My apologies for the issues with this video. I had to remove the previously uploaded video because I had movie clips like Mr Robot and The Spy Game in the video and UA-cam didn't like them... so I had to remove the video :( Learn real world pentesting plus which tools are the best to use with Ex-NSA Hacker Neal Bridges. Neal tells us what he carries in his backpack when doing real world pentests. Menu: 0:00 ▶ Introduction 1:17 ▶ Neal sees pentesting differently 2:00 ▶ Neal's advice from experience 3:18 ▶ Neal's 5,000 pentests 4:30 ▶ Take NSA and experience 5:10 ▶ Preparation is key 5:50 ▶ OSINT 6:30 ▶ Actual Pentest report 7:50 ▶ Pretexting 8:45 ▶ Another real world example 9:30 ▶ Planning is very important 10:15 ▶ Leave stuff in your car? 11:55 ▶ Right tools for the job 12:05 ▶ Top tools 12:30 ▶ Extra cables 12:58 ▶ Hak5 Ethernet cable 13:10 ▶ Is Hak5 a necessity 13:57 ▶ Rubber Ducky 14:30 ▶ Hak5 are great 15:00 ▶ Real world example of equipment 15:30 ▶ You can create your own stuff 16:10 ▶ Your time is money 16:30 ▶ Proxmark 17:30 ▶ Crazy RFID reader 18:50 ▶ Poor planning RFID example 20:20 ▶ Your time is worth something! 21:00 ▶ Hone your tradecraft 21:20 ▶ Proxmark explanation 21:50 ▶ A reader doesn't give you access. You need a pretext 23:50 ▶ Social engineering 25:50 ▶ You need a story 26:04 ▶ Social Engineering vs tech 29:00 ▶ Physical access is king 30:00 ▶ What to do once past the door 31:19 ▶ Military facility pentest 33:27 ▶ Look for a network port 34:49 ▶ You want to get out of there 35:04 ▶ Hak5 Lan turtle 36:35 ▶ Back of computer vs switch 37:32 ▶ Pop it into the back of the computer 38:11 ▶ What about WiFi 38:50 ▶ TP-Link WiFi Card 39:50 ▶ Ubertooth 40:50 ▶ HackRF One 41:56 ▶ Hak5 Pineapple 42:09 ▶ SDR 43:00 ▶ Real world example 44:13 ▶ Alfa Network Adapter 44:50 ▶ Wifi Hacking 44:49 ▶ Alfa not practical so much 46:20 ▶ You cannot charge for a WiFi pentest 47:17 ▶ You are making it real 47:45 ▶ WiFi can be social engineering 48:47 ▶ Captive portal 49:40 ▶ Rogue Access point 50:40 ▶ Real world wifi pentest example 51:30 ▶ Port Security 51:57 ▶ Hak5 Pineapple access corporate network 52:34 ▶ Always social engineering 53:00 ▶ Pyramid of pain 53:14 ▶ Stuxnet 54:45 ▶ Telsa attack 55:07 ▶ NSA examples 56:32 ▶ Human Intelligence Hacking Example 58:40 ▶ Another hacking example 1:00:18 ▶ WiFi hacking example 1:01:32 ▶ Neal's photo while hacking 1:03:22 ▶ Once inside, you are trusted 1:03:40 ▶ Summary of devices 1:03:55 ▶ Hak5 switch 1:04:08 ▶ Extra cables 1:04:15 ▶ Hak5 Rubber Ducky 1:04:30 ▶ Hak5 Pineapple 1:04:54 ▶ Hak5 Bash Bunny 1:04:58 ▶ Hak5 Packet Squirrel 1:06:26 ▶ Ubertooth 1:06:31 ▶ Proxmark 1:07:00 ▶ Value of networking knowledge 1:07:32 ▶ Neal got his CCNA 1:08:50 ▶ Very few companies use port security properly 1:10:08 ▶ Cain and Abel 1:11:00 ▶ Are zero days worth it 1:12:05 ▶ Shiny objects vs Neal's wisdom 1:13:37 ▶ Real world hard talk 1:14:25 ▶ What do you recommend 1:16:55 ▶ Neal and David going to do something ======================= Buy Hak5 coolness here: ======================= Buy Hak5: davidbombal.wiki/gethak5 ============================ Buy ShareBrained Technology: ============================ PortaPack: www.sharebrained.com/ ================ Connect with me: ================ Discord: discord.com/invite/usKSyzb Twitter: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal UA-cam: ua-cam.com/users/davidbombal ================ Connect with Neal: ================ UA-cam: ua-cam.com/users/cyberinsecurity LinkedIn: www.linkedin.com/in/nealbridges/ Twitter: twitter.com/ITJunkie Twitch: www.twitch.tv/cyber_insecurity Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
What I really like about you David is that you ask questions that are really relevant and that you also surprisingly know how to put yourself in the shoes of a beginner to ask the right questions that will allow us (the newbies) to learn more about different field of IT. Much love from France David!
After 20 years of military service, mostly in the same type of environment as Neal, He is spot on about the "Social" portion of pen-testing. Being "Nice" will get you pretty far.
Dressing the part helps too. Watching this made me realise how many situations I have been in that people have trusted me with no reason to and half the time it is because it was what I was wearing that did it.
@@JehuMcSpooran a clipboard and a vest will get you anywhere, but at the same time I've heard cool stories of pentesters getting access to the most secure buildings while wearing completely unfitting clothing because they were trying to push how far they can go before getting caught edit: like just look at 1:01:38 haha
I love how this content is free and that im able to watch it. Its literally so much knowledge that I'm getting without even having to do or pay something and so damn well made. Thanks, David!
Love this. You two have really inspired me. I started my own Cybersecurity business because of your wisdom and guidance. I've been in the IT space for 11 years, so I feel like it was time for me to forge my own path. Looking forward to more content!
Hey, I know that you don't know me, but, I'm interested in starting a company in my area. I'm just getting started, haven't even done a ctf or bug bounty, even. I was wondering how you are doing about a year in? Good luck and hope to hear from you soon
I love these stories! I would absolutely enjoy an entire series on war stories from Neal's pen tests! It would not only motivate aspiring pen testers, but would provide real world context, just as this video does, to topics that can't always be mastered in a lab. This for me, is the best way of learning.
Fantastic video, thanks David and Neil for putting this together, this should be required watching for helpdesk techs, sysadmins and engineers. This is stuff that every IT professional on the blue team side of the house should be aware of.
David, a huge thank you to yourself and Neal for taking the time to make such a great and educational video. I'd have to say this is one of your best videos that I've seen, and we all know how high quality all your other ones are !
Another fantastic video David and Neal. I love the stories, and real-life applications. While I'm not looking to seek a career in this field, I love this domain of technology. It is worthwhile to see the weaknesses of our digital climates. As a college student at a University that had just been the victim of a cyberattack last year, I find this information invaluable and super intriguing, especially when it's presented in such an engaging way like this video. I will definitely advocate for better physical, social, and network security from the IT department on campus. Thanks again for your hard work developing this content.
@@brokeyoutuber lmao... I got into computers when I was like 15 in the mid-90s. I definitely wasn't a programmer/hacker but I WAS very interested in the subject. Occasionally I'd buy a 2600 and flip through it, reading a lot but digesting little. Anyway, the ONE system I ever got into myself without just guessing or using default passwords on random telenet machines or local dial-up systems was a big-name University's system. Ended up "hacking" into one of their machines by using what was probably the easiest method any "script-kiddie" could use, the "PHF exploit". Found your comment about 'damn vulnerable colleges" kinda funny, heh.
I worked IT at my community college for a year before I got my AA in web design. I loved that place. And it taught me how to socially engineer a place whether you work there or not. I ended up doing mainly pentesting for them because I was able to get anywhere without a badge or keys to open anything even though they had pretty strict protocol on all of it. It's all about legal consent to pentest, social engineering and then the tech knowledge. And there is always more to learn.
0:00 ▶ Introduction 1:17 ▶ Neal sees pentesting differently 2:00 ▶ Neal's advice from experience 3:18 ▶ Neal's 5,000 pentests 4:30 ▶ Take NSA and experience 5:10 ▶ Preparation is key 5:50 ▶ OSINT 6:30 ▶ Actual Pentest report 7:50 ▶ Pretexting 8:45 ▶ Another real world example 9:30 ▶ Planning is very important 10:15 ▶ Leave stuff in your car? 11:55 ▶ Right tools for the job 12:05 ▶ Top tools 12:30 ▶ Extra cables 12:58 ▶ Hak5 Ethernet cable 13:10 ▶ Is Hak5 a necessity 13:57 ▶ Rubber Ducky 14:30 ▶ Hak5 are great 15:00 ▶ Real world example of equipment 15:30 ▶ You can create your own stuff 16:10 ▶ Your time is money 16:30 ▶ Proxmark 17:30 ▶ Crazy RFID reader 18:50 ▶ Poor planning RFID example 20:20 ▶ Your time is worth something! 21:00 ▶ Hone your tradecraft 21:20 ▶ Proxmark explanation 21:50 ▶ A reader doesn't give you access. You need a pretext 23:50 ▶ Social engineering 25:50 ▶ You need a story 26:04 ▶ Social Engineering vs tech 29:00 ▶ Physical access is king 30:00 ▶ What to do once past the door 31:19 ▶ Military facility pentest 33:27 ▶ Look for a network port 34:49 ▶ You want to get out of there 35:04 ▶ Hak5 Lan turtle 36:35 ▶ Back of computer vs switch 37:32 ▶ Pop it into the back of the computer 38:11 ▶ What about WiFi 38:50 ▶ TP-Link WiFi Card 39:50 ▶ Ubertooth 40:50 ▶ HackRF One 41:56 ▶ Hak5 Pineapple 42:09 ▶ SDR 43:00 ▶ Real world example 44:13 ▶ Alfa Network Adapter 44:50 ▶ Wifi Hacking 44:49 ▶ Alfa not practical so much 46:20 ▶ You cannot charge for a WiFi pentest 47:17 ▶ You are making it real 47:45 ▶ WiFi can be social engineering 48:47 ▶ Captive portal 49:40 ▶ Rogue Access point 50:40 ▶ Real world wifi pentest example 51:30 ▶ Port Security 51:57 ▶ Hak5 Pineapple access corporate network 52:34 ▶ Always social engineering 53:00 ▶ Pyramid of pain 53:14 ▶ Stuxnet 54:45 ▶ Telsa attack 55:07 ▶ NSA examples 56:32 ▶ Human Intelligence Hacking Example 58:40 ▶ Another hacking example 1:00:18 ▶ WiFi hacking example 1:01:32 ▶ Neal's photo while hacking 1:03:22 ▶ Once inside, you are trusted 1:03:40 ▶ Summary of devices 1:03:55 ▶ Hak5 switch 1:04:08 ▶ Extra cables 1:04:15 ▶ Hak5 Rubber Ducky 1:04:30 ▶ Hak5 Pineapple 1:04:54 ▶ Hak5 Bash Bunny 1:04:58 ▶ Hak5 Packet Squirrel 1:06:26 ▶ Ubertooth 1:06:31 ▶ Proxmark 1:07:00 ▶ Value of networking knowledge 1:07:32 ▶ Neal got his CCNA 1:08:50 ▶ Very few companies use port security properly 1:10:08 ▶ Cain and Abel 1:11:00 ▶ Are zero days worth it 1:12:05 ▶ Shiny objects vs Neal's wisdom 1:13:37 ▶ Real world hard talk 1:14:25 ▶ What do you recommend 1:16:55 ▶ Neal and David going to do something
After have 9+ years of physical installation security experience (Access control, Security and NVR systems) you've made me want to shift my knowledge into cyber and I'm excited again. Having the mindset of building layouts and functions, where they keep things I already have down pat. Just laying my foundations in linux now and enjoying the process. Thanks for the video!
David, Neal. Thank you so much. The ending of this video is what is currently hitting me. The fact that there is this ocean of supposed training however after you invest the time and finish it you realise that it simply was not enough. We need real world training/labing/ simulation because st the end. Obtaining the skill comes from experience. Theory is groundwork but not experience.
As the owner of a Cybersecurity & Forensics service provider, I appreciate these topics. We do about 50 pentests a month so it is always good to check my work against what others do.
5000 pen tests? Even if you conducted 1 pentest a week for a year ( 52 tests a year). It would take 96 years. If you were looking at 5 applications a week (260 a year) that’s still 19 years. Something doesn’t make sense.
I revisit this one video often when I need to recalibrate my thinking & approach... a great way to pause & reflect very useful for taking some time to check our mindsets ... thankyou for a very therapeutic conversation... keep pushing forward everyone 🙌🏽💗
Not sure how I ended up here, totally fascinating though. Had to google “a pen test” 😂 now I get the foundation of what you are talking about and I want to have a go! This stuff is so key for the future. Fair play for your journey! 🌟
I got into the IT business in 1992 as a Network Engineer and Sys Admin. I have several certifications. Been a fan of David since he began. This gentleman in this video is Right On. I recommend this video to anyone who truly wants to be the best they can be.
Hi David, thank you for making everything possible & easy for beginners by asking & explaining every single detail. Can you make a video about Raspberry pi? Setup & installation of Kali linux? And maybe some of your amazing ideas about pentesting?
Thank you so much for these. I love how you not only demonstrate, but ask and share how to learn what you’re demonstrating. That’s what makes your channel so much different. 😀🥳
I enjoy the chat, but to be honest I would love to see a more to the point video that highlights the hardware, and its general use; rather than a long protracted conversation about his experience in the field, and more so a nuts and bolts of what he actually uses regularly.
i have no idea how i ended up here but i highly appreciate you two shared your conversation in this video. personally i am more interested in the psychological aspect of security then in the tech side - thank you for this contribution to the spark of my curiosity.
Well, to do 5000 penetration test in a span of 8 years would mean he was doing about 12 a week, on a 5 day week, that's 2.4 / day, and a 6 day week, 2 / day. How long does a penetration test take because if he did 5000+, then of course those numbers per day will up. I used 8 years because he said 7+ years, meaning more than 7 but less than 8. I'm not trying to troll by any means, just that I've found that when people are asked about their experience, they tend to exaggerate dramatically. Yes, maybe he has done a lot, certainly more than the average viewer I would imagine, but those numbers seem a little high, but knowing the time it takes to do a single, thorough penetration test would be helpful. My preliminary research is showing from a minimum of 1 day to weeks depending on the complexity of the environment, number of hosts, number applications being used, ect.
Step1: Create a methodology Step2: Do a manual pentest on one target Step3: Automate that whole process using bash/python script Step4: Run and Improve that bash/python over time based on new target And Boom, you have a cool automation script which can do 5k pentest in a day as well
Because it aint 7+ years but rather more than a decade. He has been doing this for more than a decade, not 7+ years. 7+ years is the time he spent in 1 of the organisations, probably the military. It is an estimate over the whole lifespan of his career.
You also have to consider the fact that he’s totally spit balling how many tests he’s done. Let’s say he’s only done 3200. Over that time span would you really expect that he would, off the top of his head, differentiate between 3200 and 5000?
Him: "I've done like 5000 pen tests.. multiple tests every week, for 7 years." Reality: 3 per week x 52 weeks x 7 years = 1092 tests. He'd actually have to do 3 per day.
The only way I could see this being the case is if he means he counts nmap and a sql injection as 2 different "pen tests". Either way this was annoying
Well, I think what he meant is managed those number of pentests, it's been like 14 years for me as well... and have managed/conducted over 6-8k tests myself..
My apologies for the issues with this video. I had to remove the previously uploaded video because I had movie clips like Mr Robot and The Spy Game in the video and UA-cam didn't like them... so I had to remove the video :(
I've been in IT for almost three months now and it is wild how many people are trusting of me with their password to their account when doing password resets. They get frustrated making a new password that they either ask me to do it for them or write it down for them. They think just because I am in IT that I am trustworthy - not to say I am not but I digress.
Thank you for sharing real-life experience and a breakdown of what each tool does. Best of all real-life applications. I just started taking classes and I've learned more in this interview than in the 6 months of classes. This is incredibly informative for me as a newbie. Thank you David and Neal for taking the time to make this video.
It always amazes me how far you can get with social engineering and knowing how people react. So here is my example from a pen test I did years ago. First, I made a bad copy of an employee ID, picture, logo, and wording was in the right place but logo color was a bit different and the writing was not the same. Put the ID on an ID belt clip and clipped it on my belt in such a way that it was close to my crotch. People will not spend time scrutinizing your crotch, they will give it a glance and if it looks ok at a glance they accept it. I then walked in with some smokers. Sometimes called ghosting into the building. Once inside I grabbed a clipboard with some paper on it that was sitting on an unoccupied desk, though it worked with a folder or a notepad as well, and proceed to wander the building like I was lost. I was stopped by a nice lady who asked if she could help me. I told her it was my first day and there was no computer at my desk. My new boss told me to go to the IT department but I dont see it on this floor. She was nice enough to tell me I got off the elevator on the wrong floor and give me directions to the IT department. Once at the IT department I walked in like I owned the place, clipboard in hand and asked "Whos the domain Admin?" I was pointed at a lady who handled AD and told her "The company hired me to do a pen test." (That part is true) "Now I have software that will get me the SAM login database but when I run it, it causes the AD server to blue screen." (This is BS as I didnt have some magic software to do it) "While that is actually part of the pen test they hired me to do, I thought I would come meet the admin and see if they were willing to say I did it and just plug in this USB stick and copy the SAM database file on to it." She took the USB stick from my hand, had me follow her to the server room and plugged it directly into one of the AD servers. When I asked why we had to do it from the AD server she let me know that they disabled all the USB ports on the desktops so we had to do it at the server. Best part was that with the SAM DB and some common software, I ended up cracking all but 2 passwords. On a company with 25k employees. I didn't even try to connect to the wifi or plug anything into the network. I did that part much later. You can imagine how that report went. lol Loved the video and agree, social engineering is a huge part of pen testing.
1:08:00 im really shocked, even my home network has isolated Lan to W-Lan while the password-secured W-Lan is isolated against the puplic acessible W-lan. And this is not cause im paranoid or have stored valueable things on Computers but it´s simply default by the Internet acess router and active until you change them to make such wired bridgings.
20:57 so I just got into hacking and pentesting recently and I don´t really have a lot of money, but I have time. I wanted a rubber ducky, but it was too expensive for me, and i found the pico ducky project. So I bought a raspberry pi pico and started the project. It didn´t take me too long to make it work, it was pretty fun to do and a lot cheaper than a real rubber ducky. Also I learned a lot, and the raspberry pi pico seems to have a lot more applications than a rubber ducky. So yeah, I agree that time is money, and that your time has value, but if you have time, wanna learn new things or just don´t have a lot of money maybe the DIY is a good choice.
This was the best video I have found for how to get into cyber security. It made me believe I can finally make a career change and get that first job as a pen tester. Off to start that INE course!
Him: "I socially engineered the hotel when I got there to get a room with a window that faces the target" Reality: I'd like to book a room that faces um .. West. Hotel: No problem sir, here's your room key. Him: Hacked!!!
I like watching your videos. I didn't know squat about coding, programming, telecommunications... I started looking into it bc my phone was hacked and I wanted to learn how it happened so I know what to look for and how to stop it. I'm learning more than I expected and I like how it's explained in a way that even someone like myself can understand
Imagine thinking the military gives you a weekend on a deployment. Imagine thinking it’s impossible to do just because you are incapable of doing it yourself.
Each attack vector is counted as a test. Entering the building, gaining access to a computer, gaining access to the network, downloading data, and leaving the premises without ring challenged, would count as five tests. That could take less than an hour. Going back into the premises to retrieve equipment or data is going to count as a whole lot more tests. So 5,000 tests is not necessarily 5,000 separate premises tested, more like 500.
I mean come on guys, why do u have to say such a bullshit number like 5000 pentest? How? 5000 days is almost 14 years. This would mean that you had done a single pentest in a day for almost 14 year EVERY day. Like...why are saying such a dumb number? :D
When I finally horn my trade on this path I will have David Bombai and Neil’s pics hanging on my office wall like the President and Governor’s official portraits do in most offices. I have gotten some loads of knowledge ever since I know this channel. A thousand thanks
I have started studying in Cybersecurity, when I watch this discussion and compare it to what I am reading now days, its huge difference. I hope Neal shares more of his knowledge to the people like me who are new in this field.
I don’t know how I came across this video but I’m so glad I did because I know nothing about this stuff but now I want to know EVERYTHING. This is so cool!
The two of you have already hacked my head and I just became a bot that runs to all your videos! Waiting for the command center to release more videos. Great content, Neal and you have raised the bar of Quality of Content within Lenght of Video to the roofs!!!
This is fantastic. I like the down to earth critique of zero days. A book I’m reading now, “This is how they tell me the world ends” is all about zero days and how the world’s networks are all completely vulnerable because of them ( I haven’t finished it yet, though). I would like to have heard, though, if Neil was ever unsuccessful via social engineering to gain physical access to a company.
One neat thing that works very well is sending an email saying you have been tagged in a post. Works 97% on women and sometimes on men. A coworker took it after watching a social media documentary.
Incredibly intriguing! I work help desk and have always wondered on the equipment/methods pentesters actually use as it is something I'd love to do someday. I learned a lot about pentesting and learned an incredible amount on social engineering and just general security awareness from this stuff. Thanks again.
Great video! As a young person who wants to get into pentesting and cybersecurity for a career this video was incredible. Especially interesting how much emphasis Neal put on social engineering. Would love to see a conversation with Neal on how to develop social engineering skills and how people in this field learn to social engineer in person. The problem I see with learning social engineering is that you could very easily be arrested (or serious trouble) for trying to use the skills without permission from the companies (obviously). But it seems unlikely that a pentesting firm will hire and train someone who has very little to no social engineering skills. (especially for younger people who don't have as many years of experience working in cybersecurity). Thanks again for the great video!
Get a cs degree, do your comptia or IBM certificate and get you a society or company that backs you up and your good to go. As long as you can identify yourself as a whitehat you shouldn't get serious trouble.
As someone who make and configure access control cards, if you have a large group of cards you can definitely tell a lot about a system from it, but you have to combine that with the type of reader etc. Certain type of readers can read certain type of cards, and combined with looking at LED patterns etc you can often see what backend system they use. As long as they use the cards serialnumber and not cards that have encrypted sectors or filesystems, you can get a lot of information from having a bulk of cardnumbers. Usually to be able to make cards for any given system you need 1-100 cards to be able to program new cards from scratch. For standard systems 1 card is often enough. But apart from that there is often a lot easier to just hook on to the comms cables from the card reader if they are accessible and just read & insert the raw signal for the card number between the card reader and the backend system.
On a complete side note, I Absolutely loved seeing a V-22 on a cybersecurity video. its as if my two life paths crossed. Thank you for these videos, it keep a feller like me going during a career transition.
Knowledge Wisdom (also not intelligence...) This is a valuable understanding that the vast majority in any field is sorely lacking today. Most people have very little wisdom until they're around 30+ years old unless your field of expertise is not complicated in any way. A college degree(or certifications) certainly does not provide you with wisdom. Knowledge is extremely important, but without the ability to put it to practice usefully, it's not worth much.
Thank god.. .I always used to say the same thing when these companies get a security scan done its not the same as a real pen test.. I would own a company in two seconds with my social engineering skills.. The fact that they ask for a root off the bat.. Is ridiculous and doesn't give the company a true analysis of the risk . Maybe after a pen test you escalate and scan if you were able to get in but.. yea.. social engineering is key for sure.. Finally someone that explains the truth to a real pentest.. and how easy the # 1 vulnerability being a human can be exploited.. :) Cheers good stuff
Awesome Video, you and Neal have such good flow, he's so incredibly knowledgeable, I'd wish I had someone close to me that had your knowledge to learn from but all my connection are devoid of intrest in anything from programing, game dev, and hacking stuff.
On the subject of the key cards, thats where the social engineering side of things comes into play. You would simply have to find out which people have what access by watching the coming and going of personelle, which windows you see them by, and which doors you see them use most often. Then setup a scan of that person's card to make it where you want to be.
Great video guys, Gaining access internally via social engineering is the only access point to conduct a pen test so I have been told. Really informative looking forward to the next one. Cheers Tony
you guys really cracked me up!! on network WLAN!! and yes you guys hit rock hard on truth on how the real world applications work and the ones on test environments!! Thank you so much for sharing all the knowledge that you guys have!! really appriticate it!!
This was a FASCINATING interview. #Subscribed Excellent content!!! This whole Interview was so insightful... Cybersecurity is such a word that seems to come with so much... IDK, Hype? I'm still in the very early beg phases of my career, and I'm trying to keep my options open and keep an open mind with my interests and stay aware of any opportunities to shift and grow... but watching this, all the REAL that I heard in this interview, it was very interesting and exciting to me. Great work, both of you!!
I set up Enterprise Wireless that easily detected and alerted Rouge wireless points. But the main Highway was 20 ft from one side of the building trucks and cars that have their own hot-spots overwhelmed the admin who could possibly look in real time at all the alerts. Basically we had to ignore the access points on that Highway side of the building.
My apologies for the issues with this video. I had to remove the previously uploaded video because I had movie clips like Mr Robot and The Spy Game in the video and UA-cam didn't like them... so I had to remove the video :(
Learn real world pentesting plus which tools are the best to use with Ex-NSA Hacker Neal Bridges. Neal tells us what he carries in his backpack when doing real world pentests.
Menu:
0:00 ▶ Introduction
1:17 ▶ Neal sees pentesting differently
2:00 ▶ Neal's advice from experience
3:18 ▶ Neal's 5,000 pentests
4:30 ▶ Take NSA and experience
5:10 ▶ Preparation is key
5:50 ▶ OSINT
6:30 ▶ Actual Pentest report
7:50 ▶ Pretexting
8:45 ▶ Another real world example
9:30 ▶ Planning is very important
10:15 ▶ Leave stuff in your car?
11:55 ▶ Right tools for the job
12:05 ▶ Top tools
12:30 ▶ Extra cables
12:58 ▶ Hak5 Ethernet cable
13:10 ▶ Is Hak5 a necessity
13:57 ▶ Rubber Ducky
14:30 ▶ Hak5 are great
15:00 ▶ Real world example of equipment
15:30 ▶ You can create your own stuff
16:10 ▶ Your time is money
16:30 ▶ Proxmark
17:30 ▶ Crazy RFID reader
18:50 ▶ Poor planning RFID example
20:20 ▶ Your time is worth something!
21:00 ▶ Hone your tradecraft
21:20 ▶ Proxmark explanation
21:50 ▶ A reader doesn't give you access. You need a pretext
23:50 ▶ Social engineering
25:50 ▶ You need a story
26:04 ▶ Social Engineering vs tech
29:00 ▶ Physical access is king
30:00 ▶ What to do once past the door
31:19 ▶ Military facility pentest
33:27 ▶ Look for a network port
34:49 ▶ You want to get out of there
35:04 ▶ Hak5 Lan turtle
36:35 ▶ Back of computer vs switch
37:32 ▶ Pop it into the back of the computer
38:11 ▶ What about WiFi
38:50 ▶ TP-Link WiFi Card
39:50 ▶ Ubertooth
40:50 ▶ HackRF One
41:56 ▶ Hak5 Pineapple
42:09 ▶ SDR
43:00 ▶ Real world example
44:13 ▶ Alfa Network Adapter
44:50 ▶ Wifi Hacking
44:49 ▶ Alfa not practical so much
46:20 ▶ You cannot charge for a WiFi pentest
47:17 ▶ You are making it real
47:45 ▶ WiFi can be social engineering
48:47 ▶ Captive portal
49:40 ▶ Rogue Access point
50:40 ▶ Real world wifi pentest example
51:30 ▶ Port Security
51:57 ▶ Hak5 Pineapple access corporate network
52:34 ▶ Always social engineering
53:00 ▶ Pyramid of pain
53:14 ▶ Stuxnet
54:45 ▶ Telsa attack
55:07 ▶ NSA examples
56:32 ▶ Human Intelligence Hacking Example
58:40 ▶ Another hacking example
1:00:18 ▶ WiFi hacking example
1:01:32 ▶ Neal's photo while hacking
1:03:22 ▶ Once inside, you are trusted
1:03:40 ▶ Summary of devices
1:03:55 ▶ Hak5 switch
1:04:08 ▶ Extra cables
1:04:15 ▶ Hak5 Rubber Ducky
1:04:30 ▶ Hak5 Pineapple
1:04:54 ▶ Hak5 Bash Bunny
1:04:58 ▶ Hak5 Packet Squirrel
1:06:26 ▶ Ubertooth
1:06:31 ▶ Proxmark
1:07:00 ▶ Value of networking knowledge
1:07:32 ▶ Neal got his CCNA
1:08:50 ▶ Very few companies use port security properly
1:10:08 ▶ Cain and Abel
1:11:00 ▶ Are zero days worth it
1:12:05 ▶ Shiny objects vs Neal's wisdom
1:13:37 ▶ Real world hard talk
1:14:25 ▶ What do you recommend
1:16:55 ▶ Neal and David going to do something
=======================
Buy Hak5 coolness here:
=======================
Buy Hak5: davidbombal.wiki/gethak5
============================
Buy ShareBrained Technology:
============================
PortaPack: www.sharebrained.com/
================
Connect with me:
================
Discord: discord.com/invite/usKSyzb
Twitter: twitter.com/davidbombal
Instagram: instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
UA-cam: ua-cam.com/users/davidbombal
================
Connect with Neal:
================
UA-cam: ua-cam.com/users/cyberinsecurity
LinkedIn: www.linkedin.com/in/nealbridges/
Twitter: twitter.com/ITJunkie
Twitch: www.twitch.tv/cyber_insecurity
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
UA-cam hates fun.
Gots my answer.
Im hacking UA-cam for you with my thumbs up! Watched the old video and Mr Robot clips were great! Thanks!
What I really like about you David is that you ask questions that are really relevant and that you also surprisingly know how to put yourself in the shoes of a beginner to ask the right questions that will allow us (the newbies) to learn more about different field of IT. Much love from France David!
Thank you Akan! I appreciate that :)
True well said. He exactly asked what came to my mind :)
❤seems like David is in my head. Any question that comes into my head is always asked by david💖Thank you for helping us the beginners
@Ostia Hermes if the nsa wanna hack you, no router in the world is gunna stop them.
@Ostia Hermes most likely high end Cisco routers and firewalls but that's overkill for a SOHO
David is trying his very best to help us learn also from his invited guests like Neal. Million thanks, David, for your untiring efforts.
After 20 years of military service, mostly in the same type of environment as Neal, He is spot on about the "Social" portion of pen-testing. Being "Nice" will get you pretty far.
Dressing the part helps too. Watching this made me realise how many situations I have been in that people have trusted me with no reason to and half the time it is because it was what I was wearing that did it.
Richard Marcinko talked about how easy it was to get anything done on a US base just by being nice and wearing a Navy sweater or something like that.
@@JehuMcSpooran a clipboard and a vest will get you anywhere, but at the same time I've heard cool stories of pentesters getting access to the most secure buildings while wearing completely unfitting clothing because they were trying to push how far they can go before getting caught
edit: like just look at 1:01:38 haha
The worst to Neal.
Spying on friends and allies is not tolerable.
Hope he gets arrested when he crosses the German border.
I love how David knows all the details but asks the questions Noobs like us would! Thank you David!
I love how this content is free and that im able to watch it. Its literally so much knowledge that I'm getting without even having to do or pay something and so damn well made. Thanks, David!
Love this. You two have really inspired me. I started my own Cybersecurity business because of your wisdom and guidance. I've been in the IT space for 11 years, so I feel like it was time for me to forge my own path. Looking forward to more content!
Hope your business is going well
Good Luck !!
Hey, I know that you don't know me, but, I'm interested in starting a company in my area. I'm just getting started, haven't even done a ctf or bug bounty, even. I was wondering how you are doing about a year in? Good luck and hope to hear from you soon
I love these stories! I would absolutely enjoy an entire series on war stories from Neal's pen tests! It would not only motivate aspiring pen testers, but would provide real world context, just as this video does, to topics that can't always be mastered in a lab. This for me, is the best way of learning.
🤔 I guess the movies got it right 💁 lol this reminds me of I spy
Fantastic video, thanks David and Neil for putting this together, this should be required watching for helpdesk techs, sysadmins and engineers. This is stuff that every IT professional on the blue team side of the house should be aware of.
Sysadmin here taking notes ;)
David, a huge thank you to yourself and Neal for taking the time to make such a great and educational video. I'd have to say this is one of your best videos that I've seen, and we all know how high quality all your other ones are !
Another fantastic video David and Neal. I love the stories, and real-life applications. While I'm not looking to seek a career in this field, I love this domain of technology. It is worthwhile to see the weaknesses of our digital climates. As a college student at a University that had just been the victim of a cyberattack last year, I find this information invaluable and super intriguing, especially when it's presented in such an engaging way like this video. I will definitely advocate for better physical, social, and network security from the IT department on campus. Thanks again for your hard work developing this content.
Those damn vulnerable collages
@@brokeyoutuber lmao... I got into computers when I was like 15 in the mid-90s. I definitely wasn't a programmer/hacker but I WAS very interested in the subject. Occasionally I'd buy a 2600 and flip through it, reading a lot but digesting little. Anyway, the ONE system I ever got into myself without just guessing or using default passwords on random telenet machines or local dial-up systems was a big-name University's system. Ended up "hacking" into one of their machines by using what was probably the easiest method any "script-kiddie" could use, the "PHF exploit". Found your comment about 'damn vulnerable colleges" kinda funny, heh.
I worked IT at my community college for a year before I got my AA in web design. I loved that place. And it taught me how to socially engineer a place whether you work there or not. I ended up doing mainly pentesting for them because I was able to get anywhere without a badge or keys to open anything even though they had pretty strict protocol on all of it.
It's all about legal consent to pentest, social engineering and then the tech knowledge.
And there is always more to learn.
0:00 ▶ Introduction
1:17 ▶ Neal sees pentesting differently
2:00 ▶ Neal's advice from experience
3:18 ▶ Neal's 5,000 pentests
4:30 ▶ Take NSA and experience
5:10 ▶ Preparation is key
5:50 ▶ OSINT
6:30 ▶ Actual Pentest report
7:50 ▶ Pretexting
8:45 ▶ Another real world example
9:30 ▶ Planning is very important
10:15 ▶ Leave stuff in your car?
11:55 ▶ Right tools for the job
12:05 ▶ Top tools
12:30 ▶ Extra cables
12:58 ▶ Hak5 Ethernet cable
13:10 ▶ Is Hak5 a necessity
13:57 ▶ Rubber Ducky
14:30 ▶ Hak5 are great
15:00 ▶ Real world example of equipment
15:30 ▶ You can create your own stuff
16:10 ▶ Your time is money
16:30 ▶ Proxmark
17:30 ▶ Crazy RFID reader
18:50 ▶ Poor planning RFID example
20:20 ▶ Your time is worth something!
21:00 ▶ Hone your tradecraft
21:20 ▶ Proxmark explanation
21:50 ▶ A reader doesn't give you access. You need a pretext
23:50 ▶ Social engineering
25:50 ▶ You need a story
26:04 ▶ Social Engineering vs tech
29:00 ▶ Physical access is king
30:00 ▶ What to do once past the door
31:19 ▶ Military facility pentest
33:27 ▶ Look for a network port
34:49 ▶ You want to get out of there
35:04 ▶ Hak5 Lan turtle
36:35 ▶ Back of computer vs switch
37:32 ▶ Pop it into the back of the computer
38:11 ▶ What about WiFi
38:50 ▶ TP-Link WiFi Card
39:50 ▶ Ubertooth
40:50 ▶ HackRF One
41:56 ▶ Hak5 Pineapple
42:09 ▶ SDR
43:00 ▶ Real world example
44:13 ▶ Alfa Network Adapter
44:50 ▶ Wifi Hacking
44:49 ▶ Alfa not practical so much
46:20 ▶ You cannot charge for a WiFi pentest
47:17 ▶ You are making it real
47:45 ▶ WiFi can be social engineering
48:47 ▶ Captive portal
49:40 ▶ Rogue Access point
50:40 ▶ Real world wifi pentest example
51:30 ▶ Port Security
51:57 ▶ Hak5 Pineapple access corporate network
52:34 ▶ Always social engineering
53:00 ▶ Pyramid of pain
53:14 ▶ Stuxnet
54:45 ▶ Telsa attack
55:07 ▶ NSA examples
56:32 ▶ Human Intelligence Hacking Example
58:40 ▶ Another hacking example
1:00:18 ▶ WiFi hacking example
1:01:32 ▶ Neal's photo while hacking
1:03:22 ▶ Once inside, you are trusted
1:03:40 ▶ Summary of devices
1:03:55 ▶ Hak5 switch
1:04:08 ▶ Extra cables
1:04:15 ▶ Hak5 Rubber Ducky
1:04:30 ▶ Hak5 Pineapple
1:04:54 ▶ Hak5 Bash Bunny
1:04:58 ▶ Hak5 Packet Squirrel
1:06:26 ▶ Ubertooth
1:06:31 ▶ Proxmark
1:07:00 ▶ Value of networking knowledge
1:07:32 ▶ Neal got his CCNA
1:08:50 ▶ Very few companies use port security properly
1:10:08 ▶ Cain and Abel
1:11:00 ▶ Are zero days worth it
1:12:05 ▶ Shiny objects vs Neal's wisdom
1:13:37 ▶ Real world hard talk
1:14:25 ▶ What do you recommend
1:16:55 ▶ Neal and David going to do something
yes bro its literally in the description..
@@StfuSiriusly ik i copied from their..just for my convience like i cantt go o description all the time again and again
Having worked in the networking industry for 24yrs I find these guys absolutely fascinating! These guys are spot on!!
David this content is unlike any other and pure gold. Thank you very much
Cannot wait for OSINT video. I am so in to it right now
Yes!
100% OSINT is amazing, would also love to see OTS and social engineering conversations.
After have 9+ years of physical installation security experience (Access control, Security and NVR systems) you've made me want to shift my knowledge into cyber and I'm excited again. Having the mindset of building layouts and functions, where they keep things I already have down pat. Just laying my foundations in linux now and enjoying the process. Thanks for the video!
Fantastic, keep this kinda of real world content coming. I returned to school pursuing my first degree because of you two! AMAZING STUFF!
This man David Is too sensible with his questions, the best I have seen so far
David, Neal. Thank you so much. The ending of this video is what is currently hitting me. The fact that there is this ocean of supposed training however after you invest the time and finish it you realise that it simply was not enough. We need real world training/labing/ simulation because st the end. Obtaining the skill comes from experience. Theory is groundwork but not experience.
What a conversation that made my brain thrives. Thank you David & Neal.
As the owner of a Cybersecurity & Forensics service provider, I appreciate these topics. We do about 50 pentests a month so it is always good to check my work against what others do.
The two of you are THE BEST when you share the stage. You guys should talk about ICS stuff down the road. Love these videos
Pen testing be sounding like the perfect job!!! Thanks for all the information you be sharing with us!
By far this is the best episode. Thanks David.
5000 pen tests? Even if you conducted 1 pentest a week for a year ( 52 tests a year). It would take 96 years. If you were looking at 5 applications a week (260 a year) that’s still 19 years. Something doesn’t make sense.
I guess some were automated tests
I agree.He was prob exaggerating.
Typical AF writing when you have a team of 10 and they each do a pen test then you just did 10.
Probably did dozens of tests while training. Could be doing 5 a day in some cases.
I stop watching after the first 10 mins of noting but how good thr guy is... OK bro enough self glory already, let's see the tools 😒
I must say I watched this 10 times and learned something new each time!!!! Loved this!!!! Thanks too you both !
I enjoy and take notes in every video you make with Neal! Thanks, David! Great stuff ❤
I revisit this one video often when I need to recalibrate my thinking & approach... a great way to pause & reflect very useful for taking some time to check our mindsets ... thankyou for a very therapeutic conversation... keep pushing forward everyone 🙌🏽💗
Coach your the best. Thank you for making us better
Not sure how I ended up here, totally fascinating though. Had to google “a pen test” 😂 now I get the foundation of what you are talking about and I want to have a go! This stuff is so key for the future. Fair play for your journey! 🌟
I got into the IT business in 1992 as a Network Engineer and Sys Admin. I have several certifications. Been a fan of David since he began. This gentleman in this video is Right On. I recommend this video to anyone who truly wants to be the best they can be.
Hi David, thank you for making everything possible & easy for beginners by asking & explaining every single detail. Can you make a video about Raspberry pi? Setup & installation of Kali linux? And maybe some of your amazing ideas about pentesting?
Thank you so much for these. I love how you not only demonstrate, but ask and share how to learn what you’re demonstrating. That’s what makes your channel so much different. 😀🥳
I enjoy the chat, but to be honest I would love to see a more to the point video that highlights the hardware, and its general use; rather than a long protracted conversation about his experience in the field, and more so a nuts and bolts of what he actually uses regularly.
As someone who is just starting their career/interest at a local college, this is so amazing. Thank you so much.
If you do two pentests per week (which is a lot), it will take you nearly 48 years to perform 5000 🤨
he does one for breakfast and one for dinner. 5k. it's bs
yeah I do think that is an over exaggerated hyperbole.... I do not think that is truthful as well...
I think he does pentest with large scope and counts them as more pentests. but otherwise it is indeed BS
I guess you were never in the military.
Was doing the same math, a hilarious claim.
i have no idea how i ended up here but i highly appreciate you two shared your conversation in this video. personally i am more interested in the psychological aspect of security then in the tech side - thank you for this contribution to the spark of my curiosity.
Goddamn I always love the conversation between you and Neil. Thank you for providing us such a great content!
One of the best videos on your channel David. Thanks for your time for creating such a great content
Well, to do 5000 penetration test in a span of 8 years would mean he was doing about 12 a week, on a 5 day week, that's 2.4 / day, and a 6 day week, 2 / day. How long does a penetration test take because if he did 5000+, then of course those numbers per day will up. I used 8 years because he said 7+ years, meaning more than 7 but less than 8. I'm not trying to troll by any means, just that I've found that when people are asked about their experience, they tend to exaggerate dramatically. Yes, maybe he has done a lot, certainly more than the average viewer I would imagine, but those numbers seem a little high, but knowing the time it takes to do a single, thorough penetration test would be helpful. My preliminary research is showing from a minimum of 1 day to weeks depending on the complexity of the environment, number of hosts, number applications being used, ect.
Step1: Create a methodology
Step2: Do a manual pentest on one target
Step3: Automate that whole process using bash/python script
Step4: Run and Improve that bash/python over time based on new target
And Boom, you have a cool automation script which can do 5k pentest in a day as well
Because it aint 7+ years but rather more than a decade. He has been doing this for more than a decade, not 7+ years. 7+ years is the time he spent in 1 of the organisations, probably the military. It is an estimate over the whole lifespan of his career.
You also have to consider the fact that he’s totally spit balling how many tests he’s done. Let’s say he’s only done 3200. Over that time span would you really expect that he would, off the top of his head, differentiate between 3200 and 5000?
7 plus years plus a decade in the military doing offensive cyber operations. So for 17 years definitely seems like 5000 is a plausible number.
I last about 30 seconds
Love when David emphasizes on the CCNA.
Love it.
Him: "I've done like 5000 pen tests.. multiple tests every week, for 7 years."
Reality: 3 per week x 52 weeks x 7 years = 1092 tests.
He'd actually have to do 3 per day.
That bugged me so much lol
The only way I could see this being the case is if he means he counts nmap and a sql injection as 2 different "pen tests". Either way this was annoying
@@paullees6687 Alternatively, 3 per week would only take him 35 years, without a break.. so maybe he started when he was a baby ..
@@carmodity this guy's the Steven segal of pen testers.
"Relax. I've been pen testing for like 50 years"
Well, I think what he meant is managed those number of pentests, it's been like 14 years for me as well... and have managed/conducted over 6-8k tests myself..
The David and Neal Show strikes again. Absolutely nailed it!
It’s finally here
My apologies for the issues with this video. I had to remove the previously uploaded video because I had movie clips like Mr Robot and The Spy Game in the video and UA-cam didn't like them... so I had to remove the video :(
The amount of knowledge and information in this 1 hour is unreal! I was so amazed to find how a professional do its job thanks so much for this video
I've been in IT for almost three months now and it is wild how many people are trusting of me with their password to their account when doing password resets. They get frustrated making a new password that they either ask me to do it for them or write it down for them. They think just because I am in IT that I am trustworthy - not to say I am not but I digress.
Thank you for sharing real-life experience and a breakdown of what each tool does. Best of all real-life applications. I just started taking classes and I've learned more in this interview than in the 6 months of classes. This is incredibly informative for me as a newbie. Thank you David and Neal for taking the time to make this video.
It always amazes me how far you can get with social engineering and knowing how people react. So here is my example from a pen test I did years ago.
First, I made a bad copy of an employee ID, picture, logo, and wording was in the right place but logo color was a bit different and the writing was not the same. Put the ID on an ID belt clip and clipped it on my belt in such a way that it was close to my crotch. People will not spend time scrutinizing your crotch, they will give it a glance and if it looks ok at a glance they accept it. I then walked in with some smokers. Sometimes called ghosting into the building.
Once inside I grabbed a clipboard with some paper on it that was sitting on an unoccupied desk, though it worked with a folder or a notepad as well, and proceed to wander the building like I was lost.
I was stopped by a nice lady who asked if she could help me. I told her it was my first day and there was no computer at my desk. My new boss told me to go to the IT department but I dont see it on this floor. She was nice enough to tell me I got off the elevator on the wrong floor and give me directions to the IT department.
Once at the IT department I walked in like I owned the place, clipboard in hand and asked "Whos the domain Admin?" I was pointed at a lady who handled AD and told her "The company hired me to do a pen test." (That part is true) "Now I have software that will get me the SAM login database but when I run it, it causes the AD server to blue screen." (This is BS as I didnt have some magic software to do it) "While that is actually part of the pen test they hired me to do, I thought I would come meet the admin and see if they were willing to say I did it and just plug in this USB stick and copy the SAM database file on to it."
She took the USB stick from my hand, had me follow her to the server room and plugged it directly into one of the AD servers. When I asked why we had to do it from the AD server she let me know that they disabled all the USB ports on the desktops so we had to do it at the server.
Best part was that with the SAM DB and some common software, I ended up cracking all but 2 passwords. On a company with 25k employees. I didn't even try to connect to the wifi or plug anything into the network. I did that part much later.
You can imagine how that report went. lol
Loved the video and agree, social engineering is a huge part of pen testing.
Lmao that's great. The part about the blue screen was brilliant. I would be pissed if that happened to my company.
It's very rare that a 75min video can fly by so quickly. Awesome.
1:08:00 im really shocked, even my home network has isolated Lan to W-Lan while the password-secured W-Lan is isolated against the puplic acessible W-lan. And this is not cause im paranoid or have stored valueable things on Computers but it´s simply default by the Internet acess router and active until you change them to make such wired bridgings.
In a word, excellent. Really good to see what goes on in 'The Real World'.
20:57 so I just got into hacking and pentesting recently and I don´t really have a lot of money, but I have time. I wanted a rubber ducky, but it was too expensive for me, and i found the pico ducky project. So I bought a raspberry pi pico and started the project. It didn´t take me too long to make it work, it was pretty fun to do and a lot cheaper than a real rubber ducky. Also I learned a lot, and the raspberry pi pico seems to have a lot more applications than a rubber ducky. So yeah, I agree that time is money, and that your time has value, but if you have time, wanna learn new things or just don´t have a lot of money maybe the DIY is a good choice.
I'm interested too, @Dafelix. My story is similar to yours. Please how do I get stated with the Pico ducky project? How can I get a raspberry pi pico?
This was the best video I have found for how to get into cyber security. It made me believe I can finally make a career change and get that first job as a pen tester. Off to start that INE course!
Him: "I socially engineered the hotel when I got there to get a room with a window that faces the target"
Reality: I'd like to book a room that faces um .. West.
Hotel: No problem sir, here's your room key.
Him: Hacked!!!
I like watching your videos. I didn't know squat about coding, programming, telecommunications... I started looking into it bc my phone was hacked and I wanted to learn how it happened so I know what to look for and how to stop it. I'm learning more than I expected and I like how it's explained in a way that even someone like myself can understand
To do 5000 pen tests in 8 years, he'd have to average over 2 per day (assuming he worked 5 days per week).
It's called talking out of your ass. The whole hacker community was making fun of this on Twitter.
Imagine thinking the military gives you a weekend on a deployment.
Imagine thinking it’s impossible to do just because you are incapable of doing it yourself.
Each attack vector is counted as a test. Entering the building, gaining access to a computer, gaining access to the network, downloading data, and leaving the premises without ring challenged, would count as five tests. That could take less than an hour. Going back into the premises to retrieve equipment or data is going to count as a whole lot more tests. So 5,000 tests is not necessarily 5,000 separate premises tested, more like 500.
My hand hurts from all the note taking. Thanks so much for all your help.
You are missing one strong peace of equipment: Stingrays, also known as "cell site simulators" or "IMSI catchers,"
Great video. This is why I really like Mr Robot, as it shows how important Social Engineering and physical access is
I would love for him to sit and explain what he thinks of Edward Snowden.
the most important and interest question of all that wasn't made
If he said anything he would be interrogated and watched for the rest of his life. I dont think he wants that.
@@almostattheendoflife2273 So sad but true.
@@almostattheendoflife2273 he's already tracked and watched. actually, we all are. assange, snowden and manning show us
@@riskinhos Also very true haha. Screw it talk about Snowden.
I love competence. Thank you both for recording this episode.
5000 in 7 years? (3:05) That would mean 2 pentests per day, EVERY day... naah
Happy 1 Million subscribers David!
I mean come on guys, why do u have to say such a bullshit number like 5000 pentest? How? 5000 days is almost 14 years. This would mean that you had done a single pentest in a day for almost 14 year EVERY day. Like...why are saying such a dumb number? :D
David is the goat period! Thanks for your inspirational videos.
The number 5000 comes from his experience in the US military... They know how to inflate numbers
Learned so much from this one video, thank you David and Neal. Looking forward to whatever you do next.
🤣 A pen tester that can't do simple math? Over 5000 in 7 years at 2 per week? Are you sure you don't mean testing pens? 😂
One of the best channels on UA-cam, thank you for what you provide to the community
What you guys are doing there is just invaluable! This is the only way to move forward. I hope you will not loose the steam. :)
This guy is amazing, please bring him again! Can't wait for those courses.
When I finally horn my trade on this path I will have David Bombai and Neil’s pics hanging on my office wall like the President and Governor’s official portraits do in most offices. I have gotten some loads of knowledge ever since I know this channel. A thousand thanks
I have started studying in Cybersecurity, when I watch this discussion and compare it to what I am reading now days, its huge difference. I hope Neal shares more of his knowledge to the people like me who are new in this field.
I don’t know how I came across this video but I’m so glad I did because I know nothing about this stuff but now I want to know EVERYTHING. This is so cool!
The two of you have already hacked my head and I just became a bot that runs to all your videos! Waiting for the command center to release more videos. Great content, Neal and you have raised the bar of Quality of Content within Lenght of Video to the roofs!!!
When he started talking about people on their smoke break that is so true. They are the most vulnerable ones in the work place.
YOU TWO GUYS ARE AWESOME AND WANT TO SAY THANK YOU FOR THE WISDOM AND HONESTY👌
This is fantastic. I like the down to earth critique of zero days. A book I’m reading now, “This is how they tell me the world ends” is all about zero days and how the world’s networks are all completely vulnerable because of them ( I haven’t finished it yet, though).
I would like to have heard, though, if Neil was ever unsuccessful via social engineering to gain physical access to a company.
One neat thing that works very well is sending an email saying you have been tagged in a post. Works 97% on women and sometimes on men. A coworker took it after watching a social media documentary.
thank you very much David for this opportunity, I really appreciate this
You're welcome! and Thank you for watching!
Incredibly intriguing! I work help desk and have always wondered on the equipment/methods pentesters actually use as it is something I'd love to do someday. I learned a lot about pentesting and learned an incredible amount on social engineering and just general security awareness from this stuff. Thanks again.
Great video! As a young person who wants to get into pentesting and cybersecurity for a career this video was incredible. Especially interesting how much emphasis Neal put on social engineering. Would love to see a conversation with Neal on how to develop social engineering skills and how people in this field learn to social engineer in person.
The problem I see with learning social engineering is that you could very easily be arrested (or serious trouble) for trying to use the skills without permission from the companies (obviously). But it seems unlikely that a pentesting firm will hire and train someone who has very little to no social engineering skills. (especially for younger people who don't have as many years of experience working in cybersecurity).
Thanks again for the great video!
Get a cs degree, do your comptia or IBM certificate and get you a society or company that backs you up and your good to go.
As long as you can identify yourself as a whitehat you shouldn't get serious trouble.
theres tickets and certification that proves he is whitehat so everything is fine.
As someone who make and configure access control cards, if you have a large group of cards you can definitely tell a lot about a system from it, but you have to combine that with the type of reader etc. Certain type of readers can read certain type of cards, and combined with looking at LED patterns etc you can often see what backend system they use.
As long as they use the cards serialnumber and not cards that have encrypted sectors or filesystems, you can get a lot of information from having a bulk of cardnumbers. Usually to be able to make cards for any given system you need 1-100 cards to be able to program new cards from scratch. For standard systems 1 card is often enough.
But apart from that there is often a lot easier to just hook on to the comms cables from the card reader if they are accessible and just read & insert the raw signal for the card number between the card reader and the backend system.
Thank you very Mr. David,
This video changed my instinct and perception entirely.
Bless Ya!
On a complete side note, I Absolutely loved seeing a V-22 on a cybersecurity video. its as if my two life paths crossed. Thank you for these videos, it keep a feller like me going during a career transition.
Knowledge Wisdom (also not intelligence...) This is a valuable understanding that the vast majority in any field is sorely lacking today. Most people have very little wisdom until they're around 30+ years old unless your field of expertise is not complicated in any way. A college degree(or certifications) certainly does not provide you with wisdom. Knowledge is extremely important, but without the ability to put it to practice usefully, it's not worth much.
Thank god.. .I always used to say the same thing when these companies get a security scan done its not the same as a real pen test.. I would own a company in two seconds with my social engineering skills.. The fact that they ask for a root off the bat.. Is ridiculous and doesn't give the company a true analysis of the risk . Maybe after a pen test you escalate and scan if you were able to get in but.. yea.. social engineering is key for sure.. Finally someone that explains the truth to a real pentest.. and how easy the # 1 vulnerability being a human can be exploited.. :) Cheers good stuff
I used to dream of being a hacker as a kid (never became one) but I love watching these videos anyway as an adult. Thanks David and Neal
It's never too late to start anything you wanna do. They say hackers come from all walks of life and I've seen them in all ages too
Awesome Video, you and Neal have such good flow, he's so incredibly knowledgeable, I'd wish I had someone close to me that had your knowledge to learn from but all my connection are devoid of intrest in anything from programing, game dev, and hacking stuff.
I can listen to this all day. good stuff
On the subject of the key cards, thats where the social engineering side of things comes into play. You would simply have to find out which people have what access by watching the coming and going of personelle, which windows you see them by, and which doors you see them use most often. Then setup a scan of that person's card to make it where you want to be.
Hi Havid, i really like all your videos, I am 60 years old and trying to keep working .
Great video guys, Gaining access internally via social engineering is the only access point
to conduct a pen test so I have been told. Really informative looking forward to the next one.
Cheers Tony
you guys really cracked me up!! on network WLAN!! and yes you guys hit rock hard on truth on how the real world applications work and the ones on test environments!! Thank you so much for sharing all the knowledge that you guys have!! really appriticate it!!
You're welcome!
Brilliant video.
Would like to hear more in-field experiences.
This was a FASCINATING interview. #Subscribed Excellent content!!! This whole Interview was so insightful... Cybersecurity is such a word that seems to come with so much... IDK, Hype? I'm still in the very early beg phases of my career, and I'm trying to keep my options open and keep an open mind with my interests and stay aware of any opportunities to shift and grow... but watching this, all the REAL that I heard in this interview, it was very interesting and exciting to me. Great work, both of you!!
I set up Enterprise Wireless that easily detected and alerted Rouge wireless points. But the main Highway was 20 ft from one side of the building trucks and cars that have their own hot-spots overwhelmed the admin who could possibly look in real time at all the alerts. Basically we had to ignore the access points on that Highway side of the building.
So true, it is almost off the table at most customers as any loading dock will just false alert on any fleet vehicle. Or proximity to a public road.
Your videos fuel me to continue studying.
YOU VIDOS ARE GREAT .THANK YOU FOR ALL THE REAL HARD WORK YOU DO ABOUT REALY IMPOTANT ISUSE THAT NO ONE ELSE TALKS ABOUT.