Stephen Sims shares his years of experience with us and shows us how we can make money hacking. But be careful - some of the options are not recommended. // Stephen's Social // UA-cam: www.youtube.com/@OffByOneSecurity/streams Twitter: twitter.com/Steph3nSims // Stephen Recommends // Programming Tools: Online Compiler, Visual Debugger, and AI Tutor for Python, Java, C, C++, and JavaScript: pythontutor.com/ PyCharm - Python IDE with Great IDA Pro Support:www.jetbrains.com/pycharm/ VS Code:code.visualstudio.com/ Patch Diffing: Windows Binary Index for Patch Diffing:winbindex.m417z.com/ BinDiff Tool for IDA Pro, Ghidra, or Binary Ninjawww.zynamics.com/bindiff.html Diaphora Diffing Tool for IDA Prodiaphora.re/ PatchExtract for Extracting MS Patches from MSU Formatgist.github.com/wumb0/306f97dc8376c6f53b9f9865f60b4fb5 Vulnerable Things to Hack HackSys Extreme Vulnerable Driver:github.com/hacksysteam/HackSysExtremeVulnerableDriver WebGoat - Deliberately Insecure Application:owasp.org/www-project-webgoat/ Damn Vulnerable Web App:github.com/digininja/DVWA Buggy Web App:itsecgames.com/ Gruyere Cheesy Web App:google-gruyere.appspot.com/ Metasploitable:sourceforge.net/projects/metasploitable/files/Metasploitable2/ Damn Vulnerable iOS App:resources.infosecinstitute.com/topics/application-security/getting-started-damn-vulnerable-ios-application/ OWASP Multillidae:github.com/webpwnized/mutillidae Online CTF’s and Games: SANS Holiday Hack 2023 and Prior:www.sans.org/mlp/holiday-hack-challenge-2023/ www.holidayhackchallenge.com/past-challenges/ CTF Time - A great list of upcoming and previous CTF’s!:ctftime.org/ UA-cam Channels: www.youtube.com/@davidbombal www.youtube.com/@NahamSec www.youtube.com/@OffByOneSecurity www.youtube.com/@_JohnHammond www.youtube.com/@ippsec www.youtube.com/@LiveOverflow/videos Free Learning Resources: SANS Free Resources - Webcasts, Whitepapers, Posters & Cheat Sheets, Tools, Internet Storm Center:www.sans.org/security-resources/ Shellphish - Heap Exploitation:github.com/shellphish/how2heap Exploit Database - Downloadable Vulnerable Apps and Corresponding Exploits:www.exploit-db.com/ Google Hacking Database (GHDB):www.exploit-db.com/google-hacking-database Google Cybersecurity Certificate:grow.google/certificates/cybersecurity/#?modal_active=none Phrack Magazine:www.phrack.org/ Kali Linux:www.kali.org/get-kali/#kali-platforms Slingshot Linux:www.sans.org/tools/slingshot/ Books & Articles: Gray Hat Hacking Series: amzn.to/3B1FeIK Hacking: The Art of Exploitation: amzn.to/3Us9Uts A Guide to Kernel Exploitation: amzn.to/3vfY8vu Smashing the Stack for Fun and Profit - Old, but a classic:inst.eecs.berkeley.edu/~cs161/fa08/papers/stack_smashing.pdf Understanding Windows Shellcode - Old, but still good:www.hick.org/code/skape/papers/win32-shellcode.pdf Great list of exploitation paper links from Shellphish!:github.com/shellphish/how2heap#other-resources // Stephen’s previous videos with David // Free Exploit development training (beginner and advanced) ua-cam.com/video/LWmy3t84AIo/v-deo.html Buffer Overflow Hacking Tutorial (Bypass Passwords): ua-cam.com/video/c2BvS2VqDWg/v-deo.html // David's SOCIAL // Discord: discord.com/invite/usKSyzb X / Twitter: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal // MY STUFF // www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos: sponsors@davidbombal.com // MENU // 00:00 - Coming Up 00:00 - Intro 01:11 - Stephen's Experience 03:10 - How to Change Careers 05:39 - How do I Become an Expert? 08:01 - Cyber Crime 12:47 - Ransomware 16:42 - Ransomware with A.I 23:15 - Bug Bounties & Disclosures 28:22 - Web Bug Bounties 33:45 - Binary Exploitation 41:18 - Patching and n-Day Exploits 48:56 - What is the Patch Level in the Target Org? 51:47 - Diffing Example 55:40 - Professional Services 01:03:34 - Exploit Sales Considerations 01:13:07 - The Golden Era of Hacking 01:15:00 - Zero to Hero 01:27:01 - OffByOneSecurity 01:37:42 - Conclusions 01:39:43 - Outro apple ios android samsung exploit exploit development zero day 0day 1day Disclaimer: This video is for educational purposes only. Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
@@SmartTecSolutionsNo, you don't need a degree to become a bug bounty hunter. You don't need any certification or qualification, and you don't need to have a specific academic background. However, having some familiarity with web development or programming languages can give you an advantage. You will likely need to learn at least the basics for some things like networking, security, programming, etc. Here are some tips for getting started with bug bounty hunting: • Read thoroughly about the architecture of the application and the security issues in applications • Learn the cyber security foundations using free online courses • Learn basic HTTP authentication, website login forms, and more • Learn SQL injection fundamentals • Learn the exact process you need to follow as a bug bounty hunter Skills suggested for Bug Bounty Hunting • Programming skills: Bug bounty hunters must be knowledgeable in programming languages like JavaScript, PHP, and Python, which are frequently used in web applications. They should also have a good understanding of web application security concepts. • Networking skills: Bug bounty hunters need to be able to scan networks for vulnerabilities. They should also be familiar with common network attacks and countermeasures. • Security tools: Bug bounty hunters should be knowledgeable about security technologies, including vulnerability scanners, penetration testing frameworks, debuggers, and reverse engineering tools. • Research skills: Bug bounty hunters need to be able to research vulnerabilities and find new targets. They should also be able to stay up-to-date on the latest security threats. • Communication skills: Bug bounty hunters need to be able to communicate effectively with security teams. They should be able to explain their findings in a clear and concise way. In addition to these technical skills, bug bounty hunters also need to have a strong work ethic and be able to work independently. They should also be able to learn new things quickly and adapt to new challenges. Resources for getting started: If you are interested in becoming a bug bounty hunter, there are a number of resources available to help you get started. There are also a number of bug bounty programs that you can participate in. Here are some of the resources that you can use to get started with bug bounty: • Bugcrowd: This is a popular bug bounty platform that offers a variety of programs for different levels of experience. • HackerOne: This is another popular bug bounty platform that offers a variety of programs for different levels of experience. • OWASP: This organization provides a number of resources on web application security, including a list of common vulnerabilities. • PortSwigger Academy: This online training platform offers a number of courses on web application security, including bug bounty hunting.
the next 3pstein blackmail ring. in cyberpunk 2077. they just need ai justice system. dammit. wich may work way better than the current one. the elite in geo of the elite are grey that just goes 4 power.
The people saying your content is “too simple” already have the knowledge to determine what they need to know. Thanks for making content that’s easy to understand. And for having conversations with interesting well spoken professionals in the field.
This guy's craaaazy! You can see his passion in his facial expressions, his tone of voice (and that he probably didn't blink for 90') and his blunt honesty! Congrats to both! Awesome stuff! Keep it coming!❤
I do like his 'cadence' throughout the interview - he's done these things a few times before. Also, the interviewer is always on point and well researched- the combo makes for a fantastically juicy educational many minutes I've not minded giving up. , You know, like, sometimes you walk away to use the urinal (you all do get outta your chairs to use the washroom - in the washroom right?)..pivot ...kicking the chair outta the way, basking in your strength and skills - except for the actual getting up part where a big grunt and groan assisted plenty to complete the task- anyway, as you pinch that bladder so to not dribble prior to engaging your target 🎯 at least the rim of the toilet recollecting upon your past moments of life. There's a very high percentage, historically where you'd scolded yourself for wasting those precious seconds, minutes, hours....this time... Different...their chemistry purculates nicely, letting off a sweet aroma...can you smell it? Like a fresh ground/ pressed cup of your favorite coffee beans. Their oils bursting into the air, the molecules catching a ride on the atoms of the many other chemicals- oxygen,hydrogen, some carbon...some dioxides...free loaders hitchhiking their ways into your flared nostrils 👃 awaiting invitingly the plethora of pleasantries..you let out a breath so to make room for another hit of that intoxicating marvelous bold sweet woody aroma. A brief moment your eyes shut- lasting yet not long enough. You are in eternal bliss for that second or two. Time well spent/not wasted.
This video is so interesting. I'm currently studying ISC2 CC and hoping to take the exam in the next few weeks. Looking forward to starting my career path, even though I am entering the cybersecurity career late (I'm 49, 50 in February).
@@lonster6865 I'm just going to do it and then find out. Doesn't hurt to try it. I just want to be working in a job where I'm warm, not working where I have to deal with customers.
Simon Sims did great work. The hardest part about overcoming plateaus is related to repurposing the energies which are required for the development of new strategies and not overworking the same patterns of behavior. It is probably best to find a way to take less from the same resource while considering other skills which can improve the likelihood of breaking from poorer behaviors.
I wish I knew this guy. I'm learning stuff slowly but I've been learning solo, and going at it blind. Not only new to networking. But learning the capabilities of hacking and coding, and Linux in general. And man, I know I've got something important, I just don't know what it actually means. It's a total brain scrambling situation.
Your not alone. He's likely reachable. Reach out, introduce yourself. That's what I do. I've met a lot of folks. They're all really great people. Even if they may bite your head off. Their exceptional people. I laugh with all of them. You can say it's a small world, where everyone really does know everyone. .
Wow, I have been doing IT for 25 years and this was like am I noob lol! I think I will have to crawl first before I try running. Thanks for the new prospective.
I’d like to see a video about reading and understand the rules to bug bounties. There’s a lot of in scope and out of scope instructions that as a new bug bounty hunter might find hard to understand and knowing what is legal and illegal.
„The big opportunity, depending on where you are located“ is like telling people without a somewhat solid education, to go out and try to find mistakes from people with such education. I dont say it never happens but the odds seem pretty against one site of that equation.
Excellent guest within the first 23 minutes, he made the best point of all. Just keep at it and if your heart in it with hard work, my dad says work, as opposed to hard, if you really want it, you will be successful. Not 100% guaranteed but damn close! Read the book 10,000 hours.
Thanks for this David, I am 30 years old and really enjoy videos like this. I am trying to get into bug bounties, and break into the ethical hacking field. I have no experience in tech, but am willing to go all in and learn this stuff, as it’s very interesting and I’m in need of a career switch, any advice or words from you would be much appreciated! Your content has truly inspired me to believe this is possible for me!
with zero experience you should get some sysadnin certificate for Linux. It will teach you more about file systems, networking, services, etc than you would ever learn other ways. Writing certifications and training materials, I had to become more well rounded. I used to say in my classes, "Miyamoto Musashi was probably the greatest swordsman to ever live. He was asked about the secret to becoming a great swordsman and he replied it is not 1 thing, but 1000 things. Being a great sysadmin is knowing not 1 thing but 1000 things. Being great at security is knowing 1000 things about 1000 things." Decompiling like this video suggests requires programming skills that are super advanced, it is knowing 1000 things about 100 things.
@@k_usuan comptia sort of works if you want into sysadmin. you should make a full network and practice sharing files between Linux and windows. do it the windows way, windows host and the Linux way, with cifs and possibly nfs. set up a WAMP and a LAMP machine, (or use nginx) then attack the systems. Apply as a Jr network admin, work towards a bigger cert while you apply. You could volunteer at places 10 hours a month so you apply "with experience." I made six figure income as a network admin.
Excellent guest within the first 23 minutes, he made the best point of all. Just keep at it and if your heart in it with hard work, my dad says work, as opposed to hard, if you really want it, you will be successful. Not 100% guaranteed but damn close! Read the book 10,000 hours. As I love to say nothing worth having comes easy or overnight.
1:15:05 "I stuck with the dog theme, [...] and over on the right, that dog is beefed up, and how do you get there?" WIth photoshop, hopefully, because HOLY MOLY, what a dog! 🤣 But great presentation and very informative. I've always wondered about these things and about how safe you are as a hacker, and yeah, you have to be sensible and careful. I loved the moment Stephen was talking about a guy who could hack insulin pumps and pacemaker, and said out loud what it would do and immediately followed it up by saying he wouldn't know anything about that 🤣Whether that is true or not, that is a great follow up 🤣
Yea a python memory scanner for a 16 digit number that use the luhns algorithm and to save 80 bytes on each side and search for date code. Was easy with AI to Easy.
I am not sure if anyone can answer this, and I am somewhat embarrassed to say, but I am 70 years old and just starting a website. Am I too old to get started, or is there still a chance for me to succeed in this venture? I would appreciate any advice or encouragement you can provide.
These two are beyond top-notch. Thanks guys! Could you ever touch on Kali Linux and the best books to teach for certifications and which to go for first etc. Thanks.
Great stuff as always on this amazing channel! However, some of the AI fear mongering just got me. What kind of ran-som-wa-re, related to your discussion, would an AI be able to code that a skilled ransomware coder (at the age of 16 or 55 years old.. :/ ) would not be able to? And, whatever the technology available; is it not (as always) the willingness, funds and determination to do "bad" (bad in "" as also this is a matter of definition and circumstance..) that is the driving factor? You see, world is full of capable programmers, AI and human.. the problem is that most of us simply find creating a program like that flipping disgusting - even if we easily can..
Fantastic work, David! I couldn't help but notice a minor detail - there seems to be a slight echo from your microphone picking up Stephen's audio. Thank you so much for your dedication and the great content you provide!
Is it bad that im transitioning in to cybersecurity being that im in my late 30s. In 13 months out from getting my cybersecurity degree. Yes i fully realize im still a noob and by no means have much experience in the field. Im definitely a hands-on learner!! Any recommendations? I will also start studying and taking practice exams for my network plus cert...this summer semester 2 of my courses are security fundamentals and principles for information assurance.
Hi Mr. Bombal! Could Mr. Sims talk about "higher level" OSINT stuff like: - image processing, geolocation, visual analysis, - timelapse reconstruction, 3D-reconstruction, - AI-enlarged close-up of the item/image, digital reconstruction (of the image), dimensional analysis, etc. Stuff used in law enforcement - tracking criminals and rescuing lost/kidnapped people. Thanks for your consideration!
@davidbombal first explain all the commands and teach a programme launge like python and golang and make their own tools fir hacking and hacking some ctf and giving partcical examples of other attacks that you could do with a mobile phone make this mostly a non root series but if you need root to do something make video about it if it's important
I don't know why I love the "Baby Boy" movie reference, mayber cause I just watched it..😅 nah but thanks for the content, it really opened my mind to the dark web and the clear web in a matter of whats possible from a hacker point of view.."Gunz N Butter" 😅
Hey David . H r u? I have a question. Can I learn cyber security without have a good pc. I have celeron laptop. Can I learn on the cloud? It would be helpful if you can Please guide.
I asked chatgpt and that's what I got 1:19:29 : When choosing a laptop for cybersecurity, it's essential to look for features that support performance, portability, and flexibility, as you’ll likely be running virtual machines (VMs), performing network analysis, and perhaps doing some light coding or compiling. Here are some of the best options for cybersecurity students: 1. Dell XPS 15 or XPS 13 Specs: Intel Core i7 or i9, 16-32GB RAM, 512GB-1TB SSD Pros: Excellent display, great battery life, lightweight, strong performance. Why it's good: It’s powerful enough for virtual machines, and the build quality is excellent for a daily driver. 2. Apple MacBook Pro (14" or 16") Specs: Apple M1/M2 Pro or Max, 16GB+ RAM, 512GB+ SSD Pros: Exceptional battery life, high-quality display, good ecosystem for UNIX-based tools (with macOS being UNIX-like). Why it's good: Many cybersecurity tools work well on macOS, and it can run multiple VMs smoothly. 3. Lenovo ThinkPad X1 Carbon or T14 Specs: Intel Core i5/i7 or AMD Ryzen, 16-32GB RAM, 512GB-1TB SSD Pros: Excellent keyboard, durable build, Linux-friendly, great for heavy multitasking. Why it’s good: ThinkPads are reliable, and Lenovo models have great compatibility with Linux if you choose to dual-boot or run Linux natively. 4. ASUS ROG Zephyrus G14 or G15 (Gaming Laptop) Specs: AMD Ryzen 9, NVIDIA GeForce GTX/RTX, 16GB+ RAM, 1TB SSD Pros: High-performance CPU and GPU, good cooling system, decent portability for a gaming laptop. Why it’s good: Great for running multiple VMs and GPU-intensive tasks, plus it’s generally well-built and fast. 5. Framework Laptop (12th Gen Intel) Specs: Intel Core i7/i5, 16-32GB RAM, customizable SSD Pros: Highly modular and upgradeable, Linux-compatible, excellent for hands-on hardware tinkering. Why it’s good: Perfect if you want a highly customizable and repairable laptop that can grow with you. 6. HP Spectre x360 or Elite Dragonfly Specs: Intel Core i7, 16GB+ RAM, 512GB SSD Pros: Stylish design, convertible, good battery life, solid performance. Why it’s good: Offers good power and portability, and the HP Elite series is often used in business environments, which might help with familiarity. Key Features to Consider RAM: At least 16GB; 32GB is ideal if you plan on running multiple virtual machines simultaneously. Storage: SSD with at least 512GB, but 1TB is better if your budget allows. Processor: Intel i7 or higher, or AMD Ryzen 7 or higher, for handling multitasking and VMs. Portability: Since you might take this laptop to classes or labs, weight and battery life are factors to consider. Linux Compatibility: Many cybersecurity tools are built for Linux, so compatibility can be useful. If you're on a budget, you might also look into refurbished models, especially high-end business laptops like older ThinkPads or Dell Latitudes, as they often offer good performance at a reduced price. Let me know if you want more on any specific laptop!
You're welcome. It really depends on you, your existing knowledge, how quickly you learn, time you allocate etc. My advice is just get started and learn as much as you can. You'll be amazed how much you can learn in one year if you learn something new every day.
@maramingalamchannel - this video gives you a roadmap for Hacking: ua-cam.com/video/_wOqpowCaW8/v-deo.html - the other videos I posted this year give you roadmaps for other areas in tech.
never give sensitive code or data to cloud based ai tools . only do it with locally ran ones. it can lead to leaks . and it has already happened to some coders . stay safe
Yes, there are several open-source AI models similar to ChatGPT that you can download and run locally. Here are some notable ones: 1. GPT-NeoX (EleutherAI) Description: GPT-NeoX is an open-source project by EleutherAI, which provides a powerful GPT-based language model you can run locally. It is designed for research and is one of the closest alternatives to OpenAI’s GPT models. Installation: Requires a strong hardware setup, as these models are large and resource-intensive. You can use GPUs for inference or train your own model. Link: GPT-NeoX 2. GPT-J (EleutherAI) Description: Another model from EleutherAI, GPT-J is a smaller, more lightweight version of GPT-NeoX and can be used for various text generation tasks. Installation: Easier to run locally than GPT-NeoX due to its smaller size. However, it still requires a good amount of computing power. Link: GPT-J 3. LLaMA (Meta) Description: LLaMA (Large Language Model Meta AI) is an open-source project by Meta. It’s lighter and efficient in comparison to many other models but can deliver competitive performance. Installation: LLaMA is optimized to run even on consumer-level hardware like a high-end PC, though having a GPU helps. Link: Not officially available for direct download, but models can be found on the web with appropriate research. 4. Alpaca (Stanford) Description: Built using Meta’s LLaMA as a base, Alpaca is fine-tuned for instruction-following tasks and designed to be a cheaper alternative to training models like ChatGPT. Installation: Works well on consumer hardware, especially with lower-end versions of the model. Link: Alpaca GitHub 5. BLOOM (BigScience) Description: BLOOM is an open-source, multilingual model developed by the BigScience initiative. It is designed for text generation in a variety of languages. Installation: Like other large language models, it requires significant computing resources, but there are smaller versions that can be run on local machines. Link: BLOOM 6. Dolly (Databricks) Description: Dolly is an open-source chatbot model similar to ChatGPT, and it was developed with cost-effective fine-tuning in mind. Installation: This model can be trained and used on relatively small hardware setups. Link: Dolly GitHub Requirements for Running Locally To run these models locally, you'll need: Hardware: A powerful CPU or a GPU (NVIDIA CUDA support is common). RAM: 16GB+ RAM is recommended for smaller models, with 32GB or more for larger ones. Python environment: Most of these models require Python, along with specific libraries such as PyTorch or TensorFlow. Setup: Most installations are done through GitHub repos, and you may need to install dependencies (like pip or conda).
steven is anonymouse is that the guys name who hides under the dark hooded clock? that's him i can tell his voice and mannerisms scream it ...very cool
Excellent video! and yep gaming is a HUGE time sink, wasted so much time on just one specific game and calculated the total hours, it was like i sat in the chair for 27 days straight , never doing that again. Thank you for this video, it has shifted my focus.
Great information, but what is not being said is that it takes a team to of cyber engineers to reverse engineer, write the exploits and chain them for those high paid bounties. Each team member has a speciality of b reversing Mobile, OS, Network, etc.. and building a custom fuzzer and writing the exploits. Those bounties are not usually paid out to a single invidual doing all of the work, but to teams and companies that have multiple engineer that specialize in those areas.
hello David, could you make content about undergraduate or postgraduate computing related courses like computer science, cybersecurity, could computing etc.. Are they really useful pros and cons. Differences between undergraduate courses and degree apprenticeships. Because, nowadays, students are paying crazy amount of money to universities especially foreign students and is it worth it ?. Personally I'm currently studying in London, at UEL.
if that's easy then other more experienced hackers have done it already....if the bounties are still there maybe their too hard for the average mr robot
Man if he has to live in a small apartment and have his computer in his living room along with everything else, and he spent that amount of time learning I think this is the wrong business to get into😅
Having money is different from flaunting money. There are several millionaires that drive a regular pick up truck wear work boots and a pair of jeans. You’d never know. For a lot of them that’s their way of public privacy, see if you don’t know what they have bc they never show it then you are less likely to try and sue them for something if you assume they have nothing worth taking🤷🏼♂️ that’s the point.
Some malware, spy app and virus is difficult to remove even after factory reset phone they came automatically don't know how I am in problem please help me . Not possible to change phone hard-disk
Why am i listening to an author who references the ross ulbright story, the well known story of how they created a distraction to get him to step away from his laptop, possibly the most famous dark web figure of all time, but doesnt have the name or the details
Stephen Sims shares his years of experience with us and shows us how we can make money hacking. But be careful - some of the options are not recommended.
// Stephen's Social //
UA-cam: www.youtube.com/@OffByOneSecurity/streams
Twitter: twitter.com/Steph3nSims
// Stephen Recommends //
Programming Tools:
Online Compiler, Visual Debugger, and AI Tutor for Python, Java, C, C++, and JavaScript:
pythontutor.com/
PyCharm - Python IDE with Great IDA Pro Support:www.jetbrains.com/pycharm/
VS Code:code.visualstudio.com/
Patch Diffing:
Windows Binary Index for Patch Diffing:winbindex.m417z.com/
BinDiff Tool for IDA Pro, Ghidra, or Binary Ninjawww.zynamics.com/bindiff.html
Diaphora Diffing Tool for IDA Prodiaphora.re/
PatchExtract for Extracting MS Patches from MSU Formatgist.github.com/wumb0/306f97dc8376c6f53b9f9865f60b4fb5
Vulnerable Things to Hack
HackSys Extreme Vulnerable Driver:github.com/hacksysteam/HackSysExtremeVulnerableDriver
WebGoat - Deliberately Insecure Application:owasp.org/www-project-webgoat/
Damn Vulnerable Web App:github.com/digininja/DVWA
Buggy Web App:itsecgames.com/
Gruyere Cheesy Web App:google-gruyere.appspot.com/
Metasploitable:sourceforge.net/projects/metasploitable/files/Metasploitable2/
Damn Vulnerable iOS App:resources.infosecinstitute.com/topics/application-security/getting-started-damn-vulnerable-ios-application/
OWASP Multillidae:github.com/webpwnized/mutillidae
Online CTF’s and Games:
SANS Holiday Hack 2023 and Prior:www.sans.org/mlp/holiday-hack-challenge-2023/ www.holidayhackchallenge.com/past-challenges/
CTF Time - A great list of upcoming and previous CTF’s!:ctftime.org/
UA-cam Channels:
www.youtube.com/@davidbombal
www.youtube.com/@NahamSec
www.youtube.com/@OffByOneSecurity
www.youtube.com/@_JohnHammond
www.youtube.com/@ippsec
www.youtube.com/@LiveOverflow/videos
Free Learning Resources:
SANS Free Resources - Webcasts, Whitepapers, Posters & Cheat Sheets, Tools, Internet Storm Center:www.sans.org/security-resources/
Shellphish - Heap Exploitation:github.com/shellphish/how2heap
Exploit Database - Downloadable Vulnerable Apps and Corresponding Exploits:www.exploit-db.com/
Google Hacking Database (GHDB):www.exploit-db.com/google-hacking-database
Google Cybersecurity Certificate:grow.google/certificates/cybersecurity/#?modal_active=none
Phrack Magazine:www.phrack.org/
Kali Linux:www.kali.org/get-kali/#kali-platforms
Slingshot Linux:www.sans.org/tools/slingshot/
Books & Articles:
Gray Hat Hacking Series: amzn.to/3B1FeIK
Hacking: The Art of Exploitation: amzn.to/3Us9Uts
A Guide to Kernel Exploitation: amzn.to/3vfY8vu
Smashing the Stack for Fun and Profit - Old, but a classic:inst.eecs.berkeley.edu/~cs161/fa08/papers/stack_smashing.pdf
Understanding Windows Shellcode - Old, but still good:www.hick.org/code/skape/papers/win32-shellcode.pdf
Great list of exploitation paper links from Shellphish!:github.com/shellphish/how2heap#other-resources
// Stephen’s previous videos with David //
Free Exploit development training (beginner and advanced) ua-cam.com/video/LWmy3t84AIo/v-deo.html
Buffer Overflow Hacking Tutorial (Bypass Passwords): ua-cam.com/video/c2BvS2VqDWg/v-deo.html
// David's SOCIAL //
Discord: discord.com/invite/usKSyzb
X / Twitter: twitter.com/davidbombal
Instagram: instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
// MY STUFF //
www.amazon.com/shop/davidbombal
// SPONSORS //
Interested in sponsoring my videos: sponsors@davidbombal.com
// MENU //
00:00 - Coming Up
00:00 - Intro
01:11 - Stephen's Experience
03:10 - How to Change Careers
05:39 - How do I Become an Expert?
08:01 - Cyber Crime
12:47 - Ransomware
16:42 - Ransomware with A.I
23:15 - Bug Bounties & Disclosures
28:22 - Web Bug Bounties
33:45 - Binary Exploitation
41:18 - Patching and n-Day Exploits
48:56 - What is the Patch Level in the Target Org?
51:47 - Diffing Example
55:40 - Professional Services
01:03:34 - Exploit Sales Considerations
01:13:07 - The Golden Era of Hacking
01:15:00 - Zero to Hero
01:27:01 - OffByOneSecurity
01:37:42 - Conclusions
01:39:43 - Outro
apple
ios
android
samsung
exploit
exploit development
zero day
0day
1day
Disclaimer: This video is for educational purposes only.
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
i wouldnt care which government is out there to screw my government over, know youre enemy.
Do I need a computer science degree to get into bug bunty
@@SmartTecSolutionsNo, you don't need a degree to become a bug bounty hunter. You don't need any certification or qualification, and you don't need to have a specific academic background. However, having some familiarity with web development or programming languages can give you an advantage. You will likely need to learn at least the basics for some things like networking, security, programming, etc.
Here are some tips for getting started with bug bounty hunting:
• Read thoroughly about the architecture of the application and the security issues in applications
• Learn the cyber security foundations using free online courses
• Learn basic HTTP authentication, website login forms, and more
• Learn SQL injection fundamentals
• Learn the exact process you need to follow as a bug bounty hunter
Skills suggested for Bug Bounty Hunting
• Programming skills: Bug bounty hunters must be knowledgeable in programming languages like JavaScript, PHP, and Python, which are frequently used in web applications. They should also have a good understanding of web application security concepts.
• Networking skills: Bug bounty hunters need to be able to scan networks for vulnerabilities. They should also be familiar with common network attacks and countermeasures.
• Security tools: Bug bounty hunters should be knowledgeable about security technologies, including vulnerability scanners, penetration testing frameworks, debuggers, and reverse engineering tools.
• Research skills: Bug bounty hunters need to be able to research vulnerabilities and find new targets. They should also be able to stay up-to-date on the latest security threats.
• Communication skills: Bug bounty hunters need to be able to communicate effectively with security teams. They should be able to explain their findings in a clear and concise way.
In addition to these technical skills, bug bounty hunters also need to have a strong work ethic and be able to work independently. They should also be able to learn new things quickly and adapt to new challenges.
Resources for getting started:
If you are interested in becoming a bug bounty hunter, there are a number of resources available to help you get started. There are also a number of bug bounty programs that you can participate in.
Here are some of the resources that you can use to get started with bug bounty:
• Bugcrowd: This is a popular bug bounty platform that offers a variety of programs for different levels of experience.
• HackerOne: This is another popular bug bounty platform that offers a variety of programs for different levels of experience.
• OWASP: This organization provides a number of resources on web application security, including a list of common vulnerabilities.
• PortSwigger Academy: This online training platform offers a number of courses on web application security, including bug bounty hunting.
@@SmartTecSolutions No, just critical thinking skills for coding and logic through years of sheer determination .. no shortcuts
the next 3pstein blackmail ring. in cyberpunk 2077. they just need ai justice system. dammit. wich may work way better than the current one. the elite in geo of the elite are grey that just goes 4 power.
The people saying your content is “too simple” already have the knowledge to determine what they need to know. Thanks for making content that’s easy to understand. And for having conversations with interesting well spoken professionals in the field.
This guy's craaaazy! You can see his passion in his facial expressions, his tone of voice (and that he probably didn't blink for 90') and his blunt honesty!
Congrats to both! Awesome stuff! Keep it coming!❤
Been following this guys channel but damn he got a small audience. Yet with gold content
Those Adderall eyes.😃👀👁👁
The hair 😂 idk if I’m buying all of it though who is a hacker that can’t think of DREAD? and vpn on tor?? Tf?
@@piusgabula sure, but, anyone could pull that off...you said it yourself... all the info is online.
I do like his 'cadence' throughout the interview - he's done these things a few times before. Also, the interviewer is always on point and well researched- the combo makes for a fantastically juicy educational many minutes I've not minded giving up. , You know, like, sometimes you walk away to use the urinal (you all do get outta your chairs to use the washroom - in the washroom right?)..pivot ...kicking the chair outta the way, basking in your strength and skills - except for the actual getting up part where a big grunt and groan assisted plenty to complete the task- anyway, as you pinch that bladder so to not dribble prior to engaging your target 🎯 at least the rim of the toilet recollecting upon your past moments of life. There's a very high percentage, historically where you'd scolded yourself for wasting those precious seconds, minutes, hours....this time... Different...their chemistry purculates nicely, letting off a sweet aroma...can you smell it? Like a fresh ground/ pressed cup of your favorite coffee beans. Their oils bursting into the air, the molecules catching a ride on the atoms of the many other chemicals- oxygen,hydrogen, some carbon...some dioxides...free loaders hitchhiking their ways into your flared nostrils 👃 awaiting invitingly the plethora of pleasantries..you let out a breath so to make room for another hit of that intoxicating marvelous bold sweet woody aroma. A brief moment your eyes shut- lasting yet not long enough. You are in eternal bliss for that second or two. Time well spent/not wasted.
WHOA!!!!! I'm just using a tiny piece of what he talked about and I'm seeing some crazy skill and ability expansion! Loving it!!!
Excellent video as always, great job David.
Appreciate that! Thanks again!
@davidbombal no worries. Also, for the bug bounties, intigriti have excellent staff.. not too sure about hackerone
This video is so interesting. I'm currently studying ISC2 CC and hoping to take the exam in the next few weeks. Looking forward to starting my career path, even though I am entering the cybersecurity career late (I'm 49, 50 in February).
Nice man. I'm 50 and thinking about doing it. Just not sure if I'm too old to be hired?
@@lonster6865 I'm just going to do it and then find out. Doesn't hurt to try it. I just want to be working in a job where I'm warm, not working where I have to deal with customers.
@@lonster6865NEVER too old to do what you LOVE! 😅
@@lonster6865Nobody is too old and nobody is too young to start something
How many months did it take you to study ISC2 ??
Simon Sims did great work. The hardest part about overcoming plateaus is related to repurposing the energies which are required for the development of new strategies and not overworking the same patterns of behavior. It is probably best to find a way to take less from the same resource while considering other skills which can improve the likelihood of breaking from poorer behaviors.
Please one video with Zaid Sabih (Zsecurity) 🙏🙏🙏🙏
Agree
You mean that faker one who teaches you early 2000s stuff that would barely work on modern systems? 😂
Pleaseeee
@@AGASTRONICS no he's a fraud
@@impostorsyndrome1350 You mean I
I wish I knew this guy. I'm learning stuff slowly but I've been learning solo, and going at it blind. Not only new to networking. But learning the capabilities of hacking and coding, and Linux in general. And man, I know I've got something important, I just don't know what it actually means. It's a total brain scrambling situation.
Your not alone. He's likely reachable. Reach out, introduce yourself. That's what I do. I've met a lot of folks. They're all really great people. Even if they may bite your head off. Their exceptional people. I laugh with all of them. You can say it's a small world, where everyone really does know everyone. .
Wow, I have been doing IT for 25 years and this was like am I noob lol! I think I will have to crawl first before I try running. Thanks for the new prospective.
I’d like to see a video about reading and understand the rules to bug bounties. There’s a lot of in scope and out of scope instructions that as a new bug bounty hunter might find hard to understand and knowing what is legal and illegal.
Precisely.
„The big opportunity, depending on where you are located“ is like telling people without a somewhat solid education, to go out and try to find mistakes from people with such education. I dont say it never happens but the odds seem pretty against one site of that equation.
Such a humble guest. You both are such great mentors to the community.
I don’t have any friends or social life… where do I start?
The park, gym, and local events are good places to start.
LOL, Me too.😂😂
Usb stuff is easy a start with that then find what way u want to go
Excellent guest within the first 23 minutes, he made the best point of all. Just keep at it and if your heart in it with hard work, my dad says work, as opposed to hard, if you really want it, you will be successful. Not 100% guaranteed but damn close! Read the book 10,000 hours.
Stephen Sims is the only guy I have seen until now who has not allowed David Bombal to utter a word. Such a remarkable guy../😆😅
Thanks for this David, I am 30 years old and really enjoy videos like this. I am trying to get into bug bounties, and break into the ethical hacking field. I have no experience in tech, but am willing to go all in and learn this stuff, as it’s very interesting and I’m in need of a career switch, any advice or words from you would be much appreciated! Your content has truly inspired me to believe this is possible for me!
with zero experience you should get some sysadnin certificate for Linux. It will teach you more about file systems, networking, services, etc than you would ever learn other ways. Writing certifications and training materials, I had to become more well rounded. I used to say in my classes, "Miyamoto Musashi was probably the greatest swordsman to ever live. He was asked about the secret to becoming a great swordsman and he replied it is not 1 thing, but 1000 things. Being a great sysadmin is knowing not 1 thing but 1000 things. Being great at security is knowing 1000 things about 1000 things." Decompiling like this video suggests requires programming skills that are super advanced, it is knowing 1000 things about 100 things.
I'm 31, and I just started in IT about 4 years ago. It's a lot, and you have to keep learning.
How do you get into the sys adm . Can a comptia a + or sec get me in ?
@@k_usuan comptia sort of works if you want into sysadmin. you should make a full network and practice sharing files between Linux and windows. do it the windows way, windows host and the Linux way, with cifs and possibly nfs. set up a WAMP and a LAMP machine, (or use nginx) then attack the systems. Apply as a Jr network admin, work towards a bigger cert while you apply. You could volunteer at places 10 hours a month so you apply "with experience." I made six figure income as a network admin.
@@RorschachRevthanks for the advice will take this to heart!
Stephen is my favorite guest, hands down.
Very enjoying. Thank you so much David bombal sir for giving us such valuable content. May you live long David sir❤❤❤
Thank you very much!
This was top notch informative and great insights into last vulnerabilities. Thank you, Gentlemen
Wooow this guy is so knowledgeable . Yet another great video thank you 😁😁😁
Been loving these videos with Stephen! Extremely inspiring what you can learn and do
Glad you like them!
That was a really nice interview! Thank you both for sharing 😀
Excellent guest within the first 23 minutes, he made the best point of all. Just keep at it and if your heart in it with hard work, my dad says work, as opposed to hard, if you really want it, you will be successful. Not 100% guaranteed but damn close! Read the book 10,000 hours.
As I love to say nothing worth having comes easy or overnight.
1:15:05 "I stuck with the dog theme, [...] and over on the right, that dog is beefed up, and how do you get there?"
WIth photoshop, hopefully, because HOLY MOLY, what a dog! 🤣
But great presentation and very informative. I've always wondered about these things and about how safe you are as a hacker, and yeah, you have to be sensible and careful. I loved the moment Stephen was talking about a guy who could hack insulin pumps and pacemaker, and said out loud what it would do and immediately followed it up by saying he wouldn't know anything about that 🤣Whether that is true or not, that is a great follow up 🤣
0:01 Zerodium? I thought that was the Periodic Table . . . for Hackers!
Amazing amazing content David, you are building a world class Cyber Platform
Yea a python memory scanner for a 16 digit number that use the luhns algorithm and to save 80 bytes on each side and search for date code. Was easy with AI to Easy.
Brilliant video, you nailed every detail. I’ve been trying to follow this format for my own channel.
I would NOT say your content is to simple.
As always your videos and your guests are awesome! Thank you so much for sharing!
I have a question about what security priority is appropriate for Linux vs Windows vs Mac OS
I am not sure if anyone can answer this, and I am somewhat embarrassed to say, but I am 70 years old and just starting a website. Am I too old to get started, or is there still a chance for me to succeed in this venture? I would appreciate any advice or encouragement you can provide.
I'm 59 studying cybersecurity you can do it sir.
You can do it. Let not the aysayers tell you otherwise.
These two are beyond top-notch. Thanks guys! Could you ever touch on Kali Linux and the best books to teach for certifications and which to go for first etc. Thanks.
Great stuff as always on this amazing channel! However, some of the AI fear mongering just got me. What kind of ran-som-wa-re, related to your discussion, would an AI be able to code that a skilled ransomware coder (at the age of 16 or 55 years old.. :/ ) would not be able to? And, whatever the technology available; is it not (as always) the willingness, funds and determination to do "bad" (bad in "" as also this is a matter of definition and circumstance..) that is the driving factor? You see, world is full of capable programmers, AI and human.. the problem is that most of us simply find creating a program like that flipping disgusting - even if we easily can..
54:48 what diff tools are you using ?
Fantastic work, David! I couldn't help but notice a minor detail - there seems to be a slight echo from your microphone picking up Stephen's audio. Thank you so much for your dedication and the great content you provide!
How do I get in the ethical hacker field?
I’m currently studying CompTIA A+ and it is so boring.
Gotta crawl before walking. After u get the cert, go for security +
& towards the end of your A+ curriculum they touch on very basic hacking.
@@Notme-le3qt that’s true! 80% of the stuff being covered in the course it’s so basic. That’s why it’s boring to me.
Is it bad that im transitioning in to cybersecurity being that im in my late 30s. In 13 months out from getting my cybersecurity degree. Yes i fully realize im still a noob and by no means have much experience in the field. Im definitely a hands-on learner!! Any recommendations? I will also start studying and taking practice exams for my network plus cert...this summer semester 2 of my courses are security fundamentals and principles for information assurance.
Thank you for your awesome content and guests!
You're welcome! Thank you for watching!
watched it all, Bro is really smart, looks like a Dark Version of EMINEM but for Hacking.. really cool! thanks for everything you shared here!👌👌
First time reading through some of these comments, and yours made me laugh. I gotta listen to some Slim Shady now!
Hi Mr. Bombal!
Could Mr. Sims talk about "higher level" OSINT stuff like:
- image processing, geolocation, visual analysis,
- timelapse reconstruction, 3D-reconstruction,
- AI-enlarged close-up of the item/image, digital reconstruction (of the image), dimensional analysis, etc.
Stuff used in law enforcement - tracking criminals and rescuing lost/kidnapped people.
Thanks for your consideration!
found anything
Great video as always, really just had to watch the full video before going to sleep even if it was 1 am. Good job David and Stephen.❤
David thank you for this insightful interview. This lad is amazing!
30 seconds in and we are already talking about pissing off interpol.
Zerodium reminds me of when Kevin Mitnik was there and how he refused to tell an interviewer about some zero-day exploits😂..
Great Video , Really keep going David I'm big fan for your channel and videos , Please need more podcasts ! :)
Love your video, sir and
Please make a full series on termux
Thank you! What do you want to see in termux videos.
@davidbombal first explain all the commands and teach a programme launge like python and golang and make their own tools fir hacking and hacking some ctf and giving partcical examples of other attacks that you could do with a mobile phone make this mostly a non root series but if you need root to do something make video about it if it's important
It took me all day to watch but I watched it from start to finish. Very cool and informative video.
Mr.stephen I think you should make a complete video on this topic..
I don't know why I love the "Baby Boy" movie reference, mayber cause I just watched it..😅 nah but thanks for the content, it really opened my mind to the dark web and the clear web in a matter of whats possible from a hacker point of view.."Gunz N Butter" 😅
What’s “Baby Boy” about ?
@@alexdnaz a movie with Tyrese Gibson
Dr. S.S, you have an amazing vibe about you, , and your aura snever seeems to dim or flicker it tays on bright
This was really great, Stephen is a really cool guy!
Related sad news, recently UA-cam's Institute for Human Anatomy, a well-loved channel was hacked! Lord have mercy!
Sorry to hear... Unfortunately, NOTHING is really secure!
Hey David . H r u? I have a question. Can I learn cyber security without have a good pc. I have celeron laptop. Can I learn on the cloud? It would be helpful if you can Please guide.
I asked chatgpt and that's what I got 1:19:29 : When choosing a laptop for cybersecurity, it's essential to look for features that support performance, portability, and flexibility, as you’ll likely be running virtual machines (VMs), performing network analysis, and perhaps doing some light coding or compiling. Here are some of the best options for cybersecurity students:
1. Dell XPS 15 or XPS 13
Specs: Intel Core i7 or i9, 16-32GB RAM, 512GB-1TB SSD
Pros: Excellent display, great battery life, lightweight, strong performance.
Why it's good: It’s powerful enough for virtual machines, and the build quality is excellent for a daily driver.
2. Apple MacBook Pro (14" or 16")
Specs: Apple M1/M2 Pro or Max, 16GB+ RAM, 512GB+ SSD
Pros: Exceptional battery life, high-quality display, good ecosystem for UNIX-based tools (with macOS being UNIX-like).
Why it's good: Many cybersecurity tools work well on macOS, and it can run multiple VMs smoothly.
3. Lenovo ThinkPad X1 Carbon or T14
Specs: Intel Core i5/i7 or AMD Ryzen, 16-32GB RAM, 512GB-1TB SSD
Pros: Excellent keyboard, durable build, Linux-friendly, great for heavy multitasking.
Why it’s good: ThinkPads are reliable, and Lenovo models have great compatibility with Linux if you choose to dual-boot or run Linux natively.
4. ASUS ROG Zephyrus G14 or G15 (Gaming Laptop)
Specs: AMD Ryzen 9, NVIDIA GeForce GTX/RTX, 16GB+ RAM, 1TB SSD
Pros: High-performance CPU and GPU, good cooling system, decent portability for a gaming laptop.
Why it’s good: Great for running multiple VMs and GPU-intensive tasks, plus it’s generally well-built and fast.
5. Framework Laptop (12th Gen Intel)
Specs: Intel Core i7/i5, 16-32GB RAM, customizable SSD
Pros: Highly modular and upgradeable, Linux-compatible, excellent for hands-on hardware tinkering.
Why it’s good: Perfect if you want a highly customizable and repairable laptop that can grow with you.
6. HP Spectre x360 or Elite Dragonfly
Specs: Intel Core i7, 16GB+ RAM, 512GB SSD
Pros: Stylish design, convertible, good battery life, solid performance.
Why it’s good: Offers good power and portability, and the HP Elite series is often used in business environments, which might help with familiarity.
Key Features to Consider
RAM: At least 16GB; 32GB is ideal if you plan on running multiple virtual machines simultaneously.
Storage: SSD with at least 512GB, but 1TB is better if your budget allows.
Processor: Intel i7 or higher, or AMD Ryzen 7 or higher, for handling multitasking and VMs.
Portability: Since you might take this laptop to classes or labs, weight and battery life are factors to consider.
Linux Compatibility: Many cybersecurity tools are built for Linux, so compatibility can be useful.
If you're on a budget, you might also look into refurbished models, especially high-end business laptops like older ThinkPads or Dell Latitudes, as they often offer good performance at a reduced price. Let me know if you want more on any specific laptop!
Sir please tell me how can I unlock bootloader of my vivo y83 smartphone?? Please
Please
please
Please
Please
Please
Stephen reminds me of “Tommy” from the TV show “Power”
Great video and brilliant!! Is it possible to learn most of the basic in one year?
You're welcome. It really depends on you, your existing knowledge, how quickly you learn, time you allocate etc. My advice is just get started and learn as much as you can. You'll be amazed how much you can learn in one year if you learn something new every day.
@@davidbombal That's true! Thank you!
@@davidbombalhow to learn? Just watching in your videos. Im new in you channel
@maramingalamchannel - this video gives you a roadmap for Hacking: ua-cam.com/video/_wOqpowCaW8/v-deo.html - the other videos I posted this year give you roadmaps for other areas in tech.
50:50 is there something more than a single pixel? R2$?
1:13:10 under that armor it's still a dog that wags its tail when it gets a treat...
thanks so much , we need more videos of Stephen , less of OTW
Whats wrong with OTW?
Whats wrong with OTW?
@@fonzkonaboey4864 this guy is a joke not a hacker as he claims
Please one video with Networkchuck 🙏
At 14 minutes into your video-that's the plot in the beekeeper movie
Good video! I love Tear you Apart -She Wants Revenge
Thanks so much David
From Ethiopia
You're welcome! And welcome Ethiopia!
Thanks David ❤
I wish you would make a video about Pwnagotchi 😊
This video is so ADHD ❤ Respect.
never give sensitive code or data to cloud based ai tools . only do it with locally ran ones. it can lead to leaks . and it has already happened to some coders . stay safe
Yes, there are several open-source AI models similar to ChatGPT that you can download and run locally. Here are some notable ones:
1. GPT-NeoX (EleutherAI)
Description: GPT-NeoX is an open-source project by EleutherAI, which provides a powerful GPT-based language model you can run locally. It is designed for research and is one of the closest alternatives to OpenAI’s GPT models.
Installation: Requires a strong hardware setup, as these models are large and resource-intensive. You can use GPUs for inference or train your own model.
Link: GPT-NeoX
2. GPT-J (EleutherAI)
Description: Another model from EleutherAI, GPT-J is a smaller, more lightweight version of GPT-NeoX and can be used for various text generation tasks.
Installation: Easier to run locally than GPT-NeoX due to its smaller size. However, it still requires a good amount of computing power.
Link: GPT-J
3. LLaMA (Meta)
Description: LLaMA (Large Language Model Meta AI) is an open-source project by Meta. It’s lighter and efficient in comparison to many other models but can deliver competitive performance.
Installation: LLaMA is optimized to run even on consumer-level hardware like a high-end PC, though having a GPU helps.
Link: Not officially available for direct download, but models can be found on the web with appropriate research.
4. Alpaca (Stanford)
Description: Built using Meta’s LLaMA as a base, Alpaca is fine-tuned for instruction-following tasks and designed to be a cheaper alternative to training models like ChatGPT.
Installation: Works well on consumer hardware, especially with lower-end versions of the model.
Link: Alpaca GitHub
5. BLOOM (BigScience)
Description: BLOOM is an open-source, multilingual model developed by the BigScience initiative. It is designed for text generation in a variety of languages.
Installation: Like other large language models, it requires significant computing resources, but there are smaller versions that can be run on local machines.
Link: BLOOM
6. Dolly (Databricks)
Description: Dolly is an open-source chatbot model similar to ChatGPT, and it was developed with cost-effective fine-tuning in mind.
Installation: This model can be trained and used on relatively small hardware setups.
Link: Dolly GitHub
Requirements for Running Locally
To run these models locally, you'll need:
Hardware: A powerful CPU or a GPU (NVIDIA CUDA support is common).
RAM: 16GB+ RAM is recommended for smaller models, with 32GB or more for larger ones.
Python environment: Most of these models require Python, along with specific libraries such as PyTorch or TensorFlow.
Setup: Most installations are done through GitHub repos, and you may need to install dependencies (like pip or conda).
steven is anonymouse is that the guys name who hides under the dark hooded clock? that's him i can tell his voice and mannerisms scream it ...very cool
Thanks David!
Was waiting for it
Excellent video! and yep gaming is a HUGE time sink, wasted so much time on just one specific game and calculated the total hours, it was like i sat in the chair for 27 days straight , never doing that again. Thank you for this video, it has shifted my focus.
The insert at 21:30 is Budapest and not Bucharest.
Great information, but what is not being said is that it takes a team to of cyber engineers to reverse engineer, write the exploits and chain them for those high paid bounties. Each team member has a speciality of b reversing Mobile, OS, Network, etc.. and building a custom fuzzer and writing the exploits. Those bounties are not usually paid out to a single invidual doing all of the work, but to teams and companies that have multiple engineer that specialize in those areas.
hello David, could you make content about undergraduate or postgraduate computing related courses like computer science, cybersecurity, could computing etc.. Are they really useful pros and cons. Differences between undergraduate courses and degree apprenticeships. Because, nowadays, students are paying crazy amount of money to universities especially foreign students and is it worth it ?. Personally I'm currently studying in London, at UEL.
Great video, lots of great insight and truths. It gives me something to think about but I do agree continuing to study is a must.
Wow you're making a lot of content. Thank you
What stopping you from selling both to the government and them ?
Please suggest some books for web hacking
how much is for anonymous reward
Imagine VPNing into TOR
How many times to learn ethical hacking from a beginner.
if that's easy then other more experienced hackers have done it already....if the bounties are still there maybe their too hard for the average mr robot
This guy reminds me of myself. I like this guy even though I am not in the industry. I can relate to him on so many levels. That is why he made it.
You and your friends have killed hacking by what you guys have implemented in the last 10 years; you guys literally brought orwell to life
Just what I needed thanks Mr Bombal
I think this was a good video with good content. The problem is who has $8,000 to $10,000 dollars to be able to take a Sans course?
Thanks🎉 David I’m from Algeria
Guns & Butter. I love Baby Boy 😁😂
I just signed up for 3 free Sans courses I want to intern there so bad!!
Man if he has to live in a small apartment and have his computer in his living room along with everything else, and he spent that amount of time learning I think this is the wrong business to get into😅
Having money is different from flaunting money. There are several millionaires that drive a regular pick up truck wear work boots and a pair of jeans. You’d never know. For a lot of them that’s their way of public privacy, see if you don’t know what they have bc they never show it then you are less likely to try and sue them for something if you assume they have nothing worth taking🤷🏼♂️ that’s the point.
Its true my grandpa own apartments but he look like a regular person (rip grandpa)
30:13 Lol, it's "bread and butter"...
Some malware, spy app and virus is difficult to remove even after factory reset phone they came automatically don't know how I am in problem please help me . Not possible to change phone hard-disk
Next please interview Jim Browning
absolutely fantastic presentation
I wouldn't accept all of the money on the planet if it meant I betrayed my people.
Silk Road guy I think…he was at the library
Wow, great video
Still on it thou 💯💯💯 thanks 😊
You’re welcome 😊
Podcast with Ryan Montgomery
Very interesting listening to him. Thanks
Yes Dread is still onn.
Why am i listening to an author who references the ross ulbright story, the well known story of how they created a distraction to get him to step away from his laptop, possibly the most famous dark web figure of all time, but doesnt have the name or the details