To help more people become penetration testers, Kim Crawley and Phillip L. Wylie wrote The Pentester BluePrint: Starting A Career As An Ethical Hacker. 

In this episode of The Hacker Mind, Kim talks about the practical steps anyone can take to gain the skills and confidence necessary to become a successful pentester -- from gaining certifications, to building your own lab, to participating in bug bounties and even CTFs. 

How do the current DMCA laws impact those who hack digital devices? And why doesn’t the basic right to repair our devices extend into the digital world?

To answer these questions, Paul Roberts, Editor-in-Chief of The Security Ledger, has founded securepairs.org, a group of infosec experts who are volunteering their free time to fight for the digital right to repair in local legislation. In this episode of The Hacker Mind, Paul talks about the consequences of not paying enough attention today.

Capture the Flag is a game, a community, and a really cool hacker culture. But will we one day stream CTFs like we do World of Warcraft or League of Legends?

Whether it’s designing or just playing CTFs, John Hammond knows a lot about the gamification of infosec. He even has his own YouTube channel where he shares what he’s learned from different challenges. In this episode of The Hacker Mind John shares his experiences building and executing his own CTFs.

After breaches like SolarWinds, companies pledge to improve their digital hygiene. What if they don’t? And what parallels might infosec learn from COVID-19?

For three years OpenWRT had a severe validation problem with its download package manager, until a fuzz tester found and reported the vulnerability.  

In this episode, Guido Vranken talks about his approach to hacking, about the differences between memory safe and unsafe languages, his use of fuzz testing as a preferred tool, and how he came to discover the validation error in OpenWRT, as well as a serialization error in Cereal, and other vulnerabilities. 

For two years Heartbleed was a zero-day in OpenSSL until fuzz testing exposed it. How many others are in the wild now? And how will we find the next one?

In this episode I talk about how Heartbleed (CVE 2014-0160) was found and also interview Rauli Kaksonen, someone who was at Codenomicon at the time of its discovery and is now a senior security specialist at the University of Oulu in Finland, about how new security tools are still needed to find the next big zero day.

You’ve probably heard of bug bounties. But did you know there’s an elite group of bug bounty hunters that travel the world? Meet Stok; he’s one of them.

While digital polling booth devices are more secure today, what about the larger ecosystem, starting from the moment you register until your vote is counted? Who’s keeping those systems secure?

In this episode of The Hacker Mind, Dr. Jared DeMott of VDA Labs talks about his work securing voter registration tablets and also about the prospects for downloadable, safe voting applications on your preferred mobile device in the future.  JBSA5E9aNj9D6pkOTI7p

In 1994, the first commercial internet browser was released. Netscape Navigator went on to be eclipsed by Internet Explore, Safari, Firefox, and now Chrome, but it helped kick start the internet-focused world we live in today. And along with that we’ve also learned a lot about browser security.

No matter how strong we build our browsers, that does not prevent hackers from trying to break new things. In this episode, one researcher explains how he successfully escaped the Chrome sandbox, and how bug bounties might just be a good thing resulting in better security for us all. 

If you think hacking only involves the use of a keyboard or code, then you’re probably missing out. What about using light? What about using sound?

In this episode, The Hacker Mind looks at some of the work Dr. Kevin Fu has been doing at the University of Michigan -- in particular using laser pointers to pwn voice-activated digital assistants, and using specific frequencies of sound to corrupt or crash magnetic hard disk drives.