I'm disabled and teaching myself bug bounty and web security so in a year or two i can make some extra money from home. I've got so much help from both of you., David especially from you and the pros you have on your channel ;-)
@@ethanfarnsworth4420 Thanks for asking Not yet, i had to start from 0 i didn't even know the terminal or Linux so as of now I'm concentrating on BB so i can get started on that and then I'll keep going on the security side of things since it's more targeted learning :-)
thank you rana for being the only guest on this show to have the courrage to give us a real roadmap. all the others were scared to say anything but you actually gave us what we needed to know . best roadmap ive ever seen .
I worked with Rana at my current job before she went off on her own. She was really great. Was really surprised and pleased to see her on your channel.
It's great that a person like Rana shows that you don't have to be a cyborg starting at the age of five to be in cyber security. Rana thank you very much for the material!
Whoah! A Practicing Muslimah who is also a Pentester. I'm mind blown! Thank you, David, for putting together a good range of people from all walks of life who is doing Cybersecurity. I'm stoked!
Your unwavering commitment to help people on their cyber security/penetration tester career path is undeniably the best have ever seen . Thank you and with your contents , I am proud to say I have found a good path and road map the best routes to my cyber security journey . Thank u!
Rana is a good listener. She listens and waits for david to finish his questions then answers clearly on what was asked Thank you for this interview David and Rana
This is outstanding. I really appreciate the fact that many of us have organically had to fight to learn this information and you have streamline this. I will absolutely be paying this forward. ❤❤❤❤ Thanks to the both you. Hopefully in the future I can contribute further.
David thank you a lot for lettin me know about Rana and her youtube channle and website. i feel like even thanks word not enough to you for how you let me know about more ppl that i need to learn from.
Wow. In this video price for Rana's Academy course USD 29.99 and now I have checked the site and it went up to USD 129! So price went up 4x in less then a year 🤔
Thank you for having Rana on your video. I was on the fence on whether to start studying for the OSCP. Thanks to your specific questions and Rana's exquisite info and insight from her relatable experience, I'll be making a game plan to tackle this certification 😊
Hey David ; You are the best teacher I've ever learnt from please consider making and showing us something related to exploit development!!! Lot's and lot's of love from India ! ❤️💗❤️
This is your path to becoming a Pentester in 2023. The best courses and best cert. Big thanks to Rana for answering so many of your questions! Thanks for the cool Solar Generator Jackery! Official Jackery website: USA: jackery.com/products/solar-generator-2000-pro?aff=116 UK: uk.jackery.com/products/solar-generator-2000-pro?aff=116 Amazon: Amazon USA: amzn.to/3zEw5EN Amazon UK: amzn.to/438Dt9b // Menu // 00:00 - Coming up 00:38 - Sponsored segment 01:48 - Get for Free (or 50% off) Rana Khalil's Academy courses 03:43 - Rana Khalil's background 04:53 - Preparing for the OSCP 07:04 - Best Pentesting courses - roadmap to success 10:54 - Prerequisite knowledge needed to become a pentester 12:00 - 3 Skills you'll need 14:57 - Is basic scripting enough to become a pentester? 15:56 - Do I need a degree or certifications? 18:15 - Is the OSCP required to become a pentester? 22:27 - How to get pentesting experience and landing a job 28:25 - Balancing social life // Take your time 32:14 - Path to OSCP // Recommendations 33:48 - Bug bounty // Portswigger Web Security Academy 35:51 - How to get into the right mentality 38:29 - Conclusion // Rana's courses // Free Web Hacking Course: ru-vid.com 50% OFF Web Security Academy Course Code: DavidBombal500FF Academy: academy.ranakhalil.com/ 8 hour SQL Injection playlist: ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-1nJgupaUPEQ.html // Previous video // Broken Access Control: ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-WqbrB12Jvgc.html // Rana's OSCP journey // rana-khalil.gitbook.io/hack-the-box-oscp-preparation/ // Book Rana Recommended // Web Application’s Hacker’s handbook 2nd Ed by Dafydd Stuttard: US Link: amzn.to/3J90wZa UK Link: amzn.to/3J7H2UT // TCM-Security Course Discounts and Affiliate Links // Get 25% off courses and 10% off PNPT with coupon code: BOMBAL2023 Practical Ethical Hacking: davidbombal.wiki/tcmpeh Windows Privilege Escalation for Beginners: davidbombal.wiki/tcmwpe Linux Privilege Escalation for Beginners: davidbombal.wiki/tcmlpe Open-Source Intelligence (OSINT) Fundamentals: davidbombal.wiki/tcmosint The External Pentest Playbook: davidbombal.wiki/tcmepp Movement, Pivoting, and Persistence: davidbombal.wiki/tcmmpp Python 101 for Hackers: davidbombal.wiki/tcmpython Linux 101: davidbombal.wiki/tcmlinux Practical Malware Analysis & Triage: davidbombal.wiki/tcmmalware Mobile Application Penetration Testing: davidbombal.wiki/tcmmobile Python 201 for Hackers: davidbombal.wiki/tcmpython201 Practical Web Application Security & Testing: davidbombal.wiki/tcmweb Practical Windows Forensics: davidbombal.wiki/tcmwinforensics GRC Analyst Master Class: davidbombal.wiki/tcmgrc // TCM-Security Certifications // certifications.tcm-sec.com/?ref=36 If you are current/former military, students, teachers, and first line responders (doctors, nurses, EMTs, etc.) you can get 20% off TCM certifications. Email support@tcm-sec.com for that discount if you qualify. // Tib3rius courses // - Windows Privilege Escalation: www.udemy.com/course/windows-privilege-escalation/ - Linux Privilege Escalation (Tib3rius): www.udemy.com/course/linux-privilege-escalation/ // IPsec // Recommended RU-vid channel: www.youtube.com/@ippsec // Rana's SOCIAL // Twitter: twitter.com/rana__khalil Academy: academy.ranakhalil.com/ RU-vid Channel: ru-vid.com Medium Blog: ranakhalil101.medium.com/ Rana Intigriti Interview: ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-stXkOBZsNYo.html&ab_channel=intigriti // David's SOCIAL // Discord: discord.gg/davidbombal Twitter: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal // MY STUFF // www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only.
hi i have a doubt .... what would happen if i use same SSID and a different password.i mean, is there a way to deauth a client from a Wifi and when person tries to login he select my Wifi router (with same name as his) and enters his pass and i capture the pass entered by him. immediately i disconnect my router and his wifi auto-connects to his own endpoint. allowing me to steal a password.
I managed to install linux on old phone using termux but is it possible to add something like ft232h or raspberry pi pico to make it something similar to raspberry
Hi David been a fan of your channel for a few months now I have no experience with this stuff at all but I am a victim of ddos attacks for quite some time now im getting no help from my isp and police i don't know what to do anymore I've been pcap files from wireshark but don't have experience to use it to figure out where my attacks are coming from
I got my eCPPTv2, my eWPT, and a handful of other certs, but no one even looked at my resume until I got my OSCP. The training from INE was way better than the training from OffSec by a long shot, but if you are trying to get hired to get hands on pentesting experience, OSCP is almost an industry requirement. Also the HTB CPTS is amazing as far as training goes. And if you put in some effort on HTB there are actually job boards that you can apply to once you reach a certain ranking in HTB.
Great questions were asked in this interview! At times I felt like you were reading my mind in terms of what I would ask her if I was conducting the interview. Thank you so much for making this!
Just purchased Rana's Web Security Academy Course. I have been watching the course on you tube, but now I have access to all the material in one spot and no adds. Thanks for the discount code. and thank both of you for all you have and will do.
Hey David, I love your description of the generator. I could not stop smiling listening to your description. As a Liberian, I can relate to that generator feeling. Thanks for all the information. I'm new to cyber security. Therefore, hope to learn as much as I can . Thanks be bless !
Quite informative video. I like it. It’s made me even more confident that I am on the right track towards OSCP by starting from the PNPT. Thanks David Bombal. Thumbs up 👍🏻
Such as a smart and articulate young woman. She is an example of what many should be no matter what field they are in. She is a great role model to men and women alike.
Love the precise questions. A full roadmap on how to become a pen tester is great! Could you please do some videos centered around Cybersecurity and AI. I think AI and ML are playing a huge role everywhere, including in cyber. How can folks get into AI via cyber? And if you have AI/ML, then we also have to think about cloud and cloud security, how does that fit in to the equation? What sort of roadmap would you suggest? As always, thank you for your awesome videos!
Thanks a lot, David for making this video and introducing Rana Khalil to us, It was a pleasure to know her. I took notes for all suggestions and web pages we can benefit from. Thanks to her as well. I am new to this field and want to nail it in the upcoming years!
Such a valuable information by sharing rich experiences and deep knowledge from Rana. Rana, you are such a great teacher. Thanks a lot David, I am a big fan of your video series!
I have seen few of your videos and always wondered if this is South African accent. Great to see fellow Saffa doing great things. This was great interview and also at older age and being developer now for 10 years I want to get into cyber security and also get the youth around me into this. The lady was great resource and so greateful to get knowlegde from someone you can see is passionate about what she does. Keep up the good work both of you and thank you
Great video, David! I was wondering if you could consider making a video on terminal-based chatting like we see in Mr. Robot. It would be really interesting to see how to use tools like Netcat and SSH for secure communication over the internet. Thanks for all the amazing work you do!
Thank you David you always bring the best content for us and Rana still one of the best in this community✌, thanks for her to sharing this informations very very helpful😍. Thanks again and wait my comment after a year to celebrate the success together 🙏
This a really great tutorial with awesome content. I had already a list of resources to crush the OSCP exam but like Rhana says : is better to absorb all the knowledge and develop your own methodoly in learning to pentest and not only passing the exam. Thank you @David for the tremendous work you do. Much appreciated.
That's a great to share the path 🚶 . That we help us. Thank you David Sir ❤ ! For approaching different persons and sharing their methodology with us...!
I remembered when this video came out , that was the first time I heard about TCM-Sec . Is funny how my life and knowledge has changed ever since . Quality and this was and still a great content . Bravo
Interesting, I had watched her first video with you but I did not record her name in my memory. Recently I started listening to a bunch of cybersecurity/hacking/infosec podcast, one of them being Getting Into Infosec. I started with the last episode, which is episode 43, with none other than Rana Khalil as a guest! I'm beginning my journey into transitioning from being a warehouse worker into IT, and eventually want to work in infosec. I love all your content, and these video are very helpful! Thank you and all your guests for your contribution!
OSCP from outside without touching Learn Linux Learn Windows Learn Network (Windows and Linux Commands) (Currently following the CCNA course from David in Udemy, because I'm not able to understand the network completely) Learn NMAP Learn Proxychains for pivoting the network, being able to work with 3 or more NICs (network from CCNA) Learn Exploitation (Metasploit isn't allowed, I guess, you have to learn it to exploit manually, more research more understanding, but in real-world I'm going to use the Burp/Metasploit and other tools because its real-time pentesting, thinking as a black-hat hacker) Make it persistent in Linux and Windows (maybe a little python/bash/PowerShell here) Remove Logs Thanks to Heath I can understand what is happening and what to do.
Grate video Mr.David, am in uganda i don't have money to buy most good courses but having access to free good content like these have put me fur in my journey , now am good in linux and more IT fields, is joined many labs to practice and i believe soon i will be good in pentest, now am on privilege Escalation. #HTB posted this on twitter, "having certs don't make you a pentester but your curiosity will do"
Always a pleasure watching your videos and your guests are always very knowledgeable and informative,the one person I'd like to see colab with you would be Chris Hadnagy ,and I hope that in the future I will be able to click on that link ,it all starts with a good osint and social engineering :D Thanks for everything David !
Yeah I was right all along my journey, I did followed and learn TCM courses and from there it was a great foundation that I gained, so if you're into pentesting I really recommend TCM especially the PEH. Cheap n affordable so if you're reading this go enroll yourself. Happy hacking!!
I heard about cyber security during covid. I started a degree in cyber security and quit 3 weeks later. Instead, I taught myself for free online and had a job by the end of the year. People don't believe me that I started on $100k as a penetration tester without any certifications or qualifications, but its true. I never had any IT or computer experience before I started learning. I have offered to teach people everything in a 3 month intensive course but I realised how hard it is to tell someone they can have a job with $100k without any qualifications, they just dont want to know or believe its true. An entire career in 3 months... I have qualifications now btw. The company I work for paid for any certifications I wanted
thanks david thanks rana it was a great video !! i was lost in my mind (cyber security career) today and this video give lot of inspiration motivation and of course precious informations AND YEAH THE CYBER MENTOR'S COURSES ARE AMAZING