Jason is back! Big thanks to Brilliant for sponsoring this video! Get started with a free 30 day trial and 20% discount: https://brilliant.org/DavidBombal

Jason is back showing us his tools and methodology to ethically hack companies and help secure them. In this video he shows us how he hacked NASA in 60 seconds (and how you can learn to do something similar).

Previous Video (Hacking Tesla): https://youtu.be/-jLbRnmGYaA

// Videos mentioned //
* Real world hacking tutorial (Target: Tesla): https://www.youtube.com/watch?v=-jLbRnmGYaA
* I got PWNED ... and so dit you (you’re likely in the 12 Billion): https://www.youtube.com/watch?v=4sQ1teIVXw0

// Tools discussed //
https://gist.githubusercontent.com/jhaddix/
https://haveibeenpwned.com/
https://github.com/owasp-amass/amass
https://github.com/projectdiscovery/subfinder
https://github.com/projectdiscovery/httpx
https://github.com/gwen001/github-subdomains
https://twitter.com/gwendallecoguic
https://www.hackspacecon.com/
https://bugcrowd.com/nasa-vdp

//Jason's SOCIAL //
Youtube: https://www.youtube.com/c/jhaddix
LinkedIn: https://www.linkedin.com/in/jhaddix
X / Twitter: https://twitter.com/Jhaddix
Github: https://github.com/jhaddix
Boddobot: https://buddobot.com/
Bug Hunter’s methodology Course: http://tbhmlive.com/

// David's SOCIAL //
Discord: https://discord.gg/davidbombal
X / Twitter: https://www.twitter.com/davidbombal
Instagram: https://www.instagram.com/davidbombal
LinkedIn: https://www.linkedin.com/in/davidbombal
Facebook: https://www.facebook.com/davidbombal.co
TikTok: http://tiktok.com/@davidbombal

// MY STUFF //
https://www.amazon.com/shop/davidbombal

// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: [email protected]

// TIMESTAMPS //
00:00 - Coming up
00:41 - Watch until the end!
00:59 - Brilliant sponsored segment
01:56 - How Jason hacked NASA
04:09 - Finding credentials on Github
06:39 - Useful tool // "github-subdomains"
09:47 - Why it's important to find subdomains
11:20 - Searching for passwords on Github
15:20 - Searching for credentials on Github
19:13 - Where to get Jason's scripts
19:50 - The Bug Hunter's Methodology Live
22:17 - Class sneak preview
23:53 - Amass tool
26:01 - Subfinder tool
26:59 - How to keep track of everything
31:44 - "How to do something and when to do something"
34:51 - Threat intelligence // dehashed.com
41:33 - Ransomware service on the dark web // Lockbit
46:55 - Reach out to Jason // Socials
48:08 - Win a free seat to Jason's course
48:50 - Conclusion

Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

Disclaimer: This video is for educational purposes only.



#nasa #hacking #cybersecurity