You got STEPHEN SIMS to join the party here!??!? JEALOUS! Great stuff as always!!

What he says about sacrifice is totally right. I wake up at 5am, workout and then study for at least 2 hours before running my business. I’m tired a lot but I’ve completed 3 courses in a little over a year. Starting an api hacking course in January. 💪 thanks for another great video David

My request Stephen to complete playlist on Exploit development from beginners to pro level and thanks to David it's an awesome session

Absolutely fantastic video. I have calculated it will probably take me about 750 years to get anywhere near the level of knowledge displayed here. Either way, I have started writing that Windows driver, using Kernel-Mode Driver Framework (KMDF)...which I had to google.

Tremendous interview, David. Thank you for these. Incredibly interesting and informative.

I don't know how you do it , I just searched for exploit development thought would be good for my skill set and you just released this video. I love your content helped me alot in my work I really wish you grow more and keep bringing this amazing content. Bless you!!!

This is what I am waiting for. Thanks David

Love hearing about the more advanced stuff. Having a roadmap is very helpful even if you end up taking a different path. Just knowing how to get started is a huge help.

thank you david sir for taking stephen sir interview that interview helped me to clearify most of the things for better future

It's possible to earn millions of dollars finding zero days and vulnerabilities in software. But, are you prepared to put in the work? Browser Exploitation Introduction: kzbin.info/www/bejne/mJTRh2Sal8t-mac Introduction to Buffer Overflows: kzbin.info/www/bejne/enmmpqmDm6x_ibc Modern Windows Kernel Exploitation: kzbin.info/www/bejne/pJLYcp9-jdeef80 Linux Heap Exploitation: kzbin.info/www/bejne/mn6noHZvedGJsKM Modern Binary/Patch Diffing: kzbin.info/www/bejne/bpu5gKmGfJmHoKM Crypto and Blockchain Hacks: kzbin.info/www/bejne/r2atoJqKnNWjY9U My apologies for some of the technical issues in this interview. Zoom is a nightmare :( // MENU // 00:00 - Coming up 00:53 - Stephen Sims introduction & Sans course 03:28 - Stephen's KZbin channel // Off By One Security 07:56 - Growing up with computers 08:57 - Getting involved with Sans courses // Impressed by instructors 09:52 - "The Golden Age of Hacking" // Bill Gates changed the game 15:44 - Making money from Zero-Days // Ethical and Unethical methods, zerodium.com & safety tips 32:56 - How to get started 46:53 - Opportunities in Crypto 50:26 - Windows vs. iOS vs. Linux 53:47 - Which programming language to start with 56:22 - Recommended Sans courses 01:02:04 - Recommended CTF programs & events 01:04:06 - Recommended books 01:08:23 - The Vergilius project 01:10:25 - Connect with Stephen Sims 01:12:24 - Conclusion // Stephen's Social // Twitter: twitter.com/Steph3nSims KZbin Live: www.youtube.com/@OffByOneSecurity/streams KZbin videos: www.youtube.com/@OffByOneSecurity/videos E-mail: Stephen(at)deadlisting.com // Stephen's courses // SANS Course sans.org. www.sans.org/cyber-security-courses/ - Advanced exploit development for penetration testers course - Advanced penetration testing, exploit writing, and ethical hacking (GXPN) - ARM Exploit Development // Books discussed // Grey Hat Hacking: amzn.to/3B1FeIK Hacking: The art of Exploitation: amzn.to/3Us9Uts The Shellcoder’s Handbook: amzn.to/3VqUEhY Linkers & Loaders: amzn.to/3itqtbe // Websites discussed // Zerodium: zerodium.com/ Corelan Cybersecurity Research: www.corelan.be/ Shellphish: github.com/suljot/shellphish Vergilius Project: www.vergiliusproject.com/ // David's Social // Discord: discord.gg/davidbombal Twitter: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal KZbin Main Channel: kzbin.info KZbin Tech Channel: kzbin.info/door/ZTIRrENWr_rjVoA7BcUE_A KZbin Clips Channel: kzbin.info/door/bY5wGxQgIiAeMdNkW5wM6Q KZbin Shorts Channel: kzbin.info/door/EyCubIF0e8MYi1jkgVepKg Apple Podcast: davidbombal.wiki/applepodcast Spotify Podcast: open.spotify.com/show/3f6k6gERfuriI96efWWLQQ

Great topic, David. Thanks!

Loved this video. Very inspirational & informative. Thank you David.

The Best Videos on youtube Thx David for Your Time Giving to us 💖💖💖

When I hear these topics if feel there's an entire universe to discover in a digital realm. One can only learn and specialize a certain direction and still be memorized of the vastness of knowledge, tools, techniques available.

Thanks for initiating the talk with Steven. Now, to find some good zero-days for ZDI.

awesome content as always, keep what you're doing. thanks David

Setting a reasonable goal and path towards it, execute and stick to it. It does sound rather easy, however it is not. Great podcast, as always! Thank you for sharing.

I feel like he's my lost brother We have a lot in common. I look almost identical to him. Green gray blue eyes stretch etc. Secondly i relate to him because I was basically born with a computer and always had a curiosity. And I also have the exact same black guitar 😁🎸 Rock on brother 🤘🤘I hope I can speak with you

Thanks for the good video on exploits and vulnerability’s I’ve tested a few vulnerabilities before

Here is the Game changer content🔥

Amazing video... Thanks for both of you.

Advanced knowledges beyond what I've learned and knew so far. Need to learn a lot more.

SANS is the country club in the world of cybersecurity. I’d literally have to pay 1/3 of my yearly salary to take a 6 day course. SANS in essence is saying you must already be successful to be successful in cybersecurity.

We need this guy back asap

Thanks for this one, was looking for ages how to start with a clear roadmap, would be nice to have him back to discuss malwares like Shikitega or eternal blue etc

20 years experience guy said you can't be a expert in every subject 👍 but my KZbin feed destructed myself to learn everything 😂

Took a Sans class taught by Mr. Simms. The guy is legit.

I know what the benefit to a company like Verisign would have by buying those exploits that way. They sell SSL certificates which effects every website everywhere. It is a benefit for them to accept top bug bounty finds than to pay employees to look around for such problems that need fixed. Then directly talking to their clients and the corporations who advocates SSL certificates which are becoming a standard. They can go out of business if their SSL become useless. MS now controls hardware with TPM which is their security key.

My mind in frazzled 😵‍💫 great video!

Thanks for the amazing contents

Thank You David!

Awesome stuff David as always 🔥

oh snaps! i love exploit dev training! thanks david!

Amazing Video David and Stephens!!! Thanks so so much

Thank you sir!

Amazing, OMG. Awesome content David, thank you very much! I have met these spectacular professionals thanks to your channel

your content is always FIRE Sir!

I find this stuff fascinating. Thank you for the talk, appreciate you and your content!

Stephen's SANS class sound pretty cool, also good talk!

This was a great talk! Thanks for bringing another guru to light lol! Much appreciated!

Thanks David 😊

Exactly what i wanted

Thank you 🌹

Thanks David 🖤❤️

Good Onya David, you're a ledge ;) and many thanks to Stephen

love your content sir

I like your friend skill that behind the curtain and love your videos also 😍😍😍 I m a c.s.e student really want to learn how to work on language but never understand R.I.P mostly one flaw is Indian teachers 😔 they are followed books not any practicals but now a days study is different I m fast a learner in computing and electronics but when I studied my time is bad I have no teacher like today 😔.

very very good and interesting interview. Top notch stuff!!

Most people are taught that "you only need a good job to become rich". These billionaires are operating on a whole other playbook that many don't even know exists.

Thank you. I love your channel

Thanku sir

David interviewing Matchbox 20 :)

Awesome stuff

🔥🔥🔥🔥 Content keep them videos coming 🎥

hey David, how would you rate hack the box academy? I've been considering going for their bug bounty hunter course, I'm just wo dering if my time would be better spent somewhere else.

Thank you so much! This is very instructive

Best video ever on the channel, thank you so much

just started my journey in C and Assembly but though this is good information🔥🔥🔥 it is a bit more oriented for intermediate users. wish he recommended books for complete beginners as the way he emphasised on starting with building blocks, books like Hacking the Art of Exploitation when I first bought it, I initially thought it's a complete book but it just made me realise how much I don't know, that I needed to search up more before I understood a certain complex topic.....but ey its life of refusing to be a script kiddie😂😂😂

will someone help me, my college website is using old version of php (php5) So what should I do, See also Exploits of the Exploits Database but they are many, There are many vulnerabilities from PHP 5 to the latest version

Thank you

Great work. Beautiful.

is it still not working😢? iam starting my pentesting course, i have mac m1pro so u think i should seal it and buy windows?beacuse as you say some tools doesnt work?

Nice David..

Outstanding.

super inspiring omg thanks for this

Went to check the website out and the beginner course, the fundamentals, was like $7k… I mean wow..

Would you recommend using a vm or an old laptop you found lying around for practice?

Cant wait

@41:00 Practice makes perfect... PERIOD... Time is the only REAL commodity we have, all have to start somewhere and once known practice practice practice...

Amazing Content @David.....

"litigation" is a word used a lot in this video, just wondering what that is exactly with respect to security. New in the industry.

Thank you very much!

Thank you sir

Hey David, would you do a video on browser fingerprinting ?

David you are love man ❤️😇

Thank you VERY much for this awesome content, David! . . . . . Corgee hacks you 2 please...

Have him show us how to do a buffer overflow.

Amazing video!!!

I have it this PDF book but is really hard go with it when you have some knowledge I stopped for later I need more knowledge

No fluff❤❤❤

Are you really a hacker if your webcam isn't half frozen? (i'm just teasing bc linux seems to struggle with screen tearing so much and i thought it was my pc)

Is that a Gibson in the background

common lisp has a lot of advanced features and doesn't have many security vulnerabilities like many other languages.

KZbinr Jay Williams "Lets live life" recently had his page hacked, any tips on getting it back?

Don't worry. We have a ChatGPT now. You better pick carpentry. :D

David we want you to make some videos of basics of Linux. help

That's Crazy bro

There is any certification for automotive cybersecurity ??

👍👍!

please make of iot full Introduction and about attacking and hacking it I need it for my monograph please

Can he come back and talk about hooking system calls

My files are encrypted with ransomware can u help to decrypt them

Gud video 👍

I can't find that book he mentioned "Journey Into Ring 0"

❤😊

I been validating exploits on multiple platforms still no deal

Hey david, it's shellphish - and not fishshell ;)

انا ارغب فى هذه البرمجة ولكن لا عرف عنها شي اني صفر هل ممكن ان اتبدي وكم مدة سياخذني

Deck ,shell to open class

Vista was great and you can't change my mind