It's possible to earn millions of dollars finding zero days and vulnerabilities in software. But, are you prepared to put in the work?

Browser Exploitation Introduction: https://youtu.be/bcnV1dbfKcE
Introduction to Buffer Overflows: https://youtu.be/DHCuvMfGLSU
Modern Windows Kernel Exploitation: https://youtu.be/nauAlHXrkIk
Linux Heap Exploitation: https://youtu.be/dMDoC9DlVzA
Modern Binary/Patch Diffing: https://youtu.be/8jVOvPG4TjA
Crypto and Blockchain Hacks: https://youtu.be/y5JogTgpp-s

My apologies for some of the technical issues in this interview. Zoom is a nightmare :(

// MENU //
00:00 - Coming up
00:53 - Stephen Sims introduction & Sans course
03:28 - Stephen's YouTube channel // Off By One Security
07:56 - Growing up with computers
08:57 - Getting involved with Sans courses // Impressed by instructors
09:52 - "The Golden Age of Hacking" // Bill Gates changed the game
15:44 - Making money from Zero-Days // Ethical and Unethical methods, zerodium.com & safety tips
32:56 - How to get started
46:53 - Opportunities in Crypto
50:26 - Windows vs. iOS vs. Linux
53:47 - Which programming language to start with
56:22 - Recommended Sans courses
01:02:04 - Recommended CTF programs & events
01:04:06 - Recommended books
01:08:23 - The Vergilius project
01:10:25 - Connect with Stephen Sims
01:12:24 - Conclusion

// Stephen's Social //
Twitter: https://twitter.com/Steph3nSims
YouTube Live: https://www.youtube.com/@OffByOneSecurity/streams
YouTube videos: https://www.youtube.com/@OffByOneSecurity/videos
E-mail: Stephen(at)deadlisting.com

// Stephen's courses //
SANS Course sans.org. https://www.sans.org/cyber-security-courses/
- Advanced exploit development for penetration testers course
- Advanced penetration testing, exploit writing, and ethical hacking (GXPN)
- ARM Exploit Development

// Books discussed //
Grey Hat Hacking: https://amzn.to/3B1FeIK
Hacking: The art of Exploitation: https://amzn.to/3Us9Uts
The Shellcoder’s Handbook: https://amzn.to/3VqUEhY
Linkers & Loaders: https://amzn.to/3itqtbe

// Websites discussed //
Zerodium: https://zerodium.com/
Corelan Cybersecurity Research: https://www.corelan.be/
Shellphish: https://github.com/suljot/shellphish
Vergilius Project: https://www.vergiliusproject.com/

// David's Social //
Discord: https://discord.gg/davidbombal
Twitter: https://www.twitter.com/davidbombal
Instagram: https://www.instagram.com/davidbombal
LinkedIn: https://www.linkedin.com/in/davidbombal
Facebook: https://www.facebook.com/davidbombal.co
TikTok: http://tiktok.com/@davidbombal
YouTube Main Channel: https://www.youtube.com/davidbombal
YouTube Tech Channel: https://youtube.com/channel/UCZTIRrENWr_rjVoA7BcUE_A
YouTube Clips Channel: https://www.youtube.com/channel/UCbY5wGxQgIiAeMdNkW5wM6Q
YouTube Shorts Channel: https://www.youtube.com/channel/UCEyCubIF0e8MYi1jkgVepKg
Apple Podcast: https://davidbombal.wiki/applepodcast
Spotify Podcast: https://open.spotify.com/show/3f6k6gERfuriI96efWWLQQ

apple
ios
android
samsung
exploit
exploit development
windows
linux
exploits
zero days
zero day
0day
1day

Disclaimer: This video is for educational purposes only. I own all equipment used for this demonstration. No actual attack took place on any websites.

Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

#android #ios #linux