Web's SOCIAL // Twitter: https://twitter.com/three_cube // OTW classes // Hacker's Arise Pro Subscription for $32.99 a month: https://hackers-arise.com/online-stor... Get 3 year's access to all live courses for $750: https://hackers-arise.com/online-stor... // Occupy The Web Website / Hackers Arise Website // Website: https://www.hackers-arise.com/?afmc=1d OTW Mr Robot series: https://www.hackers-arise.com/mr-robot hacking books hack hacker hacking python python hacking black hat python gray hat hacking linux linux for hackers bug bounty nsa nsa hacker nsa hacking ethical hacking ceh oscp ine try hack me hack the box hacking ethical hacker oscp certification ctf for beginners Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! #hacking #hack #cybersecurity

15 Nov 202227min

Don't make the mistake of exposing your IP address and personal data. Make sure that you hack like a ghost. Doesn't matter if you just want privacy online or you want to be invisible. // MENU // 00:00 - Coming up 00:29 - Disclaimer 00:33 - Sparc Flow and How to Hack Like... books overview 04:24 - The "unrealistic" in the real world 05:56 - "How to Hack Like a Ghost" behind the scenes 08:30 - Love/hate relationship with the security industry // Advice for beginners 11:51 - Not knowing everything is fine 13:10 - Stakes as a Pentester vs Hacker 15:36 - How to cover your tracks // Wardriving, Proton VPN, Brave 23:52 - Linux Tails // Red teaming, bouncing servers 25:51 - Don't leave trails // Hacking big companies 28:25 - Chromebooks vs hackers 28:58 - Bouncing servers, Frontline servers, Command & Control servers, Redirectors 35:20 - The problem with CTFs 37:09 - Sparc Flow's journey to cyber-security 40:13 - Advice for beginners // How to get started 45:40 - Important skills to have 51:16 - SparcFlow's new book 53:31 - Conclusion // Books // Hack like a Ghost: https://amzn.to/3E2KAFm Hack like a Legend: https://amzn.to/3hh28F7 Hack like a Pornstar: https://amzn.to/3fw4L5r How to Hack Like a GOD: https://amzn.to/3TnkrG1 Ultimate Guide for being Anonymous: https://amzn.to/3Uv Counter Hack Reloaded: https://amzn.to/3zNjaB3 The Art of Intrusion: https://amzn.to/3sYPEEw // Software mentioned // Note: There are NOT affiliate links. Just listed here to hopefully help you: Proton VPN: https://protonvpn.com/ Brave: https://brave.com/ Privacy Badger: https://privacybadger.org/ uBlock Origin: https://github.com/gorhill/uBlock // CTFs // IppSec: https://www.youtube.com/ippsec LiveOverflow: https://www.youtube.com/LiveOverflow // SparcFlow's SOCIAL // Twitter: https://twitter.com/sparcFlow Blog: https://sparcflow.substack.com/ // David's SOCIAL // Discord: https://discord.gg/davidbombal Twitter: https://www.twitter.com/davidbombal Instagram: https://www.instagram.com/davidbombal LinkedIn: https://www.linkedin.com/in/davidbombal Facebook: https://www.facebook.com/davidbombal.co TikTok: http://tiktok.com/@davidbombal YouTube Main Channel: https://www.youtube.com/davidbombal YouTube Tech Channel: https://youtube.com/channel/UCZTIRrEN... YouTube Clips Channel: https://www.youtube.com/channel/UCbY5... YouTube Shorts Channel: https://www.youtube.com/channel/UCEyC... Apple Podcast: https://davidbombal.wiki/applepodcast Spotify Podcast: https://open.spotify.com/show/3f6k6gE... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com hack hacker hacking ghost tails tails linux linux hack like a ghost hack like a legend invisible online hide identity privacy cyber security kali linux ethical hacking penetration testing ethical hacker black hat book review how to hack cyber security course hacking books computer hacking cyber security career cyber security analyst online privacy internet security online privacy for kids online privacy and security online privacy tips online privacy guide internet security tutorial edward snowden brave browser tor protonvpn protonmail duckduckgo google graphite phone privacy browser privacy browser ios privacy broke hide online hidden identity anonymous bullying #hacking #privacy #hack

10 Nov 202254min

Are the hacks shown in Mr Robot fact or fiction? How real are they actually? OTW discusses new vulnerabilities and issues with devices found in millions of companies around the world. OTW loves the Mr Robot TV Series as a lot of them are actually realistic - unlike a lot of other shows. Want to learn more from Occupy the Web? You can join his classes using these links: Hacker's Arise Pro Subscription for $32.99 a month: https://hackers-arise.com/online-stor... Get 3 year's access to all live courses for $750: https://hackers-arise.com/online-stor... // MENU // 00:00 - Coming up // Hacking Uninterruptible Power Supplies (UPS) 00:28 - Intro & Disclaimers 00:40 - Mr Robot episode recap // Hacking UPSs 02:57 - UPS breakdown 04:23 - UPS GUI examples 05:38 - Accessing the UPSs through a Femtocell 06:57 - UPS vulnerabilities // Embedding malware in firmware updates 14:30 - Intelligence agencies // Collecting data 17:45 - UPS vulnerability // Lead-acid battery corrosion 20:12 - "Hacking can kill" 21:57 - The Mr Robot series // Reality or fiction? 26:17 - Importance of Social Engineering 27:38 - Conclusion // Mr Robot Playlist // https://www.youtube.com/playlist?list... // David's SOCIAL // Discord: https://discord.com/invite/usKSyzb Twitter: https://www.twitter.com/davidbombal Instagram: https://www.instagram.com/davidbombal LinkedIn: https://www.linkedin.com/in/davidbombal Facebook: https://www.facebook.com/davidbombal.co TikTok: http://tiktok.com/@davidbombal YouTube: https://www.youtube.com/davidbombal // Occupy The Web social // Twitter: https://twitter.com/three_cube // OTW classes // Hacker's Arise Pro Subscription for $32.99 a month: https://hackers-arise.com/online-stor... Get 3 year's access to all live courses for $750: https://hackers-arise.com/online-stor... // Occupy The Web books // Linux Basics for Hackers: https://amzn.to/3JlAQXe Getting Started Becoming a Master Hacker: https://amzn.to/3qCQbvh // Other books // The Linux Command Line: https://amzn.to/3ihGP3j How Linux Works: https://amzn.to/3qeCHoY The Car Hacker’s Handbook by Craig Smith: https://amzn.to/3pBESSM Hacking Connected Cars by Alissa Knight: https://amzn.to/3dDUZN8 // Occupy The Web Website / Hackers Arise Website // Website: https://www.hackers-arise.com/?afmc=1d OTW Mr Robot series: https://www.hackers-arise.com/mr-robot kali linux linux parrot os kali hacker hacking hack cybersecurity ups apc nsa nsa hacker nsa hacking ethical hacking ceh oscp ine try hack me hack the box hacking ethical hacker oscp certification ctf for beginners Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! #mrrobot #hacking #kalilinux

10 Nov 202227min

Get Proton VPN for free: https://go.getproton.me/SHWN or get Proton Mail here: https://go.getproton.me/SHWO OTW and I get asked this question all the time: "What's the best laptop to buy for hacking?" In this video we answer that question and more. // Menu // 00:00 - Coming up 00:32 - Intro 00:38 - Sponsored Segment 01:41 - "The perfect laptop for hacking" 04:50 - Getting the right CPU 06:52 - The importance of RAM 07:49 - WiFi adapters for WiFi hacking 09:45 - "Gear doesn't matter" 12:57 - Virtual Machines for beginners 15:40 - What OS do I need? 16:23 - VM issues with M1 & M2 chips 19:27 - Kali bare-metal and Kali VM 22:10 - Which Linux is better? 23:30 - Dragon OS // New OS for SDR 24:19 - Know your Linux! 25:26 - Don't waste money on the greatest and latest tech 26:34 - Desktop vs Laptop 27:51 - Learn hacking on a phone 29:48 - The Raspberry Pi // Effective learning environment 32:23 - Linux can work on old computers 33:01 - Conclusion // Videos mentioned // Best hacking laptop (2021 edition) with Neal Bridges: https://youtu.be/jsMp65-piIc SDR hacking: https://youtu.be/5LvqU3-iINk Kali Linux install on Raspberry Pi: https://youtu.be/PqRVo2niA_8 Kali Linux install on Android (rootless): https://youtu.be/KxOGyuGq0Ts Kali Linux USB boot: https://youtu.be/n2olKupv9fY Kali Linux WSL install: https://youtu.be/UXyS-xofGNM Kali Linux WSL2 GUI Apps: https://youtu.be/mp5DdgZP7ns Kali Linux Windows install: https://youtu.be/W6_nBr8SbPE Kali Linux macOS: https://youtu.be/fcrSmbUIHuo // Mr Robot Playlist // https://www.youtube.com/playlist?list... // David's SOCIAL // Discord: https://discord.com/invite/usKSyzb Twitter: https://www.twitter.com/davidbombal Instagram: https://www.instagram.com/davidbombal LinkedIn: https://www.linkedin.com/in/davidbombal Facebook: https://www.facebook.com/davidbombal.co TikTok: http://tiktok.com/@davidbombal YouTube: https://www.youtube.com/davidbombal // Occupy The Web social // Twitter: https://twitter.com/three_cube // OTW classes // Hacker's Arise Pro Subscription for $32.99 a month: https://hackers-arise.com/online-stor... Get 3 year's access to all live courses for $750: https://hackers-arise.com/online-stor... // Occupy The Web books // Linux Basics for Hackers: https://amzn.to/3JlAQXe Getting Started Becoming a Master Hacker: https://amzn.to/3qCQbvh // Recommended WiFi adapters // Alfa AWUS036NHA: https://amzn.to/3wnyVen Alfa AWUS036ACM: https://amzn.to/3fCL4WT Alfa AWUS036ACH: https://amzn.to/3rLAjny or https://amzn.to/2PxkkMV Others: Alfa AWUS1900: https://amzn.to/31E0AtH Alfa Long-Range Dual-Band AC1200: https://amzn.to/34UUCEL Alfa AWUS036NEH: https://amzn.to/3sK2iW8 Panda PAU05: https://amzn.to/3ue23Da Panda PAU06: https://amzn.to/3wwqRZ8 Panda PAU09: https://amzn.to/3wosx6X WiFi Nation 802.11ac AC600: https://amzn.to/3cLQddm WiFi Nation Atheros AR9271: https://amzn.to/3u8JUqm // Other books // The Linux Command Line: https://amzn.to/3ihGP3j How Linux Works: https://amzn.to/3qeCHoY The Car Hacker’s Handbook by Craig Smith: https://amzn.to/3pBESSM Hacking Connected Cars by Alissa Knight: https://amzn.to/3dDUZN8 // Occupy The Web Website / Hackers Arise Website // Website: https://www.hackers-arise.com/?afmc=1d OTW Mr Robot series: https://www.hackers-arise.com/mr-robot kali linux parrot os kali hacker hacking hack best hacking laptop best laptop for hacking best hacker laptop hacker laptop hacker laptop setup best hacking laptop 2022 best hacking laptop and os best hacking operating system best hacking os vmware virtualbox bare metal hacker cybersecurity nsa nsa hacker nsa hacking ethical hacking ceh oscp ine try hack me hack the box hacking ethical hacker oscp certification ctf for beginners Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! #hacking #kalilinux #parrotos

13 Okt 202233min

How to get experience with no experience? Have a look at bug bounty programs. Vickie Li demos Insecure Direct Object References (IDOR) and tells us how to get into bug bounty. We also discuss why her book Bug Bounty Bootcamp is a fantastic book to buy if you want to get into bug bounty. Get real world experience today. // MENU // 00:00 - In plain text! 00:24 - Introducing//Vickie Li 00:58 - Part 1//The Interview 01:01 - Origin//Bug Bounty Bootcamp 03:37 - What are Bug Bounty Programmes? 05:26 - Part Time Bug Hunting? 05:44 - Easy Way to Get Experience 07:45 - Which Bug Bounty Programmes for Beginners? 10:51 - Beginners//Don't Compete with Pros 13:15 - Duplicates as Valid Experience 14:23 - What You Need to Start 14:59 - Linux//Do You Need It? 15:55 - Automate!//Which Programming Language? 18:03 - Beginner Friendly Vulnerabilities 21:17 - Part 2//Exploiting IDOR Vulnerability Demo 21:24 - What is IDOR? 22:51 - PortSwigger IDOR Lab 24:05 - Live Chat IDOR 24:48 - View transcript 25:12 - Burp Suite Intercept 26:05 - What to Look For//IDs Aren't Always Obvious 26:56 - Burp Suite//Looking Through Headers 27:56 - Burp Suite//Repeater 28:30 - Testing View Transcript Again 29:18 - GET Request//Identifying Exploitable Endpoint 30:26 - Modifying GET Request 31:35 - Finding the right headers to modify 33:47 - Why the first attempt didn't work 34:09 - IRL//What You Would Do 34:23 - Password in Live Chat Transcript 35:40 - How to Prevent IDORs 36:01 - IDORs//Worth Pursuing? 39:57 - Bug Bounties//How to Start 41:21 - Learn More!//Vickie's Blog 41:38 - Follow Vickie's Twitter! 41:52 - Thank You & Closing // Books // Bug Bounty Bootcamp: https://amzn.to/3K2YDeJ The Web Application Hacker's Handbook: https://amzn.to/3IZ2RTr Hacking API’s by Corey J Ball: https://amzn.to/3JOJG0E Alice and Bob learn application security by Tanya Janca: https://amzn.to/3oMyMij Automate the boring stuff with Python: https://amzn.to/3N2QuYu // Videos mentioned // Nahamsec: https://youtu.be/9vaEwycet90 Corey Ball: https://youtu.be/CkVvB5woQRM Tanya Janca: https://youtu.be/nyhytT2tRN0 Al Sweigart: https://youtu.be/7iBqoc-DzTQ // Vickie's social media // Twitter: https://twitter.com/vickieli7 Website: https://vickieli.dev/ YouTube: https://www.youtube.com/channel/UCjQH... Medium: https://vickieli.medium.com/ // Connect with David // Discord: https://discord.com/invite/usKSyzb Twitter: https://www.twitter.com/davidbombal Instagram: https://www.instagram.com/davidbombal LinkedIn: https://www.linkedin.com/in/davidbombal Facebook: https://www.facebook.com/davidbombal.co TikTok: http://tiktok.com/@davidbombal YouTube: https://www.youtube.com/davidbombal // Platforms mentioned // HackerOne: https://www.hackerone.com/ bugcrowd: https://www.bugcrowd.com/ Intigriti: https://www.intigriti.com/ Huntr: https://huntr.dev/ // Connect with Nahamsec // Twitter: https://twitter.com/nahamsec YouTube: https://www.youtube.com/c/nahamsec Github: https://github.com/nahamsec/Resources... Discord: https://discord.com/invite/ysndAm8 Instagram: https://www.instagram.com/nahamsec/ LinkedIn: https://www.linkedin.com/in/nahamsec/ Twitch: https://www.twitch.tv/nahamsec Website: https://nahamsec.com/ // MY STUFF // Monitor: https://amzn.to/3yyF74Y More stuff: https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #python #hack #xss

13 Okt 202242min

#1 reason for data breaches is insecure software. Software badly needs to be made more secure - lots of opportunities here to either hack applications or help application developers secure them. Learn application security (appsec) for free with shehackspurple. // MENU // 00:00 - Let's start with a bang! 00:28 - Introduction//Tanya Janca 03:48 - What is CIA? 07:05 - Why Purple & What Big News? 11:17 - Free Secure Code Courses? 13:00 - Where to contact Tanya 13:37 - Number One Reason for Data Breaches 18:42 - How Tanya Started Out 25:19 - What is DevOps? 34:26 - The Systems Development Life Cycle 39:47 - Why Shock and Awe Doesn't Work 45:24 - Secure Code As a Job? 48:41 - Jobs and Free Training? 50:38 - Get Involved with the Hacking Community! 53:37 - log4j//What Happened? 01:01:17 - Thank You & Final Thoughts // FREE COURSES // Website: https://community.wehackpurple.com/ All Free courses: https://community.wehackpurple.com/al... Secure Coding: https://community.wehackpurple.com/co... API Security Mini Course: https://community.wehackpurple.com/co... Infrastructure as Code Mini-Course: https://community.wehackpurple.com/co... Azure Cloud Security: https://community.wehackpurple.com/co... Application Security Foundations Level 1: https://community.wehackpurple.com/co... Application Security Foundations Level 2: https://community.wehackpurple.com/co... Application Security Foundations Level 3: https://community.wehackpurple.com/co... Running DAST in a CI/CD, Successfully: https://community.wehackpurple.com/co... Scale Your Team Mini-Course: https://community.wehackpurple.com/co... // BOOKS // The Web Application Hacker’s Handbook - Ed by Dufydd Stuttard and Marcus Pinto: https://amzn.to/3vBzfHX Alice and Bob learn application security by Tanya Janca: https://amzn.to/3oMyMij // Tanya SOCIAL // YouTube: https://www.youtube.com/c/SheHacksPurple Twitter: https://twitter.com/shehackspurple LinkedIn: https://www.linkedin.com/in/tanya-janca/ Blog: https://shehackspurple.ca/ // David SOCIAL // Discord: https://discord.com/invite/usKSyzb Twitter: https://www.twitter.com/davidbombal Instagram: https://www.instagram.com/davidbombal LinkedIn: https://www.linkedin.com/in/davidbombal Facebook: https://www.facebook.com/davidbombal.co TikTok: http://tiktok.com/@davidbombal YouTube: https://www.youtube.com/davidbombal // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com app appsec owasp application security python javascript java c c++ swift php golang go rust kotlin typescript dart software hack software application hacking secure apps Disclaimer: This video is for educational purposes only. I own all equipment used for this demonstration. No actual attack took place on any websites. Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! #hack #app #appsec

22 Aug 20221h 3min