top of page
Ex-NSA hacker tools for real world pentesting
01:16:40
David Bombal

Ex-NSA hacker tools for real world pentesting

Learn real world pentesting plus which tools are the best to use with Ex-NSA Hacker Neal Bridges. Neal tells us what he carries in his backpack when doing real world pentests. My apologies for the issues with this video. I had to remove the previously uploaded video because I had movie clips like Mr Robot and The Spy Game in the video and YouTube didn't like them... so I had to remove the video :( Menu: 0:00 ▶️ Introduction 1:17 ▶️ Neal sees pentesting differently 2:00 ▶️ Neal's advice from experience 3:18 ▶️ Neal's 5,000 pentests 4:30 ▶️ Take NSA and experience 5:10 ▶️ Preparation is key 5:50 ▶️ OSINT 6:30 ▶️ Actual Pentest report 7:50 ▶️ Pretexting 8:45 ▶️ Another real world example 9:30 ▶️ Planning is very important 10:15 ▶️ Leave stuff in your car? 11:55 ▶️ Right tools for the job 12:05 ▶️ Top tools 12:30 ▶️ Extra cables 12:58 ▶️ Hak5 Ethernet cable 13:10 ▶️ Is Hak5 a necessity 13:57 ▶️ Rubber Ducky 14:30 ▶️ Hak5 are great 15:00 ▶️ Real world example of equipment 15:30 ▶️ You can create your own stuff 16:10 ▶️ Your time is money 16:30 ▶️ Proxmark 17:30 ▶️ Crazy RFID reader 18:50 ▶️ Poor planning RFID example 20:20 ▶️ Your time is worth something! 21:00 ▶️ Hone your tradecraft 21:20 ▶️ Proxmark explanation 21:50 ▶️ A reader doesn't give you access. You need a pretext 23:50 ▶️ Social engineering 25:50 ▶️ You need a story 26:04 ▶️ Social Engineering vs tech 29:00 ▶️ Physical access is king 30:00 ▶️ What to do once past the door 31:19 ▶️ Military facility pentest 33:27 ▶️ Look for a network port 34:49 ▶️ You want to get out of there 35:04 ▶️ Hak5 Lan turtle 36:35 ▶️ Back of computer vs switch 37:32 ▶️ Pop it into the back of the computer 38:11 ▶️ What about WiFi 38:50 ▶️ TP-Link WiFi Card 39:50 ▶️ Ubertooth 40:50 ▶️ HackRF One 41:56 ▶️ Hak5 Pineapple 42:09 ▶️ SDR 43:00 ▶️ Real world example 44:13 ▶️ Alfa Network Adapter 44:50 ▶️ Wifi Hacking 44:49 ▶️ Alfa not practical so much 46:20 ▶️ You cannot charge for a WiFi pentest 47:17 ▶️ You are making it real 47:45 ▶️ WiFi can be social engineering 48:47 ▶️ Captive portal 49:40 ▶️ Rogue Access point 50:40 ▶️ Real world wifi pentest example 51:30 ▶️ Port Security 51:57 ▶️ Hak5 Pineapple access corporate network 52:34 ▶️ Always social engineering 53:00 ▶️ Pyramid of pain 53:14 ▶️ Stuxnet 54:45 ▶️ Telsa attack 55:07 ▶️ NSA examples 56:32 ▶️ Human Intelligence Hacking Example 58:40 ▶️ Another hacking example 1:00:18 ▶️ WiFi hacking example 1:01:32 ▶️ Neal's photo while hacking 1:03:22 ▶️ Once inside, you are trusted 1:03:40 ▶️ Summary of devices 1:03:55 ▶️ Hak5 switch 1:04:08 ▶️ Extra cables 1:04:15 ▶️ Hak5 Rubber Ducky 1:04:30 ▶️ Hak5 Pineapple 1:04:54 ▶️ Hak5 Bash Bunny 1:04:58 ▶️ Hak5 Packet Squirrel 1:06:26 ▶️ Ubertooth 1:06:31 ▶️ Proxmark 1:07:00 ▶️ Value of networking knowledge 1:07:32 ▶️ Neal got his CCNA 1:08:50 ▶️ Very few companies use port security properly 1:10:08 ▶️ Cain and Abel 1:11:00 ▶️ Are zero days worth it 1:12:05 ▶️ Shiny objects vs Neal's wisdom 1:13:37 ▶️ Real world hard talk 1:14:25 ▶️ What do you recommend 1:16:55 ▶️ Neal and David going to do something ======================= Buy Hak5 coolness here: ======================= Buy Hak5: https://davidbombal.wiki/gethak5 ============================ Buy ShareBrained Technology: ============================ PortaPack: https://www.sharebrained.com/ ================ Connect with me: ================ Discord: https://discord.com/invite/usKSyzb Twitter: https://www.twitter.com/davidbombal Instagram: https://www.instagram.com/davidbombal LinkedIn: https://www.linkedin.com/in/davidbombal Facebook: https://www.facebook.com/davidbombal.co TikTok: http://tiktok.com/@davidbombal YouTube: https://www.youtube.com/davidbombal ================ Connect with Neal: ================ YouTube: https://www.youtube.com/cyberinsecurity LinkedIn: https://www.linkedin.com/in/nealbridges/ Twitter: https://twitter.com/ITJunkie Twitch: https://www.twitch.tv/cyber_insecurity hak5 hackrf one ubertooth one rubber ducky lan turtle wifi pineapple omg cables omg cable hak5 rubber ducky hak5 omg cable omg cable android omg cable ios usb rubber ducky bash bunny shark jack hak5 bash bunny hak5 shark jack packet squirrel hak5 packet squirrel lan turle hak5 lan turle Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! #hacking #cybersecurity #hak5
HackTheBox Blocky Walkthrough - Linux Privilege Escalation
36:19
HackerSploit

HackTheBox Blocky Walkthrough - Linux Privilege Escalation

In this video, we will be taking a look at how to escalate your privileges on Linux systems by leveraging kernel exploits. The techniques in this video were performed on HackTheBox "Blocky". ----------------------------------------------------------------------------------- BLOG ►► https://bit.ly/3qjvSjK FORUM ►► https://bit.ly/39r2kcY ACADEMY ►► https://bit.ly/39CuORr ----------------------------------------------------------------------------------- TWITTER ►► https://bit.ly/3sNKXfq DISCORD ►► https://bit.ly/3hkIDsK INSTAGRAM ►► https://bit.ly/3sP1Syh LINKEDIN ►► https://bit.ly/360qwlN PATREON ►► https://bit.ly/365iDLK MERCHANDISE ►► https://bit.ly/3c2jDEn ----------------------------------------------------------------------------------- CYBERTALK PODCAST ►► https://open.spotify.com/show/6j0RhRiofxkt39AskIpwP7 ----------------------------------------------------------------------------------- We hope you enjoyed the video and found value in the content. We value your feedback, If you have any questions or suggestions feel free to post them in the comments section or contact us directly via our social platforms. ----------------------------------------------------------------------------------- Thanks for watching! Благодарю за просмотр! Kiitos katsomisesta Danke fürs Zuschauen! 感谢您观看 Merci d'avoir regardé Obrigado por assistir دیکھنے کے لیے شکریہ देखने के लिए धन्यवाद Grazie per la visione Gracias por ver شكرا للمشاهدة ----------------------------------------------------------------------------------- #HTB#Linux#Privesc
Introduction To Pentesting - Enumeration
39:22
HackerSploit

Introduction To Pentesting - Enumeration

In this video, I demonstrate how to perform service enumeration with Nmap scripts. The target box that is used in this video is Metasploitable2. Metasploitable is an intentionally vulnerable Linux virtual machine. This VM can be used to conduct security training, test security tools, and practice common penetration testing techniques. Metasploitable2: https://sourceforge.net/projects/metasploitable/files/Metasploitable2/ 📈 SUPPORT US: Patreon: https://www.patreon.com/hackersploit Merchandise: https://teespring.com/en-GB/stores/hackersploitofficial SOCIAL NETWORKS: Twitter: https://twitter.com/HackerSploit Instagram: https://www.instagram.com/hackersploit/ LinkedIn: https://www.linkedin.com/company/18713892 WHERE YOU CAN FIND US ONLINE: HackerSploit - Open Source Cybersecurity Training: https://hackersploit.org/ HackerSploit Academy: https://www.hackersploit.academy HackerSploit Forum: https://forum.hackersploit.org LISTEN TO THE CYBERTALK PODCAST: Spotify: https://open.spotify.com/show/6j0RhRiofxkt39AskIpwP7 We hope you enjoyed the video and found value in the content. We value your feedback. If you have any questions or suggestions feel free to post them in the comments section or contact us directly via our social networks. Thanks for watching! Благодарю за просмотр! Kiitos katsomisesta Danke fürs Zuschauen! 感谢您观看 Merci d'avoir regardé Obrigado por assistir دیکھنے کے لیے شکریہ देखने के लिए धन्यवाद Grazie per la visione Gracias por ver شكرا للمشاهدة #Pentesting#Infosec
Top 5 hacking books
39:06
David Bombal

Top 5 hacking books

Top 5 ethical hacking books to get started? Top 5 practical hacking books? Neal discusses Hacking and cybersecurity books with me. Do you agree with him? Did we miss any great books? Menu: Top hacking books for 2021: 0:00 Top 5 books to get started in cybersecurity: 0:28 Book 1: The Pentest Blueprint: 1:00 Book 2: Social Engineering - The Art fo Human Hacking: 1:58 Real world example from Neal's experience: 3:03 Social engineering vs technical hacking skills: 6:34 Some people wouldn't want to lie: 10:12 What's good in the book - defeating humans: 10:50 Book 3: Basic Security Testing with Kali Linux: 12:22 Teaching you tools / OSCP: 13:42 Book 4: Metasploit Penetration Testing Cookbook: 14:27 Cost of training: 16:05 Book 5: The Hacker Playbook: 16:37 How do I practice ethical hacking? 18:27 Buying physical equipment: 20:06 Practical Book 1: RTFM: 22:00 Practical Book 2: BLue Team Handbook: 23:46 Practical Book 3: Gray Hat Python: 24:51 Practical Book 4: Malware Analysts Cookbook: 26:40 Practical Book 5: Inside Cyber Warfare: 35:16 Top 3 books: 37:07 Top 1: 37:28 Top 2: 37:40 Top 3: 38:05 Stream mentioned: https://www.youtube.com/watch?v=iBj_m2-d1TE&feature=youtu.be =============================== Books (Amazon Affiliate links): =============================== The Pentester BluePrint: Starting a Career as an Ethical Hacker: https://amzn.to/3rzZ9Hw Inside Cyber Warfare: https://amzn.to/2YZUcvn The Hacker Playbook: 1: https://amzn.to/36XrM9I 2: https://amzn.to/36Sr2mj 3: https://amzn.to/3rzYxSe Metasploit Penetration Testing Cookbook: 2nd Edition: https://amzn.to/2MO2WCk 3rd Edition: https://amzn.to/3jyZgQH Social Engineering - The Art of Human Hacking: https://amzn.to/3aMZsIm Basic Security Testing with Kali Linux: https://amzn.to/3cWLAOc Malware Analysts Cookbook: https://amzn.to/3cSlxb7 Gray Hat Python: https://amzn.to/2Z2wiPK Blue Team Handbook: https://amzn.to/3tHq6uM Red Team Field Manual (RTFM): https://amzn.to/2LzzSOh =================================== ISBN Numbers from Neal's bookshelf: =================================== Inside Cyber Warfare: 978-0-596-800215-8 The Hacker Playbook: 978-1-4949-3263-3 Metasploit Penetration Testing Cookbook: 978-1-84951-742-3 Social Engineering - The Art fo Human Hacking: 978-0-470-63953-5 Basic Security Testing with Kali Linux: 9781-494861278 Malware Analysts Cookbook: 978-0-470-61303-0 Gray Hat Python: 978-1-59327-192-3 Blue Team Handbook: 9781500734756 Red Team Field Manual: 9781494295509 ================ Connect with me: ================ Discord: https://discord.com/invite/usKSyzb Twitter: https://www.twitter.com/davidbombal Instagram: https://www.instagram.com/davidbombal LinkedIn: https://www.linkedin.com/in/davidbombal Facebook: https://www.facebook.com/davidbombal.co TikTok: http://tiktok.com/@davidbombal YouTube: https://www.youtube.com/davidbombal ================ Links: ================ INE training: https://bit.ly/inetraining eLearn Security: https://elearnsecurity.com/product/ejpt-certification/ OSCP: https://www.offensive-security.com/courses-and-certifications/ SANS: https://www.sans.org/ Hack the box: https://www.hackthebox.eu/ Try Hack Me: https://tryhackme.com/ CTF Time: https://ctftime.org/ctf-wtf/ CEH: https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/ Cyber Blue: https://securityblue.team/ Cyber Defenders: https://cyberdefenders.org/ ================ Connect with Neal: ================ LinkedIn: https://www.linkedin.com/in/nealbridges/ Twitter: https://twitter.com/ITJunkie Twitch: https://www.twitch.tv/cyber_insecurity ================ Support me: ================ DavidBombal.com: CCNA ($10): http://bit.ly/yt999ccna Udemy CCNA Course: https://bit.ly/ccnafor10dollars GNS3 CCNA Course: CCNA ($10): https://bit.ly/gns3ccna10 hacking books hack hacker hacking nsa nsa hacker nsa hacking ethical hacking ceh oscp ine try hack me hack the box hacking ethical hacker oscp certification ctf for beginners Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! #hacking #oscp #cybersecurity
Ex-NSA hacker tells us how to get into hacking! (2022 Edition)
50:07
David Bombal

Ex-NSA hacker tells us how to get into hacking! (2022 Edition)

This is the path to becoming a hacker. Follow the advice and change your life! // MENU // 0:00 ▶️ Introduction - it's been a year! 2:12 ▶️ We have a mission to help you 3:55 ▶️ In 2022, what should I do? Neal's 3 things. 10:00 ▶️ Is eJPT free? 12:00 ▶️ Do I need to do something else first? Neal's opinion about various courses 18:10 ▶️ Neal gets on his high horse about Metasploit. 19:05 ▶️ Hackersploit has joined INE 21:18 ▶️ What about Capture The Flag? Bug Bounty 22:30 ▶️ How to get real world experience without having experience 26:20 ▶️ Should I give up my job to get into cybersecurity? 28:35 ▶️ Red vs Blue and jobs? 31:40 ▶️ Hack your job: Garbage jobs 33:30 ▶️ Which job should I start with to break into cyber 36:00 ▶️ LinkedIn networking - make your self invisible 39:00 ▶️ Meaningful connections 44:40 ▶️ Would you recommend creating content 48:10 ▶️ Best advice // Previous video // 2021 video: https://youtu.be/SFbV7sTSAlA // Connect with David // Discord: https://discord.com/invite/usKSyzb Twitter: https://www.twitter.com/davidbombal Instagram: https://www.instagram.com/davidbombal LinkedIn: https://www.linkedin.com/in/davidbombal Facebook: https://www.facebook.com/davidbombal.co TikTok: http://tiktok.com/@davidbombal YouTube: https://www.youtube.com/davidbombal // Connect with Neal // YouTube: https://www.youtube.com/c/cyberinsecurity LinkedIn: https://www.linkedin.com/in/nealbridges/ Twitter: https://twitter.com/ITJunkie // Creators mentioned // John Hammond: https://www.youtube.com/c/JohnHammond010 Network Chuck: https://www.youtube.com/networkchuck Hackersploit: https://www.youtube.com/c/HackerSploit // Links // INE: https://bit.ly/freeinetraining Hacker One: https://www.hackerone.com/ Bug Crowd: https://bugcrowd.com/programs OSCP: https://www.offensive-security.com/courses-and-certifications/ eLearn Security: https://elearnsecurity.com SANS: https://www.sans.org/ Hack the box: https://www.hackthebox.eu/ Try Hack Me: https://tryhackme.com/ CTF Time: https://ctftime.org/ctf-wtf/ CEH: https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/ Cyber Blue: https://securityblue.team/ Cyber Defenders: https://cyberdefenders.org/ Did I miss something? Please comment. // MY STUFF // Monitor: https://amzn.to/3yyF74Y More stuff: https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com nsa nsa hacker nsa hacking ethical hacking ceh oscp ine try hack me hack the box hacking ethical hacker oscp certification ctf for beginners elearn security Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! #hacker #hacking #nsa
Phishing attacks are SCARY easy to do!! (let me show you!) // FREE Security+ // EP 2
17:54
NetworkChuck

Phishing attacks are SCARY easy to do!! (let me show you!) // FREE Security+ // EP 2

How do hackers launch phishing attacks? Let me show you! Want to see more, dive deeper? 🔥🔥Join the NetworkChuck Academy!: https://ntck.co/NCAcademy This is Episode 2 of my FREE CompTIA Security+ course covering the SY0-501 AND SY0-601. This episode covers Phishing attacks and I even show you how to launch one, step by step. (Exam Objective 1.1) Phishing, Smishing, Vishing, Spear phishing, pharming, spam, spim, whaling, credential harvesting and invoice scams. VIDEO TOOLS --------------------------------------------------- Black Eye Phishing tool: https://bit.ly/35Jmz3L ---------------Want to win a Raspberry Pi? I'm giving (2) away, contest ends Friday 10/30: https://bit.ly/31Ctafc Security+ Playlist: http://bit.ly/secplus_TII 👊👊Get EARLY access to the course here: https://bit.ly/thisisitio SECURITY+ RESOURCES --------------------------------------------------- Official CompTIA Study Guide: https://geni.us/1fYyAu CompTIA eLearning: https://geni.us/2L2mNT FREE CompTIA Security+ course, collaborating with @David Bombal and @Keeping IT Simple (Jeremy Cioara)!! SUPPORT NETWORKCHUCK --------------------------------------------------- ➡️Become a YouTube Member: https://bit.ly/join_networkchuck 🔥🔥Join the NetworkChuck Academy!: https://ntck.co/NCAcademy ☕OFFICIAL NetworkChuck Coffee: https://NetworkChuck.coffee NEED HELP?? Join the Discord Server: http://bit.ly/nc-discord 0:00 ⏩ Intro 1:00 ⏩ Build a Phishing website 5:03 ⏩ Send a Phishing Email 9:55 ⏩ Other Phishing attacks (affiliate links below) 🔥MY CEH STUDY TOOLS🔥 📺Video: ITProTV (https://bit.ly/itprotvnetchuck) 📚Book: https://geni.us/UWAZ1i4 (Amazon) http://bit.ly/2FsyqWo (O'Reilly, 10 day FREE TRIAL) 🔬Lab: ITProTV Labs (https://bit.ly/itprotvnetchuck) FOLLOW ME EVERYWHERE --------------------------------------------------- Instagram: https://www.instagram.com/networkchuck/ Twitter: https://twitter.com/networkchuck Facebook: https://www.facebook.com/NetworkChuck/ Join the Discord server: http://bit.ly/nc-discord other FANTASTIC CCNA training resources: FULL CCNA course: http://bit.ly/2BJazQG ( @David Bombal ) ITProTV: https://bit.ly/itprotvnetchuck 🔥Learn Python🔥 Codecademy: http://bit.ly/2Me22NH AFFILIATES & REFERRALS --------------------------------------------------- (GEAR I USE...STUFF I RECOMMEND) My network gear: https://geni.us/L6wyIUj Amazon Affiliate Store: https://www.amazon.com/shop/networkchuck Buy a Raspberry Pi: https://geni.us/aBeqAL -Phishing -Smishing -Vishing -Spear phishing -Pharming -Spam -Spam over internet messaging (SPIM) -Whaling -Credential harvesting -invoice scams
Videos: Videos
bottom of page