It’s possible to earn millions of dollars finding zero days and vulnerabilities in software. But, are you prepared to put in the work?

Browser Exploitation Introduction: https://youtu.be/bcnV1dbfKcE
Introduction to Buffer Overflows: https://youtu.be/DHCuvMfGLSU
Modern Windows Kernel Exploitation: https://youtu.be/nauAlHXrkIk
Linux Heap Exploitation: https://youtu.be/dMDoC9DlVzA
Modern Binary/Patch Diffing: https://youtu.be/8jVOvPG4TjA
Crypto and Blockchain Hacks: https://youtu.be/y5JogTgpp-s

My apologies for some of the technical issues in this interview. Zoom is a nightmare ūüôĀ

// MENU //
00:00 – Coming up
00:53 – Stephen Sims introduction & Sans course
03:28 – Stephen’s YouTube channel // Off By One Security
07:56 – Growing up with computers
08:57 – Getting involved with Sans courses // Impressed by instructors
09:52 – “The Golden Age of Hacking” // Bill Gates changed the game
15:44 – Making money from Zero-Days // Ethical and Unethical methods, zerodium.com & safety tips
32:56 – How to get started
46:53 – Opportunities in Crypto
50:26 – Windows vs. iOS vs. Linux
53:47 – Which programming language to start with
56:22 – Recommended Sans courses
01:02:04 – Recommended CTF programs & events
01:04:06 – Recommended books
01:08:23 – The Vergilius project
01:10:25 – Connect with Stephen Sims
01:12:24 – Conclusion

// Stephen’s Social //
Twitter: https://twitter.com/Steph3nSims
YouTube Live: https://www.youtube.com/@OffByOneSecurity/streams
YouTube videos: https://www.youtube.com/@OffByOneSecurity/videos
E-mail: Stephen(at)deadlisting.com

// Stephen’s courses //
SANS Course sans.org. https://www.sans.org/cyber-security-courses/
– Advanced exploit development for penetration testers course
– Advanced penetration testing, exploit writing, and ethical hacking (GXPN)
– ARM Exploit Development

// Books discussed //
Grey Hat Hacking: https://amzn.to/3B1FeIK
Hacking: The art of Exploitation: https://amzn.to/3Us9Uts
The Shellcoder’s Handbook: https://amzn.to/3VqUEhY
Linkers & Loaders: https://amzn.to/3itqtbe

// Websites discussed //
Zerodium: https://zerodium.com/
Corelan Cybersecurity Research: https://www.corelan.be/
Shellphish: https://github.com/suljot/shellphish
Vergilius Project: https://www.vergiliusproject.com/

// David’s Social //

================
Connect with me:
================
Discord: http://discord.davidbombal.com
‚Äč
Twitter: https://www.twitter.com/davidbombal‚Äč
Instagram: https://www.instagram.com/davidbombal‚Äč
LinkedIn: https://www.linkedin.com/in/davidbombal‚Äč
Facebook: https://www.facebook.com/davidbombal.co‚Äč
TikTok: http://tiktok.com/@davidbombal‚Äč
YouTube Main Channel https://www.youtube.com/davidbombal‚Äč
YouTube Tech Channel: https://www.youtube.com/channel/UCZTIRrENWr_rjVoA7BcUE_A
YouTube Clips Channel: https://www.youtube.com/channel/UCbY5wGxQgIiAeMdNkW5wM6Q
YouTube Shorts Channel: https://www.youtube.com/channel/UCEyCubIF0e8MYi1jkgVepKg
Apple Podcast: https://davidbombal.wiki/applepodcast
Spotify Podcast: https://open.spotify.com/show/3f6k6gERfuriI96efWWLQQ

================
Support me:
================
Or, buy my CCNA course and support me:
DavidBombal.com: CCNA ($10): http://bit.ly/yt999ccna
‚Äč
Udemy CCNA Course: https://bit.ly/ccnafor10dollars‚Äč
GNS3 CCNA Course: CCNA ($10): https://bit.ly/gns3ccna10‚Äč

apple
ios
android
samsung
exploit
exploit development
windows
linux
exploits
zero days
zero day
0day
1day
hack
hacking
hacker
windows kernel
windows kernel exploit
linux heap
linux heap exploit
reverse engineering
reverse engineer
reverse exploit
red team
red teaming
binary diff
binary diffing

#android #ios #linux

subscribe
  • David Bombal