How to make Millions $$$ hacking zero days?

You got STEPHEN SIMS to join the party here!??!? JEALOUS!
Great stuff as always!!

What he says about sacrifice is totally right. I wake up at 5am, workout and then study for at least 2 hours before running my business. I’m tired a lot but I’ve completed 3 courses in a little over a year. Starting an api hacking course in January. 💪 thanks for another great video David

My request Stephen to complete playlist on Exploit development from beginners to pro level and thanks to David it's an awesome session

It's possible to earn millions of dollars finding zero days and vulnerabilities in software. But, are you prepared to put in the work?
Browser Exploitation Introduction: th-cam.com/video/bcnV1dbfKcE/w-d-xo.html
Introduction to Buffer Overflows: th-cam.com/video/DHCuvMfGLSU/w-d-xo.html
Modern Windows Kernel Exploitation: th-cam.com/video/nauAlHXrkIk/w-d-xo.html
Linux Heap Exploitation: th-cam.com/video/dMDoC9DlVzA/w-d-xo.html
Modern Binary/Patch Diffing: th-cam.com/video/8jVOvPG4TjA/w-d-xo.html
Crypto and Blockchain Hacks: th-cam.com/video/y5JogTgpp-s/w-d-xo.html
My apologies for some of the technical issues in this interview. Zoom is a nightmare :(
// MENU //
00:00 - Coming up
00:53 - Stephen Sims introduction & Sans course
03:28 - Stephen's TH-cam channel // Off By One Security
07:56 - Growing up with computers
08:57 - Getting involved with Sans courses // Impressed by instructors
09:52 - "The Golden Age of Hacking" // Bill Gates changed the game
15:44 - Making money from Zero-Days // Ethical and Unethical methods, zerodium.com & safety tips
32:56 - How to get started
46:53 - Opportunities in Crypto
50:26 - Windows vs. iOS vs. Linux
53:47 - Which programming language to start with
56:22 - Recommended Sans courses
01:02:04 - Recommended CTF programs & events
01:04:06 - Recommended books
01:08:23 - The Vergilius project
01:10:25 - Connect with Stephen Sims
01:12:24 - Conclusion
// Stephen's Social //
Twitter: twitter.com/Steph3nSims
TH-cam Live: www.youtube.com/@OffByOneSecurity/streams
TH-cam videos: www.youtube.com/@OffByOneSecurity/videos
E-mail: Stephen(at)deadlisting.com
// Stephen's courses //
SANS Course sans.org. www.sans.org/cyber-security-courses/
- Advanced exploit development for penetration testers course
- Advanced penetration testing, exploit writing, and ethical hacking (GXPN)
- ARM Exploit Development
// Books discussed //
Grey Hat Hacking: amzn.to/3B1FeIK
Hacking: The art of Exploitation: amzn.to/3Us9Uts
The Shellcoder’s Handbook: amzn.to/3VqUEhY
Linkers & Loaders: amzn.to/3itqtbe
// Websites discussed //
Zerodium: zerodium.com/
Corelan Cybersecurity Research: www.corelan.be/
Shellphish: github.com/suljot/shellphish
Vergilius Project: www.vergiliusproject.com/
// David's Social //
Discord: discord.gg/davidbombal
Twitter: twitter.com/davidbombal
Instagram: instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
TH-cam Main Channel: th-cam.com/users/davidbombal
TH-cam Tech Channel: th-cam.com/channels/ZTIRrENWr_rjVoA7BcUE_A.html
TH-cam Clips Channel: th-cam.com/channels/bY5wGxQgIiAeMdNkW5wM6Q.html
TH-cam Shorts Channel: th-cam.com/channels/EyCubIF0e8MYi1jkgVepKg.html
Apple Podcast: davidbombal.wiki/applepodcast
Spotify Podcast: open.spotify.com/show/3f6k6gERfuriI96efWWLQQ

Absolutely fantastic video. I have calculated it will probably take me about 750 years to get anywhere near the level of knowledge displayed here. Either way, I have started writing that Windows driver, using Kernel-Mode Driver Framework (KMDF)...which I had to google.

Tremendous interview, David. Thank you for these. Incredibly interesting and informative.

Love hearing about the more advanced stuff. Having a roadmap is very helpful even if you end up taking a different path. Just knowing how to get started is a huge help.

Great topic, David. Thanks!

This is what I am waiting for. Thanks David

thank you david sir for taking stephen sir interview that interview helped me to clearify most of the things for better future

I don't know how you do it , I just searched for exploit development thought would be good for my skill set and you just released this video.
I love your content helped me alot in my work I really wish you grow more and keep bringing this amazing content. Bless you!!!

Loved this video. Very inspirational & informative. Thank you David.

20 years experience guy said you can't be a expert in every subject 👍 but my TH-cam feed destructed myself to learn everything 😂

Awesome stuff David as always 🔥

Thanks for initiating the talk with Steven. Now, to find some good zero-days for ZDI.

Here is the Game changer content🔥

The Best Videos on youtube Thx David for Your Time Giving to us 💖💖💖

Stephen's SANS class sound pretty cool, also good talk!

When I hear these topics if feel there's an entire universe to discover in a digital realm.
One can only learn and specialize a certain direction and still be memorized of the vastness of knowledge, tools, techniques available.

awesome content as always, keep what you're doing. thanks David

SANS is the country club in the world of cybersecurity. I’d literally have to pay 1/3 of my yearly salary to take a 6 day course.
SANS in essence is saying you must already be successful to be successful in cybersecurity.

We need this guy back asap

I feel like he's my lost brother We have a lot in common.
I look almost identical to him. Green gray blue eyes stretch etc.
Secondly i relate to him because I was basically born with a computer and always had a curiosity.
And I also have the exact same black guitar 😁🎸
Rock on brother 🤘🤘I hope I can speak with you

Thanks for the good video on exploits and vulnerability’s I’ve tested a few vulnerabilities before

Advanced knowledges beyond what I've learned and knew so far. Need to learn a lot more.

Took a Sans class taught by Mr. Simms. The guy is legit.

Setting a reasonable goal and path towards it, execute and stick to it. It does sound rather easy, however it is not. Great podcast, as always! Thank you for sharing.

Thanks for this one, was looking for ages how to start with a clear roadmap, would be nice to have him back to discuss malwares like Shikitega or eternal blue etc

My mind in frazzled 😵‍💫 great video!

Amazing video... Thanks for both of you.

Good Onya David, you're a ledge ;) and many thanks to Stephen

This was a great talk! Thanks for bringing another guru to light lol! Much appreciated!

Most people are taught that "you only need a good job to become rich". These billionaires are operating on a whole other playbook that many don't even know exists.

your content is always FIRE Sir!

oh snaps! i love exploit dev training! thanks david!

Amazing, OMG. Awesome content David, thank you very much! I have met these spectacular professionals thanks to your channel

I find this stuff fascinating. Thank you for the talk, appreciate you and your content!

Amazing Video David and Stephens!!! Thanks so so much

very very good and interesting interview. Top notch stuff!!

Thanks David 🖤❤️

I like your friend skill that behind the curtain and love your videos also 😍😍😍 I m a c.s.e student really want to learn how to work on language but never understand R.I.P mostly one flaw is Indian teachers 😔 they are followed books not any practicals but now a days study is different I m fast a learner in computing and electronics but when I studied my time is bad I have no teacher like today 😔.

Exactly what i wanted

I know what the benefit to a company like Verisign would have by buying those exploits that way. They sell SSL certificates which effects every website everywhere. It is a benefit for them to accept top bug bounty finds than to pay employees to look around for such problems that need fixed. Then directly talking to their clients and the corporations who advocates SSL certificates which are becoming a standard. They can go out of business if their SSL become useless. MS now controls hardware with TPM which is their security key.

🔥🔥🔥🔥 Content keep them videos coming 🎥

Thanks David 😊

Thank You David!

Thanks for the amazing contents

Thank you 🌹

will someone help me,
my college website is using old version of php (php5)
So what should I do, See also Exploits of the Exploits Database but they are many,
There are many vulnerabilities from PHP 5 to the latest version

love your content sir

Thank you sir!

Best video ever on the channel, thank you so much

Thank you. I love your channel

Awesome stuff

Hey David, would you do a video on browser fingerprinting ?

hey David,
how would you rate hack the box academy? I've been considering going for their bug bounty hunter course, I'm just wo dering if my time would be better spent somewhere else.

just started my journey in C and Assembly but though this is good information🔥🔥🔥 it is a bit more oriented for intermediate users. wish he recommended books for complete beginners as the way he emphasised on starting with building blocks, books like Hacking the Art of Exploitation when I first bought it, I initially thought it's a complete book but it just made me realise how much I don't know, that I needed to search up more before I understood a certain complex topic.....but ey its life of refusing to be a script kiddie😂😂😂

David interviewing Matchbox 20 :)

David you are love man ❤️😇

is it still not working😢?
iam starting my pentesting course,
i have mac m1pro
so u think i should seal it and buy windows?beacuse as you say some tools doesnt work?

Cant wait

Thank you so much! This is very instructive

Thanku sir

Great work. Beautiful.

No fluff❤❤❤

I have it this PDF book but is really hard go with it when you have some knowledge I stopped for later I need more knowledge

@41:00 Practice makes perfect... PERIOD... Time is the only REAL commodity we have, all have to start somewhere and once known practice practice practice...

Outstanding.

Nice David..

Thank you

Thank you VERY much for this awesome content, David!
.
.
.
.
.
Corgee hacks you 2 please...

Have him show us how to do a buffer overflow.

Amazing Content @David.....

Would you recommend using a vm or an old laptop you found lying around for practice?

super inspiring omg thanks for this

"litigation" is a word used a lot in this video, just wondering what that is exactly with respect to security.
New in the industry.

Σας χαιρετω ολους. Δεν κτραταω κακια σε κανενα.

please make of iot full Introduction and about attacking and hacking it I need it for my monograph please

Thank you very much!

There is any certification for automotive cybersecurity ??

Amazing video!!!

David we want you to make some videos of basics of Linux. help

Thank you sir

Went to check the website out and the beginner course, the fundamentals, was like $7k… I mean wow..

Can he come back and talk about hooking system calls

That's Crazy bro

Is that a Gibson in the background

Gud video 👍

My files are encrypted with ransomware can u help to decrypt them

TH-camr Jay Williams "Lets live life" recently had his page hacked, any tips on getting it back?

common lisp has a lot of advanced features and doesn't have many security vulnerabilities like many other languages.

I can't find that book he mentioned "Journey Into Ring 0"

Don't worry. We have a ChatGPT now. You better pick carpentry. :D

Are you really a hacker if your webcam isn't half frozen? (i'm just teasing bc linux seems to struggle with screen tearing so much and i thought it was my pc)

انا ارغب فى هذه البرمجة ولكن لا عرف عنها شي اني صفر هل ممكن ان اتبدي وكم مدة سياخذني

👍👍!

I been validating exploits on multiple platforms still no deal

Hello, is there a virus for all platforms?

This is why coding instructor are NEVER GOOD, at 35:15…. A good teacher can recognize a student savant who learns backwards. Those are usually the most talented and naturally inclined individuals on the planet per their respective interests
Dave Chappelle, he writes his jokes backwards…. Same way I do, he doesn’t seem like someone who can recognize the ability to reverse engineer and have that actually be the better teaching instrument than not, he doesn’t have that radar

❤😊