happy holidays, everyone! 🎄 let me know what else you’d like to see in the next one :) join our discord server! dsc.gg/crow-academy (also the freaking hats at 3:02; take that image with a grain of salt (it's never that dramatic LOL) LANTERN CORP HACKERS OR SOME SH*T IDK)
Respect. You can communicate clearly complex ideas and make it funny so the knowledge absorption is a lot better. Thank you very much for your work man. You got yourself a subscriber!
This is really cool! The terminology has some similarities to investigations and security, and was super easy to follow and understand, Merry belated Christmas!
@@crr0ww As a side topic you could do a brief introduction to OS hardening. This will open the way to more blue team based content that could be combined with offensive security to highlight both sides of pen testing engagements
@@HTWwpzIuqaObMt yes! i was actually planning on covering a lot more of the blue-teaming side; things like digital forensics and reverse engineering, etc. i can def add in a section or two about os hardening as well :) ty for the suggestion!
Can you make a video on VPNs? I think this was a super simple way of understanding some concepts, and I would really like your approach to this. Great video! hope TH-cam highlights more your channel
I'd say most (D)DoS attacks are done via actual exploits nowadays. Like forcing a Minecraft server to constantly load chunks where you shouldn't be allowed to
oh yeah, most definitely! one of my instructors, nikhil mittal (dude who wrote nishang) has some super cool tools on his github made especially for this purpose :)
most fortune companies actually do use active directory with pretty big defensive systems set in place, from things like looking at changes in the registry, general traffic, event ids; which include ids denoting changes to users as well and some crazy things like kerberos auth reqs and stuff (although with some kerberos most of this stuff is hard to discern since the domain controller sends sooooo many of these requests out, but like things 100% still do stick out, for instance, using RC4/NTLM hashes for auth instead of AES, that’ll stick out like a sore thumb, among other things) so it’s a lot more prevalent than people might think! although the super hollywood-esque decoy i’d say is pretty scarce. i’d imagine most threat actors, upon discovering a suspiciously out of place user with domain admin privileges would be a bit more cautious, knowing all the defences in place now a days :)
i'm trained as a penetration tester : ) i hope that's what you mean! although i'm trying to shift more onto the red-teaming side of things; thank you for your comment! :D
No cap you are one of the best content creator in this field... I watched buffer overflow video first and am in love with the way you make content
this is the sweetest comment ever 😭❤️ THANK YOU SO MUCH, im so glad you enjoyed it! 🥹
happy holidays, everyone! 🎄 let me know what else you’d like to see in the next one :)
join our discord server! dsc.gg/crow-academy
(also the freaking hats at 3:02; take that image with a grain of salt (it's never that dramatic LOL) LANTERN CORP HACKERS OR SOME SH*T IDK)
@@donmo1461 maybe one day ;)
can you show why http is insecure?
@@АртемКудрявцев-э7ю awesome suggestion! i’ll definitely make sure to cover that :)
Respect. You can communicate clearly complex ideas and make it funny so the knowledge absorption is a lot better. Thank you very much for your work man. You got yourself a subscriber!
This is really cool!
The terminology has some similarities to investigations and security, and was super easy to follow and understand, Merry belated Christmas!
thank you so much :D it’s always nice when you can find similarities in different fields like that :))
Just what i was looking for. Good content 🎉
Kerning City in the bg, i think im in love
Happy holidays! Maybe make a video about exploit development or on how to improve your own anonimity. Would be interestinf to lots of beginners
sounds good! i have a whole binary exploitation playlist planned but i’ll def cover anonymity :) thank you for your comment!
@@crr0ww As a side topic you could do a brief introduction to OS hardening. This will open the way to more blue team based content that could be combined with offensive security to highlight both sides of pen testing engagements
@@HTWwpzIuqaObMt yes! i was actually planning on covering a lot more of the blue-teaming side; things like digital forensics and reverse engineering, etc. i can def add in a section or two about os hardening as well :) ty for the suggestion!
@@crr0ww oh awesome! Do you have any other social media by any chance? Perhaps discord
@@HTWwpzIuqaObMt yes! i’ve added in my discord to the description of all my videos; you can find me there
What a wonderful day to find this channel
Can you make a video on VPNs? I think this was a super simple way of understanding some concepts, and I would really like your approach to this. Great video! hope TH-cam highlights more your channel
yes of course! i’ll definitely add VPNs in the next part :) thank you so much ❤️
great video!
btw 10:58 Tbps is terabit per second right? And TBps terabyte?
thank you so much!! and yeah, you got it :D Tbps = terabits/sec, TBps = terabytes/sec
Fyi there's also TiB meaning tebibyte, not the same as the previous two.
Nice content. This helps me a lot.
Really Helpfull !
dude please keep creating content
of course :p !! tysm for commenting :)
keep doing it
holy maplestory bg music :)
beast asf
appreciate cha
i like video very naice , i didnt get the port part a lot but still rest is well explained :)
how much honey comes in a honeypot
hmmm 🤔
5.84!
Enough to feed Pooh bear till he falls over.
@@crr0ww?? What is 5.84
🎉
Knowledge 😮
:o
💫💯💥
I'd say most (D)DoS attacks are done via actual exploits nowadays. Like forcing a Minecraft server to constantly load chunks where you shouldn't be allowed to
is that maplestory music i hear?
system or network - they do have user honey pots now days or files when open leak your ip address -- like fake spn user accounts on active directory
oh yeah, most definitely! one of my instructors, nikhil mittal (dude who wrote nishang) has some super cool tools on his github made especially for this purpose :)
i would love to know how many companies actually use honeypots this way - doesnt seem like many tho
most fortune companies actually do use active directory with pretty big defensive systems set in place, from things like looking at changes in the registry, general traffic, event ids; which include ids denoting changes to users as well and some crazy things like kerberos auth reqs and stuff (although with some kerberos most of this stuff is hard to discern since the domain controller sends sooooo many of these requests out, but like things 100% still do stick out, for instance, using RC4/NTLM hashes for auth instead of AES, that’ll stick out like a sore thumb, among other things) so it’s a lot more prevalent than people might think! although the super hollywood-esque decoy i’d say is pretty scarce.
i’d imagine most threat actors, upon discovering a suspiciously out of place user with domain admin privileges would be a bit more cautious, knowing all the defences in place now a days :)
@@crr0ww yeah, i wasnt sure tho since groups like Guacamaya, phineas fisher make things look easy for bad guys
you cool man
NAH! YOURE COOL :D TYSM ❤️🥹
What is your type role in IT??
i'm trained as a penetration tester : ) i hope that's what you mean! although i'm trying to shift more onto the red-teaming side of things; thank you for your comment! :D
@@crr0ww thank bro welcome and subscribed
@@Abdirahmaann thank you so much! :D
Hello mate, it is i, Nightlock
WHY HELLO ZEUS ❤️❤️
@@crr0ww ZEUS TREE :D
Noice video
thank you so much!! :)
@@crr0ww your belcome
el barto was here.
after watching this i now, too want to hack
:) ❤️
man you're pretty funny
log are u ben parker 🥴
with great secrets comes no transparency 🤫🤐
Do you have a job now brother?
very good Respect From Armenian Hackers Group LEGION