// MENU // 00:00 - Coming up 00:35 - Introduction 01:28 - Cori's Twitter and website 02:14 - Cori's background 02:58 - Phishing David Bombal 04:10 - Phishing definition and demonstration 11:36 - Setting up a Gophish server 13:51 - How it started 14:38 - Setting up a Gophish server (continued) 18:00 - Gophish server 20:33 - Phishing demonstration 31:15 - How to prevent phishing 34:27 - Cori's war story 37:16 - Best pretexts for social engineering 39:44 - How to learn social engineering 42:00 - Phishing demonstration recap 42:44 - Final words and advice 43:22 - Connect with Cori 43:34 - Conclusion // Software used // Gophish: github.com/gophish/gophish LinkedInt: LinkedInt: github.com/vysecurity/LinkedInt Singlefile: chrome.google.com/webstore/detail/singlefile/mpiodijhokgodhhofbcjdecpffjipkle // Books discussed // The hacker playbook by Peter Kim: amzn.to/3tZHwoe // People mentioned // Rachel Tobac: twitter.com/RachelTobac Snow: twitter.com/_sn0ww // Cori SOCIAL // Twitter: twitter.com/corg_e Website: www.corgima.com/ // David's SOCIAL // Discord: discord.gg/davidbombal Twitter: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal RUclips Main Channel: ruclips.net/user/davidbombal RUclips Tech Channel: ruclips.net/channel/UCZTIRrENWr_rjVoA7BcUE_A RUclips Clips Channel: ruclips.net/channel/UCbY5wGxQgIiAeMdNkW5wM6Q RUclips Shorts Channel: ruclips.net/channel/UCEyCubIF0e8MYi1jkgVepKg Apple Podcast: davidbombal.wiki/applepodcast Spotify Podcast: open.spotify.com/show/3f6k6gERfuriI96efWWLQQ // MY STUFF // www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
12:36 Just FYI, today several different machine learning algorithms exist that can effectively de-blur text like this. I highly recommend using black boxes to obfuscate details instead of blurring.
Shows how careful you have to be. It's a crazy world. So different from when we started!!!! Well done David. I think you are providing a great service and awareness for those in IT.
After 30+ years in IT, I trust no one that contacts me that I'm not expecting and then I'm suspicious the moment they ask about anything other than the service I'm currently providing. I've made auditors wait while I lookup who their boss is on internal directories, phone them and check what they're here for. Even with all that I worry that one day I'll get caught out.
Kudos on your dedication. Phishing wouldn't be a business if people were that thorough. It's a mindset - we don't have to be paranoid. Just live by "Trust - but verify"
That was SO interesting! Thanks a million for this and all the other great interviews, and content in general! As someone with a long background in various tech jobs and a terrible case of imposter syndrome, I'm slowly becoming more and more inspired to take the leap and pivot to something I actually find interesting, rather than doing what I know that pays the bills. Mostly from watching your material. Lots of ❤from the frozen north!
I've watched up to about half of this so far and I'm absolutely intrigued. I'm a Security Guru myself, and watching this take place just reminds me how stupid easy it is to phish people. And to be real, with the kind of information you can get from LinkedInt is nuts. You can take that data, tie it in with maltego, do a crap ton of searches to gather even more information, key in the fact that people tend to use the same password on every site they're on, find some breached database downloads from companies who hav been breached and see if any of the massive number of emails you've gathered match. Then just use those passwords. BOOM. Absolutely nuts man, good work. People seriously need to see this, because it really is THIS easy.
What a video! I was really entertained and even smiled and laughed at my monitor because I was curious how the pices got packed together in the email template. Those real world scenarios really help me to bring all those puzzles pices together. I love your content thank you so much for prroducing this type of contet.
What a solid interview!! I definitely enjoyed seeing the tools used to hack David Bombal in action. I am definitely looking forward form more of these! thank you!
brilliant david, such an awesome choice for an expisode. very well done, your team is doing really well. ive been a long time subscriber so I'm pleased with where this channel is going and the content its been putting. It's absolutely perfect David! congratulations for the success, not to much longer and you'll have 1 MILL ! Very exciting stuff!
Awesome Video! The only thing I'm always a bit frustrated about, is when ppl on ytb and co. refer to the defcon and that we should attend in order to get to know where to start better (like cori did in the end). There are so many ppl all over the world, who really can't attend at defcon. It's almost impossible from a financial aspect for alot of students around the world. Maybe I'm missing something, but that's how I feel.
There are so many defcon talks posted here on RUclips. If you need to find holes in your knowledge take practice exams online. If you need to know what you need to learn for your career then follow a career path. I consider Defcon to be a long term goal instead of somewhere to start.
David, it is the 1st time I saw you blush. Kudos to you for publishing this. Very informational and making what's said demonstratively real world. Also thank you for your manner of publishing videos in general - very systematic and perfectly paced so that I for one can follow with ease. I think Gorgi made a lot of RUclips IT publishing buffs sit up and listen. Gorgi proves that the combination of a bubbly beautiful personality can be incredibly scary. A request, will you consider consider contacting Mr. Rob Braxman for a discussion? Thanks again for your work. This may be the last time commenting on your vids - too scared of Cori. :-)
Awesome content! Thanks for asking the questions that make the material and subject understandable for all, and big props to Corgi! I will watch this again.
Let me be honest.... I watch a lot of your videos, I love your shows and how you explain everything in the real world but I never got to the actual dreaded "subscribe". Today, however, I was blown away!! I learnt so much from you and Cori. Love your work, love your content, you're super genuine! What a legend David!
"I watch a lot of your videos" I think David deserve a 'subscribe' from you at the second or third video:-). That's a lot of work form the youtuber, and I personnaly have no problem to move my mouse by some pixels and clic on a button, when I watch content even small amount of them, and to encourage content creators. I recently discovered pockettube, a firefox extension which help you to organise you subscription and content.
Scams did happen to me David, just because I really trust you I followed it but instantly realized that it was not you. Thank you for the amazing content.
I am cybersecurity expert from India . I also learnt a lot from this video thanks for the great and informative video David. I got one more request please more videos with occupy the web.
yo what this came out today? I am currently doing a phishing pentest on the company I work for. It's my first "pentest". Not really a full pentest my boss just wanted to see how many people would click on a phishing email, but its still super exciting. Love your content man!
This was an amazing video I loved it. The company I work for is under phishing attacks a lot and they do a lot of great training but at the end of each quarter they send out statistics and it’s alarming to see how many employees still click on these sketchy urls.
I got out of this world over 20 years ago, but it's great to see the new generation like Corgi still so passionate about what they do - and for the right reasons. :)
7:30 httrack on steroids right from the toolbar extensions. Run an old tool dnstwist and you can find all domains similar and available to the target domain. This was a big thing around the holidays about 4-6 years ago. Even the mistyping of one letter could lead you to say an amazon that looked completely normal. Be careful out there.. Cori your awesome, and scary maybe 2 of the best things.
@@joshkinder8871 is it? All I found was: _"Be careful: Since the config.json file contains database credentials, you will want to ensure it is only readable by the correct user. For Linux users, you can do this using chmod 640 config.json."_ Leaving something 777, especially a folder like she did, is a serious security hole. Edit: That said, she knows she's running on a virtual server, which is not even on her comp, is going to delete all that soon after the video's done, and isn't used to creating tutorials for people to do what she does. She just does it.
@@LabGecko she didn't changed the permission on the config file, but on the application executable. In a prodution environment I would probably use a 740, but since this is a demo 777 is fine.
Hey, something that might interest you. A couple of days ago my Amazon account was closed with no warning for after hours of wasted time they're telling me it's for excessive returns which I think is an error but that's beside the point. When they closed my Amazon account all my Amazon devices that I own for years primarily all my Echo devices stopped working. I lost access to the Amazon Photos and Prime Video which I pay for. So apparently the devices you already own are subject to be disabled by Amazon on your perceived shopping habits! I assume the same applies to all other Amazon devices and services like fire OS tablets, Ring cameras, and probably AWS as well. Just wanted to make other people aware of this because they definitely don't tell you this when you buy your hardware and services.
I'm currently learning about cyber security and failing miserable. My employer is trying to get us to learn 4 years of certs in 6 months for an entire team with no previous experience. This video has helped me understand how a threat actor would approach phishing much better than our vendor course had. So thank you very much.
wow, amazing!!!! right after you tried to log in at the fake (phishing) website, do you actually get into a copy of the website's successful log-in page or is it just give you an error??? again beautiful and amazing video
Dave: I have to confess your expressions show you really didnt count on this little expose'. She's great, have her on again. Love your channel and I learned a lot from her in this video.
@@corgi796 ok cool thats what I was just trying to do, I've just never really used a "chrome HTML doc" before but im guessing it works like any other index.html. thanks 👍this is fun!😁
Watching your videos, I feel like I'm being transported into the fascinating world of techies. This content is truly amazing, and I appreciate the way Cori presented. It's clear that she has a passion for what she does. Thank you for the incredible demo, and keep up the fantastic work! More grease to your elbows!🙏
This is both Scary and Interesting at the same time. I know there are FAR too many people who are are the wrong side of this issue. It would be nice if we did not have to worry about all this... I'm dreaming of a perfect world.
Very interesting stuff. Once you've redirected an user to the fake website you need to grab his or her credentials somehow and store them somewhere, I guess. Thanks
The good (reality) , the bad (reality) and the ugly (reality),… this was ugly reality but then in a explained beautiful way! Thank you two for sharing!
This was really great. Few things I took away from this, - women would be great at social engineering, because in the present day, no one would expect them to be trying to break into a server room, - always go to the web site itself, and never follow a link from a mobile or email, - large companies need to buy every domain name that is even similar to theirs :) - Amazon is aiding hackers all over the world :P I am curious though, as far as getting caught after the fact, surely with you having to register with a domain registrar to buy the domain name, and Amazon to host the phishing services, doesn't that mean there is a paper trail for actual hackers? Yes it's ok for someone paid to test security, because they are going to be ok whether successful or not, but how do genuine hackers get around the fact they have to pay for these services? Wouldn't the registrar and Amazon etc., be willing to give law enforcement your method of payment, and as such your identity? Even in an email it gives your IP address of the sender. Or is this were the stolen credit cards come into play that we hear about a lot? Fantastic video David and Corgi, I culd watch these kind of demos etc all day and still be learning things.
They don't pay. They use someone else's credentials to set up services, or they set up their own email server. If this video was understandable, googling how to set up a mail server is fairly straightforward.
This is by far one of your top 3 videos! Great interview, great content and great preparation and demonstration by C, even made you the master himself blush 😂👏👏
I m learning hacking from last 1 year.. i have all basics knowledge of bug bounty.. do i need to start bug bounty wait automated tools that available only or first learn full manual then i start???
One of the best channel ... I always follow your video for good work ....it really help me not only education purpose .... it's also help in cyber area ..
She made a solid point. Also, a reason why I believe the US is always behind in cybersecurity. We teach people, honestly, useless things like ITIL and Project Plus and Project Management, with a lot of red tape and meetings and time put against doing what these "foreign" actors do. They spend their entire life, every minute of the day on this stuff. Their lives can literally depend on it. They don't have to deal with middle-management, red tape, laws and other things that do get in the way. I don't know of a good middle ground, but, it definitely show's why we are so behind.
Surely this is the girl from the first Spy Kids Movie many years later.. definitely thought for a second I should stop commenting on videos lol, but no.. really great content and I'm going to pickup the recommended reading! Thank you both, especially to David for showing the genuine fear I think we all had watching this. 👌
Have to ask this question.. Showing how to do the hacking would it not do more harm than good? I think hacking is very fascinating, but only when it is used for the good of us all. My e-mail / facebook messenges / Phone calls from other contrys etc.. Is getting bombarded with links and fake persons who want me to press on a link, its getting to a point now that i dont even wanna use any of them.
// MENU //
00:00 - Coming up
00:35 - Introduction
01:28 - Cori's Twitter and website
02:14 - Cori's background
02:58 - Phishing David Bombal
04:10 - Phishing definition and demonstration
11:36 - Setting up a Gophish server
13:51 - How it started
14:38 - Setting up a Gophish server (continued)
18:00 - Gophish server
20:33 - Phishing demonstration
31:15 - How to prevent phishing
34:27 - Cori's war story
37:16 - Best pretexts for social engineering
39:44 - How to learn social engineering
42:00 - Phishing demonstration recap
42:44 - Final words and advice
43:22 - Connect with Cori
43:34 - Conclusion
// Software used //
Gophish: github.com/gophish/gophish
LinkedInt: LinkedInt: github.com/vysecurity/LinkedInt
Singlefile: chrome.google.com/webstore/detail/singlefile/mpiodijhokgodhhofbcjdecpffjipkle
// Books discussed //
The hacker playbook by Peter Kim: amzn.to/3tZHwoe
// People mentioned //
Rachel Tobac: twitter.com/RachelTobac
Snow: twitter.com/_sn0ww
// Cori SOCIAL //
Twitter: twitter.com/corg_e
Website: www.corgima.com/
// David's SOCIAL //
Discord: discord.gg/davidbombal
Twitter: twitter.com/davidbombal
Instagram: instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
RUclips Main Channel: ruclips.net/user/davidbombal
RUclips Tech Channel: ruclips.net/channel/UCZTIRrENWr_rjVoA7BcUE_A
RUclips Clips Channel: ruclips.net/channel/UCbY5wGxQgIiAeMdNkW5wM6Q
RUclips Shorts Channel: ruclips.net/channel/UCEyCubIF0e8MYi1jkgVepKg
Apple Podcast: davidbombal.wiki/applepodcast
Spotify Podcast: open.spotify.com/show/3f6k6gERfuriI96efWWLQQ
// MY STUFF //
www.amazon.com/shop/davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
Why not put them in the description of the video? Did you not want the keyword to list?
Can i Trust these Links🤔 lol
@26:16 - "So if I click on the link - which I won't do, because I'm scared of you..." 😂😂😂
12:36 Just FYI, today several different machine learning algorithms exist that can effectively de-blur text like this. I highly recommend using black boxes to obfuscate details instead of blurring.
Pin
Been watching for years, this has been one of my favorite interviews.
Shows how careful you have to be. It's a crazy world. So different from when we started!!!! Well done David. I think you are providing a great service and awareness for those in IT.
Thank you Bernard!
Sometimes you have to old school it.
I miss the early days of the internet. Everything was simpler.
Appreciate your efforts of being so jargon free and beginner-friendly❤️
After 30+ years in IT, I trust no one that contacts me that I'm not expecting and then I'm suspicious the moment they ask about anything other than the service I'm currently providing. I've made auditors wait while I lookup who their boss is on internal directories, phone them and check what they're here for. Even with all that I worry that one day I'll get caught out.
Calm tf down
@@richardclifford9641 he can't
@@richardclifford9641 chill bro stop being extra
Kudos on your dedication. Phishing wouldn't be a business if people were that thorough. It's a mindset - we don't have to be paranoid. Just live by "Trust - but verify"
smart man
That was SO interesting! Thanks a million for this and all the other great interviews, and content in general!
As someone with a long background in various tech jobs and a terrible case of imposter syndrome, I'm slowly becoming more and more inspired to take the leap and pivot to something I actually find interesting, rather than doing what I know that pays the bills. Mostly from watching your material.
Lots of ❤from the frozen north!
It was a masterclass in less than an hour
I've watched up to about half of this so far and I'm absolutely intrigued. I'm a Security Guru myself, and watching this take place just reminds me how stupid easy it is to phish people. And to be real, with the kind of information you can get from LinkedInt is nuts. You can take that data, tie it in with maltego, do a crap ton of searches to gather even more information, key in the fact that people tend to use the same password on every site they're on, find some breached database downloads from companies who hav been breached and see if any of the massive number of emails you've gathered match. Then just use those passwords. BOOM. Absolutely nuts man, good work.
People seriously need to see this, because it really is THIS easy.
23:02 David- I'm glad you work on the right side of the law!
Cori- *Nervous laughter*
And I'm like.... Yes, she is. Just might be. Loooolz
FANTASTIC tutorial!!!! Thanks David & Corgi. I wish I could give more than 1 like
We need another video with Corgi and hear more stories. This was so cool. Thanks for doing these interviews David. They help out a lot.
Someone who doesnt just talk but can demonstrate the whole thing. What a legend she is. Cool stories too.
There was a lot to learn in 45 minutes. Keep up with the great content! 😄💯
What a video! I was really entertained and even smiled and laughed at my monitor because I was curious how the pices got packed together in the email template. Those real world scenarios really help me to bring all those puzzles pices together. I love your content thank you so much for prroducing this type of contet.
What a solid interview!! I definitely enjoyed seeing the tools used to hack David Bombal in action. I am definitely looking forward form more of these! thank you!
We need 5k he really deserve it .
Thank you David
Thank you! Hopefully soon 😀
If not the best interview one of the best I've watched so far. Cogi is an awesome teacher for sure!
brilliant david, such an awesome choice for an expisode. very well done, your team is doing really well. ive been a long time subscriber so I'm pleased with where this channel is going and the content its been putting. It's absolutely perfect David! congratulations for the success, not to much longer and you'll have 1 MILL ! Very exciting stuff!
Much appreciated Mikey!
Its funny how David knows all the steps too 😁. Thanks for sharing!
The thing that made the happiest was that i understood every single thing she did, nice content.
Awesome Video! The only thing I'm always a bit frustrated about, is when ppl on ytb and co. refer to the defcon and that we should attend in order to get to know where to start better (like cori did in the end). There are so many ppl all over the world, who really can't attend at defcon. It's almost impossible from a financial aspect for alot of students around the world. Maybe I'm missing something, but that's how I feel.
Agreed. Especially now, with health concerns and increased flight costs
There are so many defcon talks posted here on RUclips.
If you need to find holes in your knowledge take practice exams online. If you need to know what you need to learn for your career then follow a career path. I consider Defcon to be a long term goal instead of somewhere to start.
Hello david . Im from Manipur India. I love your content and learn alot from you. GOD BLESS YOU .
Thank you Reden!
David, great guest! So much of this very few people ever consider. GREAT vid!
David you are so complete thats so nice to learn with you.
We should admit that her smile is beautiful and her skills also
David, it is the 1st time I saw you blush. Kudos to you for publishing this. Very informational and making what's said demonstratively real world. Also thank you for your manner of publishing videos in general - very systematic and perfectly paced so that I for one can follow with ease. I think Gorgi made a lot of RUclips IT publishing buffs sit up and listen. Gorgi proves that the combination of a bubbly beautiful personality can be incredibly scary. A request, will you consider consider contacting Mr. Rob Braxman for a discussion? Thanks again for your work. This may be the last time commenting on your vids - too scared of Cori. :-)
Apologies...Cori, not Corgi.
Rob is scheduled to talk to us soon :)
Great video! Would love to see her again ! Maybe in a full social engineering video? Great work to both of you!
Get her back for more stories and examples David !!! She was great!!!! 👍 learned a lot!
This is is so aswome!! I never even heard of linkedint & go phishing.
I will experiment with these new tools tonight in my lab :D
Awesome content! Thanks for asking the questions that make the material and subject understandable for all, and big props to Corgi! I will watch this again.
Let me be honest.... I watch a lot of your videos, I love your shows and how you explain everything in the real world but I never got to the actual dreaded "subscribe". Today, however, I was blown away!! I learnt so much from you and Cori. Love your work, love your content, you're super genuine! What a legend David!
"I watch a lot of your videos" I think David deserve a 'subscribe' from you at the second or third video:-). That's a lot of work form the youtuber, and I personnaly have no problem to move my mouse by some pixels and clic on a button, when I watch content even small amount of them, and to encourage content creators. I recently discovered pockettube, a firefox extension which help you to organise you subscription and content.
@@fabricefeddo4301 No worries good man, I am already a sub. :-)
Scams did happen to me David, just because I really trust you I followed it but instantly realized that it was not you. Thank you for the amazing content.
wow! you guys are the best. thanks for doing all of this
So dope David. Thanks again bro. Fascinating info
Thanks for showing how hackers do it and how easy it is sometimes.
I am cybersecurity expert from India . I also learnt a lot from this video thanks for the great and informative video David. I got one more request please more videos with occupy the web.
yo what this came out today? I am currently doing a phishing pentest on the company I work for. It's my first "pentest". Not really a full pentest my boss just wanted to see how many people would click on a phishing email, but its still super exciting. Love your content man!
This was an amazing video I loved it. The company I work for is under phishing attacks a lot and they do a lot of great training but at the end of each quarter they send out statistics and it’s alarming to see how many employees still click on these sketchy urls.
This is a great walk through for people learning. Seeing the commands in action always helps me learn
I got out of this world over 20 years ago, but it's great to see the new generation like Corgi still so passionate about what they do - and for the right reasons. :)
7:30 httrack on steroids right from the toolbar extensions. Run an old tool dnstwist and you can find all domains similar and available to the target domain. This was a big thing around the holidays about 4-6 years ago. Even the mistyping of one letter could lead you to say an amazon that looked completely normal. Be careful out there.. Cori your awesome, and scary maybe 2 of the best things.
Thank you David. Another great interview, as always.
She: I love when people make mistakes in online tutorials
Also she: *gives the file triple seven*
It's literally written in their own installation wiki to chmod 777.
chmod a+x
@@joshkinder8871 is it? All I found was:
_"Be careful: Since the config.json file contains database credentials, you will want to ensure it is only readable by the correct user. For Linux users, you can do this using chmod 640 config.json."_
Leaving something 777, especially a folder like she did, is a serious security hole.
Edit: That said, she knows she's running on a virtual server, which is not even on her comp, is going to delete all that soon after the video's done, and isn't used to creating tutorials for people to do what she does. She just does it.
@@LabGecko she didn't changed the permission on the config file, but on the application executable. In a prodution environment I would probably use a 740, but since this is a demo 777 is fine.
@@maurox1614 reread my comment please. I quoted someone else and already said what you did.
Hey, something that might interest you. A couple of days ago my Amazon account was closed with no warning for after hours of wasted time they're telling me it's for excessive returns which I think is an error but that's beside the point. When they closed my Amazon account all my Amazon devices that I own for years primarily all my Echo devices stopped working. I lost access to the Amazon Photos and Prime Video which I pay for. So apparently the devices you already own are subject to be disabled by Amazon on your perceived shopping habits! I assume the same applies to all other Amazon devices and services like fire OS tablets, Ring cameras, and probably AWS as well. Just wanted to make other people aware of this because they definitely don't tell you this when you buy your hardware and services.
Great video, love the research on individuals to use on an actual Pen test, inspiring.
Great content man! We miss the scada episodes
I’m seriously thinking of doing the “Bombay Binge” starting tomorrow…. I have to order snacks first!
Congratulations Sir!! It's soon gonna hit a "million"❤️🙌
I'm currently learning about cyber security and failing miserable. My employer is trying to get us to learn 4 years of certs in 6 months for an entire team with no previous experience. This video has helped me understand how a threat actor would approach phishing much better than our vendor course had. So thank you very much.
loved the video!! great interview
Glad you enjoyed it!
Thanks a lot for posting such a great content david!! Loved it!!
I have a pdf form of the hackers playbook it's brilliant indeed! :D
Great video David/Cori. Definitely squat all the variations on your domain. ;)
Bunch of wonderful interview
do more of this!! this is amazing
Tha you David for this interview!
wow, amazing!!!! right after you tried to log in at the fake (phishing) website, do you actually get into a copy of the website's successful log-in page or is it just give you an error??? again beautiful and amazing video
Dave: I have to confess your expressions show you really didnt count on this little expose'. She's great, have her on again. Love your channel and I learned a lot from her in this video.
How do you put a login page that was captured using single file on your lightsail instance?
Hey, we didn’t go into depth on that during the recording, but it was freely hosted with Netlify! Great platform that I really recommend
@@corgi796 ok cool thats what I was just trying to do, I've just never really used a "chrome HTML doc" before but im guessing it works like any other index.html. thanks 👍this is fun!😁
Watching your videos, I feel like I'm being transported into the fascinating world of techies. This content is truly amazing, and I appreciate the way Cori presented. It's clear that she has a passion for what she does. Thank you for the incredible demo, and keep up the fantastic work! More grease to your elbows!🙏
This is both Scary and Interesting at the same time. I know there are FAR too many people who are are the wrong side of this issue. It would be nice if we did not have to worry about all this... I'm dreaming of a perfect world.
I'm just glad there are people like Cori who help lock it down. The safer any of us are, the safer we all are.
Corg_e reminds me of Winona Ryder. Great video. Super informative.
loved every bit of it. Mesmerizing energy and great content.
Very interesting stuff. Once you've redirected an user to the fake website you need to grab his or her credentials somehow and store them somewhere, I guess. Thanks
Always Love Your Content
Thank you very much Arbab!
No giveaway? I think these videos are an amazing gift themselves ❤️
So fun to watch and learned a lot
If my pc has malware and I reset or format the pc, will the malware be deleted? ...
The good (reality) , the bad (reality) and the ugly (reality),… this was ugly reality but then in a explained beautiful way! Thank you two for sharing!
This was really great.
Few things I took away from this,
- women would be great at social engineering, because in the present day, no one would expect them to be trying to break into a server room,
- always go to the web site itself, and never follow a link from a mobile or email,
- large companies need to buy every domain name that is even similar to theirs :)
- Amazon is aiding hackers all over the world :P
I am curious though, as far as getting caught after the fact, surely with you having to register with a domain registrar to buy the domain name, and Amazon to host the phishing services, doesn't that mean there is a paper trail for actual hackers?
Yes it's ok for someone paid to test security, because they are going to be ok whether successful or not, but how do genuine hackers get around the fact they have to pay for these services?
Wouldn't the registrar and Amazon etc., be willing to give law enforcement your method of payment, and as such your identity?
Even in an email it gives your IP address of the sender. Or is this were the stolen credit cards come into play that we hear about a lot?
Fantastic video David and Corgi, I culd watch these kind of demos etc all day and still be learning things.
They don't pay. They use someone else's credentials to set up services, or they set up their own email server. If this video was understandable, googling how to set up a mail server is fairly straightforward.
corgi i llove you from my heart❤❤
where are the captions!! i need those to watch 😭😭
Great video again! Man, this is so interesting. And Cori is so beautiful! Thanks David!
Very cool... Thanks to you for sharing more knowledge... it helps a lot in the development of thinking!!!!
wonderful video david, keep it up!
Thank you David for wonderful stuff.
Great interview👌
Always watch out on what link you're clicking... 👍👍
i need to learn hacking but i don't have any idea where to start from :( anyone pls help me!!
That's the point of David's you tube videos.
This is inspirational and motivational 💯
Entrevista incrivel, gostei bastante, obrigado e otimo trabalho :D
Always learn something new here every sec
This is by far one of your top 3 videos!
Great interview, great content and great preparation and demonstration by C, even made you the master himself blush 😂👏👏
Mr. Bombal, as far as I am concerned, u are the best man of all time in this field. God bless you❤️
I m learning hacking from last 1 year.. i have all basics knowledge of bug bounty.. do i need to start bug bounty wait automated tools that available only or first learn full manual then i start???
Thanks for asking those dumb questions for us. I'm actually dummy, so those dumb questions really do help me understand.
thanks for the extension cori....that was really great...
If they fire the guy who let you in, then they just fired someone who has now learned the lesson they wanted to prevent.
This girl is like the sane version of Darlene from Mr robot.
Other words she's sooooooo aswome i wish i had a sister like that haha
True :D
One of the best channel ... I always follow your video for good work ....it really help me not only education purpose .... it's also help in cyber area ..
Curious would you be willing to do a video on how to tell if your iot devices has been turned into a bot net and is there a way to remove it?
She made a solid point. Also, a reason why I believe the US is always behind in cybersecurity. We teach people, honestly, useless things like ITIL and Project Plus and Project Management, with a lot of red tape and meetings and time put against doing what these "foreign" actors do. They spend their entire life, every minute of the day on this stuff. Their lives can literally depend on it. They don't have to deal with middle-management, red tape, laws and other things that do get in the way. I don't know of a good middle ground, but, it definitely show's why we are so behind.
Surely this is the girl from the first Spy Kids Movie many years later.. definitely thought for a second I should stop commenting on videos lol, but no.. really great content and I'm going to pickup the recommended reading! Thank you both, especially to David for showing the genuine fear I think we all had watching this. 👌
Hello I am Alberto from Tanzania, East Africa You taught me a lot I love your Channel
Just.. incredible content, thank you so much!
Oh man scary stuff! And Cori is so good at it!
Have to ask this question.. Showing how to do the hacking would it not do more harm than good?
I think hacking is very
fascinating, but only when it is used for the good of us all.
My e-mail / facebook messenges / Phone calls from other contrys etc.. Is getting bombarded with links and fake persons who want me to press on a link, its getting to a point now that i dont even wanna use any of them.
this is why I never click links to important websites, just type it in yourself.
Hey David,
Can you reccomend a CCNP security course, or perhaps you have one in the making ?
Her website reminds me of the old days.
Good times
David, can you find out, Shouldn't you also set up an MX record so say google won't dump it as an invalid email?