Pas d'actualité

Soutenez No Hack Me sur Tipeee

L'Actu de la veille

Reverse Engineering LAB Setup Tutorial (updated)
If you are just getting started with reverse engineering this the place to start. In this tutorial we provide an overview the current setup that we currently run, this is also the same setup used in all of our live streams and tutorials. The full notes for this tutorial are unlocked for everyone on our Patreon including links to all of the tools mentioned https://www.patreon.com/posts/101718688 ----- OALABS DISCORD https://discord.gg/6h5Bh5AMDU OALABS PATREON https://www.patreon.com/oalabs Twitch https://www.twitch.tv/oalabslive OALABS GITHUB https://github.com/OALabs UNPACME - AUTOMATED MALWARE UNPACKING https://www.unpac.me/#/ -----
https://www.youtube.com/watch?v=adAr0KBJm4U
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Paige Hanson reminds us, "Cyber Education careers aren't just in Law Enforcement!" | Cyber Work
Paige Hanson, Co-founder of Secure Labs, told a White-Collar Crime class at the University of Arizona, "Don't forget to look for Cybersecurity careers in unconventional places - it's more than just law enforcement and legal sectors!" Paige's full episode helps listeners get started in a career in Cybersecurity Education.
https://www.youtube.com/watch?v=GvgF1vYmjP8
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Hackers Abuse MeshCentral for a RAT
https://jh.live/feedly || Use Feedly's new Vulnerability Dashboard to keep tabs on new CVEs, available PoCs, exploitation in the wild and so much more -- filtering out the noise & getting the threat intel that matters to you: https://jh.live/feedly Learn Cybersecurity with Just Hacking Training: https://justhacking.com Learn Coding: https://jh.live/codecrafters Don't listen to other "influencer" VPN crap -- host YOUR OWN: https://jh.live/openvpn WATCH MORE: Dark Web & Cybercrime Investigations: https://www.youtube.com/watch?v=_GD5mPN_URM&list=PL1H1sBF1VAKVmjZZr162aUNCt2Uy5ozAG&index=4 Malware & Hacker Tradecraft: https://www.youtube.com/watch?v=LKR8cdfKeGw&list=PL1H1sBF1VAKWMn_3QPddayIypbbITTGZv&index=5 📧JOIN MY NEWSLETTER ➡ https://jh.live/email 🙏SUPPORT THE CHANNEL...
https://www.youtube.com/watch?v=2KdoTpFnV1g
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

L'Actu à J-2

Why did Zac Make CS420? #gamehacking
🔥 Listen to our podcast to learn more: https://www.youtube.com/playlist?list=PLt9cUwGw6CYFYCKTSfhIgvZmsjR2647-E 👨‍💻 Buy Our Courses: https://guidedhacking.com/register/ 💰 Donate on Patreon: https://patreon.com/guidedhacking ❤️ Follow us on Social Media: https://linktr.ee/guidedhacking ✏️ Tags: #gamehacking #cheatengine #reverseengineering game hacking tutorials CS420 game hackers guidedhacking.com cs420 game hacking course guidedhacking guidedhacking.com game hackers guided hacking
https://www.youtube.com/watch?v=TZ4I98NINmU
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Navigating cybersecurity careers: Non-traditional roles to consider | Guest Paige Hanson
Get your FREE 2024 Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcast Paige Hanson from SecureLabs discusses identity theft management and her extensive experience as a security communicator. With nearly 20 years in consumer and digital safety, Paige shares insights on pursuing a cybersecurity career and offers guidance for those interested in non-traditional security roles. Join us to learn about the current IT job market, key certifications and strategies for entering the industry. Discover how Paige transitioned from tech interests to a leading role in cybersecurity education, and explore job opportunities beyond traditional paths. View Cyber Work Podcast transcripts and...
https://www.youtube.com/watch?v=76pjD-hE0D0
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Amazon Paid Hackers .1M+ in Bounties (h1-0131 vlog)
LIKE and SUBSCRIBE with NOTIFICATIONS ON if you enjoyed the video! 👍 📚 If you want to learn bug bounty hunting from me: https://bugbounty.nahamsec.training 💻 If you want to practice some of my free labs and challenges: https://app.hackinghub.io 💵 FREE 0 DigitalOcean Credit: https://m.do.co/c/3236319b9d0b 🔗 LINKS: 📖 MY FAVORITE BOOKS: Bug Bounty Bootcamp: The Guide to Finding and Reporting Web Vulnerabilities -https://amzn.to/3Re8Pa2 Hacking APIs: Breaking Web Application Programming Interfaces - https://amzn.to/45g4bOr Black Hat GraphQL: Attacking Next Generation APIs - https://amzn.to/455F9l3 🍿 WATCH NEXT: If I Started Bug Bounty Hunting in 2024, I'd Do this - https://youtu.be/z6O6McIDYhU 2023 How to Bug Bounty - https://youtu.be/FDeuOhE5MhU Bug Bounty Hunting...
https://www.youtube.com/watch?v=SdDEgvPahUY
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

L'Actu des jours précédents

Phone breaches: The AT&T data breach | Hacker Headlines
Your phone is an essential part of your life. But what happens when your phone provider is hacked? How do you keep yourself secure after a potential data leak from one of your most used devices? This was the challenge faced by AT&T customers in July 2024. In this episode of Hacker Headlines, Infosec's VP of Product Portfolio and AI Strategy, Keatron Evans, explains this AT&T data breach, how it happened and how to protect yourself if your data is leaked. Learn more about Hacker Headlines and the Infosec IQ security awareness platform by scheduling your demo today: https://www.infosecinstitute.com/form/iq-demo/?utm_source=youtube&utm_medium=video&utm_campaign=hacker%20headlines&utm_content=att About the Series: Cybersecurity is constantly evolving, and continuous...
https://www.youtube.com/watch?v=-c0mSk8qR10
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Hacking ARP with Python and Kali Linux (and capture passwords)
Big thanks to Brilliant for sponsoring this video! To try everything Brilliant has to offer for free for a full 30 days and 20% discount visit: https://Brilliant.org/DavidBombal It's so easy to hack badly configured networks using Kali Linux. Both Wifi and Ethernet networks rely on protocols such as Address Resolution Protocol (ARP) to function, but they can be easily manipulated using Kali Linux and a Python script. The Cisco CCNA course discusses this topic and explains how to use Dynamic ARP Inspection (DAI) to stop these kinds of attacks. I highly recommend that you learn Python - it will give you great power (but with great power comes great responsibility). Make sure you have configured your networks securely! Otherwise, look at how simple it is to hack networks using Kali Linux...
https://www.youtube.com/watch?v=qMnPgJoF5YE
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Living off Microsoft Copilot- DEMO- invoice manipulation
Take a look at this short Demo before diving into the talk Living off Microsoft Copilot By Michael Bargury. Link To The Rest of This Presentation- https://www.youtube.com/watch?v=-YJgcTCSzU0&list=PLH15HpR5qRsUiLYPNSylDvlskvS_RSzee&index=6
https://www.youtube.com/watch?v=tr1tTJk32uk
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

HackerOne Live Hacking Event Recap: Las Vegas w/TikTok

https://www.youtube.com/watch?v=QYRgmBmsm_M
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Exploring GRC solutions: 'No' can still lead to possibilities w/ Dr. Shayla Treadwell | Cyber Work
Despite what you may think, Governance, Risk, and Compliance (GRC) officers don't like being "The 'No' Team." They just need to allow new tools and processes that ensure Business security and safety! In this short, Shayla discusses how a request for a tool that meets compliance requirements can take months to implement, even after you get a "Yes" and why it's important to have another solution ready.
https://www.youtube.com/watch?v=j2Qah9NUH2w
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

You need to learn this! Unlock the Power of AI (Artificial Intelligence) // FREE CCNA 200-301 Course
Big thanks to Cisco for sponsoring this video! You can access the free AI tutorial here: https://davidbombal.wiki/aitutccna // CCNA Complete Practical Course // Expect regular updates - the full course will be uploaded on my Tech Channel here: https://davidbombal.wiki/freeccnayt // Courses to look at mentioned in the video // AI For Everyone: https://www.coursera.org/learn/ai-for-everyone Introduction to TensorFlow for Artificial Intelligence, Machine Learning, and Deep Learning: https://www.coursera.org/learn/introduction-tensorflow // YouTube video REFERENCE // AI Firewalls are here! (Can your firewall do this?): https://youtu.be/n_-QuGvQXso The real world truth about AI Hacking: https://youtu.be/YZqiWFyq-OE The new AI Cyber Defense you need to know about: https://youtu.be/vI8eUH8uiMY //...
https://www.youtube.com/watch?v=oQD688R_JAo
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Who ARE game hackers? #gamehacker #gamehacking
🔥 Listen to our podcast to learn more about Zac: https://www.youtube.com/playlist?list=PLt9cUwGw6CYFYCKTSfhIgvZmsjR2647-E 👨‍💻 Buy Our Courses: https://guidedhacking.com/register/ 💰 Donate on Patreon: https://patreon.com/guidedhacking ❤️ Follow us on Social Media: https://linktr.ee/guidedhacking ✏️ Tags: #reverseengineering #gamehacking #gamehackers game hacking tutorials game hackers guidedhacking.com game hacking guidedhacking guided hacking guidedhacking.com game hackers
https://www.youtube.com/watch?v=W7mJp0K0XkU
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Protecting yourself from deepfake scams | Hacker Headlines
Video calls are common, but how do you know who you're really talking to? With the rise of AI-generated deepfakes, you might not even be able to trust your eyes and ears. One corporation even lost millions of dollars all because of one video call. In this episode of Hacker Headlines, Infosec's VP of Portfolio Product Strategy, Keatron Evans, will discuss how to spot deepfakes and AI spoofing. Learn more about Hacker Headlines and the Infosec IQ security awareness platform by scheduling your demo today: https://www.infosecinstitute.com/form/iq-demo/?utm_source=youtube&utm_medium=video&utm_campaign=hacker%20headlines&utm_content=deepfake About the Series: Cybersecurity is constantly evolving, and continuous training that tackles today's latest threats is needed to keep...
https://www.youtube.com/watch?v=XGh4bTXAFkM
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Windows Kill? #shorts #windows #windows11
#shorts #windows #windows11
https://www.youtube.com/watch?v=lraN2C-kBuw
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Get Bigger Bounties With Better Reports
At DEFCON a few weeks ago, I sat down with Codingo, VP of operations to talk about the key elements of writing an effective bug report, especially for non-native English speakers and beginners. We also discuss the importance of clarity, accurate replication steps, and the impact of comprehensive report writing on your bug bounty success. Learn from Bugcrowd's framework and community-driven practices to enhance your cybersecurity skills and make a stronger impact with your findings. 00:00 Introduction and Apology 00:37 Sponsor Message: Bugcrowd 01:22 Live from DEF CON 01:53 The Importance of Report Writing 02:17 Key Elements of a Good Report 04:46 Challenges in Report Writing 06:11 The Triage Process 08:21 Support for Non-Native English Speakers 09:17 Common Reasons for Bug Rejection 11:09...
https://www.youtube.com/watch?v=hnU0mRl0WBI
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Bruteforcing Windows Defender Exclusions
https://jh.live/soc || Join me for the SOC Analyst Appreciation Day! A completely FREE event on October 16th by DEVO! https://jh.live/soc Article: https://blog.fndsec.net/2024/10/04/uncovering-exclusion-paths-in-microsoft-defender-a-security-research-insight/ Learn Cybersecurity with Just Hacking Training: https://justhacking.com Learn Coding: https://jh.live/codecrafters Don't listen to other "influencer" VPN crap -- host YOUR OWN: https://jh.live/openvpn WATCH MORE: Dark Web & Cybercrime Investigations: https://www.youtube.com/watch?v=_GD5mPN_URM&list=PL1H1sBF1VAKVmjZZr162aUNCt2Uy5ozAG&index=4 Malware & Hacker Tradecraft: https://www.youtube.com/watch?v=LKR8cdfKeGw&list=PL1H1sBF1VAKWMn_3QPddayIypbbITTGZv&index=5 📧JOIN MY NEWSLETTER ➡ https://jh.live/email 🙏SUPPORT...
https://www.youtube.com/watch?v=fxO1V0mzePQ
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Project Zero: Ten Years of 'Make 0-Day Hard'
In 2014, Google announced Project Zero, a security research team with the mission to 'make 0-day hard'. A lot has happened since then! This talk shares the ups and downs of Project Zero's past 10 years. It starts by explaining Project Zero's mission and gives an inside look at how the team operates. We'll then look back at the state of 0-day attacks and vulnerability research in 2014, and how both changed over the years. This talk will describe the many security bugs that Project Zero has discovered over the years, and how the actions of defenders have impacted the prevalence of exploitable vulnerabilities in many targets. It will also discuss the role of mitigations in preventing exploitation, and how increased openness and public research have led to the development of mitigations that...
https://www.youtube.com/watch?v=Oy03K6o3iug
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Locknote: Conclusions & Key Takeaways from Black Hat USA 2024
Join Review Board Members Nathan Hamiel, Ellen Cram Kowalczykik Window Snyder, Jos Wetzels, and Black Hat founder Jeff Moss as they conclude Black Hat USA 2024 with an insightful conversation on the most pressing issues facing the InfoSec community. This Locknote will feature a candid discussion on the conference's key takeaways and how these trends will impact future InfoSec strategies. By: Ellen Cram Kowalczyk | Security Engineering Manager, Google Jeff Moss | Founder of Black Hat and U.S. Department of Homeland Security Advisory Council, U.S. Department of Homeland Security Advisory Council Nathan Hamiel | Senior Director of Research, Kudelski Security Window Snyder | Founder & CEO, Thistle Technologies Jos Wetzels | Partner, Midnight Blue
https://www.youtube.com/watch?v=zbNU7kRw3tg
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Keynote: Fireside Chat with Moxie Marlinspike
Jeff Moss, the founder of Black Hat, and Moxie Marlinspike, the founder of Signal, sit down and delve into critical topics shaping the future of privacy. Drawing from real-world experience, Jeff and Moxie examine the complex tradeoffs between security and privacy. They detail examples of navigating these tradeoffs, shedding light on decisions and strategies that others have speculated about but have not had to do. They will also discuss why safeguarding personal information should be a core priority for developers and companies alike and the responsibilities cyber leaders play in this mission. Additionally, their conversation will explore the essential role of privacy in enabling social change. Don't miss this unique opportunity to hear from two of the foremost thinkers in cybersecurity and...
https://www.youtube.com/watch?v=MAJP-fAf8MI
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Living off Microsoft Copilot
Before Diving Into This Presentation, Take a Look at The Short Demo: https://www.youtube.com/watch?v=tr1tTJk32uk&list=PLH15HpR5qRsUiLYPNSylDvlskvS_RSzee&index=12 Whatever your need as a hacker post-compromise, Microsoft Copilot has got you covered. Covertly search for sensitive data and parse it nicely for your use. Exfiltrate it out without generating logs. Most frightening, Microsoft Copilot will help you phish to move lately. Heck, it will even social engineer victims for you! This talk is a comprehensive analysis of Microsoft copilot taken to red-team-level practicality. We will show how Copilot plugins can be used to install a backdoor into other user's copilot interactions, allowing for data theft as a starter and AI-based social engineering as the main course. We'll show how...
https://www.youtube.com/watch?v=-YJgcTCSzU0
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Practical LLM Security: Takeaways From a Year in the Trenches
As LLMs are being integrated into more and more applications, security standards for these integrations have lagged behind. Most security research either focuses 1) on social harms, biases exhibited by LLMs, and other content moderation tasks, or 2) zooms in on the LLM itself and ignores the applications that are built around them. Investigating traditional security properties such as confidentiality, integrity, or availability for the entire integrated application has received less attention, yet in practice, we find that this is where the majority of non-transferable risk lies with LLM applications. NVIDIA has implemented dozens of LLM powered applications, and the NVIDIA AI Red Team has helped secure all of them. We will present our practical findings around LLM security: what kinds of...
https://www.youtube.com/watch?v=Rhpqiunpu0c
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Telegram Complied with Government Requests - ThreatWire
⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️ @endingwithali → Twitch: https://twitch.tv/endingwithali Twitter: https://twitter.com/endingwithali YouTube: https://youtube.com/@endingwithali Everywhere else: https://links.ali.dev Want to work with Ali? endingwithalicollabs@gmail.com [❗] Join the Patreon→ https://patreon.com/threatwire 0:00 0 - Intro 0:07 1 - Record Breaking DDoS Attack 1:46 2 - CUPS DDoS 3:56 3 - Telegram Gave Data 4:34 4 - Outro LINKS 🔗 Story 1: Record Breaking DDoS Attack https://blog.cloudflare.com/how-cloudflare-auto-mitigated-world-record-3-8-tbps-ddos-attack/ https://censys.com/june-20-improper-authentication-vulnerability-in-asus-routers/ 🔗 Story 2: CUPS DDoS https://www.akamai.com/blog/security-research/october-cups-ddos-threat https://www.bleepingcomputer.com/news/security/recently-patched-cups-flaw-can-be-used-to-amplify-ddos-attacks/ 🔗...
https://www.youtube.com/watch?v=djkTVLlR-l4
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Freeing professionals up for innovation: AI in Governance | Cyber Work Podcast
Shayla Treadwell of ECS pinpoints one of AI's most crucial uses in Governance Risk and Compliance: let it work its magic on the text itself, and free up your experts to do higher-level analysis and improve the GRC compliance posture!
https://www.youtube.com/watch?v=thTylHEvVPg
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

REAL Ransomware Chat Logs
https://jh.live/flare || Track down shady sellers, hunt for cybercrime, or manage threat intelligence and your exposed attack surface with Flare! Start a free trial and see what info is out there: https://jh.live/flare Learn Cybersecurity with Just Hacking Training: https://justhacking.com Learn Coding: https://jh.live/codecrafters Don't listen to other "influencer" VPN crap -- host YOUR OWN: https://jh.live/openvpn WATCH MORE: Dark Web & Cybercrime Investigations: https://www.youtube.com/watch?v=_GD5mPN_URM&list=PL1H1sBF1VAKVmjZZr162aUNCt2Uy5ozAG&index=4 Malware & Hacker Tradecraft: https://www.youtube.com/watch?v=LKR8cdfKeGw&list=PL1H1sBF1VAKWMn_3QPddayIypbbITTGZv&index=5 📧JOIN MY NEWSLETTER ➡ https://jh.live/email 🙏SUPPORT THE CHANNEL ➡ https://jh.live/patreon 🤝...
https://www.youtube.com/watch?v=Yj28OEeDDzk
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Infosec IQ Role-Based Training content series | Security awareness training
Every day, cybercriminals are conducting millions of attacks, and they are becoming more realistic and complex. Tailored attacks call for tailored security awareness training. With Infosec IQ's new Role-Based Training series, every member of your team receives personalized awareness training based on the unique risk profile of their role. — Book a demo today: https://www.infosecinstitute.com/form/iq-demo/?utm_source=youtube&utm_medium=video&utm_campaign=rbt About Infosec Infosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune...
https://www.youtube.com/watch?v=3lksp0c1OA4
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Undecided about taking the new FOR589: Cybercrime Intelligence Course?
Jon DiMaggio just took the course and he provides a detailed explanation of what the course is about and why he recommends it to all DFIR professionals. Learn more about the course or check out the course demo at http://www.sans.org/FOR589 The cybercrime landscape is perpetually evolving, driven by technological advancements, increased investments by nation-states in offensive cyber operations, and a dynamic cybercrime ecosystem that continuously lowers the barriers for novice criminals to collaborate with more sophisticated actors. FOR589 offers a comprehensive exploration of the cybercrime underground, detailing a broad spectrum of tactics and techniques used by cybercriminals to target organizations. This course includes over twenty hands-on labs and a final capstone exercise, equipping...
https://www.youtube.com/watch?v=6XOz6eXmFB4
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Will they also ban this after banning the Flipper Zero? #shorts #flipperzero #cars #cybersecurity
Full interview here: https://youtu.be/lDdJLrxQg24 #shorts #flipperzero #cars #cybersecurity
https://www.youtube.com/watch?v=AjBwgLbBcGc
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

From digital marketing to cybersecurity: Dr. Shayla Treadwell's unexpected journey | Cyber Work
Shayla Treadwell of ECS didn't start in tech — as a Digital Marketing Professional, she got her foot in the Cybersecurity industry when a former boss had her write and research his PowerPoint presentations. What sounded like an easy job turned into a “beautiful nosedive into a new career” in Governance, Risk and Compliance (GRC). Full episode: https://youtu.be/KE5bZ8tRwWY?feature=shared About Infosec Infosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and...
https://www.youtube.com/watch?v=1vs5q_ExiZw
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Github Intentionally Lets You Read Deleted & Private Commits
https://jh.live/snyk || Try Snyk for free and find vulnerabilities in your code and applications! ➡ https://jh.live/snyk Learn Cybersecurity - Name Your Price Training with John Hammond: https://nameyourpricetraining.com Learn Coding: https://jh.live/codecrafters Don't listen to other "influencer" VPN crap -- host YOUR OWN: https://jh.live/openvpn WATCH MORE: Dark Web & Cybercrime Investigations: https://www.youtube.com/watch?v=_GD5mPN_URM&list=PL1H1sBF1VAKVmjZZr162aUNCt2Uy5ozAG&index=4 Malware & Hacker Tradecraft: https://www.youtube.com/watch?v=LKR8cdfKeGw&list=PL1H1sBF1VAKWMn_3QPddayIypbbITTGZv&index=5 📧JOIN MY NEWSLETTER ➡ https://jh.live/email 🙏SUPPORT THE CHANNEL ➡ https://jh.live/patreon 🤝 SPONSOR THE CHANNEL ➡ https://jh.live/sponsor 🌎FOLLOW...
https://www.youtube.com/watch?v=DYdMXwDfRdA
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

DEF CON 32 - Hacker Jeopardy - Night 2
The thrilling conclusion to DEF CON 32's Hacker Jeopardy Contest!
https://www.youtube.com/watch?v=yTDCt4rvR7s
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

AI in GRC: Dr. Shayla Treadwell on balancing innovation and risk | Cyber Work Podcast
Get your FREE 2024 Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcast Today on CyberWork, Dr. Shayla Treadwell, vice president of governance, risk, and compliance (GRC) at ECS, discusses the role of AI in the GRC space. She breaks down AI applications for GRC, the importance of AI governance and the significant roles in performing compliance on AI tools and software. Dr. Treadwell also shares her unorthodox journey into cybersecurity, emphasizes the importance of critical thinking, and offers career advice for aspiring professionals. Additionally, the episode highlights the impact of AI on the cybersecurity landscape and strategies for effectively integrating AI while mitigating...
https://www.youtube.com/watch?v=KE5bZ8tRwWY
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Linux speaks! #shorts #linux #kalilinux #speak #talking #ubuntu
Linux speaks! #shorts #linux #kalilinux #speak #talk #ubuntu
https://www.youtube.com/watch?v=CzYEwy8ZyKE
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

This Bug Got Me A ,000 Bounty
LIKE and SUBSCRIBE with NOTIFICATIONS ON if you enjoyed the video! 👍 📚 If you want to learn bug bounty hunting from me: https://bugbounty.nahamsec.training 💻 If you want to practice some of my free labs and challenges: https://app.hackinghub.io 💵 FREE 0 DigitalOcean Credit: https://m.do.co/c/3236319b9d0b 🔗 LINKS: 📖 MY FAVORITE BOOKS: Bug Bounty Bootcamp: The Guide to Finding and Reporting Web Vulnerabilities -https://amzn.to/3Re8Pa2 Hacking APIs: Breaking Web Application Programming Interfaces - https://amzn.to/45g4bOr Black Hat GraphQL: Attacking Next Generation APIs - https://amzn.to/455F9l3 🍿 WATCH NEXT: If I Started Bug Bounty Hunting in 2024, I'd Do this - https://youtu.be/z6O6McIDYhU 2023 How to Bug Bounty - https://youtu.be/FDeuOhE5MhU Bug Bounty Hunting...
https://www.youtube.com/watch?v=Mt32ZHP4790
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Three Ways to Hack Mobile Apps
https://jh.live/guardsquare || Protect and defend your own mobile applications with Guardsquare! https://jh.live/guardsquare Learn Cybersecurity - Name Your Price Training with John Hammond: https://nameyourpricetraining.com Learn Coding: https://jh.live/codecrafters Don't listen to other "influencer" VPN crap -- host YOUR OWN: https://jh.live/openvpn WATCH MORE: Dark Web & Cybercrime Investigations: https://www.youtube.com/watch?v=_GD5mPN_URM&list=PL1H1sBF1VAKVmjZZr162aUNCt2Uy5ozAG&index=4 Malware & Hacker Tradecraft: https://www.youtube.com/watch?v=LKR8cdfKeGw&list=PL1H1sBF1VAKWMn_3QPddayIypbbITTGZv&index=5 📧JOIN MY NEWSLETTER ➡ https://jh.live/email 🙏SUPPORT THE CHANNEL ➡ https://jh.live/patreon 🤝 SPONSOR THE CHANNEL ➡ https://jh.live/sponsor 🌎FOLLOW...
https://www.youtube.com/watch?v=QwwLSyRzNwo
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

RFC 6819 Distilled - OAuth 2.0 Security [AI Podcast w. NotebookLM]
RFC 6819: https://datatracker.ietf.org/doc/html/rfc6819 This AI Podcast has been created with NotebookLM, so thank you @Google. Connect with me: X: https://twitter.com/cristivlad25 IG: https://instagram.com/cristivladz
https://www.youtube.com/watch?v=O8m6U9-7UKw
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

DEF CON 32 - Hacker Jeopardy - Night 1
Night One of DEF CON 32's premier hacker game show - Hacker Jeopardy!
https://www.youtube.com/watch?v=jfX4YIWScoo
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Keynote: Think Like a Hacker - Ted Harrington
https://owasp2024globalappsecsanfra.sched.com/event/1g3Zt/think-like-a-hacker-keynote-and-book-signing Have you ever wondered how hackers think? Do you know what things most companies get wrong when trying to secure their apps? Do you know what to do instead? In this keynote, you'll hear stories from the front lines of ethical hacking. Led by Ted Harrington -- #1 bestselling author of Hackable, co-founder of IoT Village, and a leader of ethical hackers -- you'll learn how to build better, more secure systems, including: - what it means to think like a hacker (and how to apply those principles) - the most common misconceptions and mistakes that people make in application security - what to do instead You'll hear fun stories that vividly illustrate and explain the points, and learn what to...
https://www.youtube.com/watch?v=8WnbHn78LRM
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Keynote: Thriving in the Age of AI - Aanchal Gupta
https://owasp2024globalappsecsanfra.sched.com/event/1g3Vf/thriving-in-the-age-of-ai-keynote In the keynote presentation "Thriving in the Age of AI," Aanchal Gupta explores the transformative impact of artificial intelligence on our lives and businesses. With her extensive experience as a CISO and currently as GM for M365, she will share firsthand insights on how AI is becoming a crucial part of our life and the importance of securing these powerful tools. The keynote will explore the current landscape of security threats, the role of AI in enhancing security, and real-world examples of AI's impact across various sectors. Attendees will gain valuable knowledge on innovative strategies to mitigate risks, the ethical implications of AI in security, and the future trends and innovations in AI-driven...
https://www.youtube.com/watch?v=RjoIby3YMOg
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Keynote: Red, Blue, and Purple AI - Jason Haddix
https://owasp2024globalappsecsanfra.sched.com/event/1g3UA/red-blue-and-purple-ai-keynote "Red, blue, and purple AI" reverse-engineers the cybersecurity responsibilities of practitioners and modern security programs. It aims to augment these practitioners with practical and useful AI tools. This talk isn't about the future state of AI and ML; it's about taking home concrete strategies and prompts to empower your security team. We will break down these strategies into helpers for red teams, blue teams, and purple teams. Jason will also provide overviews on how to create your own best-in-class prompts based on his experience with OpenAI's ChatGPT-4 and having a top 500 GPT in the GPT store. Expect a wide variety of topics that will not only give you superpowers but also inspire you to augment...
https://www.youtube.com/watch?v=XHeTn7uWVQM
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Keynote: Navigating the Intersection of Technology, Security, and Trust - Reeny Sondhi
https://owasp2024globalappsecsanfra.sched.com/event/1g3Z1/breaking-the-mold-navigating-the-intersection-of-technology-security-and-trust-keynote Join Reeny Sondhi, Chief Digital Officer at Twilio, in a fireside chat moderated by Avi Douglen, where she shares her unconventional journey from engineering and product management to leading security and IT at Twilio. Reeny will discuss how her diverse background has shaped her approach to security, innovation, and trust in today's fast-evolving digital landscape. She'll offer insights into key challenges in application and information security, demonstrating the business value of security as a driver of trust and growth. Additionally, she'll share strategies for staying ahead of evolving security standards and balancing robust security with...
https://www.youtube.com/watch?v=V8xvdyicO8U
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Your Privacy and Security Nightmare: Hackers track and control cars with just license plate number 😱
Big thank you to DeleteMe for sponsoring this video. Go to http://joindeleteme.com/Bombal to receive a 20% discount. // Sam Curry's SOCIAL// X: https://x.com/samwcyo Website: https://samcurry.net/ Blog: https://samcurry.net/blog/ // YouTube video REFERENCE // Hackers remotely hack millions of cars! https://youtu.be/MBj546UptEA // David's SOCIAL // Discord: https://discord.com/invite/usKSyzb X: https://www.twitter.com/davidbombal Instagram: https://www.instagram.com/davidbombal LinkedIn: https://www.linkedin.com/in/davidbombal Facebook: https://www.facebook.com/davidbombal.co TikTok: http://tiktok.com/@davidbombal YouTube: https://www.youtube.com/@davidbombal // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach...
https://www.youtube.com/watch?v=lDdJLrxQg24
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Android Pentesting - Tips via Hacktricks [AI Podcast w. NotebookLM]
Source: https://book.hacktricks.xyz/mobile-pentesting/android-app-pentesting This AI Podcast has been created with NotebookLM, so thank you @Google. Connect with me: X: https://twitter.com/cristivlad25 IG: https://instagram.com/cristivladz
https://www.youtube.com/watch?v=T3MnYo_IQzs
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

HackerOne Live Hacking Event Recap: Miami w/ Capital One

https://www.youtube.com/watch?v=V9qwgXcfJ-Y
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

AI's unprecedented impact: A threat to white-collar jobs #artificialintelligence #cybersecurityjobs
This clip from the Cyber Work Podcast explores how AI is transforming the landscape for white-collar and knowledge workers. However, it may help to address two big challenges facing the cybersecurity workforce, says Alex Sharpe.
https://www.youtube.com/watch?v=rzkd_M7EJ5o
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Python for Pentesters I - 5. Variables, Strings and Simple Operations in Python
Part of the Python for Pentesters I course: https://www.youtube.com/playlist?list=PLonlF40eS6nwhfPHOfoSM57xWftXonfbk Connect with me: X: https://twitter.com/cristivlad25 IG: https://instagram.com/cristivladz
https://www.youtube.com/watch?v=aCPkR0rvZh8
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Python for Pentesters I - 3. Using the Python Interpreter vs an IDE
Part of the Python for Pentesters I course: https://www.youtube.com/playlist?list=PLonlF40eS6nwhfPHOfoSM57xWftXonfbk Connect with me: X: https://twitter.com/cristivlad25 IG: https://instagram.com/cristivladz
https://www.youtube.com/watch?v=RCHdKEPAUNw
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Python for Pentesters I - 2. Setting up Python in Windows, Linux, and Mac
Part of the Python for Pentesters I course: https://www.youtube.com/playlist?list=PLonlF40eS6nwhfPHOfoSM57xWftXonfbk Connect with me: X: https://twitter.com/cristivlad25 IG: https://instagram.com/cristivladz
https://www.youtube.com/watch?v=R8--s5rQgZk
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Python for Pentesters I - 1. What is Python and How it can help you in Ethical Hacking
Part of the Python for Pentesters I course: https://www.youtube.com/playlist?list=PLonlF40eS6nwhfPHOfoSM57xWftXonfbk Connect with me: X: https://twitter.com/cristivlad25 IG: https://instagram.com/cristivladz
https://www.youtube.com/watch?v=MiXhnOwX_dY
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Python for Pentesters I - 4. Data Types in Python
Part of the Python for Pentesters I course: https://www.youtube.com/playlist?list=PLonlF40eS6nwhfPHOfoSM57xWftXonfbk Connect with me: X: https://twitter.com/cristivlad25 IG: https://instagram.com/cristivladz
https://www.youtube.com/watch?v=pByDTu6KdMM
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Silent Aim Tutorial - x64 Sauerbraten Aimbot
🔥 Learn How To Make Silent Aim on x64 Sauerbraten 👨‍💻 Buy Our Courses: https://guidedhacking.com/register/ 💰 Donate on Patreon: https://patreon.com/guidedhacking ❤️ Follow us on Social Media: https://linktr.ee/guidedhacking ©GuidedHacking - GuidedHacking™ ❤️ Try Malcore For FREE : https://link.malcore.io/redirect/guidedhacking 🔗 Download: https://guidedhacking.com/threads/silent-aim-tutorial-x64-sauerbraten-aimbot.20655/ 👨‍💻 New GH Content Creator: Sightem 👉https://guidedhacking.com/members/sightem.219746/ 📜 Video Description: Learn how to make a silent aim aimbot on x64 Sauerbraten, allowing you to hit targets without aiming at them, which is neat trick to show off, but in reality offers little practical benefits unless you're playing hack vs....
https://www.youtube.com/watch?v=Dtl-A817WkA
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

When should I schedule my cybersecurity exam? #cybersecurity #training #bootcamp
One of the most popular questions from cybersecurity boot camp students is "When should I take my cybersecurity exam?" About Infosec Infosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.
https://www.youtube.com/watch?v=TBoH7P1Y5DE
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Did you know your router automatically opens ports?? #shorts #raspberrypi #android #iphone #wifi
You can easily find devices on your home network (WiFi and Wired) using Fing (and then block them). Get a 25% discount for 6 months on a Fing Premium plan (expires 31 Dec 2024) using my link: https://davidbombal.wiki/4bn5HAH Big thank you to Fing for sponsoring this video.! #android #iphone #wifi
https://www.youtube.com/watch?v=3rmmXfMZK-U
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

They Say This Malware is INSANE
https://jh.live/htb-sherlock || Join Hack The Box to solve Sherlock tasks just like this one! https://jh.live/htb-sherlock Learn Cybersecurity - Name Your Price Training with John Hammond: https://nameyourpricetraining.com Learn Coding: https://jh.live/codecrafters Don't listen to other "influencer" VPN crap -- host YOUR OWN: https://jh.live/openvpn WATCH MORE: Dark Web & Cybercrime Investigations: https://www.youtube.com/watch?v=_GD5mPN_URM&list=PL1H1sBF1VAKVmjZZr162aUNCt2Uy5ozAG&index=4 Malware & Hacker Tradecraft: https://www.youtube.com/watch?v=LKR8cdfKeGw&list=PL1H1sBF1VAKWMn_3QPddayIypbbITTGZv&index=5 📧JOIN MY NEWSLETTER ➡ https://jh.live/email 🙏SUPPORT THE CHANNEL ➡ https://jh.live/patreon 🤝 SPONSOR THE CHANNEL ➡ https://jh.live/sponsor 🌎FOLLOW...
https://www.youtube.com/watch?v=EEyTdUWkQAQ
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

What happened to the 9.9 CVSS Linux CVE? - ThreatWire
⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️ @endingwithali → Twitch: https://twitch.tv/endingwithali Twitter: https://twitter.com/endingwithali YouTube: https://youtube.com/@endingwithali Everywhere else: https://links.ali.dev NEW VIDEO: https://www.youtube.com/watch?v=17lyi46UzA0&ab_channel=AliDiamond Want to work with Ali? endingwithalicollabs@gmail.com [❗] Join the Patreon→ https://patreon.com/threatwire 00:00 0 - Intro 00:07 1 - Mega Meta Fine 01:24 2 - Kia Web App Vulnerability 03:20 3 - Linux CUPS CVE 05:42 4 - Outro LINKS 🔗 Story 1: Mega Meta Fine https://www.dataprotection.ie/en/news-media/press-releases/data-protection-commission-opens-statutory-inquiry-facebook-0 https://krebsonsecurity.com/2019/03/facebook-stored-hundreds-of-millions-of-user-passwords-in-plain-text-for-years/ https://petapixel.com/2024/09/30/meta-fined-102-million-for-storing-users-passwords-in-plain-text/ 🔗...
https://www.youtube.com/watch?v=KYHCZTZVw7g
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

The bizarro Amazon: How ransomware operates #securityawareness #cybersecurity
In this episode, we delve into the dark web's ransomware operations, comparing them to a bizarro-world Amazon. The discussion reveals the ruthlessly efficient business-like structure of these operations, including 24-hour customer support and one-click shopping. Additionally, a deep web researcher shares findings on the use of AI to cut costs and improve hit rates in these illicit activities.
https://www.youtube.com/watch?v=62Hbi-9N7Y8
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Nuclear Powered AI? #shorts #ai #microsoft #chatgpt #power
#shorts #microsoft #chatgpt #ai #power
https://www.youtube.com/watch?v=ftY3HO0FjKM
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Hacking from Cloud to Endpoint (and vice versa)
https://jh.live/bloodhound || Map Attack Paths in both Entra/Azure Active Directory and on-premise Active Directory with the FREE and open-source BloodHound Community Edition, or defend your environment with Bloodhound Enterprise! https://jh.live/bloodhound Step-by-step demo of hybrid attack paths in BloodHound & Mythic: https://jh.live/specterops-webinar Download BloodHound Community Edition: https://jh.live/bloodhound-ce Example Active Directory / Azure data with hybrid paths and ADCS attack paths: https://jh.live/bloodhound-example-data Join the BloodHound Community Slack: https://jh.live/bloodhound-slack Get a demo of BloodHound Enterprise: https://jh.live/bloodhound-enterprise Learn Cybersecurity - Name Your Price Training with John Hammond: https://nameyourpricetraining.com Learn...
https://www.youtube.com/watch?v=6P0NqCMt_bA
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

CISSP exam tips #cybersecurity #certification #career
Get tips for the ISC2 CISSP exam from an instructor who has helped prepare hundreds of students. About Infosec Infosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.
https://www.youtube.com/watch?v=ziDhG0HPjdk
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

HackerOne Live Hacking Event Recap: Singapore w/ Salesforce

https://www.youtube.com/watch?v=MjXCLB995tw
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Unlock any Kia car with just license plate details 😱 #shorts #car #cars #iphone #android #watchdogs
#shorts #car #cars #iphone #android #watchdogs
https://www.youtube.com/watch?v=qkfTG5sbgZ4
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Cybersecurity in the AI era: Busting myths and practical advice | Guest Alex Sharpe
Get your FREE 2024 Cybersecurity Salary Guide: https://www.infosecinstitute.com/form/cybersecurity-salary-guide-podcast/?utm_source=youtube&utm_medium=podcast&utm_campaign=podcast Alex Sharpe, a cybersecurity expert with over 30 years of experience, joins the Cyber Work Podcast to discuss the realistic promises and limitations of AI and machine learning in cybersecurity — and pragmatic advice on their responsible use. From debunking myths to sharing insights from his excellent presentation at ISACA Digital Trust World 2024, Alex covers how AI can be integrated into cybersecurity practices and its impact on the workforce. Plus, explore how to stay ahead in the evolving cybersecurity job market. Don't miss out on this illuminating conversation! View Cyber Work Podcast transcripts...
https://www.youtube.com/watch?v=Ni2HLU5aXXc
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

The power of Linux commands in Windows? #shorts #linux #windows #wsl #kalilinux
#shorts #linux #windows #kalilinux
https://www.youtube.com/watch?v=mdbN6JnV_b4
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Hacking Websites With A Zip File (Zip Slip)
Check out Snyk 👉🏼 snyk.co/nahamsec LIKE and SUBSCRIBE with NOTIFICATIONS ON if you enjoyed the video! 👍 📚 If you want to learn bug bounty hunting from me: https://bugbounty.nahamsec.training 💻 If you want to practice some of my free labs and challenges: https://app.hackinghub.io 💵 FREE 0 DigitalOcean Credit: https://m.do.co/c/3236319b9d0b 🔗 LINKS: 📖 MY FAVORITE BOOKS: Bug Bounty Bootcamp: The Guide to Finding and Reporting Web Vulnerabilities -https://amzn.to/3Re8Pa2 Hacking APIs: Breaking Web Application Programming Interfaces - https://amzn.to/45g4bOr Black Hat GraphQL: Attacking Next Generation APIs - https://amzn.to/455F9l3 🍿 WATCH NEXT: If I Started Bug Bounty Hunting in 2024, I'd Do this - https://youtu.be/z6O6McIDYhU 2023 How to Bug Bounty - https://youtu.be/FDeuOhE5MhU Bug...
https://www.youtube.com/watch?v=4sKlbMiGWAw
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Linux Memory Forensics Challenge
Welcome to a special Linux Memory Forensics Challenge from 13Cubed. This is an excellent opportunity to get some hands-on practice with Linux memory forensics. You'll find the questions below, as well as a link to download the memory sample needed to answer those questions. 🎉 Check out the official training courses from 13Cubed at https://training.13cubed.com! HINT 1: To get started, run the Volatility 3 banners plugin to determine the correct kernel version, and subsequently install the correct symbols and create the ISF. HINT 2: The kernel version in use on this Ubuntu 22.04 machine was 6.5.0-41. It is recommended that Ubuntu 22.04 be used for the analysis. 🛑 CONTEST IS CLOSED 🛑 All winners have been selected. We still encourage you to participate in the lab, as we believe it...
https://www.youtube.com/watch?v=IHd85h6T57E
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Are phones and cars next? Hacker explains: The Cybersecurity threat you need to worry about?
Big thank you to CrowdSec for sponsoring this video! To sign up, go here: https://davidbombal.wiki/CrowdSecConsole Visit the CrowdSec website here: https://davidbombal.wiki/CrowdSec // Occupy The Web Books // Linux Basics for Hackers: US: https://amzn.to/3wqukgC UK: https://amzn.to/43PHFev Getting Started Becoming a Master Hacker US: https://amzn.to/4bmGqX2 UK: https://amzn.to/43JG2iA Network Basics for hackers: US: https://amzn.to/3yeYVyb UK: https://amzn.to/4aInbGK // OTW Discount // Use the code BOMBAL to get a 20% discount off anything from OTW's website: https://hackers-arise.net/ // Occupy The Web SOCIAL // X: https://twitter.com/three_cube Website: https://hackers-arise.net/ // YouTube videos REFERENCE // Hackers Remotely hack millions of cars!: https://youtu.be/MBj546UptEA //...
https://www.youtube.com/watch?v=8G0ai8Zl2D0
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

"game hackers" smh #gamehacking
👨‍💻 Buy Our Courses: https://guidedhacking.com/register/ 💰 Donate on Patreon: https://patreon.com/guidedhacking ❤️ Follow us on Social Media: https://linktr.ee/guidedhacking ✏️ Tags: #reverseengineering #malwareanalysis #gamehacking game hacking guidedhacking guidedhacking.com game hacking bible game hacking course game hackers
https://www.youtube.com/watch?v=HHiF5zuqs6s
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Black Hat USA 2024 Highlights
Check out all the highlights from Black Hat USA 2024 at the Mandalay Bay in Las Vegas. Visit our Flickr page for the event photos: https://www.flickr.com/photos/blackhatevents/albums/72177720319399624/ #cybersecurity #infosec #blackhat
https://www.youtube.com/watch?v=fsLv2Yb0fKs
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Black Hat USA 2024 Short Reel
Check out all the highlights from Black Hat USA 2024 at the Mandalay Bay in Las Vegas. Visit our Flickr page for the event photos: https://www.flickr.com/photos/blackhatevents/albums/72177720319399624/ #cybersecurity #infosec #blackhat
https://www.youtube.com/watch?v=J8EBIhQUaxo
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Hack a network and capture passwords using Python and Kali Linux // FREE CCNA 200-301 Course
Big thanks to Brilliant for sponsoring this video! To try everything Brilliant has to offer for free for a full 30 days and 20% discount visit: https://Brilliant.org/DavidBombal Did you know that DHCP can be hacked? In this video I demonstrate multiple DHCP attacks which show why you need to enable DHCP Snooping on untrusted ports in your network. Only trust ports with legitimate DHCP servers and don't allow attackers to host rogue DHCP servers in your network. // CCNA Complete Practical Course // Expect regular updates - the full course will be uploaded on my Tech Channel here: https://davidbombal.wiki/freeccnayt // Python Script used in this video // DHCP Exhaustion: https://github.com/davidbombal/scapy/blob/main/dhcp-exhaustion-basic.py // David's SOCIAL // Discord: https://discord.com/invite/usKSyzb...
https://www.youtube.com/watch?v=n2k_lR7dTCQ
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

SANS Threat Analysis Rundown with Katie Nickels | Sep. 2024 Edition
Are you staying ahead of the latest cyber threats? In a rapidly evolving digital landscape, understanding new tools and models can be the key to success. Join SANS Certified Instructor Katie Nickels, your expert guide, as she breaks down the latest cyber threats and equips you with the knowledge you need to stay secure. This month, Katie will be joined by special guests: Colin Connor and Michael DeBolt to discuss the newly-developed Cyber Threat Intelligence Capability Maturity Model (CTI-CMM). They'll explain how this model can empower your team, streamline CTI efforts, and deliver lasting value to your organization. If you're struggling to harness the full potential of CTI in your organization, this conversation is for you! Tune in on Thursday, September 26th, 2024 for diverse insights...
https://www.youtube.com/watch?v=qyKoPPZaNrY
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Black Hat Europe 2024 at the ExCel, London December 9-12 Sizzle Reel
Join us at Black Hat Europe 2024 at the ExCel, London on December 9-12, 2024. The premier cybersecurity event of the year. #cybersecurity #infosec
https://www.youtube.com/watch?v=nh8-i_ZqkJ0
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Black Hat Europe 2024 at the ExCel, London December 9-12
Join us at Black Hat Europe 2024 at the ExCel, London on December 9-12, 2024. The premier cybersecurity event of the year. #cybersecurity #infosec
https://www.youtube.com/watch?v=ingvkaCR1dk
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Why Implement a Vulnerability Disclosure Program (And How to Do It)
New threats emerge faster than any security team can fight them, which is why implementing an always-on vulnerability disclosure program (VDP) is not just a wise decision—it's becoming a standard practice mandated by government regulations and global compliance frameworks. Having a VDP openly demonstrates your organization's commitment to security, showcasing transparency, accountability, and a proactive approach to safeguarding your systems.
https://www.youtube.com/watch?v=prDbKBjNEck
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Building Cyber Resilience in Your Systems
This episode delves into the concept of cyber resilience, exploring strategies and best practices to safeguard your systems against cyber threats. It emphasizes the importance of preparedness, detection, response, and recovery to maintain robust cybersecurity.
https://www.youtube.com/watch?v=zAYuJPoT9Bs
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Where Does Malware Go On Your Computer?
https://jh.live/soc || Join me for the SOC Analyst Appreciation Day! A completely FREE event on October 16th by DEVO! https://jh.live/soc (This video was recorded months ago but didn't end up being uploaded.) Learn Cybersecurity - Name Your Price Training with John Hammond: https://nameyourpricetraining.com Learn Coding: https://jh.live/codecrafters Don't listen to other "influencer" VPN crap -- host YOUR OWN: https://jh.live/openvpn WATCH MORE: Dark Web & Cybercrime Investigations: https://www.youtube.com/watch?v=_GD5mPN_URM&list=PL1H1sBF1VAKVmjZZr162aUNCt2Uy5ozAG&index=4 Malware & Hacker Tradecraft: https://www.youtube.com/watch?v=LKR8cdfKeGw&list=PL1H1sBF1VAKWMn_3QPddayIypbbITTGZv&index=5 📧JOIN MY NEWSLETTER ➡ https://jh.live/email 🙏SUPPORT THE CHANNEL ➡ https://jh.live/patreon 🤝...
https://www.youtube.com/watch?v=qUyiGXxgHbg
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Did Kaspersky Install Malware? - ThreatWire
⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️ PODCAST: https://breakingthepod.com @endingwithali → Twitch: https://twitch.tv/endingwithali Twitter: https://twitter.com/endingwithali YouTube: https://youtube.com/@endingwithali Everywhere else: https://links.ali.dev Want to work with Ali? endingwithalicollabs@gmail.com [❗] Join the Patreon→ https://patreon.com/threatwire 0:00 0 - Intro 0:08 1 - MacOS Sequoia Breaks Security 01:21 2 - Arc's First Security Incident 02:13 3 - Telegram to Comply 02:58 4 - Kaspersky Disperskies 04:27 5 - Outro LINKS 🔗 Story 1: MacOS Sequoia Breaks Security https://support.eset.com/en/alert8723-network-connection-lost-after-upgrading-to-macos-15-with-eset-macos-product-v6?ref=esf https://infosec.exchange/@wdormann/113165768137802771 https://infosec.exchange/@wdormann/113149199491406975 https://waclaw.blog/macos-firewall-blocking-web-browsing-after-upgrading-to-sequoia/ https://forums.appleinsider.com/discussion/237698/macos-sequoia-causing-issues-with-third-party-security-tools-and-web-browsers https://support.anydesk.com/knowledge/anydesk-on-macos https://hackread.com/apples-macos-sequoia-update-breaks-security-tools/ 🔗...
https://www.youtube.com/watch?v=cNnTQRYTq4w
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Automating incident response: scalable & fast, within minutes
In today's rapidly evolving digital landscape, the increasing frequency and the scale of security incidents pose significant challenges for incident response teams. The traditional approach, rooted in digital forensics, is no longer sufficient nor is it efficient enough. It's time for a shift towards an automated incident response strategy that combines the investigative prowess of a digital detective with a DevOps mindset. In this talk, we will present how the incident response process of acquiring data, processing data, and analyzing information can be automated. Based on how we have built our incident response lab using open-source software packages developed by Microsoft (AVML), Spector Ops (SharpHound), Google (Timesketch, Plaso and WinPmem), Rapid7 (Velociraptor), Fox-IT (Dissect), Elastic...
https://www.youtube.com/watch?v=qZBoy-0qcLo
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Machine Learning for Enhanced Malware Detection & Classification
Malware continues to increase in prevalence and sophistication. VirusTotal reported a daily submission of 2M+ malware samples. Of those 2 million malware daily submissions, over 1 million were unique malware samples. Successfully exploiting networks and systems has become a highly profitable operation for malicious threat actors. Traditional detection mechanisms including antivirus software fail to adequately detect new and varied malware. Artificial Intelligence provides advanced capabilities that can enhance cybersecurity. The purpose of this talk is to deliver a new framework that uses Machine Learning models to analyze malware, produce uniform datasets for additional analysis, and classify malicious samples into malware families. Additionally, this research presents a new Ensemble Classification...
https://www.youtube.com/watch?v=PBzlOgXHcZI
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Keynote | Days of Future Past: The Impacts of GenAI on Cybersecurity
In this engaging talk, Rob T. Lee delves into the transformative impact of GenAI on cybersecurity, uncovering the blend of challenges and opportunities it presents. He examines GenAI's influence on nation-state strategies including mass disinformation and criminal enterprises, emphasizing the need for organizations to evolve defensively and offensively. With GenAI revolutionizing cybersecurity tactics, Rob will explore the necessity of upskilling to harness GenAI's potential effectively, highlighting the balance between leveraging its defensive benefits and mitigating the risks of new vulnerabilities it introduces. SANS DFIR Summit 2024 Keynote | Days of Future Past: The Impacts of GenAI on Cybersecurity Speaker: Rob Lee, Faculty Fellow, SANS Institute View upcoming Summits: http://www.sans.org/u/DuS...
https://www.youtube.com/watch?v=uNEUNtvfFRU
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Llama: The Fast-File Processor with No Drama
SANS DFIR Summit 2024 Llama: The Fast-File Processor with No Drama Speakers: Jon Stewart, Managing Director , Aon Cyber Solutions Julia Paluch, Software Developer, Aon Cyber Solutions View upcoming Summits: http://www.sans.org/u/DuS
https://www.youtube.com/watch?v=YlmdEo_LUTk
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

The Tortured Responders Department: Scott & Rebekah's Version
Just when you think you have your DFIR processes buttoned up - investigation wrapped, remediations complete, defenses in place, it turns out you're not done. Someone has to tell the world what just happened, and it may or may not be you. Cyber security has moved from a niche topic discussed in small circles to news-cycle leading events that are talked about by leaders in both business and government. As a result the way companies talk about security incidents is more critical than ever - and it's not getting any easier. New worldwide regulations have the potential to impact security professionals by imposing stringent compliance requirements across various sectors and regions, especially when it comes to mandatory security incident reporting. At the same time security is becoming more...
https://www.youtube.com/watch?v=vfh84u-244E
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

How persistent is an APT? Battling Three Threat Actors in a Single Environment
As seasoned incident responders we help organizations eradicate and remediate threat actors on a daily basis. Yet, what happens when our efforts to neutralize one threat inadvertently collide with another? Imagine the scenario: you're on the verge of thwarting a financially motivated threat actor, only to discover that your actions disrupted the operations of a Chinese state-sponsored adversary. And just as you prepare to execute a kill-switch operation against the first, a second Chinese APT emerges, throwing a wrench into your carefully laid plans. In this presentation, we delve into the intricacies of combating multiple threat actors concurrently. Drawing from real-world experiences, we offer a firsthand account of the cat-and-mouse game that unfolds between incident responders and their...
https://www.youtube.com/watch?v=VxMwRykTdCk
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Additional Microsoft Cloud Data Sets You May Not Be Looking At But Probably Should
For organizations using Microsoft Entra ID (the artist formerly known as Azure Active Directory) and O365, it's fairly well understood that a set of default logs are readily available for use, no matter what log management tooling an organization is using. However, this standard logging has its limits. This past fall, the team at Black Hills Information Security released a post exploitation kit called GraphRunner. This tool is focused on interacting with the Microsoft Graph API, which is the backbone that services Entra ID, O365 and many other services in the Microsoft cloud. The release of GraphRunner and future tools like it streamlines a number of activities that an adversary would perform after gaining access, making it simpler for anyone to use. While GraphRunner is a post exploitation...
https://www.youtube.com/watch?v=MaJLTbtM_Qo
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Leveling Up Ghidra: Learn Ghidra Plugins with a Game Boy Game
Ghidra is already a well known and widely used platform for reverse engineering. A lot of the work for RE, however, is done manually via researchers each time they RE. This talk enables researchers into a glimpse of what is possible with Ghidra plugins by discussing the philosophy of what can be automated and done via plugins to prevent toil and improve efficiency. This talk and demo aims to enhance researchers knowledge of the posibilities of Ghidra and its Plugin System by walking through how to build a Plugin to aid in reverse engineering gameboy games and the information embedded in them, which provides a fun and unique view into what is possible with Ghidra Plugins. SANS DFIR Summit 2024 Leveling Up Ghidra: Learn Ghidra Plugins with a Game Boy Game Speaker: Jacob Latonis, Senior Software...
https://www.youtube.com/watch?v=-s8X2pADZ-0
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Who Touched My GCP Project? Understanding the Principal Part in Cloud Audit Logs
We'll delve into the intricacies of Google Cloud Platform (GCP) audit logs, specifically focusing on how GCP principles are represented and authenticated within these logs. Attendees will gain practical insights and hands-on understanding of deciphering GCP audit logs to detect authentication details, impersonations and analyze principal identities. We will walk through the “authenticationInfo” field in the logs, understanding what information we have. On to understanding the diverse types of entities and identities we can have in GCP. What types of impersonations can we have, how are they used, and by who (GCP VMs as well). Finally, we will show what internal GCP accounts perform or don't in our environment, and when we do not have any logged identities at all! Through real examples and...
https://www.youtube.com/watch?v=W5_Y3XtgWtw
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Not All Androids Who Wonder Are Lost. Exploring Android's Find My Device System
In 2021 Apple introduced the AirTag as a way to keep track of things you care about the most. Almost immediately there were privacy concerns that arose about potential misuse by stalkers and others with nefarious intentions, and Android users were affected the most. Since then, Android users have gained the ability to detect rogue AirTags and, with the enhancement to Google's Find My Device network, other Bluetooth trackers. Additionally, they have also gained the ability to natively track other compatible Bluetooth trackers made by third parties. This presentation will delve into the Find My Device system, identify artifacts that are left behind due to an Android phone encountering rogue trackers and trackers that may be associated with the Android owner's Google account, and any tracker...
https://www.youtube.com/watch?v=EeIdyVcH-74
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Cutting Through the Chaos: File Detection and Analysis Using Strelka
File analysis at scale remains a major challenge for cybersecurity teams, often leading to alert fatigue and missed threats. In this talk, we'll dig into Strelka - an open-source, detection-oriented file analysis tool developed at Target. We'll highlight how Strelka is capable of characterizing hundreds of millions of files daily, providing scalable detection potential across your enterprise. By attending this session, you'll learn strategies to effectively leverage Strelka's scanning capabilities aimed at enhancing file analysis workflows and threat detection abilities. We'll demonstrate practical use cases showcasing how Strelka integrates into modern security stacks, serving as a critical pillar for responding to emerging cyber threats. SANS DFIR Summit 2024 Cutting Through the Chaos:...
https://www.youtube.com/watch?v=6g8cuiXOEYY
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Rise of the Drones: Modern Drone Forensic Opportunities
Drones are an increasingly common device, used for nearly every purpose imaginable. Roof inspections, aircraft inspections, electrical wire inspections. Drones provide immense capabilities to professionals but also to criminals, enabling drug or contraband delivery (either cross border or into prisons), corporate espionage, terrorism, or just a harassment tool for that bad breakup. These devices are akin to a smartphone in complexity, and collect tons of data, presenting various forensic opportunities. Throughout this presentation, we'll see just how complex these machines can be, how to access the data stored on them, what this data may help with in an investigation, and most importantly – we'll discuss a bunch of case studies and real-life stories! We'll also walk through the case...
https://www.youtube.com/watch?v=3HX5ry0Zczo
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Forensic Analysis of Compromised VPN Appliances by Advanced Actors
VPNs, intended to provide secure access, are a prime target for advanced attacks. This talk arms DFIR practitioners with essential techniques for analyzing intrusions where VPN access was the initial entry point. Gain a deeper understanding of how threat actors exploit VPN vulnerabilities, bypass authentication mechanisms, and deploy malware. Through real-world case studies, learn to identify indicators of compromise (IOCs) specific to VPN-related attacks, focusing on unusual network traffic patterns, privileged account abuse, and persistence techniques. Attendees will leave with actionable insights for improving incident response processes, developing threat intelligence, and proactively hardening VPN defenses. SANS DFIR Summit 2024 Forensic Analysis of Compromised VPN Appliances by Advanced...
https://www.youtube.com/watch?v=Ks2J4vzf4VI
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Is TOR Anonymous? #shorts #privacy #android #iphone #wifi
#shorts #privacy #android #iphone #wifi
https://www.youtube.com/watch?v=ZPw0DrOFddk
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

15 Pro-tips for Web App and API Pentesting - [w. @OpenAI Advanced Voice Mode]
15 Pro-tips for web app pentesting with Burp Suite. Brought to you by @OpenAI Advanced Voice Mode. Overall, great first contact!
https://www.youtube.com/watch?v=c_rxgCd8fP8
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Hacking ALL Levels in this Game!
https://jh.live/vanta || Prove your security compliance with Vanta! Get ,000 off with my link: https://jh.live/vanta Learn Cybersecurity - Name Your Price Training with John Hammond: https://nameyourpricetraining.com Learn Coding: https://jh.live/codecrafters Don't listen to other "influencer" VPN crap -- host YOUR OWN: https://jh.live/openvpn WATCH MORE: Dark Web & Cybercrime Investigations: https://www.youtube.com/watch?v=_GD5mPN_URM&list=PL1H1sBF1VAKVmjZZr162aUNCt2Uy5ozAG&index=4 Malware & Hacker Tradecraft: https://www.youtube.com/watch?v=LKR8cdfKeGw&list=PL1H1sBF1VAKWMn_3QPddayIypbbITTGZv&index=5 📧JOIN MY NEWSLETTER ➡ https://jh.live/email 🙏SUPPORT THE CHANNEL ➡ https://jh.live/patreon 🤝 SPONSOR THE CHANNEL ➡ https://jh.live/sponsor 🌎FOLLOW ME EVERYWHERE...
https://www.youtube.com/watch?v=mh_o9pWmWOQ
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Is this the best WiFi for businesses? What do you think? #shorts #wifi #wifi7 #iphone #android
Big thanks to Juniper for sponsoring this video! Learn more about Juniper's AP47 Access Points here: https://juni.pr/3B5r4ZR #shorts #wifi #wifi7 #iphone #android
https://www.youtube.com/watch?v=-5LQnILdff0
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

The Hacker Mentality
LIKE and SUBSCRIBE with NOTIFICATIONS ON if you enjoyed the video! 👍 📚 If you want to learn bug bounty hunting from me: https://bugbounty.nahamsec.training 💻 If you want to practice some of my free labs and challenges: https://app.hackinghub.io 💵 FREE 0 DigitalOcean Credit: https://m.do.co/c/3236319b9d0b 🔗 LINKS: 📖 MY FAVORITE BOOKS: Bug Bounty Bootcamp: The Guide to Finding and Reporting Web Vulnerabilities -https://amzn.to/3Re8Pa2 Hacking APIs: Breaking Web Application Programming Interfaces - https://amzn.to/45g4bOr Black Hat GraphQL: Attacking Next Generation APIs - https://amzn.to/455F9l3 🍿 WATCH NEXT: If I Started Bug Bounty Hunting in 2024, I'd Do this - https://youtu.be/z6O6McIDYhU 2023 How to Bug Bounty - https://youtu.be/FDeuOhE5MhU Bug Bounty Hunting...
https://www.youtube.com/watch?v=X2uK5fd0VxA
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Never access the Dark Web without doing this! (Tor and Telegram demos)
A big shoutout to TCM Security for sponsoring this video. Register now to receive a 10% discount on all TCM Security Certifications, potentially making your most significant step toward a career in ethical hacking. Go here: https://davidbombal.wiki/3vQsqWm // Stephen's Sims' Social // X: https://x.com/Steph3nSims YouTube: https://www.youtube.com/@OffByOneSecurity // Stephen's Book (Co-Author) // Gray Hat Hacking Series by various authors: US https://amzn.to/3B1FeIK UK https://amzn.to/3A920AL // Heath Adams' YouTube Channel // https://www.youtube.com/c/thecybermentor // YouTube video REFERENCE // Free Exploit development training (beginner and advanced) https://youtu.be/LWmy3t84AIo Buffer Overflow Hacking Tutorial (Bypass Passwords): https://youtu.be/c2BvS2VqDWg Reverse Engineering...
https://www.youtube.com/watch?v=7wLLcFMmbpg
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Keynote - Securing Our Cyberspace Together
Mr David Koh is Singapore's first Commissioner of Cybersecurity and the founding Chief Executive of the Cyber Security Agency (CSA) of Singapore. He is concurrently Chief (Digital Security & Technology) at the Ministry of Communications and Information. As Commissioner, he has the legal authority to investigate cyber threats and incidents to ensure that essential services are not disrupted in the event of a cyber-attack. As Chief Executive of CSA, he leads Singapore's efforts to provide dedicated and centralised oversight of national cyber security functions. These include enforcing the cybersecurity legislation; strategy and policy development; cyber security operations; ecosystem, R&D and capability development, public outreach and international engagement. Concurrently, as Chief (Digital...
https://www.youtube.com/watch?v=H3ax03H4I4g
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Fireside Chat: Jeff Moss and Ruimin He
In this fireside chat, Black Hat Founder Jeff Moss sits down with Ruimin He, Singapore's Chief Artificial Intelligence (AI) Officer to discuss the similarities and differences between AI and previous waves of digitalisation. They reveal that due to the transformative potential of AI that new approaches are needed to deal with the technology's novel challenges so that the benefit of AI for the public good can be realised in a responsible and ethical manner. By: Jeff Moss | Founder of Black Hat and DEF CON Conferences & Former Chief Security Officer and VP at ICANN, U.S. Department of Homeland Security Advisory Council Ruimin He | Chief Artificial Intelligence Officer & Deputy Chief Digital Technology Officer, Government of Singapore Full Abstract & Presentation Materials: https://www.blackhat.com/asia-24/briefings/schedule/#fireside-chat-jeff-moss-and-ruimin-he-39343...
https://www.youtube.com/watch?v=Z28TuWM0pbE
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

LinkDoor: A Hidden Attack Surface in the Android Netlink Kernel Modules
Netlink is a socket family designed for inter-process communication (IPC) between the kernel and user-space processes since 1999 with Linux 2.2. With the popularity of Android operating system, it is widely used in the Android kernel modules. Despite its capabilities, Netlink is often overlooked by security researchers due to the strong dominance of ioctl in userspace-kernelspace communication. Its programming complexity compared to ioctl also increases the chance of developers introducing security vulnerabilities. Therefore, Netlink has actually become a hidden attack surface buried deep in the Android ecosystem. During our research, we found Netlink can be divided into two categories according to its usage, Classic Netlink and Generic Netlink. Each category consists of two message processing...
https://www.youtube.com/watch?v=vqBC_WtDc6Q
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Cracking Active Directory Passwords & MFA Fatigue
https://jh.live/specops || Protect your organization with stronger passwords, with Specops! Continuously scan & block over 4 billion passwords -- try it for free: https://jh.live/specops Learn Cybersecurity - Name Your Price Training with John Hammond: https://nameyourpricetraining.com Learn Coding: https://jh.live/codecrafters Don't listen to other "influencer" VPN crap -- host YOUR OWN: https://jh.live/openvpn WATCH MORE: Dark Web & Cybercrime Investigations: https://www.youtube.com/watch?v=_GD5mPN_URM&list=PL1H1sBF1VAKVmjZZr162aUNCt2Uy5ozAG&index=4 Malware & Hacker Tradecraft: https://www.youtube.com/watch?v=LKR8cdfKeGw&list=PL1H1sBF1VAKWMn_3QPddayIypbbITTGZv&index=5 📧JOIN MY NEWSLETTER ➡ https://jh.live/email 🙏SUPPORT THE CHANNEL ➡ https://jh.live/patreon 🤝...
https://www.youtube.com/watch?v=xr3hH1Wup68
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

DEF CON 32 - Video Team - WHITERABBITNEO
BB and the crew learn all about the OpenSource Red Team AI Model Whiterabbitneo
https://www.youtube.com/watch?v=i0cXyiZv_qc
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Emerging Frontiers: Insights from the Black Hat Asia Review Board
As the landscape of cybersecurity continuously evolves, so too do the topics and themes that dominate the conversation. Join us for an insightful session presented by members of the Black Hat Asia Review Board as they delve into the shifts and transformations observed in this year's conference submissions. From emerging technologies to novel attack vectors, this session will explore the cutting-edge developments that are shaping the cybersecurity agenda. Drawing upon their extensive experience and expertise, they will dissect the trends and patterns observed in the submissions. Attendees can expect to gain valuable insights into the evolving threat landscape, emerging research areas, and innovative approaches to addressing cybersecurity challenges, while enjoying an engaging and interactive...
https://www.youtube.com/watch?v=vjZNYNhs1-M
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

What the TrustZone-M Doesn't See, the MCU Does Grieve Over: Lessons Learned
What the TrustZone-M Doesn't See, the MCU Does Grieve Over: Lessons Learned from Assessing a Microcontroller TEE Arm Cortex-M Microcontrollers (MCUs) are the de facto computing units powering billions of small embedded and Internet of Things (IoT) devices. Recently, as a step towards securing devices at scale, Arm introduced the TrustZone technology in the latest generation of their Armv8-M MCUs (e.g., Cortex-M33). TrustZone-M partitions the CPU into two worlds, enabling the materialization of Trusted Execution Environments (TEEs) on constrained devices. One of the weakest aspects of TrustZone-M is the CPU-centric view, i.e., the specification only defines CPU-level security protection controllers (e.g., SAU, IDAU). Still, MCUs have a number of other peripherals and computing elements (e.g.,...
https://www.youtube.com/watch?v=o_-a-_oqCgU
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

New Typosquatting Attack Seen In The Wild - ThreatWire
⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️ @endingwithali → Twitch: https://twitch.tv/endingwithali Twitter: https://twitter.com/endingwithali YouTube: https://youtube.com/@endingwithali Everywhere else: https://links.ali.dev Want to work with Ali? endingwithalicollabs@gmail.com [❗] Join the Patreon→ https://patreon.com/threatwire 0:00 0 - Intro 0:07 1 - New Python Typosquatting Attack Discovered 02:08 2 - Adobe 0 Day Quietly Patched 03:21 3 - Recruiter Social Engineering Attack Targets Developers 05:28 4 - Fortinet Data Breach 06:21 5 - Outro LINKS 🔗 Story 1: New Python Typosquatting Attack Discovered https://jfrog.com/blog/revival-hijack-pypi-hijack-technique-exploited-22k-packages-at-risk/ 🔗 Story 2: Adobe 0 Day Quietly Patched https://learn.snyk.io/lesson/use-after-free/ https://x.com/EXPMON_/status/1833670241441796576 https://helpx.adobe.com/security/products/acrobat/apsb24-70.html https://x.com/HaifeiLi/status/1823455945164243226 https://x.com/EXPMON_/status/1823776052788830675 https://www.theregister.com/2024/09/12/adobe_acrobat_0day/ 🔗...
https://www.youtube.com/watch?v=IFfcBsyNjr4
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

How to Scrape Telegram with Python
https://jh.live/flare || Track down shady sellers, hunt for cybercrime, or manage threat intelligence and your exposed attack surface with Flare! Start a free trial and see what info is out there: https://jh.live/flare Tune into the Flare podcast: https://jh.live/flare-podcast Learn Cybersecurity - Name Your Price Training with John Hammond: https://nameyourpricetraining.com Learn Coding: https://jh.live/codecrafters Don't listen to other "influencer" VPN crap -- host YOUR OWN: https://jh.live/openvpn WATCH MORE: Dark Web & Cybercrime Investigations: https://www.youtube.com/watch?v=_GD5mPN_URM&list=PL1H1sBF1VAKVmjZZr162aUNCt2Uy5ozAG&index=4 Malware & Hacker Tradecraft: https://www.youtube.com/watch?v=LKR8cdfKeGw&list=PL1H1sBF1VAKWMn_3QPddayIypbbITTGZv&index=5 📧JOIN MY...
https://www.youtube.com/watch?v=kCDUbJU99F8
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Hacking GitLab Instances For A ,000 Bounty (2 Examples)
👀👀 Signup for DevSecCon 👉🏼 snyk.co/dscnahamsec LIKE and SUBSCRIBE with NOTIFICATIONS ON if you enjoyed the video! 👍 📚 If you want to learn bug bounty hunting from me: https://bugbounty.nahamsec.training 💻 If you want to practice some of my free labs and challenges: https://app.hackinghub.io 💵 FREE 0 DigitalOcean Credit: https://m.do.co/c/3236319b9d0b 🔗 LINKS: 📖 MY FAVORITE BOOKS: Bug Bounty Bootcamp: The Guide to Finding and Reporting Web Vulnerabilities -https://amzn.to/3Re8Pa2 Hacking APIs: Breaking Web Application Programming Interfaces - https://amzn.to/45g4bOr Black Hat GraphQL: Attacking Next Generation APIs - https://amzn.to/455F9l3 🍿 WATCH NEXT: If I Started Bug Bounty Hunting in 2024, I'd Do this - https://youtu.be/z6O6McIDYhU 2023 How to...
https://www.youtube.com/watch?v=KfoOl8RhlhQ
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Fake CAPTCHA Runs Malware
https://jh.live/soc || Join me for the SOC Analyst Appreciation Day! A completely FREE event on October 16th by DEVO! https://jh.live/soc https://www.virustotal.com/gui/file/178d8523fa6e5560f59e75acb4d76e4a99d91c7bbf232e02c8763d7f62712d0c https://x.com/aruhamm/status/1834284068227481682 https://x.com/g0njxa/status/1825940825400029483 https://www.orangecyberdefense.com/global/blog/cert-news/emmenhtal-a-little-known-loader-distributing-commodity-infostealers-worldwide https://x.com/Unit42_Intel/status/1829178013423992948 https://github.com/PaloAltoNetworks/Unit42-timely-threat-intel/blob/main/2024-08-28-IOCs-for-Lumman-Stealer-from-fake-human-captcha-copy-paste-script.txt https://www.youtube.com/watch?v=z8dLfnReg28 https://denwp.com/anatomy-of-a-lumma-stealer/ https://github.com/JohnHammond/recaptcha-phish Learn...
https://www.youtube.com/watch?v=lSa_wHW1pgQ
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

DEF CON 32 - Disenshittify or die! How hackers can seize the means of computation - Cory Doctorow
The enshittification of the internet wasn't inevitable. The old, good internet gave way to the enshitternet because we let our bosses enshittify it. We took away the constraints of competition, regulation, interop and tech worker power, and so when our bosses yanked on the big enshittification lever in the c-suite, it started to budge further and further, toward total enshittification. A new, good internet is possible - and necessary - and it needs you.
https://www.youtube.com/watch?v=4EmstuO0Em8
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

What is OSINT? (With Examples)
LIKE and SUBSCRIBE with NOTIFICATIONS ON if you enjoyed the video! 👍 📚 If you want to learn bug bounty hunting from me: https://bugbounty.nahamsec.training 💻 If you want to practice some of my free labs and challenges: https://app.hackinghub.io 💵 FREE 0 DigitalOcean Credit: https://m.do.co/c/3236319b9d0b 🔗 LINKS: 📖 MY FAVORITE BOOKS: Bug Bounty Bootcamp: The Guide to Finding and Reporting Web Vulnerabilities -https://amzn.to/3Re8Pa2 Hacking APIs: Breaking Web Application Programming Interfaces - https://amzn.to/45g4bOr Black Hat GraphQL: Attacking Next Generation APIs - https://amzn.to/455F9l3 🍿 WATCH NEXT: If I Started Bug Bounty Hunting in 2024, I'd Do this - https://youtu.be/z6O6McIDYhU 2023 How to Bug Bounty - https://youtu.be/FDeuOhE5MhU Bug Bounty Hunting...
https://www.youtube.com/watch?v=oLyVOhV9kSw
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

C++ AssaultCube Aimbot Tutorial
🔥 Learn How To Make an Aimbot For AssaultCube 👨‍💻 Buy Our Courses: https://guidedhacking.com/register/ 💰 Donate on Patreon: https://patreon.com/guidedhacking ❤️ Follow us on Social Media: https://linktr.ee/guidedhacking ©GuidedHacking - GuidedHacking™ 🔗 Article Link: https://guidedhacking.com/threads/c-aimbot-tutorial-for-beginners.20645/ ❤️ Try Malcore For FREE : https://link.malcore.io/redirect/guidedhacking 👨‍💻 New Content Creator: Sightem 👉https://guidedhacking.com/members/sightem.219746/ 📜 Video Description: Today you will learn how to take your skills to the next level and implement your very first aimbot in C++. This article will walk you through each step of the process and explain the theory behind every aimbot ever made. By the end of...
https://www.youtube.com/watch?v=jlWHt0e4_M8
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Ransomware In Action: MedusaLocker ReadText34
https://jh.live/anyrun-demo || https://jh.live/anyrun || Make security research and dynamic malware analysis a breeze with ANY.RUN! Try their online interactive cloud sandbox for free: https://jh.live/anyrun Learn Cybersecurity - Name Your Price Training with John Hammond: https://nameyourpricetraining.com Learn Coding: https://jh.live/codecrafters Don't listen to other "influencer" VPN crap -- host YOUR OWN: https://jh.live/openvpn WATCH MORE: Dark Web & Cybercrime Investigations: https://www.youtube.com/watch?v=_GD5mPN_URM&list=PL1H1sBF1VAKVmjZZr162aUNCt2Uy5ozAG&index=4 Malware & Hacker Tradecraft: https://www.youtube.com/watch?v=LKR8cdfKeGw&list=PL1H1sBF1VAKWMn_3QPddayIypbbITTGZv&index=5 📧JOIN MY NEWSLETTER ➡ https://jh.live/email 🙏SUPPORT THE CHANNEL ➡ https://jh.live/patreon 🤝...
https://www.youtube.com/watch?v=VKTlxQKEdKY
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

IDA Pro Meme #reverseengineering #malwareanalysis
🔥 Become an IDA Pro Expert Here: https://www.youtube.com/watch?v=fgMl0Uqiey8&list=PLt9cUwGw6CYG2kmL5n6dFgi4wKMhgLNd7&index=1 👨‍💻 Buy Our Courses: https://guidedhacking.com/register/ 💰 Donate on Patreon: https://patreon.com/guidedhacking ❤️ Follow us on Social Media: https://linktr.ee/guidedhacking ✏️ Tags: #reverseengineering #malwareanalysis #gamehacking hex rays ida pro meme f5 ida pro game hacking hexrays ida pro tutorial malware analysis reverse engineering ida pro malware analysis tools ida pro malware analysis ida pro reverse engineering ida pro plugin malware analysis tutorial ida ida pro game hacking ida pro tutorial ida plugin
https://www.youtube.com/watch?v=43yV5hDeMBQ
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Internet Archive Lost The Fight - ThreatWire
⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️ @endingwithali → Twitch: https://twitch.tv/endingwithali Twitter: https://twitter.com/endingwithali YouTube: https://youtube.com/@endingwithali Everywhere else: https://links.ali.dev Want to work with Ali? endingwithalicollabs@gmail.com [❗] Join the Patreon→ https://patreon.com/threatwire 0:00 0 - Intro 0:11 1 - YubiKey Vulnerability Finally Found 03:26 2 - X/Twitter Banned in Brazil 05:12 3 - Internet Archive Cannot Lend Books 06:45 4 - Outro LINKS 🔗 Story 1: YubiKey Vulnerability Finally Found https://ninjalab.io/eucleak/ https://findbiometrics.com/yubikeys-can-be-hacked-but-it-costs-about-11k/ https://www.yubico.com/support/security-advisories/ysa-2024-03/ https://arstechnica.com/information-technology/2021/01/hackers-can-clone-google-titan-2fa-keys-using-a-side-channel-in-nxp-chips/ https://arstechnica.com/security/2024/09/yubikeys-are-vulnerable-to-cloning-attacks-thanks-to-newly-discovered-side-channel/?utm_source=dlvr.it&utm_medium=linkedin 🔗...
https://www.youtube.com/watch?v=wA3HZ738PrQ
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Chinese Hackers use Visual Studio Code to Target Asian Governments
https://jh.live/devseccon || Tune into DevSecCon on October 8th, online and completely free -- all brought to you by Snyk! https://jh.live/devseccon https://unit42.paloaltonetworks.com/stately-taurus-abuses-vscode-southeast-asian-espionage/ https://x.com/Wietze/status/1832824160009011346 https://badoption.eu/blog/2023/01/31/code_c2.html https://medium.com/@truvis.thornton/visual-studio-code-embedded-reverse-shell-and-how-to-block-create-sentinel-detection-and-add-e864ebafaf6d https://code.visualstudio.com/docs/remote/tunnels https://code.visualstudio.com/blogs/2022/12/07/remote-even-better https://redsiege.com/blog/2024/04/using-microsoft-dev-tunnels-for-c2-redirection/ Learn Cybersecurity - Name Your Price Training with John Hammond: https://nameyourpricetraining.com Learn Coding: https://jh.live/codecrafters Don't...
https://www.youtube.com/watch?v=9la5vTerq0o
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Scanning All Vulnerability Disclosure Programs For Automated API Hacking
LIKE and SUBSCRIBE with NOTIFICATIONS ON if you enjoyed the video! 👍 📚 If you want to learn bug bounty hunting from me: https://bugbounty.nahamsec.training 💻 If you want to practice some of my free labs and challenges: https://app.hackinghub.io 💵 FREE 0 DigitalOcean Credit: https://m.do.co/c/3236319b9d0b 🔗 LINKS: 📖 MY FAVORITE BOOKS: Bug Bounty Bootcamp: The Guide to Finding and Reporting Web Vulnerabilities -https://amzn.to/3Re8Pa2 Hacking APIs: Breaking Web Application Programming Interfaces - https://amzn.to/45g4bOr Black Hat GraphQL: Attacking Next Generation APIs - https://amzn.to/455F9l3 🍿 WATCH NEXT: If I Started Bug Bounty Hunting in 2024, I'd Do this - https://youtu.be/z6O6McIDYhU 2023 How to Bug Bounty - https://youtu.be/FDeuOhE5MhU Bug Bounty Hunting...
https://www.youtube.com/watch?v=1-bpQrWcZEA
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Guided Hacking Podcast - Zac The Squally Dev
Meet the developer of Squally & CS420 on the Guided Hacking Podcast! 👨‍💻 Buy Our Courses: https://guidedhacking.com/register/ 💰 Donate on Patreon: https://patreon.com/guidedhacking ❤️ Follow us on Social Media: https://linktr.ee/guidedhacking ©GuidedHacking - GuidedHacking™ 🔗 Link: https://guidedhacking.com/threads/guided-hacking-podcast-zac-from-squally.20636/ ❤️ Try Malcore For FREE : https://link.malcore.io/redirect/guidedhacking 📜 Guided Hacking Podcast - Who is Zachary Canann?​ The Guided Hacking Show is a podcast focused on game hacking and reverse engineering, we will primarily be interviewing prominent members of the game hacking and reverse engineering community, getting to know them and finding out what makes them tick. Listen to the Guided Hacking...
https://www.youtube.com/watch?v=HilNYgA1JLc
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Shimcache Execution Is Back - What You Need to Know!
In this special episode, Mike Peterson from nullsec.us joins us to discuss important new research on Shimcache/AppCompatCache. Discover how this artifact can potentially be used to prove execution in Windows 10 and later—a capability that was previously thought impossible! *** If you enjoy this video, please consider supporting 13Cubed on Patreon at patreon.com/13cubed. *** 📖 Chapters 00:00 - Intro 01:08 - Shimcache/AppCompatCache artiFACTS 09:38 - nullsec.us Research 18:40 - Wrap-up 🛠 Resources Original research from Eric Zimmerman: https://github.com/EricZimmerman/AppCompatCacheParser/issues/6 GitHub commit for AppCompatCacheParser adding the functionality (March 2023): https://github.com/EricZimmerman/AppCompatCacheParser/commit/c995e82a58684bb15a46c34729c99a4024aaf8b3#diff-e5f34b98fc08cf3da1819cd0652cb2c28a785e4f2bab8cccfb0d7fe2cb99cff9R79 For...
https://www.youtube.com/watch?v=DsqKIVcfA90
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

The Hacker with Hardware Implants (interview)
Len's upcoming book: https://a.co/d/883dv8p (Amazon Link) Learn Cybersecurity - Name Your Price Training with John Hammond: https://nameyourpricetraining.com Learn Coding: https://jh.live/codecrafters Don't listen to other "influencer" VPN crap -- host YOUR OWN: https://jh.live/openvpn WATCH MORE: Dark Web & Cybercrime Investigations: https://www.youtube.com/watch?v=_GD5mPN_URM&list=PL1H1sBF1VAKVmjZZr162aUNCt2Uy5ozAG&index=4 Malware & Hacker Tradecraft: https://www.youtube.com/watch?v=LKR8cdfKeGw&list=PL1H1sBF1VAKWMn_3QPddayIypbbITTGZv&index=5 📧JOIN MY NEWSLETTER ➡ https://jh.live/email 🙏SUPPORT THE CHANNEL ➡ https://jh.live/patreon 🤝 SPONSOR THE CHANNEL ➡ https://jh.live/sponsor 🌎FOLLOW ME EVERYWHERE ➡ https://jh.live/twitter ↔ https://jh.live/linkedin...
https://www.youtube.com/watch?v=exZ29xoeEk0
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

DEF CON 32 - Video Team - Scanning with Daniel
What is Daniel scanning?
https://www.youtube.com/watch?v=G9hAgitK-wE
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Roblox Developers Under Attack - ThreatWire
⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️ Ali's DEF CON Vlog: https://www.youtube.com/watch?v=8CfNAe_JmdI @endingwithali → Twitch: https://twitch.tv/endingwithali Twitter: https://twitter.com/endingwithali YouTube: https://youtube.com/@endingwithali Everywhere else: https://links.ali.dev Want to work with Ali? endingwithalicollabs@gmail.com [❗] Join the Patreon→ https://patreon.com/threatwire 0:00 0 - Intro 0:08 1 - Chromium Zero Day Dropped By Threat Actor 01:44 2 - New Updates To the OSCP Cert 03:14 3 - Bad NPM Packages Attacking Roblox Developers 05:03 4 - Outro LINKS 🔗 Story 1: Chromium Zero Day Dropped By Threat Actor https://cybersecuritynews.com/chromium-zero-day-vulnerability/ https://www.microsoft.com/en-us/security/blog/2024/08/30/north-korean-threat-actor-citrine-sleet-exploiting-chromium-zero-day/ 🔗...
https://www.youtube.com/watch?v=6SAxzHCBOQ8
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

I Became HackerOne's Latest Most Valuable Hacker (h1-702 vlog)
LIKE and SUBSCRIBE with NOTIFICATIONS ON if you enjoyed the video! 👍 📚 If you want to learn bug bounty hunting from me: https://bugbounty.nahamsec.training 💻 If you want to practice some of my free labs and challenges: https://app.hackinghub.io 💵 FREE 0 DigitalOcean Credit: https://m.do.co/c/3236319b9d0b 🔗 LINKS: 📖 MY FAVORITE BOOKS: Bug Bounty Bootcamp: The Guide to Finding and Reporting Web Vulnerabilities -https://amzn.to/3Re8Pa2 Hacking APIs: Breaking Web Application Programming Interfaces - https://amzn.to/45g4bOr Black Hat GraphQL: Attacking Next Generation APIs - https://amzn.to/455F9l3 🍿 WATCH NEXT: If I Started Bug Bounty Hunting in 2024, I'd Do this - https://youtu.be/z6O6McIDYhU 2023 How to Bug Bounty - https://youtu.be/FDeuOhE5MhU Bug Bounty Hunting...
https://www.youtube.com/watch?v=gPzDJ9BXvgc
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

mfw #gamehacking
👨‍💻 Buy Our Courses: https://guidedhacking.com/register/ 💰 Donate on Patreon: https://patreon.com/guidedhacking ❤️ Follow us on Social Media: https://linktr.ee/guidedhacking ©GuidedHacking - GuidedHacking™ 👨‍💻 Buy Our Courses: https://guidedhacking.com/register/ 💰 Donate on Patreon: https://patreon.com/guidedhacking ❤️ Follow us on Social Media: https://linktr.ee/guidedhacking ✏️ Tags: #reverseengineering #gamehacking #guidedhacking game hackers game hacking tutorials game hacking bible game hacking course guidedhacking.com guided hacking game hacking guidedhacking.com game hacking website game hacking websites guidedhacking guided hacking guidedhacking.com game hackers
https://www.youtube.com/watch?v=ArMWkzSZzRI
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Cookie Forgery, Signature Bypass and Blind Command Injection - "Feature Unlocked" [CSCTF 2024]
Video walkthrough for the "Feature Unlocked" web challenge I made for CyberSpace CTF 2024. The challenge required players to hijack the validation server via a hidden GET parameter, cookie forgery and custom signature generation/verification in order to access an unreleased feature, which itself contained a blind command injection vulnerability. Hope you enjoy 🙂 #CSCTF #CTF #CaptureTheFlag #Pentesting #OffSec #WebSec #AppSec Write-up: https://crypto-cat.gitbook.io/ctf-writeups/2024/cyberspace/web/feature_unlocked ↢Social Media↣ Twitter: https://twitter.com/_CryptoCat GitHub: https://github.com/Crypto-Cat/CTF GitBook: https://crypto-cat.gitbook.io HackTheBox: https://app.hackthebox.eu/profile/11897 LinkedIn: https://www.linkedin.com/in/cryptocat Reddit: https://www.reddit.com/user/_CryptoCat23 YouTube:...
https://www.youtube.com/watch?v=6jvmbvsRLgQ
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

DC32 - Red Team Village - Recap
Thank you to everyone who attended the village this year at DEF CON! Another huge thank you to our core team, sponsors, volunteers, goons, and DEF CON! Red Team Village Website: https://redteamvillage.io Discord: https://redteamvillage.io/discord Twitter: https://redteamvillage.io/twitter
https://www.youtube.com/watch?v=xjKxLoz0Dw4
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Is Telegram Still A Secure Messaging Platform? - ThreatWire
⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️ DEF CON VLOG: https://www.youtube.com/watch?v=PJvlMRIz4d4 @endingwithali → Twitch: https://twitch.tv/endingwithali Twitter: https://twitter.com/endingwithali YouTube: https://youtube.com/@endingwithali Everywhere else: https://links.ali.dev Want to work with Ali? endingwithalicollabs@gmail.com [❗] Join the Patreon→ https://patreon.com/threatwire 0:00 0 - Intro 00:07 1 - Google Sunsetting Play Store Bug Bounty 01:23 2 - SolarWinds Critical Vulnerability 01:48 3 - CEO Of Telegram Arrested 03:33 4 - USDoD Found 04:37 5 - Outro LINKS 🔗 Story 1: Google Sunsetting Play Store Bug Bounty https://bughunters.google.com/about/rules/android-friends/5604090422493184/google-play-security-reward-program-rules https://www.androidauthority.com/google-play-security-reward-program-winding-down-3472376/ https://cyberscoop.com/google-play-store-bug-bounty-shut-down-gpsrp/ 🔗...
https://www.youtube.com/watch?v=eS3_X7LoECE
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Burp Suite - Part 20 - Conclusion
Connect with me: X: https://twitter.com/cristivlad25 IG: https://instagram.com/cristivladz
https://www.youtube.com/watch?v=X3yCrGIMW1s
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Burp Suite - Part 19 - Extender and BApp Store
Connect with me: X: https://twitter.com/cristivlad25 IG: https://instagram.com/cristivladz
https://www.youtube.com/watch?v=U1nWtZ7QakQ
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Burp Suite - Part 18 - Sequencer
Connect with me: X: https://twitter.com/cristivlad25 IG: https://instagram.com/cristivladz
https://www.youtube.com/watch?v=xxT9LQbjhrY
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Burp Suite - Part 17 - Decoder II and Comparer
Connect with me: X: https://twitter.com/cristivlad25 IG: https://instagram.com/cristivladz
https://www.youtube.com/watch?v=VjhQrCpuEt8
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Burp Suite - Part 16 - Decoder I
Connect with me: X: https://twitter.com/cristivlad25 IG: https://instagram.com/cristivladz
https://www.youtube.com/watch?v=ELNOkXaHRic
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Just launched a brand new free module on SQL Injection. #bugbounty #hacking

https://www.youtube.com/watch?v=Y9N3xKEAahM
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

SQL Injection Explained With @BuildHackSecure + FREE LABS!
LIKE and SUBSCRIBE with NOTIFICATIONS ON if you enjoyed the video! 👍 📚 If you want to learn bug bounty hunting from me: https://bugbounty.nahamsec.training 💻 If you want to practice some of my free labs and challenges: https://app.hackinghub.io 💵 FREE 0 DigitalOcean Credit: https://m.do.co/c/3236319b9d0b 🔗 LINKS: 📖 MY FAVORITE BOOKS: Bug Bounty Bootcamp: The Guide to Finding and Reporting Web Vulnerabilities -https://amzn.to/3Re8Pa2 Hacking APIs: Breaking Web Application Programming Interfaces - https://amzn.to/45g4bOr Black Hat GraphQL: Attacking Next Generation APIs - https://amzn.to/455F9l3 🍿 WATCH NEXT: If I Started Bug Bounty Hunting in 2024, I'd Do this - https://youtu.be/z6O6McIDYhU 2023 How to Bug Bounty - https://youtu.be/FDeuOhE5MhU Bug Bounty Hunting...
https://www.youtube.com/watch?v=EZXvxpbFqvg
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

TECHNOLUST from DEF CON 32 - Hak5
Thank you to everyone who came and shared their technolust with us at the Hak5 booth this DEF CON 32. Y'all rock! ____________________________________________ Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
https://www.youtube.com/watch?v=PJvlMRIz4d4
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

OWASP Leaders Must Become Members
By September 30, 2024, OWASP Leaders must become members. Find out why and how to join OWASP. Managed by the OWASP® Foundation https://owasp.org/
https://www.youtube.com/watch?v=FiTaaeVx98U
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Two Types of Game Hackers #gamehacking
👨‍💻 Buy Our Courses: https://guidedhacking.com/register/ 💰 Donate on Patreon: https://patreon.com/guidedhacking ❤️ Follow us on Social Media: https://linktr.ee/guidedhacking ✏️ Tags: #reverseengineering #gamehacking #guidedhacking game hacking tutorials game hacking bible game hacking course guidedhacking.com guided hacking game hacking guidedhacking.com game hacking website game hacking websites guidedhacking guided hacking guidedhacking.com
https://www.youtube.com/watch?v=Zx84uP4oIKQ
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

GitHub Actions Lead to Malicious Code Injections - ThreatWire
⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️ [NOT SPONSORED / NOT AN AD] Thank you for the team at Miscreants for our awesome shirts - if you're in the need of a cybersecurity focused design work, please check them out at https://www.miscreants.com/ @endingwithali → Twitch: https://twitch.tv/endingwithali Twitter: https://twitter.com/endingwithali YouTube: https://youtube.com/@endingwithali Everywhere else: https://links.ali.dev Want to work with Ali? endingwithalicollabs@gmail.com [❗] Join the Patreon→ https://patreon.com/threatwire 0:00 Intro 00:06 Congrats Sam! 00:27 2 - DEF CON 2024 + Unsaflok 01:24 3 - Microsoft IPv6 Vulnerability 02:40 4 - GitHub Actions Leak Keys 04:18 5 - Outro LINKS 🔗 Story 1: Congrats Sam! https://www.nbcolympics.com/news/american-speed-climber-sam-watson-snags-olympic-bronze-while-breaking-world-record...
https://www.youtube.com/watch?v=dzmLPLeh2rQ
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

The History of the OWASP Developer Guide
Learn about the early history of OWASP's first project, the OWASP Developer Guide, and what's been happening more recently. The OWASP Developer Guide Project home page, PDF and e-book: https://owasp.org/www-project-developer-guide/ Managed by the OWASP® Foundation https://owasp.org/
https://www.youtube.com/watch?v=niqV55vPTfw
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

DEFCON 32 Vlog
LIKE and SUBSCRIBE with NOTIFICATIONS ON if you enjoyed the video! 👍 📚 If you want to learn bug bounty hunting from me: https://bugbounty.nahamsec.training 💻 If you want to practice some of my free labs and challenges: https://app.hackinghub.io 💵 FREE 0 DigitalOcean Credit: https://m.do.co/c/3236319b9d0b 🔗 LINKS: 📖 MY FAVORITE BOOKS: Bug Bounty Bootcamp: The Guide to Finding and Reporting Web Vulnerabilities -https://amzn.to/3Re8Pa2 Hacking APIs: Breaking Web Application Programming Interfaces - https://amzn.to/45g4bOr Black Hat GraphQL: Attacking Next Generation APIs - https://amzn.to/455F9l3 🍿 WATCH NEXT: If I Started Bug Bounty Hunting in 2024, I'd Do this - https://youtu.be/z6O6McIDYhU 2023 How to Bug Bounty - https://youtu.be/FDeuOhE5MhU Bug Bounty Hunting...
https://www.youtube.com/watch?v=Ohr5KibrPhA
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

DEF CON 32 - Video Team - Bug Bounty Village
Bug Bounty Village explained for you.
https://www.youtube.com/watch?v=6OHoi1sylx4
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

DEF CON 32 - Video Team - Embedded Systems Village
The lowdown on this year's Embedded Systems Village.
https://www.youtube.com/watch?v=91uoI7tcjxA
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

DEF CON 32 - Video Team - DEADMAU5
b4rfb0y and company interview the DJ phenom known as DEADMAU5
https://www.youtube.com/watch?v=AOAh3P5NFCw
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

DEF CON 32 - Video Team - OWASP

https://www.youtube.com/watch?v=CVflCxKFE8Y
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

OWASP Global Board of Directors Nomination Process
So you'd like to become an OWASP Global Board Director? This is why you should and how to apply in less than eight minutes. Managed by the OWASP® Foundation https://owasp.org/
https://www.youtube.com/watch?v=L7dkvE5Rza8
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Game Reverse Engineering - One Hit Kills Hack
🔥 Learn How Game Reverse Engineering Works With Our One Hit Kills Tutorial 👨‍💻 Buy Our Courses: https://guidedhacking.com/register/ 💰 Donate on Patreon: https://patreon.com/guidedhacking ❤️ Follow us on Social Media: https://linktr.ee/guidedhacking 🔗 Article Link: https://guidedhacking.com/threads/game-reverse-engineering-one-hit-kills.20633/ ❤️ Try Malcore For FREE : https://link.malcore.io/redirect/guidedhacking 👨‍💻 New Content Creator: Sightem 👉https://guidedhacking.com/members/sightem.219746/ ©GuidedHacking - GuidedHacking™ This tutorial builds off our previous External Trainer #2 Tutorial: https://guidedhacking.com/threads/how-to-hack-any-game-tutorial-c-trainer-2-external-v2.12000/ 📜 Video Description: Learning more about reverse engineering...
https://www.youtube.com/watch?v=5eZ8NmFqdiI
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

DEF CON 32 - Video Team - DEF CON Groups
Alethe and Mike give you some info about the wonderful world of DEF CON Groups.
https://www.youtube.com/watch?v=v9Ii5V1kqXc
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

DEF CON 32 - Video Team - Cory Doctorow
A few minutes with the prolific and inspirational Cory Doctorow.
https://www.youtube.com/watch?v=S-B4LlkjN7c
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

DEF CON 32 - Video Team - Erik with TSA
Erik gives you the rundown of the TSA simulator at DEF CON 32 and the hardware and software initiatives they're working on.
https://www.youtube.com/watch?v=OJbQS36xVIU
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

DEF CON 32 - Video Team - Women in Security & Privacy
What to expect from the WISP during DEF CON.
https://www.youtube.com/watch?v=INOGwDyJ-8M
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Beyond Bug Bounty
Don't leave your organization's security to chance. The HackerOne Platform combines the power of ethical hackers with cutting-edge automation to protect your digital assets. Our comprehensive suite of preemptive solutions covers every aspect of your security strategy. Learn more here: https://www.hackerone.com/product/overview
https://www.youtube.com/watch?v=rNLlZyAWcsY
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Trusted and Vetted
Some of the most common questions prospective customers have about working with hackers are “How do I know I can trust hackers?” and “How do I retain control of my environment?” HackerOne human-powered security program is the most trusted in the industry. See why how our customers love working with the ethical hacker community at: https://www.hackerone.com/product/how-human-powered-security-works
https://www.youtube.com/watch?v=hNhS64IYeEk
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Security Team Enhancement
Outmatch cybercriminals with a legion of ethical hackers who work for you to continuously protect your attack surface. For more information visit: https://www.hackerone.com/
https://www.youtube.com/watch?v=15OTy7VqA3E
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

We are bug bounty hunters. #bugbounty #hacking

https://www.youtube.com/watch?v=Xsg7IwWbRZ8
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

DEF CON 32 - VIdeo Team - IOT Village

https://www.youtube.com/watch?v=QwYXbb2-zNU
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

DEF CON 32 - Video Team - RTV Contest Room
what's going on in the Red Team Village Contest Room?
https://www.youtube.com/watch?v=1qTuH5rUa2A
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Google Chrome Is Safer - ThreatWire
⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️ @endingwithali → Twitch: https://twitch.tv/endingwithali Twitter: https://twitter.com/endingwithali YouTube: https://youtube.com/@endingwithali Everywhere else: https://links.ali.dev Want to work with Ali? endingwithalicollabs@gmail.com [❗] Join the Patreon→ https://patreon.com/threatwire 0:00 0 - Intro 0:05 1 - Chrome Security Updates 01:03 2 - Azure DDoS 02:14 3 - Outro LINKS 🔗 Story 1: Chrome Security Updates https://security.googleblog.com/2024/07/improving-security-of-chrome-cookies-on.html 🔗 Story 2: Azure DDoS https://azure.status.microsoft/en-us/status/history/#incident-history-collapse-KTY1-HW8 -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆ Our Site → https://www.hak5.org Shop...
https://www.youtube.com/watch?v=UWMcoLn_acg
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Hak5 turns 19 -- Crash Kit with Glytch
From a pair of vans in the mountains of Los Angeles, Hak5 founder Darren Kitchen shares his van life experiences leading up to DEF CON 32. Glytch saves the day with his Crash Kit soldering bundle. Trust your technolust! ____________________________________________ Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
https://www.youtube.com/watch?v=JtiteG3W6Uo
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

DC32 - Red Team Village x Amazon
Thank you Amazon for being a platinum sponsor! For more information about Amazon, please visit https://amazon.com. Red Team Village Website: https://redteamvillage.io Discord: https://redteamvillage.io/discord Twitter: https://redteamvillage.io/twitter
https://www.youtube.com/watch?v=ouv0tgFmo8M
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Vulnerability Management in the World of AI
Whether your organization is looking to develop, secure, or deploy AI or LLM, or you're hoping to ensure the security and ethical adherence of your existing model, we've got you covered! For more information, visit: https://www.hackerone.com/ai Music I Use: https://www.bensound.com/free-music-for-videos License code: V39IOQDSUS8ZRHEI
https://www.youtube.com/watch?v=uvm4HQVrgl8
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

DLL Injection Methods Explained
🔥 Learn how to inject a DLL using various DLL injection methods 👨‍💻 Buy Our Courses: https://guidedhacking.com/register/ 💰 Donate on Patreon: https://patreon.com/guidedhacking ❤️ Follow us on Social Media: https://linktr.ee/guidedhacking 🔗 Learn More: https://guidedhacking.com/threads/dll-injection-methods.14569/ ❤️ Try Malcore For FREE : https://link.malcore.io/redirect/guidedhacking 👨‍💻 Script & Visuals by rexir: https://guidedhacking.com/members/280340/ 👩‍💻 Narration by wahsami: https://guidedhacking.com/members/wahsami.278740/ 📜 Video Description: DLL injection is the act of loading a dynamic link library into an external process, from your own process. It is the easiest to perform, easiest to manage and most portable method to get execution...
https://www.youtube.com/watch?v=jf1al_tCxyA
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

How to Gain Instant ESXi Admin - ThreatWire
⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️ @endingwithali → Twitch: https://twitch.tv/endingwithali Twitter: https://twitter.com/endingwithali YouTube: https://youtube.com/@endingwithali Everywhere else: https://links.ali.dev Want to work with Ali? endingwithalicollabs@gmail.com [❗] Join the Patreon→ https://patreon.com/threatwire 0:00 0 - Intro 00:06 1 - Group Leads to Direct Admin 01:27 2 - CrowdStrike Update 02:13 3 - GitHub Ghost Network 04:17 4 - GCP Creds Stolen Via Supply Chain 05:35 5 - Outro LINKS 🔗 Story 1: Domain Group Leads to Direct Admin https://www.microsoft.com/en-us/security/blog/2024/07/29/ransomware-operators-exploit-esxi-hypervisor-vulnerability-for-mass-encryption/ https://www.vmware.com/products/cloud-infrastructure/esxi-and-esx 🔗 Story 2:...
https://www.youtube.com/watch?v=kOBqk6kBL6U
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Running Nuclei On All My Bug Bounty Programs
LIKE and SUBSCRIBE with NOTIFICATIONS ON if you enjoyed the video! 👍 📚 If you want to learn bug bounty hunting from me: https://bugbounty.nahamsec.training 💻 If you want to practice some of my free labs and challenges: https://app.hackinghub.io 💵 FREE 0 DigitalOcean Credit: https://m.do.co/c/3236319b9d0b 🔗 LINKS: 📖 MY FAVORITE BOOKS: Bug Bounty Bootcamp: The Guide to Finding and Reporting Web Vulnerabilities -https://amzn.to/3Re8Pa2 Hacking APIs: Breaking Web Application Programming Interfaces - https://amzn.to/45g4bOr Black Hat GraphQL: Attacking Next Generation APIs - https://amzn.to/455F9l3 🍿 WATCH NEXT: If I Started Bug Bounty Hunting in 2024, I'd Do this - https://youtu.be/z6O6McIDYhU 2023 How to Bug Bounty - https://youtu.be/FDeuOhE5MhU Bug Bounty Hunting...
https://www.youtube.com/watch?v=pEtDrTF3PHk
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

scanning every #bugbounty program with nuclei

https://www.youtube.com/watch?v=A61oH0je-_c
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

DC32 - Red Team Village x Kindo
Thank you Kindo for being a platinum sponsor! For more information, please visit https://kindo.ai. Red Team Village Website: https://redteamvillage.io Discord: https://redteamvillage.io/discord Twitter: https://redteamvillage.io/twitter
https://www.youtube.com/watch?v=-1wBcsNVqPo
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

RTV x Flare - An Introduction to Flare
The Red Team Village Red Team Village Website: https://redteamvillage.io Discord: https://redteamvillage.io/discord Twitter: https://redteamvillage.io/twitter
https://www.youtube.com/watch?v=xXulBDmkxsY
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

DC32 - Red Team Village x Core Team
Check out our amazing core team! Red Team Village Website: https://redteamvillage.io Discord: https://redteamvillage.io/discord Twitter: https://redteamvillage.io/twitter
https://www.youtube.com/watch?v=DXklOoiJXVs
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

DC32 - Red Team Village x Horizon3.ai
Thank you for being one of our platinum sponsors! Additional information about Horizon3.ai can be obtained from https://www.horizon3.ai. Red Team Village Website: https://redteamvillage.io Discord: https://redteamvillage.io/discord Twitter: https://redteamvillage.io/twitter
https://www.youtube.com/watch?v=kuviZ77aUB8
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

CrowdStrike Global Outage (Crowd Struck) - ThreatWire
DESCRIPTION BOX ⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️ @endingwithali → Twitch: https://twitch.tv/endingwithali Twitter: https://twitter.com/endingwithali YouTube: https://youtube.com/@endingwithali Everywhere else: https://links.ali.dev Want to work with Ali? endingwithalicollabs@gmail.com [❗] Join the Patreon→ https://patreon.com/threatwire 0:00 0 - Intro 00:08 1 - Scattered Spider Arrest 00:28 2 - Furry Hacker Are Back 01:21 3 - CVE Of the Week 01:38 4 - CrowdStrike 07:29 - Outro LINKS 🔗 Story 1: Scattered Spider Arrest https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-320a https://westoahu.hawaii.edu/cyber/global-weekly-exec-summary/alphv-hackers-reveal-details-of-mgm-cyber-attack/ https://thehackernews.com/2024/07/scattered-spider-adopts-ransomhub-and.html 🔗...
https://www.youtube.com/watch?v=N8iOe5NwIAo
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

This is The Fastest Hacking & Recon Tool
LIKE and SUBSCRIBE with NOTIFICATIONS ON if you enjoyed the video! 👍 📚 If you want to learn bug bounty hunting from me: https://bugbounty.nahamsec.training 💻 If you want to practice some of my free labs and challenges: https://app.hackinghub.io 💵 FREE 0 DigitalOcean Credit: https://m.do.co/c/3236319b9d0b 🔗 LINKS: 📖 MY FAVORITE BOOKS: Bug Bounty Bootcamp: The Guide to Finding and Reporting Web Vulnerabilities -https://amzn.to/3Re8Pa2 Hacking APIs: Breaking Web Application Programming Interfaces - https://amzn.to/45g4bOr Black Hat GraphQL: Attacking Next Generation APIs - https://amzn.to/455F9l3 🍿 WATCH NEXT: If I Started Bug Bounty Hunting in 2024, I'd Do this - https://youtu.be/z6O6McIDYhU 2023 How to Bug Bounty - https://youtu.be/FDeuOhE5MhU Bug Bounty Hunting...
https://www.youtube.com/watch?v=7v6t6O0LMiY
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Planning Red Team Operations | Scope, ROE & Reporting
Hey guys, HackerSploit here back again with another video. This video outlines the process of planning and orchestrating Red Team operations. This video also outlines various Red Team resources, guides, and templates to plan and orchestrate a successful Red Team Operation. //LINKS & RESOURCES REDTEAM.GUIDE: https://redteam.guide/ The slides and written version of this video can be accessed on the HackerSploit Forum: https://forum.hackersploit.org/t/introduction-to-the-mitre-att-ck-framework/9127 //HACKERSPLOIT PLATFORMS BLOG ►► https://bit.ly/3qjvSjK FORUM ►► https://bit.ly/39r2kcY ACADEMY ►► https://bit.ly/39CuORr //SOCIAL NETWORKS TWITTER ►► https://bit.ly/3sNKXfq INSTAGRAM ►► https://bit.ly/3sP1Syh LINKEDIN ►► https://bit.ly/360qwlN PATREON ►► https://bit.ly/365iDLK MERCHANDISE...
https://www.youtube.com/watch?v=usDt-s2sACI
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Mapping APT TTPs With MITRE ATT&CK Navigator
Hey guys, HackerSploit here back again with another video. This video will introduce you to the MITRE ATT&CK Navigator and will illustrate how it can be operationalized for planning and orchestrating Red Team operations. MITRE ATT&CK Framework: https://attack.mitre.org/ MITRE ATT&CK Navigator: https://mitre-attack.github.io/attack-navigator/ //PLATFORMS BLOG ►► https://bit.ly/3qjvSjK FORUM ►► https://bit.ly/39r2kcY ACADEMY ►► https://bit.ly/39CuORr //SOCIAL NETWORKS TWITTER ►► https://bit.ly/3sNKXfq DISCORD ►► https://bit.ly/3hkIDsK INSTAGRAM ►► https://bit.ly/3sP1Syh LINKEDIN ►► https://bit.ly/360qwlN PATREON ►► https://bit.ly/365iDLK MERCHANDISE ►► https://bit.ly/3c2jDEn //BOOKS Privilege Escalation Techniques ►► https://amzn.to/3ylCl33 Docker...
https://www.youtube.com/watch?v=hN_r3JW6xsY
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Introduction To The MITRE ATT&CK Framework
Hey guys, HackerSploit here back again with another video. This video will introduce you to the MITRE ATT&CK framework and will illustrate how it can be operationalized for Red Team and Blue Team operations. The slides and written version of this video can be accessed on the HackerSploit Forum: https://forum.hackersploit.org/t/introduction-to-the-mitre-att-ck-framework/9127 MITRE ATT&CK Framework: https://attack.mitre.org/ //PLATFORMS BLOG ►► https://bit.ly/3qjvSjK FORUM ►► https://bit.ly/39r2kcY ACADEMY ►► https://bit.ly/39CuORr //SOCIAL NETWORKS TWITTER ►► https://bit.ly/3sNKXfq DISCORD ►► https://bit.ly/3hkIDsK INSTAGRAM ►► https://bit.ly/3sP1Syh LINKEDIN ►► https://bit.ly/360qwlN PATREON ►► https://bit.ly/365iDLK MERCHANDISE ►► https://bit.ly/3c2jDEn //BOOKS Privilege...
https://www.youtube.com/watch?v=LCec9K0aAkM
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Red Team Frameworks & Methodologies
Hey guys, HackerSploit here back again with another video. This video will introduce you to the various industry-standard frameworks and methodologies used by Red Teamers to plan and orchestrate successful Red Team operations. The slides and written version of this video can be accessed on the HackerSploit Forum: https://forum.hackersploit.org/t/red-team-frameworks-methodologies/9126 //PLATFORMS BLOG ►► https://bit.ly/3qjvSjK FORUM ►► https://bit.ly/39r2kcY ACADEMY ►► https://bit.ly/39CuORr //SOCIAL NETWORKS TWITTER ►► https://bit.ly/3sNKXfq DISCORD ►► https://bit.ly/3hkIDsK INSTAGRAM ►► https://bit.ly/3sP1Syh LINKEDIN ►► https://bit.ly/360qwlN PATREON ►► https://bit.ly/365iDLK MERCHANDISE ►► https://bit.ly/3c2jDEn //BOOKS Privilege Escalation Techniques...
https://www.youtube.com/watch?v=UafxorrS3mQ
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

DC32 - Red Team Village x Flare
Thank you for being a Diamond sponsor! For additional information about Flare, please visit https://flare.io. Red Team Village Website: https://redteamvillage.io Discord: https://redteamvillage.io/discord Twitter: https://redteamvillage.io/twitter
https://www.youtube.com/watch?v=7AON2imxy24
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Security@: Connect, Network, Share Ideas, and Collaborate
Security@ is coming to a location near you this year. Join us to learn how to take your cybersecurity program to the next level with HackerOne. Learn More at https://www.hackerone.com/2024-security-global
https://www.youtube.com/watch?v=2kI4n-v9SE8
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Retail Under Attack: HackerOne Customer Insights on Outsmarting Cybercriminals
For retail, a security breach costs .96M on average—and traditional security measures can't keep up with evolving threats. To protect your customer data and your reputation, proactive, always-on testing powered by ethical hackers is the way forward. Join this live Q&A with Swiss sportswear brand On and HackerOne to learn the real-world benefits and practicalities of a human-powered security testing program for retail and e-commerce. You'll walk away knowing: - The most significant threats facing retail and e-commerce—and how those threats are evolving. - How to reduce risk by identifying and quickly remediating your most critical vulnerabilities—more signal, less noise. - How human-powered security helps you keep pace with your rapidly expanding attack surface. - How ethical...
https://www.youtube.com/watch?v=34IFNwOYMNs
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

All AT&T Users Affected - ThreatWire
⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️ @endingwithali → Twitch: https://twitch.tv/endingwithali Twitter: https://twitter.com/endingwithali YouTube: https://youtube.com/@endingwithali Everywhere else: https://links.ali.dev Want to work with Ali? endingwithalicollabs@gmail.com [❗] Join the Patreon→ https://patreon.com/threatwire 0:00 0 - Intro 00:11 1 - GitLab CI/CD Vulnerability 00:48 2 - Signal Plain Text Encryption Key 02:23 3 - SeigedSec is Shutting Down 03:36 4 - AT&T Data Breach 06:54 5 - Outro LINKS 🔗 Story 1: GitLab CI/CD Vulnerability https://about.gitlab.com/releases/2024/07/10/patch-release-gitlab-17-1-2-released/ https://www.darkreading.com/application-security/-gitlab-sends-users-scrambling-again-with-new-ci-cd-pipeline-takeover-vuln 🔗 Story...
https://www.youtube.com/watch?v=8jQ0k_ERM6Y
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

DC32 - Red Team Village x Optiv
Thank you for being one of our sponsors! Additional information about Optiv can be obtained from https://optiv.com. Red Team Village Website: https://redteamvillage.io Discord: https://redteamvillage.io/discord Twitter: https://redteamvillage.io/twitter
https://www.youtube.com/watch?v=mbM3KEk8vxQ
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Mounting Linux Disk Images in Windows
Learn how to mount Linux disk images in Windows using the Windows Subsystem for Linux (WSL). We'll tackle common issues and their fixes. ⌨️ Command used in the video: sudo mount -o ro,loop,offset=[OFFSET],noload [IMAGE] /mnt/[MOUNTPOINT] If you're mounting images containing Logical Volume Management (LVM) volumes, additional steps are required: ✅ Install LVM2 (if not already installed) sudo apt install lvm2 (Debian/Ubuntu) sudo dnf install lvm2 (Fedora) sudo yum install lvm2 (RHEL) ✅ Create a loop device from the disk image: sudo losetup -f -P testimage.dd Here, "-f" tells losetup to find the next available loop device, and "-P" forces the kernel to scan the partition table on the newly created loop device. ✅ Refresh LVM so that the new device appears: sudo pvscan --cache This...
https://www.youtube.com/watch?v=W_youhia4dU
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

OpenAI Insecure Storage - ThreatWire
⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️ @endingwithali → Twitch: https://twitch.tv/endingwithali Twitter: https://twitter.com/endingwithali YouTube: https://youtube.com/@endingwithali Everywhere else: https://links.ali.dev Want to work with Ali? endingwithalicollabs@gmail.com [❗] Join the Patreon→ https://patreon.com/threatwire 0:00 0 - Intro 1 - OpenAI Pulled A Recall 2 - Twilio MFA Compromised 3 - Outro LINKS 🔗 Story 1: OpenAI Pulled A Recall https://www.threads.net/@pvieito/post/C85NVV6hvF6?xmt=AQGz0o3JtBOwk1nfUgk8lvxQoIV8E92xz1vK1IP8VC6zhA https://www.theverge.com/2024/7/3/24191636/openai-chatgpt-mac-app-conversations-plain-text 🔗 Story 2: Twilio MFA Compromised https://www.techradar.com/pro/security/twilio-data-breach-gets-a-whole-lot-worse-as-it-confirms-hackers-accessed-authy-user-phone-numbers https://techcrunch.com/2024/07/03/twilio-says-hackers-identified-cell-phone-numbers-of-two-factor-app-authy-users/ https://www.twilio.com/en-us/changelog/Security_Alert_Authy_App_Android_iOS https://www.twilio.com/en-us/changelog/end-of-life--eol--of-twilio-authy-desktop-apps -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆ Our...
https://www.youtube.com/watch?v=L0IBbmmaMiU
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

OWASP API Security Project - Paulo Silva & Erez Yalon
- Managed by the OWASP® Foundation https://owasp.org/
https://www.youtube.com/watch?v=hn4mgTu5izg
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Cloud-Squatting: The Never-ending Misery Of Deleted & Forgotten Cloud Assets - Abdullah Al-Sultani
- Managed by the OWASP® Foundation https://owasp.org/
https://www.youtube.com/watch?v=Q6cjhc7SszA
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Growing A Security Champion Program Into A Security Powerhouse - Bonnie Viteri
- Managed by the OWASP® Foundation https://owasp.org/
https://www.youtube.com/watch?v=Y0mJuAdi9DY
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

OWASP SAMM: Interactive Introduction And Update - Seba Deleersnyder & Bart De Win
- Managed by the OWASP® Foundation https://owasp.org/
https://www.youtube.com/watch?v=YHGrInrptPQ
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

OWASP Coraza Web Application Firewalls Revisited - José Carlos Chávez
- Managed by the OWASP® Foundation https://owasp.org/
https://www.youtube.com/watch?v=cTnStYlDII4
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Dawn Of The Dead: The Tale Of The Resurrected Domains - Pedro Fortuna
- Managed by the OWASP® Foundation https://owasp.org/
https://www.youtube.com/watch?v=fon4GR38f0s
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

OWASP SamuraiWTF - Kevin Johnson
- Managed by the OWASP® Foundation https://owasp.org/
https://www.youtube.com/watch?v=gorm_CTI-2w
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

5 AppSec Stories, And What We Can Learn From Them - Paul Molin
- Managed by the OWASP® Foundation https://owasp.org/
https://www.youtube.com/watch?v=kwmcOeCkYc0
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

DC32 - Red Team Village x White Knight Labs
Thank you for being one of our platinum sponsors! Additional information about White Knight Labs can be obtained from https://whiteknightlabs.com. Red Team Village Website: https://redteamvillage.io Discord: https://redteamvillage.io/discord Twitter: https://redteamvillage.io/twitter
https://www.youtube.com/watch?v=QQD0SJwJG8A
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Learn Game Hacking With Squally #gamehacking
Buy Squally & Learn Game Hacking at https://guidedhacking.com/squally 👨‍💻 Buy Our Courses: https://guidedhacking.com/register/ 💰 Donate on Patreon: https://patreon.com/guidedhacking ❤️ Follow us on Social Media: https://linktr.ee/guidedhacking ✏️ Tags: #reverseengineering #gamehacking squally game hacking tutorials game hacking bible squally game hacking course game hacking courses guidedhacking squally guided hacking squally game hacking guidedhacking.com game hacking website game hacking websites squally game hacking tutorials squally game hacking bible
https://www.youtube.com/watch?v=sYCjQQkKIJs
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Introduction To Red Teaming
Hey guys, HackerSploit here back again with another video. This video will introduce you to red teaming, and explain its origins and adoption in offensive cybersecurity. You will also learn about the key differences between Red Teaming and Penetration Testing. You will also be introduced to the various roles and responsibilities within a red team, including the red team operator and red team lead. Whether you're a beginner or looking to deepen your knowledge, this video provides a comprehensive overview to get you started on your red teaming journey. //PLATFORMS BLOG ►► https://bit.ly/3qjvSjK FORUM ►► https://bit.ly/39r2kcY ACADEMY ►► https://bit.ly/39CuORr //SOCIAL NETWORKS TWITTER ►► https://bit.ly/3sNKXfq DISCORD ►► https://bit.ly/3hkIDsK INSTAGRAM ►► https://bit.ly/3sP1Syh LINKEDIN...
https://www.youtube.com/watch?v=rHxYZwMz-DY
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

ELF File Format Explained
🔥 Learn How The ELF File Format Works 👨‍💻 Buy Our Courses: https://guidedhacking.com/register/ 💰 Donate on Patreon: https://patreon.com/guidedhacking ❤️ Follow us on Social Media: https://linktr.ee/guidedhacking 🔗 Learn More: https://guidedhacking.com/threads/elf-file-format-explained.20619/ ❤️ Thank You to Malcore: https://link.malcore.io/redirect/guidedhacking 👨‍💻 Script & Visuals by rexir: https://guidedhacking.com/members/280340/ 👩‍💻 Narration by wahsami: https://guidedhacking.com/members/wahsami.278740/ 📜 Video Description: What is the ELF File Format? The ELF (Executable and Linkable Format) is a standard file format used in Unix-like operating systems for executables, object code, shared libraries, and core dumps. It is designed to support...
https://www.youtube.com/watch?v=9uWMr3wdadM
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Continuous Security with HackerOne Bug Bounty: Cyber Defense Done Right
Relying solely on internal teams and automated tools can leave crucial vulnerabilities overlooked. Traditional methods struggle to keep up with limited resources, evolving threats, and complex systems. Enter HackerOne Bounty: Leveraging the expertise of the world's largest ethical hacker community, we offer proactive, continuous testing of your digital assets. Our custom-tailored bug bounty programs connect you with top-tier security researchers—and offer financial rewards to incentivize these creative minds to uncover novel and elusive vulnerabilities in your systems. Visit https://www.hackerone.com/solutions/continuous-security-testing for more information.
https://www.youtube.com/watch?v=zwDo2b4Oa5g
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

What was it like? #gamehacking
He's right you know 👆 👨‍💻 Buy Our Courses: https://guidedhacking.com/register/ 💰 Donate on Patreon: https://patreon.com/guidedhacking ❤️ Follow us on Social Media: https://linktr.ee/guidedhacking ✏️ Tags: #reverseengineering #gamehacking game hacking tutorials game hacking bible game hacking course game hacking courses guidedhacking guided hacking game hacking guidedhacking.com game hacking website game hacking websites game hacking tutorials game hacking bible
https://www.youtube.com/watch?v=a1fDB0rSaxs
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Pentesting Diaries 0x1 - SQL Injection 101
Hey guys, HackerSploit here back again with another video, Welcome to the all-new pentesting diaries series. Pentesting Diaries is a weekly video series, where I will be exploring various pentesting techniques and tools, with the primary objective of demystifying them to provide you with a deeper, more holistic understanding of how specific attack techniques work, what tools to use and how to correctly use these tools to optimize your efficiency. The lab used in this video can be accessed for free on the CYBER RANGES platform. The links to the platform and lab are listed below: // CYBER RANGES CYBER RANGES: https://app.cyberranges.com SQL Injection Lab: https://app.cyberranges.com/scenario/59bb8cec8b68ef17d2962512 //PLATFORMS BLOG ►► https://bit.ly/3qjvSjK FORUM ►► https://bit.ly/39r2kcY ACADEMY...
https://www.youtube.com/watch?v=fwXRVeIjs-w
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

HackerOne Live Hacking Event Recap: Tokyo w/ Paypal

https://www.youtube.com/watch?v=qSGzVytzJc4
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

New Course! Investigating Linux Devices
Check out Investigating Linux Devices, a comprehensive Linux forensics training course from 13Cubed! Starting with fundamental principles, Investigating Linux Devices rapidly progresses to encompass log analysis, file systems, persistence mechanisms, memory forensics, live response, and more! This course offers extensive hands-on practice and a capstone involving the analysis of a compromised system. Tailored for both beginners and seasoned professionals, it serves as an ideal resource for mastering Linux forensics! 🎉 Enroll today at training.13cubed.com! #Forensics #DigitalForensics #DFIR #LinuxForensics
https://www.youtube.com/watch?v=4sRFu_QTkXM
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

RTV x BC Security - An Introduction to CTFs
The Red Team Village Red Team Village Website: https://redteamvillage.io Discord: https://redteamvillage.io/discord Twitter: https://redteamvillage.io/twitter
https://www.youtube.com/watch?v=t5X8ONopEVk
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

XSS in PDF.js (CVE-2024-4367) - "Upload" [Akasec CTF 2024]
Video walkthrough for the "Upload" web challenge from Akasec CTF 2024. The challenge involved server-side XSS (dynamic PDF) using a recent exploit (CVE-2024-4367) and SSRF! Write-ups/tutorials aimed at beginners - Hope you enjoy 🙂 #Akasec #CTF #CaptureTheFlag #Pentesting #OffSec #WebSec #AppSec Write-ups: https://crypto-cat.gitbook.io/ctf-writeups/2024/akasec_24/web/upload ↢Social Media↣ Twitter: https://twitter.com/_CryptoCat GitHub: https://github.com/Crypto-Cat/CTF GitBook: https://crypto-cat.gitbook.io HackTheBox: https://app.hackthebox.eu/profile/11897 LinkedIn: https://www.linkedin.com/in/cryptocat Reddit: https://www.reddit.com/user/_CryptoCat23 YouTube: https://www.youtube.com/CryptoCat23 Twitch: https://www.twitch.tv/cryptocat23 ↢Akasec CTF 2024↣ https://ctf.akasec.club https://ctftime.org/event/2222 https://discord.gg/6yyzBnZP2e https://twitter.com/akasec_1337 https://www.linkedin.com/company/akasec-1337 ↢Resources↣ Ghidra:...
https://www.youtube.com/watch?v=XrSOaHoeJCo
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

2: XML External Entity Injection (XXE) - Gin and Juice Shop (Portswigger)
XML External Entity Injection (XXE) - Episode 3 of hacking the Gin and Juice shop; an intentionally vulnerable web application developed by Portswigger. The website was created primarily to demonstrate the features of Burp pro vulnerability scanner. However, throughout the series, we will leverage burp suite (and other tools) to exploit the high, medium, low and informational issues identified by the scanner. Hopefully these videos will be useful for aspiring bug bounty hunters, security researchers, pentesters, CTF players etc 🙂 #BugBounty #EthicalHacking #PenTesting #AppSec #WebSec #InfoSec #OffSec ↢Social Media↣ Twitter: https://twitter.com/_CryptoCat GitHub: https://github.com/Crypto-Cat/CTF HackTheBox: https://app.hackthebox.eu/profile/11897 LinkedIn: https://www.linkedin.com/in/cryptocat Reddit:...
https://www.youtube.com/watch?v=hixTxzYDuDg
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

privacy 🤣 #protonmail #vpn #privacy
Buy Our Courses 👨‍💻 https://guidedhacking.com/register/ Donate on Patreon 💰 https://patreon.com/guidedhacking Follow us on Social Media ❤️ https://linktr.ee/guidedhacking ✏️ Tags: #protonmail #protonvpn #privacy protonmail meme proton mail meme protonvpn proton vpn I use protonmail to that the feds can't track! meanwhile the feds meme protonmail memes vpn memes privacy obsessed people are mentally ill privacy tools
https://www.youtube.com/watch?v=q4F0kdZSA10
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

HackerSploit Channel Update 2024
Hey guys, HackerSploit here back again with another video. Just wanted to provide you with an update on where I have been and what the content plan is for the channel. Lots of exciting content ahead, and I look forward to continuing the journey we started. I would also like to thank everyone for their support during my absence and for checking in on me. It is greatly appreciated. //PLATFORMS BLOG ►► https://bit.ly/3qjvSjK FORUM ►► https://bit.ly/39r2kcY ACADEMY ►► https://bit.ly/39CuORr //SOCIAL NETWORKS TWITTER ►► https://bit.ly/3sNKXfq DISCORD ►► https://bit.ly/3hkIDsK INSTAGRAM ►► https://bit.ly/3sP1Syh LINKEDIN ►► https://bit.ly/360qwlN PATREON ►► https://bit.ly/365iDLK MERCHANDISE ►► https://bit.ly/3c2jDEn //BOOKS Privilege Escalation Techniques...
https://www.youtube.com/watch?v=s1Hl9_stdqk
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

The Weird Windows Feature You've Never Heard Of
In this episode, we'll explore File System Tunneling, a lesser-known legacy feature of Windows. We'll uncover the fascinating behind-the-scenes functionality and discuss the potential implications for forensic examinations of compromised systems. *** If you enjoy this video, please consider supporting 13Cubed on Patreon at patreon.com/13cubed. *** 📖 Chapters 00:00 - Intro 05:06 - File System Tunneling Demo 🛠 Resources The Apocryphal History of File System Tunnelling: https://devblogs.microsoft.com/oldnewthing/20050715-14/?p=34923 File System Tunneling in Windows (Jason Hale): https://df-stream.com/2012/02/file-system-tunneling-in-windows/ File System Tunneling (Harlan Carvey): https://windowsir.blogspot.com/2010/04/linksand-whatnot.html #Forensics #DigitalForensics #DFIR #ComputerForensics...
https://www.youtube.com/watch?v=D5lQVdYYF4I
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Beyond the Algorithm: AI Developers' AMA
Artificial intelligence and machine learning technologies are becoming increasingly integral to the software development landscape, introducing groundbreaking opportunities and significant challenges for developers and engineers. Join the Beyond the Algorithm: AI Developers' Ask-Me-Anything (AMA) session featuring seasoned AI engineers ready to tackle your questions. They'll dive into the nitty-gritty of applied AI/ML, focusing on the technical challenges, opportunities for innovation, trustworthiness, and ethical considerations, and identifying and mitigating algorithmic flaws based on their professional experiences. To learn more about our products and offerings as we embrace the transformative potential of AI safety and security, click here: https://www.hackerone.com/ai.
https://www.youtube.com/watch?v=pUxmBmHeja4
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

How I Hack or Pentest Mobile Apps [feat @BugBountyReportsExplained]
From a podcast with @BugBountyReportsExplained. Connect with me: X: https://twitter.com/cristivlad25 IG: https://instagram.com/cristivladz
https://www.youtube.com/watch?v=tMMFx1JzEek
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Live at the RSA expo hall!

https://www.youtube.com/watch?v=y7-J8g3_9l8
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Zombieware
Self-replicating malware, long abandoned by its operators, continues to contribute significant volume and noise to malware feeds. We investigate this trend, which we refer to as Zombieware! Join us on Patreon for Part 2 where we reverse engineer a popular file infector and write an extractor to recover the infected files! https://www.patreon.com/posts/zombieware-part-103656376 Full Zombieware blog post can be found on our UnpacMe blog here: https://blog.unpac.me/2024/04/25/zombieware/ Ladislav Zezula's excellent talk from BSides Prague can be found here: https://www.youtube.com/watch?v=OgXvd-Wce9o ----- OALABS DISCORD https://discord.gg/oalabs OALABS PATREON https://www.patreon.com/oalabs Twitch https://www.twitch.tv/oalabslive OALABS GITHUB https://github.com/OALabs UNPACME - AUTOMATED...
https://www.youtube.com/watch?v=NNLZmB6_aGA
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Burp Suite - Part 15 - Intruder VI
Connect with me: X: https://twitter.com/cristivlad25 IG: https://instagram.com/cristivladz
https://www.youtube.com/watch?v=yUfmictGMDQ
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

HackerOne Live Hacking Event Recap: Las Vegas w/ Amazon

https://www.youtube.com/watch?v=iIguwAIYDKQ
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Burp Suite Certified Professional (BSCP) Review + Tips/Tricks [Portswigger]
Burp Suite Certified Professional (BSCP) review, tips/tricks etc. Hopefully this videos will be useful for aspiring bug bounty hunters, security researchers, pentesters, CTF players etc who might be interested in taking the BSCP exam from Portswigger 🙂 #BSCP #BugBounty #EthicalHacking #PenTesting #AppSec #WebSec #InfoSec #OffSec Considering taking the HackTheBox CPTS course? You can find my full review for it here: https://youtu.be/UN5fTQtlKCc Looking for Portswigger lab walkthroughs? I produce videos for the @intigriti channel: https://www.youtube.com/playlist?list=PLmqenIp2RQciV955S2rqGAn2UOrR2NX-v ↢Social Media↣ Twitter: https://twitter.com/_CryptoCat GitHub: https://github.com/Crypto-Cat/CTF HackTheBox: https://app.hackthebox.eu/profile/11897 LinkedIn: https://www.linkedin.com/in/cryptocat Reddit:...
https://www.youtube.com/watch?v=L-3jJTGLAhc
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Is AI The Future Of Penetration Testing?
AI has the potential to revolutionize penetration testing by automating many repetitive, rote tasks like exploit development, vulnerability scanning, and report generation, thereby speeding up pen tests and making them more efficient. However, AI is not yet advanced enough to fully replace human expertise, especially when it comes to testing custom web applications and proprietary systems that require critical thinking and creativity. There are risks associated with AI, such as false positives/negatives, scope creep, and accidental system crashes, that necessitate skilled human oversight. As a result, pentesters' roles may evolve to focus more on validating AI tool output, conducting adversary simulations, and formulating high-level strategies rather than executing technical tasks. Furthermore,...
https://www.youtube.com/watch?v=CvSKuonYsHk
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

What We Love About HackerOne
At HackerOne, our mission is to make world-class security accessible to everyone and work with some of the world's top security-minded teams and organizations. Hear from HackerOne employees (or Hackeronies) as they explain their favorite things about HackerOne, such as the mission, the people, and the meaningful work. To learn more about employee culture at HackerOne, visit the HackerOne careers page: https://www.hackerone.com/careers
https://www.youtube.com/watch?v=3XGgW5xP7BE
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

10 Cybersecurity Tips For Small Businesses
Small businesses are underserved by the cybersecurity community. Solutions are too complicated, take too long to implement, and are too expensive. This often leads to do-it-yourself security, which means you're not fully addressing the risk of your organization as many do not have internal expertise. In addition, requirements, whether vendor, client, insurance, or compliance, typically lead security initiatives. This reactive approach means rushed decisions to fulfill requirements over investing in cybersecurity for the long term. We interviewed Bruno Aburto and Heather Noggle - two long-time small business security advocates on their top tips for helping organizations navigate the complexities of cybersecurity. AI & Cybersecurity Newsletter ------------------------------------------------ 👋...
https://www.youtube.com/watch?v=xwqO86qwyVs
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Web Application Penetration Testing: Steps, Methods, & Tools | PurpleSec
Web application penetration testing is comprised of four main steps including: 1. Information gathering. 2. Research and exploitation. 3. Reporting and recommendations. 4. Remediation with ongoing support. These tests are performed primarily to maintain secure software code development throughout its lifecycle. Coding mistakes, specific requirements, or lack of knowledge of cyber attack vectors are the main purposes of performing this type of penetration test. In this video, you'll learn the steps on how to perform security testing on a web application and popular tools used during a web application penetration test with real-life examples. Continue reading... https://purplesec.us/web-application-penetration-testing/ Sample Web Application Report --------------------------------------------------- https://purplesec.us/wp-content/uploads/2021/10/Web-Application-Penetration-Test-Sample-Report.pdf Video...
https://www.youtube.com/watch?v=e1DZYIddDrY
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

The Ultimate Guide to Arsenal Image Mounter
In this episode, we'll take an in-depth look at Arsenal Image Mounter. We'll start with the basics and cover the functionality included in the free version. Then, we'll look at advanced features including the ability to launch VMs from disk images, password bypass and password cracking, and working with BitLocker encrypted disk images. *** If you enjoy this video, please consider supporting 13Cubed on Patreon at patreon.com/13cubed. *** 📖 Chapters 00:00 - Intro 00:57 - Free Mode 07:55 - Professional Mode 08:43 - Launch a VM from a Disk Image 09:28 - Fixing a Common Issue 12:21 - Windows Authentication Bypass 14:55 - About DPAPI 16:36 - DPAPI: Password Attack Functionality 19:49 - Mounting VSCs 22:36 - Launch a VM from a VSC 23:45 - More VSC Options 26:08 - Working with BitLocker Images 🛠...
https://www.youtube.com/watch?v=4eifl8qvqVk
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

1: SQL Injection (Union + Blind) - Gin and Juice Shop (Portswigger)
SQL Injection - Episode 2 of hacking the Gin and Juice shop; an intentionally vulnerable web application developed by Portswigger. The website was created primarily to demonstrate the features of Burp pro vulnerability scanner. However, throughout the series, we will leverage burp suite (and other tools) to exploit the high, medium, low and informational issues identified by the scanner. Hopefully these videos will be useful for aspiring bug bounty hunters, security researchers, pentesters, CTF players etc 🙂 #BugBounty #EthicalHacking #PenTesting #AppSec #WebSec #InfoSec #OffSec ↢Social Media↣ Twitter: https://twitter.com/_CryptoCat GitHub: https://github.com/Crypto-Cat/CTF HackTheBox: https://app.hackthebox.eu/profile/11897 LinkedIn: https://www.linkedin.com/in/cryptocat Reddit: https://www.reddit.com/user/_CryptoCat23 YouTube:...
https://www.youtube.com/watch?v=4g2a-n4hjfY
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Why You Should Learn AI In Cybersecurity
Cybersecurity faces a difficult challenge with AI. The speed and complexity at which adversaries use this technology pose a serious risk for organizations. Defenders are struggling to keep pace with new use cases and the evolution of AI happening every day. So what's the best way to defend against AI and to enhance your career development in security? Learn AI. We interviewed Jonathan Todd and Tom Vazdar, two experts at the forefront of AI security to help address this growing threat and provide practical ways to empower security professionals. AI & Cybersecurity Newsletter ------------------------------------------------ 👋 If you're new here, then consider subscribing to our weekly newsletter featuring the top cybersecurity minds in the industry: https://www.linkedin.com/newsletters/ai-cybersecurity-insights-7058517055238504448/ Video...
https://www.youtube.com/watch?v=4cXM7CG2D90
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

How LLMs Are Being Exploited
Shubham Khichi has been working on cyber AGI for the past 7 years. Before that, he spent nearly a decade as a red team specialist and cybersecurity researcher. In this interview, Shubham shares his insights into how LLMs are being exploited by adversaries and provides practical tips to secure AI. AI & Cybersecurity Newsletter ------------------------------------------------ 👋 If you're new here, then consider subscribing to our weekly newsletter featuring the top cybersecurity minds in the industry: https://www.linkedin.com/newsletters/ai-cybersecurity-insights-7058517055238504448/ Video Chapters ------------------------------ 00:00 - Introduction 02:16 - What Is An LLM? 03:53 - Common Vulnerabilities With LLMs 09:34 - How LLMs Are Being Exploited 14:50 - Defending Against LLM Exploits 16:57...
https://www.youtube.com/watch?v=91CbW9XWotw
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

HackTheBox Cyber Apocalypse 2024: Web Challenge Walkthroughs
Video walkthrough for the first 7 web challenges from @HackTheBox Cyber Apocalypse CTF 2024 (Hacker Royale); Flag Command, TimeKORP, KORP Terminal, Labyrinth Linguist, Locktalk, SerialFlow and Testimonial. The challenges involved API testing, command injection, SQL injection (SQLi), server-side template injection (SSTI), 403 bypass (haproxy), JWT attacks, Memcached injection, python pickle deserialization, gRPC hacking and path traversal! Write-ups/tutorials aimed at beginners - Hope you enjoy 🙂 #HackTheBox #HTB #CyberApocalypse #CyberApocalypse24 #CTF #CaptureTheFlag #Pentesting #OffSec #WebSec #AppSec Write-ups: https://crypto-cat.gitbook.io/ctf-writeups/2024/cyber_apocalypse_24 Looking for more HTB CA '24 walkthroughs? Check out @SloppyJoePirates video: https://www.youtube.com/watch?v=EGItzKCxTdQ Sign...
https://www.youtube.com/watch?v=-vhl8ixthO4
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Should I report this vulnerability? Will I get a bounty?
It's really exciting to find your first bug BUT it's crushing when you realise it isn't reportable or comes back as NA from a client. Here are my top tips for identifying if you've found something and double checking before getting caught up in excitement! I still get emails about IDORs being NA because you need a victims cookie and hackers who are angry at bug bounty programs or triagers.
https://www.youtube.com/watch?v=T4EhE5f7fQg
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

How to take notes when you suck at it
This episode of the Bug Bounty course we talk about the importance of developing a personal note taking system that supports both hacking and learning. Emphasizing the differentiation between notes taken during hacking activities and those for learning about vulnerabilities. We look at methods for organizing and accessing your notes whether you are into Notion, Obsidian or Vim or even mind maps we'll look at how to integrate your notes with tools like Burp Suite. Creating your own knowledge base you can refer to every time you hack, tailored to individual needs and preferences and refine your own note-taking strategies for successful hacking and learning. 00:00 Introduction to the Bug Bounty Course 00:14 The Importance of a Personalized Note-Taking System 00:53 Sponsor Shoutout: Bugcrowd 01:45...
https://www.youtube.com/watch?v=uXuMvUPlvd0
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

0: Getting Started with Burp Suite - Gin and Juice Shop (Portswigger)
Intro / Setup for new web pentesting series (ft. burp suite crash course) - Episode 1 of hacking the Gin and Juice shop; an intentionally vulnerable web application developed by Portswigger. The website was created primarily to demonstrate the features of Burp pro vulnerability scanner. However, throughout the series, we will leverage burp suite (and other tools) to exploit the high, medium, low and informational issues identified by the scanner. Hopefully these videos will be useful for aspiring bug bounty hunters, security researchers, pentesters, CTF players etc 🙂 #BugBounty #EthicalHacking #PenTesting #AppSec #WebSec #InfoSec #OffSec ↢Social Media↣ Twitter: https://twitter.com/_CryptoCat GitHub: https://github.com/Crypto-Cat/CTF HackTheBox: https://app.hackthebox.eu/profile/11897 LinkedIn:...
https://www.youtube.com/watch?v=FPzoD_nUQYU
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Where's the 4624? - Logon Events vs. Account Logons
In this episode, we'll learn about the difference between "Logon Events" and "Account Logons" and explore a scenario in which communication occurs between two domain-joined workstations. Where will we find Event ID 4624 and other account-related Event IDs of interest? *** If you enjoy this video, please consider supporting 13Cubed on Patreon at patreon.com/13cubed. *** 📖 Chapters 00:00 - Intro 01:18 - Win11-Test-VM 02:14 - Win10-Test-VM 03:41 - Win2019-Test-VM 05:28 - Recap 🛠 Resources Logon/Logoff Events: https://www.ultimatewindowssecurity.com/securitylog/book/page.aspx?spid=chapter5 Account Logon Events: https://www.ultimatewindowssecurity.com/securitylog/book/page.aspx?spid=chapter4 #Forensics #DigitalForensics #DFIR #ComputerForensics #WindowsForensics
https://www.youtube.com/watch?v=EXsKJ9kIc6s
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

The Value Of A vCISO For Small Business
Greg Schaffer shares his over 33 years of information technology and cybersecurity experience on the value small and mid-sized businesses gain from working with a virtual CISO (vCISO). AI & Cybersecurity Newsletter ------------------------------------------------ 👋 If you're new here, then consider subscribing to our weekly newsletter featuring the top cybersecurity minds in the industry: https://www.linkedin.com/newsletters/ai-cybersecurity-insights-7058517055238504448/ Video Chapters ------------------------- 00:00 - Introduction 02:55 - LinkedIn Poll Results 08:40 - What Are The Responsibilities Of A vCISO? 14:00 - What Are The Benefits Of A vCISO For SMBs? 16:50 - What Are The Risks Of DIY Security? 19:38 - When Should A Small Business Hire A vCISO? 24:27 - What Should SMBs Look For...
https://www.youtube.com/watch?v=YpJPOPfbkLQ
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

LA CTF 2024: Web Challenge Walkthroughs (1-4)
Video walkthrough for first 4 web challenges from LA CTF 2024; terms-and-conditions, flaglang, la-housing-portal and new-housing-portal. The challenges involved JS manipulation, cookie tampering, SQL injection and cross-site scripting. Write-ups/tutorials aimed at beginners - Hope you enjoy 🙂 #LACTF #CTF #Pentesting #OffSec #WebSec ↢Social Media↣ Twitter: https://twitter.com/_CryptoCat GitHub: https://github.com/Crypto-Cat/CTF HackTheBox: https://app.hackthebox.eu/profile/11897 LinkedIn: https://www.linkedin.com/in/cryptocat Reddit: https://www.reddit.com/user/_CryptoCat23 YouTube: https://www.youtube.com/CryptoCat23 Twitch: https://www.twitch.tv/cryptocat23 ↢LA CTF↣ https://platform.lac.tf/challs https://lac.tf/discord https://ctftime.org/event/2102 ↢Resources↣ Ghidra: https://ghidra-sre.org/CheatSheet.html Volatility:...
https://www.youtube.com/watch?v=Z4P667ayUsg
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

RDP Authentication vs. Authorization
In this episode, we'll learn about an important RDP scenario involving Network Level Authentication (NLA) and the Windows Event Log entry that is generated as a result. We'll also see what happens when authentication succeeds, but authorization fails, and how that impacts what's logged. *** If you enjoy this video, please consider supporting 13Cubed on Patreon at patreon.com/13cubed. *** 📖 Chapters 00:00 - Intro 01:10 - Demo 🛠 Resources RDP Flowchart: https://13cubed.s3.amazonaws.com/downloads/rdp_flowchart.pdf #Forensics #DigitalForensics #DFIR #ComputerForensics #WindowsForensics
https://www.youtube.com/watch?v=OlENso8_u7s
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Introduction to YARA Part 4 - Efficient Rule Development
In this OALABS Patreon tutorial we cover the foundations of writing efficient YARA rules and provide some tips that can help speed up your YARA hunting. The full notes for this tutorial are unlocked for everyone on our Patreon https://www.patreon.com/posts/introduction-to-96638239 ----- OALABS DISCORD https://discord.gg/6h5Bh5AMDU OALABS PATREON https://www.patreon.com/oalabs Twitch https://www.twitch.tv/oalabslive OALABS GITHUB https://github.com/OALabs UNPACME - AUTOMATED MALWARE UNPACKING https://www.unpac.me/#/ -----
https://www.youtube.com/watch?v=xKeF_cPKXt0
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Introduction to YARA Part 3 - Rule Use Cases
In this OALABS Patreon tutorial we cover the three main use cases for YARA rules and how they apply to both BlueTeam/SOC operations and malware analysis. Fun notes have been unlocked for everyone on our Patreon here https://www.patreon.com/posts/introduction-to-96637668 The following are links to UnpacMe specific tutorials for developing each type of rule. Identifying specific malware families (unpacked) https://support.unpac.me/howto/hunting-with-yara/#identifying-specific-malware-families-unpacked Identifying malware on disk or in network traffic (packed) https://support.unpac.me/howto/hunting-with-yara/#identifying-malware-on-disk-or-in-network-traffic-packed Hunting (malware characteristics) https://support.unpac.me/howto/hunting-with-yara/#hunting-malware-characteristics ----- OALABS...
https://www.youtube.com/watch?v=xutDqu_OiH8
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Introduction to YARA Part 2 - Hunting on UnpacMe
In this OALABS Patreon tutorial we demonstrate a simple YARA hunting example using the UnpacMe free YARA scan service: https://www.unpac.me Full notes have been unlocked on our Patreon here https://www.patreon.com/posts/introduction-to-96637337 ----- OALABS DISCORD https://discord.gg/6h5Bh5AMDU OALABS PATREON https://www.patreon.com/oalabs Twitch https://www.twitch.tv/oalabslive OALABS GITHUB https://github.com/OALabs UNPACME - AUTOMATED MALWARE UNPACKING https://www.unpac.me/#/ -----
https://www.youtube.com/watch?v=Xqvlju9ED1c
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Introduction to YARA Part 1 - What is a YARA Rule
In this OALABS Patreon tutorial we cover the basics of YARA, what is it, how is it used, and how to write your first rule. Full notes have been unlocked on our Patreon here https://www.patreon.com/posts/introduction-to-96636471 ----- OALABS DISCORD https://discord.gg/6h5Bh5AMDU OALABS PATREON https://www.patreon.com/oalabs Twitch https://www.twitch.tv/oalabslive OALABS GITHUB https://github.com/OALabs UNPACME - AUTOMATED MALWARE UNPACKING https://www.unpac.me/#/ -----
https://www.youtube.com/watch?v=3BpIhbsDR_I
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Investigating Windows Courses
Check out the official 13Cubed Investigating Windows training courses, with 365-day access and a certification/digital badge attempt included! If you're looking for affordable, comprehensive, online, on-demand digital forensics training with 4K video, subtitles, and more, you've come to the right place! 🎉 Enroll today at https://training.13cubed.com #Forensics #DigitalForensics #DFIR #ComputerForensics #WindowsForensics #MemoryForensics
https://www.youtube.com/watch?v=BYmRdfmJPfY
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Approaching Large Scope Targets Without Feeling Overwhelmed
In this video, we discuss how beginners can tackle large scope targets in bug bounty hunting. These targets offer more flexibility and potential for bug discovery, making them a great starting point for new hackers. However, they can be overwhelming due to their size and diversity. We suggest focusing on one part of the larger scope, which helps you understand the target's application development process without becoming overwhelmed. We also delve into different reconnaissance techniques, including subdomain enumeration, Google Dorking, API enumeration, OSINT, and more. Lastly, we emphasize that while reconnaissance is critical for large scope targets, it is just a stepping stone to actually hacking and finding vulnerabilities. This series couldn't happen without the support of our sponsor...
https://www.youtube.com/watch?v=W4pafFxOOwc
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

New OWASP API Top 10 for Hackers
Blog article isn't done yet but I'll get it up ASAP! Today we explore the new OWASP API Top 10 in detail, the new version is much more hacker friendly and focuses on bugs we can find rather than defenders but how can we start to study these bugs and actually find them? Let's take a look at some of the changes in the new OWASP API top 10 2023, which ones I recommend for beginners just starting out with API hacking and when to look out for specific bugs There are a ton of vulnerabilities out there, like Prototype Pollution, SQL Injection, and remote code execution. And while they can be fun to exploit during CTFs but when they are lurking in our code…it's not as fun But that's where our sponsor Snyk comes in - Snyk scans your code, dependencies, containers, and configs, all in...
https://www.youtube.com/watch?v=sl1yqGhuVy4
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

E-commerce Flaws and 0-1000 Bounties
We're continuing our stories of bad bugs theme with some business logic flaws. Unfortunately, I couldn't find the link to the whitepaper with the e-commerce flaws, but I remember it being quantity manipulation, price manipulation by changing the currency and guessing giftcards. In today's video we look at a pretty basic authentication issue, a pretty boring price manipulation issue and end with an utterly underwhelming order number adjustment. Each of these bugs got paid a bounty between 0-1000, though some were duplicates that were split between me and other hackers because they were bugs found at live hacking events) There are a ton of vulnerabilities out there, like Prototype Pollution, SQL Injection, and remote code execution. And while they can be fun to exploit during CTFs but when...
https://www.youtube.com/watch?v=IsBgaEWpqro
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

OALABS Holiday Variety Show 2023
𝘔𝘦𝘳𝘳𝘺 𝘐𝘋𝘈𝘮𝘢𝘴 𝘢𝘯𝘥 𝘢 𝘏𝘢𝘱𝘱𝘺 𝘉𝘪𝘯𝘫𝘢-𝘠𝘦𝘢𝘳 Join us for our holiday special reverse engineering variety show! - Guess the prompt AI charades - Random RE banter - Suspicious liquids in bottles We've got it all! Merry Christmas everyone we will see you in 2024! ----- OALABS PATREON https://www.patreon.com/oalabs OALABS DISCORD https://discord.gg/6h5Bh5AMDU Twitch https://www.twitch.tv/oalabslive OALABS GITHUB https://github.com/OALabs UNPACME - AUTOMATED MALWARE UNPACKING https://www.unpac.me/#/ -----
https://www.youtube.com/watch?v=XMVhX29AJbQ
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

TryHackMe Advent Of Cyber Day 20 - DevSecOps
DevSecOps has enabled developers to be much more efficient, committing code and deploying it automatically, but it's a fantastic tool for us to go exploring and hacking in their pipelines! Advent of cyber is a yearly event run by TryHackMe, there are 24 days of cyber security challenges in December AND prizes for competing. Last year I finished every challenge soooooo, I think it's good. If you want to compete, join using this link: https://tryhackme.com/r/christmas
https://www.youtube.com/watch?v=wGO2dWVk1oM
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

🔥Resume Roast from our Content Manager Rachel. #shorts #resume #career #hacking

https://www.youtube.com/watch?v=012h_SV0bRs
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Hyper-V Memory Forensics - MemProcFS to the Rescue!
In this episode, we'll learn how to properly acquire memory from Microsoft Hyper-V guest virtual machines. 🎉 Update After I recorded this episode, Ulf Frisk, the author of MemProcFS, let me know that he has made some updates that no longer require you to copy the vmsavedstatedumpprovider.dll file to the MemProcFS directory if the SDK is installed in the ***default*** location. If installed to a different location, the file must still be copied. Additionally, the requirement to prepend the Hyper-V checkpoint file with hvsavedstate:// has also been removed. Both changes now make this process even easier! *** If you enjoy this video, please consider supporting 13Cubed on Patreon at patreon.com/13cubed. *** 📖 Chapters 00:00 - Intro 00:43 - Preparation 06:35 - Using MemProcFS 🛠 Resources MemProcFS: https://github.com/ufrisk/MemProcFS MemProcFS...
https://www.youtube.com/watch?v=Wbk6ayF_zaQ
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Updated Beginners Guide to API Bug Bounty
If you're just getting started with bug bounty hunting, web APIs are a fantastic place to start, they're easy to approach, can't easily be automated and are full of bugs. Join the free, API security live class on Zoom webinars https://www.traceable.ai/resources/lp/webinar-api-security-masterclass?utm_medium=org_social&utm_source=org_social&utm_campaign=tb This series couldn't happen without the support of our sponsor Bugcrowd, Bugcrowd is the best place to start hacking with a wide range of public and private programs from APIs to Desktop Applications and everything in between. Not ready to jump into a public program yet? Fill out your platform CV and sign up for a waitlisted program. Tell Bugcrowd a bit about your skills, previous certifications or experience and they'll...
https://www.youtube.com/watch?v=85vdKS0vNN0
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Is there ageism in #cybersecurity? Matt thinks so! What do you think? #shorts #hacking #ageism

https://www.youtube.com/watch?v=PH9CCcRhUbk
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

What Can an Attacker Actually Do With a Bug Anyway?
We explore the significance of understanding and explaining the impact of vulnerabilities in a bug bounty context. Using Flare.io, to peek into the dark web and see what attackers are actually doing with our vulnerabilities. We cover different vulnerabilities, provide guidelines on creating an effective impact statement, and offer three examples of impactful bug bounty reports. Before I give you my tips for explaining impact to triage and avoiding arguments over severity. Thank you to our sponsor Flare.io. Know your exposed attack surface, track threat intelligence, and set prioritized alerts (that cut out the noise) for your own info leaked on the dark web with Flare! Try a free trial and see what is out there: https://hi.flare.io/katie-paxton-fear-free-trial/. 00:00 Introduction to Impact...
https://www.youtube.com/watch?v=4gjUby6LGFk
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Tips For Analyzing Delphi Binaries in IDA (Danabot)
Reverse Engineering Delphi is a nightmare ... or it can be if you don't have the right setup! In this clip we cover some easy tips that can help make some of the analysis a bit easier. Full notes with links for tools are available here: https://research.openanalysis.net/danabot/loader/delphi/2023/12/04/danabot.html Full stream with analysis of the Danabot loader is available on Patreon here: https://www.patreon.com/posts/live-stream-vod-94510766 ----- OALABS PATREON https://www.patreon.com/oalabs OALABS DISCORD https://discord.gg/6h5Bh5AMDU Twitch https://www.twitch.tv/oalabslive OALABS GITHUB https://github.com/OALabs UNPACME - AUTOMATED MALWARE UNPACKING https://www.unpac.me/#/ -----
https://www.youtube.com/watch?v=04RsqP_P9Ss
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

TryHackMe Advent Of Cyber Day 10 - SQL Injection
Today we escalate a SQL injection vulnerability into a RCE, and explore MS SQL Server Advent of cyber is a yearly event run by TryHackMe, there are 24 days of cyber security challenges in December AND prizes for competing. Last year I finished every challenge soooooo, I think it's good. If you want to compete, join using this link: https://tryhackme.com/r/christmas
https://www.youtube.com/watch?v=25QTczDdRtI
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

TryHackMe Advent Of Cyber Day 7 - Log Analysis
Today we abandon our red hats for the day and dive into the blue team, there's a piece of malware on the network, but how can we tell? Well it's time for us to dive into proxy logs and the cut command to find out! Advent of cyber is a yearly event run by TryHackMe, there are 24 days of cyber security challenges in December AND prizes for competing. Last year I finished every challenge soooooo, I think it's good. If you want to compete, join using this link: https://tryhackme.com/r/christmas
https://www.youtube.com/watch?v=cG8UH8xwmaY
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

The truth about API hacking...

https://www.youtube.com/watch?v=WnJSf2OZVUE
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Hacking when all the bugs have been found?
Finding bugs on the main app is something a lot of people are a little afraid of, a lot of people think that if a program has been out a while that there's no point even looking at it. But actually the majority of my bugs have actually been on the main application and rarely do I write off a program as unhackable. As you all know by now recon is definitely one of my weakest skills, so here are some tips for approaching the main app and actually getting bugs. This series couldn't happen without the support of our sponsor Bugcrowd, Bugcrowd is the best place to start hacking with a wide range of public and private programs from APIs to Desktop Applications and everything in between. Not ready to jump into a public program yet? Fill out your platform CV and sign up for a waitlisted program....
https://www.youtube.com/watch?v=S077-waODvc
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

How To Recognize Macro Encrypted Strings in Malware
How to identify when a macro is used to encrypt strings in malware... inferring source from disassembly! ----- OALABS PATREON https://www.patreon.com/oalabs OALABS DISCORD https://discord.gg/6h5Bh5AMDU Twitch https://www.twitch.tv/oalabslive OALABS GITHUB https://github.com/OALabs UNPACME - AUTOMATED MALWARE UNPACKING https://www.unpac.me/#/ -----
https://www.youtube.com/watch?v=fEAGYjhKzJY
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

How to Approach an OSINT Challenge - "Photographs" [INTIGRITI 1337UP LIVE CTF 2023]
Video walkthrough for "Photographs", an opensource intelligence (OSINT) challenge from the @intigriti 1337UP LIVE CTF 2023. The challenge required players to examine exifdata and then trace back through alt accounts created by the target, exploring social media accounts uncovered using sherlock (and Google), reverse image searching etc. They would eventually find an interesting comment on a blog indicating location data was shared. This was a hint that players need to check the waybackmachine for an archived copy of the page, which contained the flag! Write-ups/tutorials aimed at beginners - Hope you enjoy 🙂 #INTIGRITI #CTF #OSINT ↢Social Media↣ Twitter: https://twitter.com/_CryptoCat GitHub: https://github.com/Crypto-Cat/CTF HackTheBox: https://app.hackthebox.eu/profile/11897 LinkedIn:...
https://www.youtube.com/watch?v=JpZ9nTx-2PI
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Testing e-commerce? Here's what to look for 👌

https://www.youtube.com/watch?v=6DuW9BjWJ6w
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Format String Vulnerability - "Floor Mat Store" [INTIGRITI 1337UP LIVE CTF 2023]
Video walkthrough for "Floor Mat Store", a binary exploitation challenge I made for the @intigriti 1337UP LIVE CTF 2023. It was a fairly standard pwn challenge, requiring players to exploit a format string vulnerability (damn you printf *shakes fist at computer*). I tried to add some small twists and give it a theme to keep it interesting! Write-ups/tutorials aimed at beginners - Hope you enjoy 🙂 #INTIGRITI #CTF #Pwn #BinaryExploitation #BugBounty ↢Social Media↣ Twitter: https://twitter.com/_CryptoCat GitHub: https://github.com/Crypto-Cat/CTF HackTheBox: https://app.hackthebox.eu/profile/11897 LinkedIn: https://www.linkedin.com/in/cryptocat Reddit: https://www.reddit.com/user/_CryptoCat23 YouTube: https://www.youtube.com/CryptoCat23 Twitch: https://www.twitch.tv/cryptocat23 ↢INTIGRITI...
https://www.youtube.com/watch?v=Zu32BHwH-sA
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Websocket SQLi and Weak JWT Signing Key - "Bug Report Repo" [INTIGRITI 1337UP LIVE CTF 2023]
Video walkthrough for "Bug Report Repo", a web challenge I made for the @intigriti 1337UP LIVE CTF 2023. The challenge had multiple parts; first you need to use an IDOR to find a hidden bug report from ethical_hacker. Next, you exploit SQL injection over websocket protocol (either with custom script, or modified proxy for SQLMap). Once you find creds in the DB for the hidden endpoint, you login to find only the admin can read the config. Since the server uses JWT-based authentication, you crack the HS256 signing key with a tool like jwt_tool/hashcat/john, and then forge a new token with the username "admin". Now you just need to swap the cookies to find your flag! Write-ups/tutorials aimed at beginners - Hope you enjoy 🙂 #INTIGRITI #CTF #Web #BugBounty Full writeup: https://github.com/Crypto-Cat/CTF/blob/main/ctf_events/intigriti_23/web/bug_report_repo.md ↢Social...
https://www.youtube.com/watch?v=kgndZOkgVxQ
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

An Important Change to ShellBags - Windows 11 2023 Update!
In this episode, we'll learn about an important change introduced with the September 26, 2023 Windows 11 Configuration Update, and how that change affects ShellBags! *** If you enjoy this video, please consider supporting 13Cubed on Patreon at patreon.com/13cubed. *** 📖 Chapters 00:00 - Intro 02:07 - Demo 07:34 - Recap 🛠 Resources September 26, 2023 Windows 11 Configuration Update: https://support.microsoft.com/en-us/topic/september-26-2023-windows-configuration-update-542780c2-594c-46cb-979d-11116fe164ba#:~:text=Note%20The%20update%20to%20Windows,to%20broaden%20availability%20over%20time #Forensics #DigitalForensics #DFIR #ComputerForensics #WindowsForensics
https://www.youtube.com/watch?v=M1nyMIu1Y18
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Direct vs. Indirect Syscalls What Is All The HYPE?! [OALABS Call-In Show]
Our live discord call-in show debates! Are indirect syscalls even required? What are they and how are they used?! What are EDR vendors doing to detect them and why you might care.... ----- OALABS PATREON https://www.patreon.com/oalabs OALABS DISCORD https://discord.gg/6h5Bh5AMDU Twitch https://www.twitch.tv/oalabslive OALABS GITHUB https://github.com/OALabs UNPACME - AUTOMATED MALWARE UNPACKING https://www.unpac.me/#/ -----
https://www.youtube.com/watch?v=W2SeruUxhDs
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Are Red Team Tools Helping or Hurting Our Industry? [OALABS Call-In Show]
Our live discord call-in show debates! Are red team tools really helping our industry or are they just giving malware operators a free lunch?! ----- OALABS PATREON https://www.patreon.com/oalabs OALABS DISCORD https://discord.gg/6h5Bh5AMDU Twitch https://www.twitch.tv/oalabslive OALABS GITHUB https://github.com/OALabs UNPACME - AUTOMATED MALWARE UNPACKING https://www.unpac.me/#/ -----
https://www.youtube.com/watch?v=ur6csODQHKI
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

October 12, 2023

https://www.youtube.com/watch?v=1GbAFa_i-bk
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

VMware Memory Forensics - Don't Miss This Important Detail!
In this episode, we'll learn how to properly acquire memory from VMware ESXi guest virtual machines. *** If you enjoy this video, please consider supporting 13Cubed on Patreon at patreon.com/13cubed. *** 📖 Chapters 00:00 - Intro 01:45 - VMware ESXi Snapshot Creation 04:57 - Analysis 06:20 - Recap 🛠 Resources Memory Forensics for Virtualized Hosts: https://blogs.vmware.com/security/2021/03/memory-forensics-for-virtualized-hosts.html #Forensics #DigitalForensics #DFIR #ComputerForensics #WindowsForensics #MemoryForensics
https://www.youtube.com/watch?v=P0yw93GJsYU
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Reverse Engineering With Unicorn Emulation
In this OALABS Patreon tutorial we will learn how to use the Unicorn Emulator to assist with reverse engineering! This is the second part in a five-part tutorial series that can be found on our Patreon here... https://www.patreon.com/oalabs/posts?filters%5Btag%5D=Applied+Emulation Lab Notes https://gist.github.com/herrcore/1a5af37f91a6f9b263a527c98c7b08bd ----- OALABS DISCORD https://discord.gg/6h5Bh5AMDU OALABS PATREON https://www.patreon.com/oalabs Twitch https://www.twitch.tv/oalabslive OALABS GITHUB https://github.com/OALabs UNPACME - AUTOMATED MALWARE UNPACKING https://www.unpac.me/#/ -----
https://www.youtube.com/watch?v=-CNy4qh08iU
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

401 Access Denied Ep88: The RISE of the CISO with Merike Kaeo
This week Joe Carson is joined by Merike Kaeo as they discuss the dynamic role of the CISO within an organization. They dive deeper into the role and how it interacts with different areas of the business, and what specific assets need protection and within what frameworks. An episode not to be missed! Jump-start your cybersecurity career for FREE with Cybrary! Follow us on Social! ~Cybrary Twitter ~Delinea Twitter ~Instagram ~Facebook ~YouTube
https://www.youtube.com/watch?v=FklaFGnBEyQ
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Old School MS-DOS Commands for DFIR
In this episode, we'll look at numerous old-school MS-DOS commands from the 80's and 90's that are still very valid and useful today -- even in Windows 11! Learn how to perform complex file searches, change file attributes, view Alternate Data Streams, and more - right from the Command Prompt! *** If you enjoy this video, please consider supporting 13Cubed on Patreon at patreon.com/13cubed. *** 📖 Chapters 00:00 - Intro 02:15 - DIR 03:01 - CLS 03:55 - DIR /A 05:07 - DIR /AH 05:47 - DIR /AD 07:21 - DIR /OD 08:12 - DIR /TC 08:34 - DIR /A/TC/OD 09:26 - DIR /W 10:10 - DIR /S [FILENAME] 11:40 - DIR /S/A [FILENAME] 13:16 - DIR /S/A ?.EXE 14:16 - DIR /S/A ??.EXE 15:11 - DIR /P 16:17 - DIR /S/A [PATTERN]*.?? 17:49 - DIR /S/AH ?.EXE 18:52 - CD | CHDIR 20:25 - DIR /R 20:44 - DIR /R/A 21:25 - MORE...
https://www.youtube.com/watch?v=SfG25LmNkT0
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Emulation Fundamentals - Writing A Basic x86 Emulator
In this OALABS Patreon tutorial we will explore how an emulator works by building one ourselves! This is the first part in a five-part tutorial series that can be found on our Patreon here... https://www.patreon.com/oalabs/posts?filters%5Btag%5D=Applied+Emulation The demo Jupyter Lab note can be found on GitHub here... https://gist.github.com/herrcore/f25bcf55fa10fa8d04effc172eeb63c9 ----- OALABS DISCORD https://discord.gg/6h5Bh5AMDU OALABS PATREON https://www.patreon.com/oalabs Twitch https://www.twitch.tv/oalabslive OALABS GITHUB https://github.com/OALabs UNPACME - AUTOMATED MALWARE UNPACKING https://www.unpac.me/#/ -----
https://www.youtube.com/watch?v=HPrqOIdNlrQ
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Unity Game Hacking Challenge - "Azusawa's Gacha World" [SekaiCTF]
Video walkthrough for "Azusawa's Gacha World", a [game] reversing challenge from Project SEKAI CTF 2023. The challenge involved memory manipulation with cheat engine (optional), reverse engineering of Unity game code (C#) in dnSpy, some network traffic analysis and HTTP traffic manipulation. Write-ups/tutorials aimed at beginners - Hope you enjoy 🙂 #SEKAICTF #ProjectSEKAI #CTF #ReverseEngineering #GameHacking #CheatEngine You can find my full write-up here: https://github.com/Crypto-Cat/CTF/blob/main/ctf_events/sekai_23/rev/azusawas_gacha_world.md 🥰 If you liked this video and/or want to learn more about game hacking with cheat engine, check out the full tutorial series I created on the @intigriti channel: https://www.youtube.com/watch?v=ku6AtIY-Lu0&list=PLmqenIp2RQcg0x2mDAyL2MC23DAGcCR9b...
https://www.youtube.com/watch?v=R8EnhRDDWFg
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Intruder Alert Ep. 6 | Deconstructing Malware Attacks & Forging a Career in Cybersecurity
In this episode of Intruder Alert, Marcus Hutchins is joined by cybersecurity expert Caitlin Sarian, known for her role as the Global Lead of Cybersecurity Advocacy and Culture at TikTok and her expertise in data protection and privacy compliance. Marcus and Caitlin provide technical insight into the latest US malware attacks and share invaluable advice on breaking into the cybersecurity field. Follow us on Social!! ~Twitter ~Instagram ~FaceBook ~YouTube ~LinkedIn Jump-start your cybersecurity career for FREE with Cybrary!
https://www.youtube.com/watch?v=2aRgdmTdtK0
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

DC31 - Red Team Village - Recap
Red Team Village Website: https://redteamvillage.io Discord: https://redteamvillage.io/discord Twitter: https://redteamvillage.io/twitter
https://www.youtube.com/watch?v=my568xKtgLg
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Is your favorite on here?? #favorite #cybersecurity #hacker

https://www.youtube.com/watch?v=KPPH7vJZajQ
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

401 Access Denied: Protecting Society and the Role of CERT with Tonu
In this episode we join host Joe Carson as he discusses state cybersecurity with Tonu Tammer of the Estonian National Cybersecurity Center. Tonu goes into the day-to-day operations of defending a country and its citizens from adversaries, as well as ransomware and DDOS attacks. Come along for an in-depth discussion with a cyber defender with years of experience in this exciting new episode! Jump-start your cybersecurity career for FREE with Cybrary! Follow us on Social! ~Cybrary Twitter ~Delinea Twitter ~Instagram ~Facebook ~YouTube
https://www.youtube.com/watch?v=aYCyFDlK7vg
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

HackerOne x Red Team Village
Thank you HackerOne for Sponsoring the Red Team Village! Additional information about HackerOne can be obtained from https://hackerone.com The Red Team Village Red Team Village Website: https://redteamvillage.io Discord: https://redteamvillage.io/discord Twitter: https://redteamvillage.io/twitter
https://www.youtube.com/watch?v=6XzKgYF3kDU
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

DC31 - Red Team Village - Hack The Box
Additional information about Hack The Box can be found at hackthebox.eu Red Team Village Website: https://redteamvillage.io Discord: https://redteamvillage.io/discord Twitter: https://redteamvillage.io/twitter
https://www.youtube.com/watch?v=DX61G7v3jvw
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

DC31 - Red Team Village - Meta
Additional information about Meta can be found at meta.com. Red Team Village Website: https://redteamvillage.io Discord: https://redteamvillage.io/discord Twitter: https://redteamvillage.io/twitter
https://www.youtube.com/watch?v=uizRK9qLsJM
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Intruder Alert Ep. 5 | Community Uprising: Unravelling the Reddit Blackout
In the latest episode of Intruder Alert, Marcus Hutchins and Cybrary blue teamer, Marc Balingit, delve into the the uproar around Reddit's blackout. They unravel the intricacies of Reddit's contentious API changes, which have cornered third-party apps like Apollo, sparking a sweeping blackout protest across thousands of subreddits. Furthermore, they explore the impact of Twitch's fresh policy adjustments, which are a threat to streamers' ad revenue, and other news impacting online communities. Follow us on Social!! ~Twitter ~Instagram ~FaceBook ~YouTube ~LinkedIn Jump-start your cybersecurity career for FREE with Cybrary!
https://www.youtube.com/watch?v=8_CEqpKU8AA
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

DOM Clobbering, Prototype Pollution and XSS - "sanity" Walkthrough [Amateurs CTF 2023]
Video walkthrough for "sanity", a web challenge from Amateurs CTF 2023. The challenge involved DOM clobbering, prototype pollution and XSS. Write-ups/tutorials aimed at beginners - Hope you enjoy 🙂 #AmateursCTF #CTF #Pentesting #OffSec #WebSec You can find my full write-up here: https://github.com/Crypto-Cat/CTF/blob/main/ctf_events/amateurs_23/web/sanity.md 🥰 ↢Social Media↣ Twitter: https://twitter.com/_CryptoCat GitHub: https://github.com/Crypto-Cat/CTF HackTheBox: https://app.hackthebox.eu/profile/11897 LinkedIn: https://www.linkedin.com/in/cryptocat Reddit: https://www.reddit.com/user/_CryptoCat23 YouTube: https://www.youtube.com/CryptoCat23 Twitch: https://www.twitch.tv/cryptocat23 ↢Amateurs CTF↣ https://ctf.amateurs.team/challs https://discord.com/invite/gCX22asy65 ↢Resources↣ Ghidra:...
https://www.youtube.com/watch?v=AO7CDquZ690
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

DC31 - Red Team Village - Buddobot
Additional information about Buddobot can be found at buddobot.com. Red Team Village Website: https://redteamvillage.io Discord: https://redteamvillage.io/discord Twitter: https://redteamvillage.io/twitter
https://www.youtube.com/watch?v=ubVLiJ17Sd4
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Trying to demo the #hacker side without getting 🤐🤐🤐 by the platform. Oops! #cybersecurity

https://www.youtube.com/watch?v=p_OgaSkmBMM
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

401 Access Denied: Ep. 85 | Key Takeaways from the Verizon DBIR with Tony Goulding
Join host Joseph Carson and guest Tony Goulding as they break down the annual Verizon breach report. With over 16,000 incidents and more than 5,200 data breaches, there's a lot to look at. Tony and Joe have some great takeaways from this critical annual report and share their expert insights on what's new, what's changed, and what we're not doing so bad at (hint: MFA goes a long way!) Jump-start your cybersecurity career for FREE with Cybrary! Follow us on Social! ~Cybrary Twitter ~Delinea Twitter ~Instagram ~Facebook ~YouTube
https://www.youtube.com/watch?v=luXnfWO_U7I
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

AV Emulation Detection Tricks Used by Malware
Tricks that malware developers use to detect antivirus emulators and how these differ from the sandbox emulators we use from our recent Twitch stream. Alexie's Windows Defender research with some insights into the emulation engine used... https://recon.cx/2018/brussels/resources/slides/RECON-BRX-2018-Reverse-Engineering-Windows-Defender-s-JavaScript-Engine.pdf https://i.blackhat.com/us-18/Thu-August-9/us-18-Bulazel-Windows-Offender-Reverse-Engineering-Windows-Defenders-Antivirus-Emulator.pdf https://github.com/0xAlexei/WindowsDefenderTools ----- OALABS PATREON https://www.patreon.com/oalabs OALABS DISCORD https://discord.gg/6h5Bh5AMDU Twitch https://www.twitch.tv/oalabslive OALABS GITHUB https://github.com/OALabs UNPACME - AUTOMATED MALWARE UNPACKING https://www.unpac.me/#/ -----
https://www.youtube.com/watch?v=8jckguVRHyI
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Hack you exe's phone? 😂 #podcast #cybersecurity

https://www.youtube.com/watch?v=ufdeWuwsWaA
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

401 Access Denied: Ep. 84 | The Best of RSAC & Cybersecurity Strategies with Bob Burns
RSAC was the place to be for cybersecurity in 2023, and Joe Carson is joined by Bob Burns to talk all about it. From the sessions that really resonated to the incredible human connections and networking, join Joe and Bob to deconstruct this year's most comprehensive conference. Were you at RSAC this year? Join us in the comments to let us know your favorite session! Jump-start your cybersecurity career for FREE with Cybrary! Follow us on Social! ~Cybrary Twitter ~Delinea Twitter ~Instagram ~Facebook ~YouTube
https://www.youtube.com/watch?v=qU40Yg7pfbo
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Detecting PsExec Usage
In this episode, we're going to look at a variety of methods you can use to determine whether or not a system was the recipient of a PsExec connection. While you may already be familiar with some of these detections, there's a good chance you haven't seen them all! *** If you enjoy this video, please consider supporting 13Cubed on Patreon at patreon.com/13cubed. *** 📖 Chapters 00:00 - Intro 03:03 - Demo 1 05:09 - Event Log Analysis 1 09:01 - Demo 2 09:56 - Event Log Analysis 2 10:56 - Shimcache Analysis 15:46 - The Key to Identify PsExec 17:55 - Prefetch Analysis 21:38 - Recap 🛠 Resources The Key to Identify PsExec: https://dfirdominican.com/the-key-to-identify-psexec/ Prefetch Deep Dive: https://www.youtube.com/watch?v=f4RAtR_3zcs #Forensics #DigitalForensics #DFIR #ComputerForensics...
https://www.youtube.com/watch?v=oVM1nQhDZQc
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

The AI Revolution with Diana Kelley | 401 Access Denied Podcast Ep. 83
The AI Revolution with Diana Kelley | 401 Access Denied Podcast Ep. 83 Join Us: https://www.cybrary.it/?utm_source=youtube&utm_medium=video&utm_campaign=the-ai-revolution-with-diana-kelley Everybody's talking about it - the AI revolution is here. But given the rapid evolution in this field, it's hard to keep up with the sweeping effects this technology is causing. Luckily, Joe Carson is joined by longtime AI expert Diana Kelley to shed light on all of these changes. She addresses the many misconceptions and media misrepresentations surrounding AI, breaks down the different forms of this technology, and emphasizes the need for a better understanding of AI's capabilities and limitations. They also discuss the ethical and legal implications that will only become more potent as AI...
https://www.youtube.com/watch?v=ow9JszgoC1M
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Tips to Learn Reverse Engineering: Avoid These Common Pitfalls!
How to maximize the return on your time when learning how to reverse engineer! Just a few thoughts on what worked for me and what to avoid from our recent Twitch stream. ----- OALABS PATREON https://www.patreon.com/oalabs OALABS DISCORD https://discord.gg/6h5Bh5AMDU Twitch https://www.twitch.tv/oalabslive OALABS GITHUB https://github.com/OALabs UNPACME - AUTOMATED MALWARE UNPACKING https://www.unpac.me/#/ -----
https://www.youtube.com/watch?v=JzhpTLe8Vg4
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

NahamCon CTF 2023: Web Challenge Walkthroughs
Video walkthrough for some Web challenges from the NahamCon Capture the Flag (CTF) competition 2023 (organised by @NahamSec ); Star Wars, Stickers, Hidden Figures and Obligatory. Topics covered include XSS, domPDF RCE, hidden data (misc/stego) and SSTI with WAF filter bypass. Write-ups/tutorials aimed at beginners - Hope you enjoy 🙂 #NahamCon #NahamCon2023 #NahamConCTF #CTF #Pentesting #OffSec #WebSec If you're looking for the "Marmalade 5" Web challenge, check the @intigriti channel: https://youtu.be/3LRZsnSyDrQ 🥰 Full write-ups for the challenges: https://github.com/Crypto-Cat/CTF/tree/main/ctf_events/nahamcon_23 ↢Social Media↣ Twitter: https://twitter.com/_CryptoCat GitHub: https://github.com/Crypto-Cat/CTF HackTheBox: https://app.hackthebox.eu/profile/11897 LinkedIn: https://www.linkedin.com/in/cryptocat Reddit:...
https://www.youtube.com/watch?v=XHg_sBD0-es
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Hacking the Government with Bryan Seely | 401 Access Denied Podcast Ep. 82
Hacking the Government with Bryan Seely | 401 Access Denied Podcast Ep. 82 Join Us: https://www.cybrary.it/?utm_source=youtube&utm_medium=video&utm_campaign=hacking-the-government-with-bryan-seely In this eye-opening episode, dive into the captivating world of cybercrime and social engineering with our host, Joe Carson, and special guest Bryan Seely! Bryan, a keynote speaker and cybersecurity expert best known for his Secret Service exposé, discusses his journey from a young computer enthusiast to a renowned public speaker. Join them as they investigate the mindset and techniques used by hackers, such as the use of aliases to deceive and manipulate their targets, as well as the importance of responsible disclosure and changing cybersecurity laws. Follow us for exclusive updates: ~https://twitter.com/cybraryIT ~https://www.instagram.com/cybrary.it/ ~https://www.facebook.com/cybraryit/ Follow...
https://www.youtube.com/watch?v=aagD2SxYUJM
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

16 - Open Redirect (low/med/high) - Damn Vulnerable Web Application (DVWA)
16 - Open Redirection (low/med/high difficulties) video from the Damn Vulnerable Web Application (DVWA) walkthrough/tutorial series. DVWA is an intentionally vulnerable application for you to learn about ethical hacking. I made this series for students on the MSc in cybersecurity course at Queen's University Belfast but hopefully it can help others too! Hope you enjoy 🙂 ↢Social Media↣ Twitter: https://twitter.com/_CryptoCat GitHub: https://github.com/Crypto-Cat HackTheBox: https://app.hackthebox.eu/profile/11897 LinkedIn: https://www.linkedin.com/in/cryptocat Reddit: https://www.reddit.com/user/_CryptoCat23 YouTube: https://www.youtube.com/CryptoCat23 Twitch: https://www.twitch.tv/cryptocat23 ↢Damn Vulnerable Web Application (DVWA)↣ https://github.com/digininja/DVWA ↢Open Redirects↣ @PwnFunction:...
https://www.youtube.com/watch?v=I5jko9mLNO4
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Intruder Alert Ep. 4 | Unmasking The New Global Malware Threat On Android Devices
Head to Cybrary.it to open your free account and start learning today! In this episode of Intruder Alert, join host Marcus Hutchins, world-renowned hacker, and red teamer Matt Mullins while they discuss the millions of devices recently infected with malware during production, and whether or not our devices are spying on us. For more information on how to jumpstart your career with the most cutting-edge cybersecurity training, head over to Cybrary.it to create your free account and get started on your learning journey! Make sure to subscribe so that you don't miss the latest new episodes, premiering live every two weeks, and dropping on YouTube On Demand.
https://www.youtube.com/watch?v=wc8T_RcwOkY
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

A File's Life - File Deletion and Recovery
In this episode, we'll look at exactly what happens when you delete a file from an NTFS file system. Then, we'll talk about file "undeletion" versus file carving, and use PhotoRec to perform file carving against a mounted disk image. Lastly, we'll explore techniques to search through that recovered data using an Ubuntu WSL 2 instance. *** If you enjoy this video, please consider supporting 13Cubed on Patreon at patreon.com/13cubed. *** 📖 Chapters 00:00 - Intro 13:12 - PhotoRec Demo 19:03 - Searching Recovered Data 🛠 Resources PhotoRec: https://www.cgsecurity.org/wiki/PhotoRec Recycle Bin Forensics: https://www.youtube.com/watch?v=Gkir-wGqG2c Let's Talk About NTFS Index Attributes: https://www.youtube.com/watch?v=x-M-wyq3BXA #Forensics #DigitalForensics #DFIR #ComputerForensics...
https://www.youtube.com/watch?v=4zlk9ZSMa-4
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Vulnerability Management Metrics: Top 10 KPIs To Measure Success
Join us for an exclusive interview as we dive deep into the world of vulnerability management KPIs with the expertise of Walter Haydock. 👉 Get our FREE guide to vulnerability management in 2023: https://purplesec.us/vulnerability-management-guide/?utm_source=newsletter&utm_medium=YouTube&utm_campaign=VM_2023&utm_id=guide In this engaging interview, Walter shares valuable insights on: 🎯 Balancing costs and benefits while identifying metrics to guide decision-making in vulnerability management investments. 🌐 Maintaining consistency with strategies for aligning metrics across teams, departments, and locations. ⚖️ Adapting to the evolving threat landscape by staying ahead of emerging risks and continuously refining vulnerability management KPIs. 📈 Success stories...
https://www.youtube.com/watch?v=L-61ahYHdH8
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Vulnerability Management SOP: Expert Reveals Top Tips
Are you struggling to manage vulnerabilities in your organization? Join us in this conversation with expert Kevin Donatelli who reveals the ins and outs of vulnerability management SOPs! In this not-to-be-missed session, you'll: 🔑 Learn the essential components of effective vulnerability management SOPs 🛡️ Discover how to prioritize and remediate risks efficiently 🧠 Gain invaluable insights from real-life case studies shared by Kevin Donatelli 👉 Get our FREE guide to vulnerability management in 2023: https://purplesec.us/vulnerability-management-guide/?utm_source=newsletter&utm_medium=YouTube&utm_campaign=VM_2023&utm_id=guide Podcast Info -------------------- Podcast website: https://purplesec.us/podcast/ Apple Podcasts: https://podcasts.apple.com/us/podcast/security-beyond-the-checkbox/id1673807278 Spotify:...
https://www.youtube.com/watch?v=-yjsaxxrTxk
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Top 10 Vulnerability Management Trends For 2024
Join PurpleSec's experts along with Joshua Copeland, Director of Cyber Security at AT&T, as we explore the latest trends and predictions in vulnerability management for 2023. 👉 Get our FREE guide to vulnerability management in 2023: https://purplesec.us/vulnerability-management-guide/?utm_source=newsletter&utm_medium=YouTube&utm_campaign=VM_2023&utm_id=guide Continue reading: https://purplesec.us/learn/vulnerability-management-trends/ Chapters --------------- 00:00 - Introduction 00:20 - Joshua Copeland 02:47 - Automation Is Key 10:30 - Adoption Of Risk-Based Approaches 16:40 - Continuous Monitoring 21:40 - Increased Focus On Cloud Security 28:43 - Increased Use Of Threat Intelligence 35:10 - The Role Of Network Segmentation 43:30 - DevSecOps: Building Security From The...
https://www.youtube.com/watch?v=39XHupVxAY8
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Techniques To Improve Vulnerability Visibility & Detection
Improve vulnerability visibility in networks & cloud environments with expert tips on strategies, KPIs, prioritization, & automation. Secure your assets now! 👉 Get our FREE guide to vulnerability management in 2023: https://purplesec.us/vulnerability-management-guide/ Read the full article: https://purplesec.us/learn/vulnerability-visibility/ Chapters --------------- 00:00 - Introduction 00:45 - Clement Fouque 01:36 - Importance Of Visibility In Vulnerability Management 02:51 - Why Is Poor Visibility An Issue? 04:40 - Common Blind Spots 06:55 - Improving Asset Inventories 09:30 - How Do You Know If You Have Poor Visibility? 13:20 - Techniques For Improving Visibility 15:05 - How To Ensure All Endpoints Are Being Scanned 18:25 - How Network Segmentation Improves Visibility 20:00 - Third-Party...
https://www.youtube.com/watch?v=3K6TLqyxit4
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

CyberTalk Live #1 - Trying Out BlackBuntu & Q&A
CyberTalk Live #1 - Trying Out BlackBuntu & Q&A //PLATFORMS BLOG ►► https://bit.ly/3qjvSjK FORUM ►► https://bit.ly/39r2kcY ACADEMY ►► https://bit.ly/39CuORr //SOCIAL NETWORKS TWITTER ►► https://bit.ly/3sNKXfq DISCORD ►► https://bit.ly/3hkIDsK INSTAGRAM ►► https://bit.ly/3sP1Syh LINKEDIN ►► https://bit.ly/360qwlN PATREON ►► https://bit.ly/365iDLK MERCHANDISE ►► https://bit.ly/3c2jDEn //BOOKS Privilege Escalation Techniques ►► https://amzn.to/3ylCl33 Docker Security Essentials (FREE) ►► https://bit.ly/3pDcFuA //SUPPORT THE CHANNEL NordVPN Affiliate Link (73% Off) ►► https://bit.ly/3DEPbu5 Get 0 In Free Linode Credit ►► https://bit.ly/39mrvRM Get started with Intigriti: https://go.intigriti.com/hackersploit //CYBERTALK PODCAST...
https://www.youtube.com/watch?v=XcIUuwH3S9E
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

3 Year Cybersecurity Career Roadmap
In this video, I outline a concise 3-year Cybersecurity career roadmap designed for students or professionals looking to get started with a career in Cybersecurity in 2023 and beyond. Slides: https://bit.ly/3HlM3aw Black Hills 5-Year InfoSec Plan: https://www.blackhillsinfosec.com/webcast-5-year-plan-infosec/ //PLATFORMS BLOG ►► https://bit.ly/3qjvSjK FORUM ►► https://bit.ly/39r2kcY ACADEMY ►► https://bit.ly/39CuORr //SOCIAL NETWORKS TWITTER ►► https://bit.ly/3sNKXfq DISCORD ►► https://bit.ly/3hkIDsK INSTAGRAM ►► https://bit.ly/3sP1Syh LINKEDIN ►► https://bit.ly/360qwlN PATREON ►► https://bit.ly/365iDLK MERCHANDISE ►► https://bit.ly/3c2jDEn //BOOKS Privilege Escalation Techniques ►► https://amzn.to/3ylCl33 Docker Security Essentials (FREE) ►►...
https://www.youtube.com/watch?v=oI9aaBpJvoA
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Linux Red Team Defense Evasion Techniques - Hiding Linux Processes
In this video, I explore the process of evading defenses on Linux by hiding Linux processes with libprocesshider. Defense Evasion consists of techniques that adversaries use to avoid detection throughout their compromise. Techniques used for defense evasion include uninstalling/disabling security software or obfuscating/encrypting data and scripts. Adversaries also leverage and abuse trusted processes to hide and masquerade their malware. Other tactics' techniques are cross-listed here when those techniques include the added benefit of subverting defenses. Process Hider GitHub Repository: https://github.com/gianlucaborello/libprocesshider //PLATFORMS BLOG ►► https://bit.ly/3qjvSjK FORUM ►► https://bit.ly/39r2kcY ACADEMY ►► https://bit.ly/39CuORr //SOCIAL NETWORKS TWITTER...
https://www.youtube.com/watch?v=GT-ClZAi6rE
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Linux Red Team Persistence Techniques - SSH Keys, Web Shells & Cron Jobs
In this video, I explore the process of establishing persistence on Linux via SSH keys, local accounts, web shells, and Cron Jobs. Persistence consists of techniques that adversaries use to keep access to systems across restarts, changed credentials, and other interruptions that could cut off their access. Techniques used for persistence include any access, action, or configuration changes that let them maintain their foothold on systems, such as replacing or hijacking legitimate code or adding startup code. //PLATFORMS BLOG ►► https://bit.ly/3qjvSjK FORUM ►► https://bit.ly/39r2kcY ACADEMY ►► https://bit.ly/39CuORr //SOCIAL NETWORKS TWITTER ►► https://bit.ly/3sNKXfq DISCORD ►► https://bit.ly/3hkIDsK INSTAGRAM ►► https://bit.ly/3sP1Syh LINKEDIN ►► https://bit.ly/360qwlN PATREON...
https://www.youtube.com/watch?v=tNJs8CFj_B8
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

ChatGPT For Cybersecurity
In this video, I go over the process of how to use ChatGPT and cover various examples of how to use ChatGPT for Cybersecurity. ChatGPT is an AI-driven chatbot launched by OpenAI in November 2022. It is trained using Reinforcement Learning from Human Feedback (RLHF). It is built on top of OpenAI's GPT-3.5 family of large language models and is fine-tuned with both supervised and reinforcement learning techniques. OpenAI ChatGPT: https://chat.openai.com/chat Timestamps: 0:00 Introduction 7:50 ChatGPT usage 10:45 Pentesting examples 13:10 Generating shells 14:25 Fuzzing 17:15 Shellcode 18:00 Custom emails 19:34 Macros 20:56 Buffer overflow 22:15 Automation 25:00 Blue team examples 28:33 ChatGPT impact on cybersecurity //PLATFORMS BLOG ►► https://bit.ly/3qjvSjK FORUM ►► https://bit.ly/39r2kcY ACADEMY...
https://www.youtube.com/watch?v=6PrC4z4tPB0
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Linux Red Team Privilege Escalation Techniques - Kernel Exploits & SUDO Permissions
In this video, I explore the process of elevating privileges on Linux by leveraging kernel exploits, local accounts, and misconfigured SUDO permissions. Privilege Escalation consists of techniques adversaries use to gain higher-level permissions on a system or network. Adversaries can often enter and explore a network with unprivileged access but require elevated permissions to follow through on their objectives. Common approaches are to take advantage of system weaknesses, misconfigurations, and vulnerabilities. //PLATFORMS BLOG ►► https://bit.ly/3qjvSjK FORUM ►► https://bit.ly/39r2kcY ACADEMY ►► https://bit.ly/39CuORr //SOCIAL NETWORKS TWITTER ►► https://bit.ly/3sNKXfq DISCORD ►► https://bit.ly/3hkIDsK INSTAGRAM ►► https://bit.ly/3sP1Syh LINKEDIN ►► https://bit.ly/360qwlN PATREON...
https://www.youtube.com/watch?v=w2rElXYV2Fs
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

LastPass Data Breach - Password Security 101
In this episode of CyberTalk, I discuss the latest LastPass data breach (December 2022) and outline a failsafe password management policy for you, your family, and or your business. The following is a set of password security and management guidelines you should follow: 1. Generate secure, random, and complex passwords. 2. Use a new and unique password for every account. 3. Store your passwords with an offline password management database/vault like KeePass. 4. Take regular backups of your password database/vault and store them in a secure location (preferably only known to you). 5. Regularly change your passwords. 6. Develop a password handover contingency plan in the event of your death or incapacitation. 7. Remember, online platforms and solutions can go out of business or may not necessarily...
https://www.youtube.com/watch?v=MsxlsGAJ97c
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Risk-Based Vulnerability Management
PurpleSec security experts implemented risk-based vulnerability management to improve efficiencies and security ROI for our enterprise client. 👉 Get our FREE guide to vulnerability management in 2023: https://purplesec.us/vulnerability-management-guide/?utm_source=newsletter&utm_medium=YouTube&utm_campaign=VM_2023&utm_id=guide Read The Full Case Study ---------------------------------------- https://purplesec.us/case-studies/travel-services-provider/ High Level Findings ------------------------------- PurpleSec's security “cyborgs” were empowered by automation and process improvements to deliver exceptional results in a 3 month period: - 75% MTTR reduction. - 86% vulnerability risk reduction. - M average annual savings for the client. - 1.6k average monthly man-hour...
https://www.youtube.com/watch?v=nu0US3xLEH4
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

How To Build A Vulnerability Management Program | #PurpleSec
There are 7 key steps when creating a winning vulnerability management program including making an inventory, categorizing vulnerabilities, creating packages, testing the package, providing change management, patching vulnerabilities, and reporting. 👉 Get our FREE guide to vulnerability management in 2023: https://purplesec.us/vulnerability-management-guide/?utm_source=newsletter&utm_medium=YouTube&utm_campaign=VM_2023&utm_id=guide Read the full article... https://purplesec.us/learn/vulnerability-management-program/ Podcast Info -------------------- Podcast website: https://purplesec.us/podcast/ Apple Podcasts: https://podcasts.apple.com/us/podcast/security-beyond-the-checkbox/id1673807278 Spotify: https://open.spotify.com/show/610KAa5g4G0KhoZVwMyXqz RSS: https://feeds.buzzsprout.com/2137278.rss Chapters...
https://www.youtube.com/watch?v=nsvxcUsFnJo
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

How To Automate Your Vulnerability Remediation Process | PurpleSec
There are 8 best practices when planning your vulnerability remediation including prioritization of vulnerabilities, setting timelines, defining a SLO, developing a remediation policy, automating your vulnerability management processes, adopting continuous remediation, deploying compensating controls, and building a vulnerability management program. 👉 Get our FREE guide to vulnerability management in 2023: https://purplesec.us/vulnerability-management-guide/?utm_source=newsletter&utm_medium=YouTube&utm_campaign=VM_2023&utm_id=guide Continue reading... https://purplesec.us/learn/vulnerability-remediation/ Podcast Info -------------------- Podcast website: https://purplesec.us/podcast/ Apple Podcasts: https://podcasts.apple.com/us/podcast/security-beyond-the-checkbox/id1673807278 Spotify:...
https://www.youtube.com/watch?v=Bns79gIwxIA
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

Twitter Zero-Day Exposes Data Of 5.4 MILLION Accounts | Security Insights By #PurpleSec
Social media platform Twitter confirmed they suffered a now-patched zero-day vulnerability, used to link email addresses and phone numbers to users' accounts, which allowed attackers to gain access to the personal information of 5.4 million users. The vulnerability allowed anyone to submit an email address or phone number, verify if it was associated with a Twitter account, and retrieve the associated account ID. More technically, what the security researcher Zhirinovsky reported on HackerOne's bug bounty platform is that this vulnerability allows any party without any authentication to obtain a Twitter ID (which is almost equal to getting the username of an account) of any user by submitting a phone number/email even though the user has prohibited this action in the privacy settings. Chapters --------------- 00:00...
https://www.youtube.com/watch?v=E5dLc98TeLg
Partager : LinkedIn / Twitter / Facebook / View / View (lite)

What Is Vulnerability Management? (Explained By Experts)
Vulnerability management is the process of identifying, prioritizing, and mitigating vulnerabilities in an organization's systems and networks to reduce the risk of cyber attacks and protect against potential threats. 👉 Get our FREE guide to vulnerability management in 2023: https://purplesec.us/vulnerability-management-guide/?utm_source=newsletter&utm_medium=YouTube&utm_campaign=VM_2023&utm_id=guide Continue reading... https://purplesec.us/learn/what-is-vulnerability-management/ Podcast Info -------------------- Podcast website: https://purplesec.us/podcast/ Apple Podcasts: https://podcasts.apple.com/us/podcast/security-beyond-the-checkbox/id1673807278 Spotify: https://open.spotify.com/show/610KAa5g4G0KhoZVwMyXqz RSS: https://feeds.buzzsprout.com/2137278.rss Chapters --------------- 00:00...
https://www.youtube.com/watch?v=RE6_Lo2wSIg
Partager : LinkedIn / Twitter / Facebook / View / View (lite)