It's possible to earn millions of dollars finding zero days and vulnerabilities in software. But, are you prepared to put in the work?

Browser Exploitation Introduction: https://youtu.be/bcnV1dbfKcE

Introduction to Buffer Overflows: https://youtu.be/DHCuvMfGLSU

Modern Windows Kernel Exploitation: https://youtu.be/nauAlHXrkIk

Linux Heap Exploitation: https://youtu.be/dMDoC9DlVzA

Modern Binary/Patch Diffing: https://youtu.be/8jVOvPG4TjA

Crypto and Blockchain Hacks: https://youtu.be/y5JogTgpp-s

My apologies for some of the technical issues in this interview. Zoom is a nightmare :(

// MENU //

00:00 - Coming up

00:53 - Stephen Sims introduction & Sans course

03:28 - Stephen's YouTube channel // Off By One Security

07:56 - Growing up with computers

08:57 - Getting involved with Sans courses // Impressed by instructors

09:52 - "The Golden Age of Hacking" // Bill Gates changed the game

15:44 - Making money from Zero-Days // Ethical and Unethical methods, zerodium.com & safety tips

32:56 - How to get started

46:53 - Opportunities in Crypto

50:26 - Windows vs. iOS vs. Linux

53:47 - Which programming language to start with

56:22 - Recommended Sans courses

01:02:04 - Recommended CTF programs & events

01:04:06 - Recommended books

01:08:23 - The Vergilius project

01:10:25 - Connect with Stephen Sims

01:12:24 - Conclusion

// Stephen's Social //

Twitter: https://twitter.com/Steph3nSims

YouTube Live: https://www.youtube.com/@OffByOneSecu...

YouTube videos: https://www.youtube.com/@OffByOneSecu...

E-mail: Stephen(at)deadlisting.com

// Stephen's courses //

SANS Course sans.org. https://www.sans.org/cyber-security-c...

- Advanced exploit development for penetration testers course

- Advanced penetration testing, exploit writing, and ethical hacking (GXPN)

- ARM Exploit Development

// Books discussed //

Grey Hat Hacking: https://amzn.to/3B1FeIK

Hacking: The art of Exploitation: https://amzn.to/3Us9Uts

The Shellcoder’s Handbook: https://amzn.to/3VqUEhY

Linkers & Loaders: https://amzn.to/3itqtbe

// Websites discussed //

Zerodium: https://zerodium.com/

Corelan Cybersecurity Research: https://www.corelan.be/

Fishshell: https://fishshell.com/

Vergilius Project: https://www.vergiliusproject.com/

// David's Social //

Discord: https://discord.gg/davidbombal

Twitter: https://www.twitter.com/davidbombal

Instagram: https://www.instagram.com/davidbombal

LinkedIn: https://www.linkedin.com/in/davidbombal

Facebook: https://www.facebook.com/davidbombal.co

TikTok: http://tiktok.com/@davidbombal

YouTube Main Channel: https://www.youtube.com/davidbombal

YouTube Tech Channel: https://youtube.com/channel/UCZTIRrEN...

YouTube Clips Channel: https://www.youtube.com/channel/UCbY5...

YouTube Shorts Channel: https://www.youtube.com/channel/UCEyC...

Apple Podcast: https://davidbombal.wiki/applepodcast

Spotify Podcast: https://open.spotify.com/show/3f6k6gE...

apple

ios

android

samsung

exploit

exploit development

windows

linux

exploits

zero days

zero day

0day

1day

hack

hacking

hacker

windows kernel

windows kernel exploit

linux heap

linux heap exploit

reverse engineering

reverse engineer

reverse exploit

red team

red teaming

binary diff

binary diffing

#android #ios #linux