Big thanks to Brilliant for sponsoring this video! Get started with a free 30 day trial and 20% discount: Brilliant.org/DavidBombal The First 200 people that sign up will get a special discount. Disclaimer: This video is for educational purposes only. // Jakoby’s SOCIAL// KZbin: kzbin.info LinkedIn: www.linkedin.com/in/i-am-jakoby X: x.com/i_am_jakoby Instagram: instagram.com/i_am_jakoby/ GitHub: github.com/I-Am-Jakoby TikTok: www.tiktok.com/@i_am_jakoby // KZbin Video REFERENCE // Next Gen Hacker?: kzbin.info/www/bejne/bJvUe2p9lpp2pac The best Hacking Courses & Certs? Your 2024 roadmap to Pentester success: kzbin.info/www/bejne/Z2GzZZSljcmLiqs // David's SOCIAL // Discord: discord.com/invite/usKSyzb X: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal KZbin: www.youtube.com/@davidbombal // MY STUFF // www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 00:00 - Coming Up 00:57 - Sponsored Section 03:01 - Intro 03:19 - Power Shell Gallery 05:05 - Modules 06:28 - Microsoft Patch 08:04 - Consulting with the Cybersecurity Community 08:58 - Microsoft Honeypot 10:09 - Models by Jakoby 11:33 - Running Models 12:01 - How Models Function 13:43 - The Vulnerability of The Site 15:30 - Ransomware 18:20 - Owning Models 19:13 - Bug Bounty Program 22:23 - Reverse Shell Generator 29:25 - Methods For Execution 31:49 - How To Solve 33:47 - Engage with the Ethical Hackers 34:20 - Exfiltration Data Bouncing 39:12 - Demo 39:56 - Capture DNS Traffic 41:01 - Running Vanish 50:05 - Running A lot of Testing, No Man’s Land 52:29 - Get ahold of IamJakoby 54:08 - Hak5 Payload 55:57 - Imposter Syndrome 57:41 - Background Story into Hacking 01:07:27 - Stationed in Hawaii 01:10:00 - Conclusion Disclaimer: This video is for educational purposes only. Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! #hak5 #cybersecurity #microsoft

The fact bro here is still doing the right thing after taking the shaft on huge bags speaks volumes to his character. The bazaar will gladly offer fair value for your work ❤

Great video thanks David! Jakoby did an excellent job of explaining Data Bouncing. We have submitted a CFP to Defcon for the rest of the research we have been doing in this space so fingers crossed that gets accepted. It's awesome to see Data Bouncing being absorbed and built on by the community.

Jakoby, you are born to tell stories. Thank you for sharing yours.

I understood about 1% of this but I cannot quit watching your videos.

Jakoby is legit a one-man army!! If Michelangelo were alive today, he'd be Jakoby. This is a guy I wanna learn from!

The dns exfiltration is crazy! Thanks for sharing and shame to Microsoft

im amazed that jakoby has the right set of morals and doesnt allow the fact that he was screwed by the bounty, and is still fighting the good fight. godspeed jakoby.

Thx for sharing Jakoby, you got your heart and passion in the right place !

Great show.. love these really simple callouts. It was eye opening seeing those modules which could be made by anyone. MS is going to have a headache grabbing control back of all those modules.. but now that they are out, they will need to change Powershell and UAC as well to fix this. Man.. Anyway, great guest and show today!

This guy deserves more appreciation.

Amazing video David as always! I'm curious to know about how it would hold up against ThreatLocker and the heuristic-based detection.

Thanks for the heads up. Scary 😮 and bad from MS to not compensate for the support they receive from people like IamJakoby. And thanks David to give them the time sharing the risks.

Great video. Thanks David and Jakoby !!!

Heyyy nice to see you guys together!! I'm psyched to watch!

Powerful stuff David...good job man

This guy is my mentor even though I am far older than you. I will be in the state for cyber security course and I will be looking for you. Greetings from Ghana

Epic! I've learned a ton! Thanks for sharing your expertise! 👑

That’s crazy I’m a junior majoring in cybersecurity and I live in Waipahu! Crazy small world thank you for sharing your stories your demonstrations on reverse shell was mind blowing and I’m excited to get into the cybersecurity field

Thank you for the interview. I am speechless.

How about making a map of the all sites like adobe that support that, and send the chunks of a file to the all sites, an then just listen the response from all of them and combine the chunks in the order of the mapped sites? Man, this is insane, this video is in the list of the best ever in my opinion. Congrats Jakoby brilliant mind, thanks David!

Such an interesting video for a student who’s studying IT security, even though I probably only understood about 50% of the things mentioned in this video haha. Thank you for sharing this and letting us find out about Jakoby!

Ooh wee, I'm learning so much... ❤ instantly hooked

I'm sure, especially in this community, it's incredibly hard to share the personal experiences that inspired people down this path. Very much appreciated and inspiring in return. Thanks for bringing both the technical (which I barely understand enough to follow along), and some much needed humanity. Theoretically, it's the only thing that separates us from AI at this point, right? 😅

Thank you for your service. ❤

DNA data bouncing is the worm hole for the clear web.

we LOVE jakoby! thanks for having him on david!

:O WOW. So many amazing factors! Bounty very deserved.. Kinda scary providing the public even this much information in a video like this lol

Heyyy happy to see him here!! 🎉

I first saw iamjakoby here a few weeks ago when i built a pico rubber ducky. Amazing to see the guy himself, never thought to look up his name on anything except the ducky script repository.

Thank you , David

Wow! This cool educational information! Thank you!

Este sujeto es increíble. La realidad es que me quede por detrás, si bien entiendo superficialmente lo que dice, también siento que no entendí nada haha Agradezco que esta clase de persona quieran defender al resto de personas honestas. Realmente lo aprecio muchísimo y me encantaría seguir viendo videos de Jakoby

This is amazing content thanks so much for sharing

I like old-fashioned hackers, with phrases, and colors on their terminals, what good times.

Thank you David💯👍🏽

There you go Michael. Way to get on David Bombals' channel. Great collaboration

Thank you Very motivating. Imposter syndrom is hard to get over at times. I especially was happy to hear that there is good people out there, That something I need to hear more of due to all the evil people in the world. Thank you both again

Great video David Jack is a great guest

Jakoby is the man!

Messaged some guys at Microsoft that I grew up with. Well played on the ethical hacking. I pray I messaged the right people for you.

Woohoo!!!! Jakoby love your name brother love your work keep it up!!!

man this helped me so much thank you ..

Polymorphic reverse shell...thats amazing

What an amazing story. I would also say he's definitely on the right path!

THANKS

That intro was awesome.

i can say this guy is brilliant /genius....

Genius. Great and inspiring video. Thank you.

When youre a bricklayer but started your comp sci degree last years and understand every term mentioned in the sponsor segement 😃🥳

Hi david would love to see stuff on defensive tools and solutions e.g YARA rules, EDR systems. Thanks again for the OSCP course on Udemy!

Thanks

Happy Easter!

He is on another level!

Dude is AMAZING!

This dude is something else

jakoby is the man.

Interesting thanks 💯

what an inspiration

Its like looking at the stern of a boat. Green is starboard, red is port.

This was absolutely AMAZING! Jakobi 1000% needs a bounty award for this, and Microsoft should be kissing his ass and hiring him for whatever salary he desires lol. Also, everyone should be made aware how sh1tty MS is being by making everyone so vulnerable.

OMG, what a fantastic guy!

AWS paid a bounty I saw when I was there, that to me wasn't really warranted but they paid it anyway. I respect that. Micro$oft you are going to produce black hats onto you than whitehats

Genius

I love jakoby.❤

Do you have a tool that can be used to scan for vulnerabilities on the reflection sites so those sites can be added to a blacklist?

I know people always say this and now I finally will. I have been in the industry for 30 years. This guy is great. So tired of fakers on the web. It's refreshing to see real talent. Keep pushing bro! Saving the world one shell at a time.🔥🏴‍☠

as always the best it channel

1:11:35 I have to be that guy about the semantic expressions being used wherefore the focus of developers in the cybersecurity space is 'how COULD this be broken' to sanitize or use some other weak security measure to set up the best digital reaction to a cyber threat. Ethical hacking or generally all hacking is about the 'how WILL I destroy this system'.

Thank you sir i am working in dns reverse shell by using powershell so this video is so important to me thank you.your are great teacher thank you.god bles you❤❤❤❤❤❤❤i am suppoting you

What a great video about such an interesting topic 😊 i can literally imagine how it was to think hours in sleepless nights about such a challenge. After the cryptophones topic became public, I was fascinated of the idea to construct a secure data exchange method which is using a bunch of alternating channels like social media platforms and others. Even if I am not a hacker, the idea of chunking up the data and either include meta data or being able to link it felt like a lottery win 😊

Thanks god he is in our side 😂

Very useful ❤

David, Microsoft is evil in what they did to Jakoby. Great video. Thanks.

David these are fantastic topics but can we get a 1 or 2 minutes at the start of the video explaining core concepts quickly so we can be same page or have general idea what video is about? many people may not even know what powershell is

Would be nice to see a metamorphic shell.

How would I explain something that's happening just like this to people or customer service who don't believe it's possible?

insane

@David Bombal & @Jakoby - Is it worth the time to block "Powershell Gallery" in the Windows "hosts" file? Or will this do nothing?

This is nice

GOOD VIDEO🎉

Geez do Fidelity, Schwab or Robinhood use Akamai. What about spoofing NTP?

Wow, even his facial jewelry looks Reverse Engineered!

Jacobys shellsync git repo iss empty how can I use that

Hi David sir

Hol' up. Did homie just imply that you can plant potentially incriminating files on remote systems?

DNS filtering that can parse these queries would act as a notifier? Yes/No?

47:51 🤣

davidbomball looks so worried lol.

bro it took me 3 sites to visit and total 6 minutes to understand the title 😮‍💨

hydra: error while loading shared libraries: libx264.so.164: cannot enable executable stack as shared object requires: Permission denied While starting hydra this error is shown in non rooted nethunter also tried sudo but still not working

Microsoft needs to add this man to the payroll all he is trying to do is help….

Oh Microsoft, you are so funny...

⭐️⭐️

should alias whoami to "echo 'Ghost in the Shell'" instead - or better yet: if your goal is to piss off hackers who get into your machine and run that command just alias it to `exit` lmao

Sounds like a supervillain origin story. They screwed you over. I’m not saying “Go Get ‘Em…” but if you diiiiiiiiiid…many of us would understand 👍🏾

Anyone please tell me which AI course is best to learn with ethical hacking

Sir, discuss .xz please !!

Hi david sir can u help me with a course with is on ur website ethical hacking guide A-Z and kindly give me some guidance for offensive security and one more suggestion if u like i did ur ccna from udemy and my suggestion is can u do it for firewalls or scor courses

Pronoia - look it up What a fantastic story.