- Видео 12
- Просмотров 130 826
bmdyy
Добавлен 13 июн 2017
Cybersecurity videos
Tracking Pixels in Emails (They’re Spying on You)
Most corporations are not living inside your walls, they are simply using tracking pixels to spy on you. In this video I will explain and demonstrate this technique, as well as discuss the various protections popular email services use to combat this.
Chapters:
0:00 Introduction
0:23 Demonstration
3:04 Protection
4:39 Outro
Chapters:
0:00 Introduction
0:23 Demonstration
3:04 Protection
4:39 Outro
Просмотров: 1 911
Видео
Stealing and Cracking NTLMv2 Hashes
Просмотров 2,7 тыс.Год назад
In this video I demonstrate three different ways to capture NetNTLMv2 hashes (LFI, SQLi, and .LNK files), and how they can be cracked using Hashcat. Chapters: 0:00 Introduction 0:32 Obtaining a NetNTLMv2 Hash 0:59 Setting Up Responder 2:12 Local File Inclusion 3:46 SQL Injection 5:51 .LNK Files 8:18 Cracking NetNTLMv2 Hashes 9:30 Outro
What is Process Hollowing?
Просмотров 4,3 тыс.Год назад
In this video I explain and demonstrate a concept called process hollowing which is commonly used by malware developers as a way to evade antivirus detection. Github: github.com/bmdyy/proc-hollow Chapters: 0:00 Introduction 0:17 Theory 2:02 Demonstration 3:51 Antivirus Evasion 5:02 Outro
Cheat-Jitsu Pt.2: Dealing with Encrypted Club Penguin Traffic
Просмотров 1,7 тыс.Год назад
In my previous video, we created a Card-Jitsu cheat for CPPS.io. In this video we will look at how it could be updated to work on New Club Penguin (newcp.net). Watch Cheat-Jitsu Pt. 1: ruclips.net/video/_4V7_Wk_jV8/видео.html Download JPEXS: github.com/jindrapetrik/jpexs-decompiler/releases Chapters: 0:00 Introduction 0:19 Wireshark 1:11 Intercepting SWFs with BurpSuite 4:44 Decompiling Cipher....
Cheat-Jitsu Pt.1: Sniffing Traffic to Cheat in Club Penguin
Просмотров 1,6 тыс.Год назад
I played a LOT of Club Penguin growing up. In this video we’ll take apart the Club Penguin protocol using Wireshark, and then see how we can easily develop a cheat for the Card-Jitsu minigame with this knowledge. In this video I will be playing on cpps.io/, which is a free private server for Club Penguin made by fans. I will only play / cheat in games against myself and I do not condone cheatin...
Using Discord as a C2!
Просмотров 7 тыс.Год назад
In this video I showcase a POC malware I developed that uses Discord as a C2. Code is available on my Github: github.com/bmdyy/discord-c2 Do not use this software to do anything illegal! This is just a proof of concept to show it is possible. Chapters: 0:00 Introduction 1:10 Demonstration 5:44 Code 9:48 Outro Track: Infraction- Hackers Music provided by Infraction No Copyright Music Spotify: sp...
Faster (Boolean) Blind SQLi
Просмотров 915Год назад
In this video I compare the Bisection and SQL-Anding (boolean) blind SQL injection algorithms using a custom target and Python scripts. Github: github.com/bmdyy/faster-blind-sqli Data / Graphs: docs.google.com/spreadsheets/d/1FdOYCAtdOS3T62VdZSJWqQMLSwO-H0sDMOxKyOotkRc/edit#gid=0 Paper by Ruben Ventura: aircconline.com/csit/papers/vol10/csit101909.pdf I’m quite surprised the results are so simi...
Burp Suite Certified Practitioner: Practice Exam Walkthrough (December 2022)
Просмотров 15 тыс.Год назад
In this video I walk through the Burp Suite Certified Practitioner Practice Exam. Take the practice exam: portswigger.net/web-security/certification/takepracticeexam/index.html YsoSerial: github.com/frohoff/ysoserial Username List: portswigger.net/web-security/authentication/auth-lab-usernames Password List: portswigger.net/web-security/authentication/auth-lab-passwords XSS Cheat Sheet: portswi...
John Hammond: 17 Years in the Making
Просмотров 2,6 тыс.Год назад
A very brief 'documentary' of John Hammond's story. Chapters: 0:00 Introduction 0:28 Pre-RUclips 2:03 Code Commentaries Era 2:43 Programming Tutorials Era 3:38 CTF Walkthrough Era 4:30 Modern Era 5:27 Outro
My Guide to HTB’s CBBH Course/Exam
Просмотров 22 тыс.Год назад
In this video I will share my experience with the CBBH course and exam, as well as some tips I have for people who may be interested in taking it. Chapters: 0:00 Introduction 0:19 Course: Format & Content 2:31 Course: Duration 3:05 Course: Pwnbox 3:33 Course: Pricing 4:22 Exam: Format & Content 5:09 Exam: Duration 5:59 Exam: Report 7:49 Exam: Feedback 8:20 Exam: Pricing 8:51 Exam: Tips 10:46 Outro
Creating Ransomware is EASY!
Просмотров 25 тыс.Год назад
Over the past couple of years ransomware attacks have increased steadily, in part due to the massive shift to working from home. In this video we will create some ransomware of our own using Go. Code from this video: github.com/bmdyy/go-ransomware Chapters: 0:00 Introduction 0:29 Installing Go 1:08 Developing the Ransomware (Encryptor) 10:06 Developing the Ransomware (Decryptor) 15:19 Testing o...
My Guide to HTB’s CPTS Course/Exam
Просмотров 46 тыс.Год назад
Recently I passed the CPTS exam by HackTheBox. In this video I discuss my experience with the course and exam, as well as how it differs from the OSCP. HTB Discord: discord.com/invite/hackthebox Chapters: 0:00 Introduction 0:29 The Course 3:35 The Exam 5:38 The Report 8:11 Tips & Tricks 11:46 FAQ: How does CPTS compare to OSCP? 18:55 Outro Background Music: Airport Lounge - Disco Ultralounge by...
Based on your professional experience and your familiarity with OffSec coursework and exams, as well as HTB modules and exams, do you believe that a candidate preparing for the OSCP would benefit more (both in the short and long term) from using the CPTS course supplemented with various HTB and OffSec PG boxes, rather than solely focusing on the Pen 200 course? To be clear, my immediate target is the OSCP.
greattttttttttttttttttttttt!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Thanks for your review, please tell me how can i build knowledge after learn basic with HTB modules.
cpts is better than oscp, when ctps will get reputed as oscp, as it is worth and better
What application did you use for note taking throughout the modules?
nice video bro
Great vid brother. That's my goal in the next 2-3 months. Since I will be doing mostly 2-3 hours /daily, nothing more, since I'm a bit limited in time. and I also want to take twice as much time to learn everything thoroughly.
Very good video. Thanks a ton!
Just finished the path 🥲
Do you have a discord? I'm just asking cuz I wanna help out my friend plot revenge against one asshole who keeps harassing him just because he's Russian.
Is that 41 days fulltime or an hour a day or somewhere in the middle?
I am planning to have CPTS as a start . If I studied the HTB materials well . will I Pass ?
Came for the club penguin and stayed because of both the humor and the way you teach. Truly an amazing channel!
Thanks for the video mate
You made so quick, How long your doing Pen tester brother? Anyway i didn't understand the 3rd part of the lab as you have managed the cookie go and back , but that's my unexperience in when understand what to do with the cookie's session. Good job !!
I am prancing my dad
Thanks mate. I've been planning to take this cert after PJPT :)
what is the prerequisite for Ctps course? can a fresher with no experience can do it ?
hey, one question - in 15:00 you mention ‘there are no labs in CPTS’.. how is one supposed to go about practicing the CPTS content then? do you have to do it in your own home lab? if so, how would you simulate the specific vulnerable environment the module focuses on teaching? thanks!
Is the Time log you show on 05:10 a data dump from another tracking software or is that just your notes entering as you go? - Great video, thanks!
Hi guys, has this changed ?
well done man, and thanks for the video
the music is perfect, perfect
holy shit das öfb shirt kam auch aus dem nichts.. freut mich, sub is raus
I have taken notes throughout the entire path and I cannot even find the first flag. It's bs.
Hello. Thank you for the video. If you get the Platinum subscription for two months, you'll have cubes left over. I think it's 920 left over after they refund some. What do you recommend using them on after this cert?
Naming a function 'Nonce' is wild
About the flag system, is it figurativly or actually .Will I actually find a string that I would submit and get the points? Or when i get to the admin or rce then this is considered a flag ? Another thing is Previelege Escalation, typically in htb machine you find a vuln in the website that leads to low level shell (rce ) then you use privilege escalation techniques like using linpeas to achieve root privileges . Is this the case in the cbbh exam so I can go and practice on the Priv Esc techniques ?
Thank you! With the way you explain it, it makes to sound it so easy :). Keep it up!
Thanks for this video bcz it's very help to me because i wanna learn ransomeware and you're teache me
nice and easy ))
have you solve prractice exam 2
good one
I remember when OSCP exam attempts user to be $60 a pop. Sigh
So many things i've learned in this video.. Nice content man ..
can you post your commands file you made?
Excellent job!!
Why did you stop uploading 😢
These also violate GDPR.
Scary easy to create devastating malware like this. Throw in some networking capabilities and you can PWN a network in minutes
Do you have any recommendations to do this
does this still work as per now?
Your skills are impressive in coding
The solution is not suitable as of 2024. The intended solution seems to be <script>location = ...</script>
Why you stopped making videos?
Life
@@martinlastname8548he died? 🙄
thanks a lot. could you share these notes with us?
Hello everybody
Thanks itss ssooooooo informative
Wow, first to pass that's awesome. TOP review, thanks. Also, that is some serious elevator music.
subbed
That was a great informative video learned alot