Yo David, just wanted to thank you for the free courses on Udemy! Being from Bangladesh 🇧🇩 it is difficult (not impossible) for us to make international transaction legitimately through a bank. So, your free courses are kinda life saver!!! So thank you very much!!!
Menu: 0:00 ▶ Pretty sketchy stuff! 0:37 ▶ Welcome John Hammond 0:53 ▶ Don't divide cyber in your mind 2:00 ▶ John's day job 3:17 ▶ Hacker's crafty methods 4:02 ▶ Will AI take jobs away? 4:55 ▶ How do I become like you? 5:35 ▶ Windows is very important 6:12 ▶ Malware vs CTFs 6:32 ▶ Is Malware mainly on Windows systems? 7:28 ▶ Always comes back to the same thing 8:50 ▶ Practical Example 9:29 ▶ John's setup 11:42 ▶ Python malware example 12:50 ▶ Malware code 15:50 ▶ Bad guys can sell this information 16:30 ▶ But this is in the clear? 17:14 ▶ Obfuscated version 18:28 ▶ Real world? Don't want to touch disk 19:50 ▶ How do I find this stuff 20:58 ▶ Weird Spam SMS messages 21:30 ▶ Real World: Finding malware 23:42 ▶ John's real world company example 24:20 ▶ Real world logic to find malware 25:23 ▶ Detectors 25:48 ▶ Hunting malware 26:25 ▶ Use your eyes - don't trust an automated systems 27:15 ▶ Input from other systems 27:49 ▶ How do I become like you? 28:00 ▶ What kind of skills would you look for in a person to get a job 29:24 ▶ Look at malware sites 30:15 ▶ Build out a library 30:38 ▶ David pushes John for a job on LinkedIn 33:05 ▶ How did John get his job? 33:30 ▶ Use social media 34:31 ▶ How John got his first job 35:55 ▶ It's who you know, not what you know 36:30 ▶ How John got his current job 38:19 ▶ Would you hire someone with certs; or someone you know 39:50 ▶ Windows bat script example 45:08 ▶ Which languages does John know 45:38 ▶ How do you know if it is good or bad code? 46:45 ▶ Office Macros Malware Example 50:40 ▶ Cool Linux command 51:26 ▶ Is this a good job? Are there lots of job? 52:30 ▶ What hours do you work? 53:31 ▶ Any books you recommend? John Hammond Playlist: davidbombal.wiki/johnhammond ================== Web Sites mentioned: ================== Use at your own risk: vx-underground: twitter.com/vxunderground theZoo: twitter.com/vxunderground Malware Bazaar: bazaar.abuse.ch/ Joe Sandbox: www.joesecurity.org/ Any run: any.run/ VirusTotal: www.virustotal.com/gui/home/upload ====== Books: ====== The IDA Pro Book: amzn.to/3DtEATW Black Hat Go: Go Programming For Hackers and Pentesters: amzn.to/3gISKa4 Black Hat Python: Python Programming for Hackers and Pentesters: amzn.to/3ta50FH Python Pocket Reference amzn.to/3mQPME2 Linux Pocket Guide: Essential Commands: amzn.to/2UWBwya Regular Expression Pocket Reference: amzn.to/3gJoP1f Linux Basics for Hackers: Getting Started with Networking, Scripting, and Security in Kali: amzn.to/3Ds22Rq ================ Connect with me: ================ Discord: discord.com/invite/usKSyzb Twitter: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal RU-vid: ru-vid.com ================ Connect with John: ================ RU-vid: ru-vid.com Twitter: twitter.com/_johnhammond LinkedIn: www.linkedin.com/in/johnhammond010
David Sir.. I am a student. I want to start my career in cybersecurity specially bug bounty hunting. Please 🥺 suggest me how do I start my journey in cybersecurity. Please 🙏 reply 🥺
These “old” videos are so under utilized by people trying to get into the industry, this one is a GEM. Seeing where the people I look up to were a couple years ago is super inspiring! One of my favorite parts about both of you is your pursuit of learning, thank you for creating!
David you are the best of best. It is hard to find someone like you, who gives amazing courses for free and all these video tutorials. As a cyber security undergraduate, I'm really thankful to you for all your efforts. Wish you best of luck Dav. ❤️💯
There's always great content on this channel. I went from Help desk to Network Admin to Security admin to IT manager from this channel. Thank you for providing these things to us.
Thank you so much for covering this. I’m on my own journey of getting into cyber security, and have been growing a big interest in malware analysis. I’ve asked around and no one knew what I was talking about. Was getting really discouraged, thanks!!!
Really useful, thanks. As a teacher trying to find work, it was almost difficult to have something to show to potential employers. But as a security Analyst maybe working towards malware analysis - really interesting that John mentions being so out there in the community actually being useful for job hunting. But then I'd have to be careful of NDA and make sure I don't do anything that might put me at cross purposes with my current employer.
David, your questions were perfect. Actually, those were the questions I would like to ask him, because I see John as an example to me. So, thanks for that. Great job. And John, you're a monster!!!! :)
What I like about David Bombal is that he is here, on RU-vid, to learn and to teach. I really passionate about cybersecurity and you can really tell that he wants to learn. Respect!
Hey David Thanks Man this interview was really very helpful for me i live in india just passed my Diploma in Computer Technology. I am following you since from last 6 months i just watched whole video without skipping anything it influenced me more to learn. Best wishes again David .🔥
Tnx sir I watched full video . You are trying to help more people who r financially down. Great job sir tnx 🙏🙏🙏🙏 Love from Tamil Nadu India 🔥🔥🔥🔥👍👍👍👍🙏🙏🙏
Great interview, and so much info. Thank you David. I loved the way John broke down the powers hell code in vscode. I find it very useful and smart tip.
@David Bombal Hi David, thank you very much for sharing all your knowledge with special guests!! It helps us all alot in what we are all trying to learn! ^^ 😀
Great to see two of the very best together, it's a request if you can make a video regarding the latest scenarios and situations about "Dark Web" and all kinds of security and prevention methods to stay safe from "Dark Web", also have seen some videos on RU-vid about "Paranormal and Creepy" creatures on "Dark Web" so any relevant videos with proper information on whether they are real or not could be very interesting for all to know and explore
That was a fantastic video. Thanks to the both of you for taking the time to share ed that wealth of information to everyone. Thank you again, I never fail to not learn something from your videos.
Hey, David. I take your paid courses on Udemy just for the reason that you're a great community uplifting power. My sincere appreciation for your efforts. Also, your sessions like this are quite enjoyable. Pls do keep them coming.
Very interesting video! John just touched on how to set up a secure environment to investigate malware. A video with more detail on how to set up a secure environment would be of value.
Astounding work *EXELASUPPORT* - so euphoric you are out there battling these failure. We recognize that ought to do all that we can for save the more settled and the overall people from these contemptible mutts! Approval to YOU!! You merit the Nobel prize for safeguarding us epic up family
Once somebody does Python, they may be finding some enjoyment in working with C++ or Rust or Win32 API in Python using CTypes for the purpose of Malware Analysis. Working "low-level" close to the metal will really help anyone's overall professional skills & and make even better network automation tools because low-level can do things that abstract libraries cant. The Malware Analysis spoke to me with the Win32 API being important in finding viruses in Assembly Language. Also, the free giveaway of Ethical Hacking made the previous hacking videos about Red & Blue team clearer
Interesting to me is videos like this. I’ve actually done the exact same things in my path to becoming a programmer over the years and just for how it was exploring, for fun. So I guess I keep discovering things that I have experience in but didn’t realize that these other jobs existed. Very cool. Loving the content thank you 🙏
Dear David thank you for all the free courses on Udemy. I'm benefiting a lot from these courses.......hoping to repay you back in future LOVE all the way from Sierra Leone...............
When it comes to Malware Analysis always Remember this quote "Documentation is lies ,Source is abstraction but Assembly is the key 🔑 " Hope you get the message
Hi devid it's great video but I waiting for video for WiFi adaptors increase a TX power use a main three factors 1.domain regularly code for a contry,2.hardware like usb port limitetion milliampere power power usb hub for increasing milliampere power and last 3. With wifi adaptor which type of attack we perform like package injection , vertual mobile towers type of bands we scan! Thank you!
I thought I will watch for two minutes switching between titles and here I am writing this comment after the end watching from starting to end without switching 😄. That's how interesting it gets🎉
I feel like it’s hard to name specifics. I’m struggling with this one because it’s exactly what I wanna know and do. As far as a resume… is it C? Python? Assembly? IDApro and other tools? What should actually be on a resume to avoid the trash pile - and if I don’t know it, what specific things do I need to learn and what do I need to be able to demonstrate? Example: TryHackMe is good, but WHAT should I do on there? John showed an obfuscated Bash script - how deeply do I need to know Bash and Powershell? How do I learn to identify and interpret the obfuscation?
Hi David, love your content. I recently gained my ccna cert, wondering what to do next, I've only installed security cameras thus far which wasn't part of the course.. lol
This was a great insight in malware stuff , at least a good content to start with , I would like to thank you both David and John for bringing this to your viewers. However I have one question for both of you here , as john was showing he has collected all those malware samples on his Linux(ubuntu) box , I hope there were no malware detection software like AV, end point security etc. , had that been a case we would have a hard time opening those files in editors and IDEs for analysis, Do you guys agree with me here ? . Since we are not protected in such environment what precaution we should take while doing analysis of these malware samples ? How do we deal with this malware samples in real world environment ? Do we have kind of some isolated environments or sandboxed environment where we analyze these samples ? . if yes , Can you guys pour some light on how to create such environment as a part of one's home lab ?
Omg such an important topic david and John great work guys you are just making hacking with a robust approach . David please say thanks to John from me .
Wow, What a coincidence!!!! just before a while I was searching for malware analysis videos... Also I am david and john's fan boy !!!, so I love this very much ...