Stephen Sims shares his years of experience with us and shows us how we can make money hacking. But be careful – some of the options are not recommended.
// Stephen’s Social //
YouTube: https://www.youtube.com/@OffByOneSecu…
Twitter: steph3nsims
// Stephen Recommends //
Programming Tools:
Online Compiler, Visual Debugger, and AI Tutor for Python, Java, C, C++, and JavaScript:
https://pythontutor.com/
PyCharm – Python IDE with Great IDA Pro Support: https://www.jetbrains.com/pycharm/
VS Code: https://code.visualstudio.com/
Patch Diffing:
Windows Binary Index for Patch Diffing: https://winbindex.m417z.com/
BinDiff Tool for IDA Pro, Ghidra, or Binary Ninja https://www.zynamics.com/bindiff.html
Diaphora Diffing Tool for IDA Pro http://diaphora.re/
PatchExtract for Extracting MS Patches from MSU Format https://gist.github.com/wumb0/306f97d…
Vulnerable Things to Hack
HackSys Extreme Vulnerable Driver: https://github.com/hacksysteam/HackSy…
WebGoat – Deliberately Insecure Application: https://owasp.org/www-project-webgoat/
Damn Vulnerable Web App: https://github.com/digininja/DVWA
Buggy Web App: http://itsecgames.com/
Gruyere Cheesy Web App: https://google-gruyere.appspot.com/
Metasploitable: https://sourceforge.net/projects/meta…
Damn Vulnerable iOS App: https://resources.infosecinstitute.co…
OWASP Multillidae: https://github.com/webpwnized/mutillidae
Online CTF’s and Games:
SANS Holiday Hack 2023 and Prior: https://www.sans.org/mlp/holiday-hack… https://www.holidayhackchallenge.com/…
CTF Time – A great list of upcoming and previous CTF’s!: https://ctftime.org/
YouTube Channels:
@davidbombal
@nahamsec
@offbyonesecurity
@_johnhammond
@ippsec
https://www.youtube.com/@LiveOverflow…
Free Learning Resources:
SANS Free Resources – Webcasts, Whitepapers, Posters & Cheat Sheets, Tools, Internet Storm Center: https://www.sans.org/security-resources/
Shellphish – Heap Exploitation: https://github.com/shellphish/how2heap
Exploit Database – Downloadable Vulnerable Apps and Corresponding Exploits: https://www.exploit-db.com/
Google Hacking Database (GHDB): https://www.exploit-db.com/google-hac…
Google Cybersecurity Certificate: https://grow.google/certificates/cybe…
Phrack Magazine: http://www.phrack.org/
Kali Linux: https://www.kali.org/get-kali/#kali-p…
Slingshot Linux: https://www.sans.org/tools/slingshot/
Books & Articles:
Gray Hat Hacking Series: https://amzn.to/3B1FeIK
Hacking: The Art of Exploitation: https://amzn.to/3Us9Uts
A Guide to Kernel Exploitation: https://amzn.to/3vfY8vu
Smashing the Stack for Fun and Profit – Old, but a classic: https://inst.eecs.berkeley.edu/~cs161…
Understanding Windows Shellcode – Old, but still good: https://www.hick.org/code/skape/paper…
Great list of exploitation paper links from Shellphish!: https://github.com/shellphish/how2hea…
// Stephen’s previous videos with David //
Free Exploit development training (beginner and advanced) How to make Millions $$$ hacking zero…
Buffer Overflow Hacking Tutorial (Bypass Passwords): Buffer Overflow Hacking Tutorial (Byp…
// David’s Social //
================
Connect with me:
================
Discord: http://discord.davidbombal.com
X: https://www.twitter.com/davidbombal
Instagram: https://www.instagram.com/davidbombal
LinkedIn: https://www.linkedin.com/in/davidbombal
Facebook: https://www.facebook.com/davidbombal.co
TikTok: http://tiktok.com/@davidbombal
YouTube Main Channel https://www.youtube.com/davidbombal
YouTube Tech Channel: https://www.youtube.com/channel/UCZTIRrENWr_rjVoA7BcUE_A
YouTube Clips Channel: https://www.youtube.com/channel/UCbY5wGxQgIiAeMdNkW5wM6Q
YouTube Shorts Channel: https://www.youtube.com/channel/UCEyCubIF0e8MYi1jkgVepKg
Apple Podcast: https://davidbombal.wiki/applepodcast
Spotify Podcast: https://open.spotify.com/show/3f6k6gERfuriI96efWWLQQ
================
Support me:
================
Or, buy my CCNA course and support me:
DavidBombal.com: CCNA ($10): http://bit.ly/yt999ccna
Udemy CCNA Course: https://bit.ly/ccnafor10dollars
GNS3 CCNA Course: CCNA ($10): https://bit.ly/gns3ccna10
// MY STUFF //
https://www.amazon.com/shop/davidbombal
// SPONSORS //
Interested in sponsoring my videos: sponsors@davidbombal.com
// MENU //
00:00 – Coming Up
00:00 – Intro
01:11 – Stephen’s Experience
03:10 – How to Change Careers
05:39 – How do I Become an Expert?
08:01 – Cyber Crime
12:47 – Ransomware
16:42 – Ransomware with A.I
23:15 – Bug Bounties & Disclosures
28:22 – Web Bug Bounties
33:45 – Binary Exploitation
41:18 – Patching and n-Day Exploits
48:56 – What is the Patch Level in the Target Org?
51:47 – Diffing Example
55:40 – Professional Services
01:03:34 – Exploit Sales Considerations
01:13:07 – The Golden Era of Hacking
01:15:00 – Zero to Hero
01:27:01 – OffByOneSecurity
01:37:42 – Conclusions
01:39:43 – Outro
apple
ios
android
samsung
exploit
exploit development
zero day
0day
1day
dark web
microsoft
macos
apple
linux
kali linux
Disclaimer: This video is for educational purposes only.
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
#android #ios #hacker