Get Proton VPN for free: davidbombal.wiki/protonvpn4 Big thanks to Proton for Sponsoring the video! Time waits for no one ... don't wait... start your journey today. Gavin shows us that being young is no barrier to entry. No matter how old or young you are, start learning today and change all your tomorrows. // Gavin's SOCIAL // Twitter / X: twitter.com/atomiczsec Discord: discord.com/invite/VNYsP6zVjg GitHub: github.com/atomiczsec KZread: kzread.info/dron/O3HJD9va6b2gJSZyxLxExg.html // David SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal KZread: www.youtube.com/@davidbombal // MY STUFF // www.amazon.com/shop/davidbombal // MENU // 00:00 - Coming Up 00:40 - Sponsored Section 01:35 - Intro 01:41 - Gavin's Backstory 03:56 - Bug Bounty 08:16 - How Gavin Learned Hacking 11:47 - Insecure Direct Object Reference (IDOR) 14:21 - HackerOne 14:58 - IDOR Example 18:11 - Informantion Disclosure 19:01 - Business Logic Errors 21:50 - The Race Condition 22:34 - Gavin's Advise for the Youth 24:47 - Gavin's Learning Process 26:54 - Favourite Payloads 29:14 - Gavin's Journey 34:42 - What Can the Next Genereation Offer? 36:44 - Can A.I Help Write Reports? 39:19 - Last Advice 42:02 - Conclusion 42:38 - Outro // Detailed Timestamps // 00:00 - The discussion opens with thoughts on how the world has evolved, offering new career paths like gaming and hacking, especially for the younger generation. 01:09 - Proton VPN sponsored segment. 02:07 - Gavin recounts his early hacking endeavours and the support he received from his school's computer lab teacher. 03:01 - Gavin talks about his first major security discovery and the financial reward he received for it. 03:49 - Gavin's journey into bug bounties is highlighted, marked by self-learning through KZread and hands-on practice, bypassing formal courses. 04:39 - Talk about the financial benefits of bug bounties for young hackers and how Gavin profited from this avenue. 05:02 - Gavin recalls discovering a security flaw in high school and the $1000 bounty he earned from it. 08:05 - Gavin talks about his interests in cybersecurity beyond hacking, including collaboration with Jakoby on bad USB payloads. 09:49 - Gavin provides examples of vulnerabilities he explored, like IDORs and business logic errors, and shares hunting strategies. 11:58 - Gavin demonstrates a vulnerability in a calculator site, revealing personal information access. 12:08 - Discussion on business logic errors in cybersecurity, with Gavin sharing his experiences and tips for identifying and exploiting these issues. 13:17 - Gavin explains how he found a bug in a trading platform simulation, leading to an infinite virtual money gain. 14:27 - Gavin describes exploiting a race condition in a team management platform to bypass member limits. 16:14 - The discussion shifts to networking in cybersecurity, and Gavin highlights the role of platforms like Discord and Twitter. 17:45 - Gavin credits Cosmodium and Jakoby for aiding his cybersecurity journey and stresses networking's importance. 19:08 - Gavin discusses using AI tools like ChatGPT to improve bug reporting and communication skills. 21:37 - Conversation about career evolution, the significance of following one's passion and skills. 22:06 - Gavin talks about his learning and networking approach, along with active participation in the cybersecurity community. 26:41 - Gavin discusses the advantages his generation has with technology familiarity and the challenges of being young in cybersecurity. 27:27 - He reflects on his experiences and the importance of effective communication in gaining respect. 28:08 - Gavin expresses gratitude towards his parents and advises the younger generation to follow their passions. 28:50 - He talks about the significance of networking and building connections in the industry. 29:32 - Discussion about Gavin's strategy for connecting with established figures in cybersecurity. 30:10 - Gavin reflects on overcoming age-related barriers in the industry through skill demonstration and dedication. 31:33 - Gavin speaks about the benefits of being raised in a tech-rich era and the need to blend traditional and modern learning methods. 32:16 - He acknowledges his parents' role in his journey and the importance of supportive family environments. 33:44 - Gavin advises young cybersecurity enthusiasts to persist, learn continuously, and embrace practical experiences. 35:10 - The interview concludes with Gavin expressing optimism about the future of cybersecurity and encouraging exploration in the field.

@ApolloHackerz

5 ай бұрын

cool thanks for creating this channel

@SEYIDMOHAMEDELKORY

5 ай бұрын

hi Mr David I really hope you see my question and answer it. I feel like Infos related to security stuff is not available to the public, even in universities. also almost all books are a kind of wasting time So we need you to give us real resources we can learn from and thanks in advance.

@memesaregreat8815

5 ай бұрын

Im planing to buy fliper and i gave questions Can ti copy nfc rfid tags that are protested

@melorca1962

5 ай бұрын

Hi David, would you like to make a video about the spying on mobile phone push notifications? Bruce Schneier had a blog post recently on this titled "Spying through Push Notifications" as did the French developer David Libeau. According to Libeau a "user can also completely deactivate push notifications" but he does not elaborate how. Would like to understand more about in what cases these are used and how users can deactivate them if desired.

@Berto52

4 ай бұрын

send me a link of of the appk I love to become a

I like that David Bombal asks all the questions in our minds, that we would ask the interviewed person

@davidbombal

5 ай бұрын

I try my best to do that 😀

@sep1ol

5 ай бұрын

@@davidbombal youre great at your work man. thanks a lot, seriously :)

@ZakariyeMaxamed1

5 ай бұрын

​@@davidbombalYou did well

@Napskarajan

4 ай бұрын

It's called the interviewee

@lettry2630

3 ай бұрын

He’s priceless!!

Enjoyed this. I've worked with someone similar locally. Meet this teenager at a thrift store buying all the wifi routers. He was interested in finding their serial port exploits. Told him about 2600 and pen-testing then he found an SQL injection issue with a grocery store POS. Ten years later, he's quite a young entrepreneur. Thanks for the conversation gentlemen.

I actually love the way Gavin and I have a similar story. I was also introduced to Kali by my Computer Lab teacher back in highschool and after seeing my potential, he would give me challenges to try and break the labs network. I owe him a lot and am greatful to him.

@davidbombal

5 ай бұрын

That's fantastic! A great example!

@ShinigamiAnger

5 ай бұрын

It's great to hear that there are teachers like those. Back in the days it was literally the opposite for me, they went crazy mad if they caught me doing anything different from what they were teaching. Funny thing is i was in a school with an experimental program that focused on IT, programming, networks; but they turned to be very basic and any deviation, any aspiration of doing more and better was literally punished. I couldn't show my own reasearch that went beyond what they were teaching, which i found easy and boring, they discouraged experimenting in any way and the labs were boring as hell, like just using the office suite "because this is what you will actually end up working with". All of that didn't stop me, maybe it motivated me even more. Kali didn't exist yet, not even backtrack. I customised a slackware distro and wrote some tools on my own. I then had some fun.

@markb4168

5 ай бұрын

i wish my computer lab teacher knew anything more than Excel lol....i started with NetSend.....talking to friends while he *taught simple equations lol. Went to Netbus...To Vb, making aol n aim progz...To C++ to Java..... modified my school districts webpage....and got kicked out lol. Everything happens for a reason tho. ...Gavin is a prime example of the future. His thought process and motivations are exceptionable and commendable. ......my WinNt Excel "teacher"....not so much. I envy those who had a Real computer lab teacher. Someone who actually knew something and appreciated it.....though, that might be what pushed me more to learn. i dunno. Times change, people change. I stand firm, Hack The Planet.

@tagret2051

4 ай бұрын

Get a room

@tajayjohnson3499

4 ай бұрын

Can u teach me ?

Thanks for the shout out Gavin! Love seeing you share your incredible story; big things ahead homie🤙🏽

@Da1deonly-ip8nj

5 ай бұрын

Yo bro love the vids

@CosmodiumCS

5 ай бұрын

@@Da1deonly-ip8nj glad to hear it! More otw🫡

Great job, atomic (Gavin)! Great to see you up here in an interview with David. Trickest has a free community license, for those that want to try it.

This is so motivating. Thanks David. I loved the part where he mentioned he is so addicted to this. I can just imagine how he felt finding his first vulnerability. This gives me hope for myself.Thanks David...

What a great interview. He's 18!! I just turned 29 and currently between jobs and looking for new position in the IT world(Did my cisco CCNA and 3 years of school at 25) Been having a hard time formulating myself at interviews like this dude do. I'm actually taking notes for the later part of the interview, I see a lot of myself in this young man. I'm gonna start bringing notes for interviews, instead of stumbling or having short answers. Usually I just come in empty handed in a polo, can be fucking hard out there.. ANYWAY good stuff David!

@Giizk

5 ай бұрын

This is very motivational stuff David.. Really appreciate your work

This was an amazing interview, David! In my 20s, I need to push myself and keep on learning and trying new things.

This video is inspirational. I greatly appreciate Gavin's story and insights, especially the power of tinkering.

This was a really great interview. I never would have found this channel if it weren't for my interest into tech and taking informatics fundamentals in my local community college. Now I want to learn more about tech but I think I can do that with my General Studies path since most jobs are requesting for experience rather than degrees. Would be smart of me to learn tech on the side while I am working on my General Studies to develop a skillset not known for comp sci majors. Thank you David for being an inspiration and for this awesome interview with a brute force learning teen!

@tajayjohnson3499

4 ай бұрын

Can u tech me?

David, you never dissapoint with the guests and the topics. Just perfection! Love your content.

Congrats on your success Gavin. Remarkable to say the least. And thanks to you David on your choice of guests on your videos. Cheers to both of you. RR

Well said David. The world is so very different from when we were younger but this means new opportunities and a brilliant future for those just getting into the space! Great job Gavin you have an incredible future and can't wait to see how you change the world for the better and continue to inspire the next Generation of Cyber pros!

So proud of Atomic! Thank you David for this awesome interview!! I would love to see more interviews or projects with Atomic!

When I went to college my friend and I from highschool (who also went to the same college) bundled out knowledge. He was into phreaking and I was into cracking and we both had a passion for electronics. When we went to college the college was really accommodating to our endeavors. We could use the phones and we called BBSes for free to download the latest CAD/CAM software that I then cracked. At some point I broke the NetWare network by having written a keyboard sniffer that I installed on every PC. And I checked each PC of supervisor had logged in. (I did a video on that code that I still had). The school was all about exploration and learning and the science was documenting it and suggesting ways to circumvent it. When in 1992 the Dutch telephone introduced new calling cards the school rented one of those machines and we set out to reverse engineer it with some other students.

Awesome to see this dude using his skills in a positive way. What a great young man! Awesome interview!

@atomiczsec

5 ай бұрын

Thank you!

Great job buddy! You crushed the interview and I know I can't wait to see what else u get up to!

Great interview, really inspiring. Also enjoyed his bug bounty tips and anecdotes, really interesting stuff.

Dang man awesome job. You are defiantly on track to a successful infosec career. Keep up the good work brother.

Great content as always. Have to say this. Our host is obsessed with the topic of age. How old ? is a very common question asked by Mr. Bombal on most of his vlogs. Serves for some added entertainment. Nevertheless one of the best cyber security channels on KZread.

Truly inspired David! Thank you!

Really liked this interview, I too am of the boomer mind set and listening to Gavin articulate his generation continues to help me understand. My son is 18 and loves everything about computers, from architecture to gaming to programming. I am going to have him watch this interview. I also loved how he said he isn’t “Hollywood”. Just awesome. Thanks David and Gavin.

Kudos to Gavin for his accomplishments at such a young age. But anyone can learn at any age as long as they have the interest and drive to do so. As for David, I think I remember you from way back giving IT classes in Kinkos. Remember Kinkos?

@ultimatewalker4281

5 ай бұрын

Interest,drive and background. For example, his parents supported him and it's a huge thing. At the age of 13 some parents still won't support

Need to throw in there OWASP Top 10. Great thing to categorize these vulnerabilities and understand differences. Thanks again for a great video!

"Digital natives" nice term, i think we need the concept of digital parenting too which is separated from the irl parenting stuff rather than preventing kids from using iPad, this kid has a good mindset too, most kids his age nowadays do a lot of unethical hacking like ppl stole bitcoin, leaked info of some company project, privacy and so on.

actally i m 18 and just started to learn about cyber security and my friends says to me work on your lesons you have exams stuff like that and i just think like Gavin and i dont have any techer to help me or show any road to starting, i kinda alone but i know internet is here to help me and David here i mean actually i m not alone, i got this and i will do it thank you David and Gavin i really appreciate it ")

so proud of him. i am 40 and waited to do for 20 years but just never do it. its made me want to start training again but i feel like its to late in life. also for 18 he has a good head on his shoulders!!

Thank you for taking effort n interacting. I liked it.

Hey David, There is a typo error where it should be Information disclosure rather than Informantion disclosure. 18:11 Great Content , Thanks !!

So cool! Im just trying to enter cybersecurity at 35 and there is soo many talented and inspiring young people out there!

I was headed down the same path as this young man. But, then I joined the Army and have been working in electrical repair since 2004. Now I am brushing the dirt off and changing to this career at 38.

@atomiczsec

26 күн бұрын

let's get it 💪

I watched this video with my friend chatgpt and got a lot of info in. Thanks David your videos are always informative.

Great video once again David! 😊

5:32 IDOR vulnerability. It was the first bug that I found too :)

As a mid-millenial, I am glad (and somewhat envious) to hear that computer curiosity and desire for tech knowledge is being embraced more. Although I began in 1st grade with the now ancient IBM PC, we only ever had computer class for playing Oregon Trail, Carmen Sandiego and as we got older it was just basic typing or a presentation on PP.

That was a really great episode... Bravo

I learnt a lot from this interview. Thanks David, thanks Gavin🔥🔥🔥

thats my boi Atom!!!!! youre killing it dude i cant wait to see where you end up my dude!

Gavin, all of the best to you, young man. Let no one ever stand in your way. ❤

Always informative and helpful 👍

@davidbombal

5 ай бұрын

Glad to hear that!

OMG excellent David, thanks for this videos!

I am a year older than Gavin and I started hacking (trial and error, just like him) when I was 14. I absolutely loved doing it and still do. I am a cybersecurity major.

What a nice guy. Thank you for sharing the interview.

What I like about you Mr David is that u are very humble even u are one of the best networking person's on world and u always support people who are already involved in networking field and inspire next gen networking students, so thank you 🎉

Thank you so much david!! Can you maybe do more linux tutorial for beginners? And advanced socket programming in python also would be awesome!

@davidbombal

5 ай бұрын

Great suggestions

@eyalshain5244

5 ай бұрын

@@davidbombal thank you! You are the best!

@CallousCoder

5 ай бұрын

Raw sockets is something you should look into and do it in C, because it’s easier to pack the packets.

Thank you. Great interview. There is hope! 🤩

One of the best stories I heard in a long time definitely need more teachers like his

Great interview David, got get them kid, well done Gavin. Couldn't agree more with do what you are good at and enjoy.

Its very nice video, please bring more such young hackers so much to learn😊

im 33 and found it really inspirational. i did kind of given up just with life problems, disabilities and raising four kids alone. I finally got the mindset to push my self to get at it a relearn what i forgot and so on.

@rubiskelter

4 ай бұрын

I was 32 when i got serious with it, its cool, go for it. I have a master's in CS, but its not necessary, although it helps, but definitely not necessary.

Garvin, you inspired me more. Feel like switching my mentor from David to you 🙂🙂

I wish you a lot of succes Gavin!! We need more youth that know what they are doing and put so much affort and live in their hobby without thinking to much about money

Great video with brilliant advice. Go for it !!!!

Thanks for this video!

Prime example that some people just have it, and others dont. Not taking anything away from this kids hard work, im sure hes a very hard worker. but you cant tell me at 15 he put in as much effort as i have in trying to learn this stuff. grown men study for 10+ years to become great pentesters. some people just have it man. I love Davids guests, but I remember Marcus Hutchins coming on this show and saying he was programming since he was like 5 or 6 or somethin crazy like that. cmon man, some people are just prodigys. great interview though, as always. i hope this kid becomes something great, no doubt he will

@tavo.simracing

5 ай бұрын

This is the reality in many facets of life. Some people just have it, and others have to work really hard to get to it. When it comes to racing, there’s a lot of things that I just “get” right away that a lot of people struggle with. When it comes to hacking, I’m finding I’m on the other side. I have to work twice as hard to understand things that seem to come to people so naturally. I truly believe anyone can achieve anything if they put their minds to it and have that passion. Without passion, you can’t really get anywhere.

I've been homeschooling my two kids, aged 9 and 10, for the past year. During this time, I introduced them to basic Linux commands using Kali Linux VM. As we enter our second year, I'm pleased to see that they've developed a solid understanding of navigating and using terminal commands comfortably. Currently, I'm guiding them through the process of creating a virtual lab, complete with a pfSense firewall and Metasploitable VM machine, using VirtualBox. This endeavor is aimed at delving a bit more into the realm of cybersecurity. Looking ahead, my hope is that by the time they reach 15, they will have acquired several CompTIA certifications, setting them on a path ready for the future.

Oh what a fuggin GENIUS. Being young and a hacker xD sooooooo innovative David.

This guy is great! Happy to hear he will be going places!

You know it’s a gonna be a great day when David uploads

Thank you so much David, for this amazing content

@davidbombal

5 ай бұрын

You're welcome!

as a teenager entering into hacking, this is great advice! Just keep going!

My computer lab teacher banned me from the class and stole my then-expensive optical mouse. Props to his.

Fantastic interview, I'd never heard of Gavin before today but for sure he has a very good future ahead of him, seems like a really nice person too not arrogant or cocky. This old dinosaur has just followed his twitter/X

The amount of respect and humbleness in this video is amazing and rare to find these days,

Hi devid, i really want to jump into it, could you suggest me where should I start??

The “other” side remains hidden to most people until it is too late for their own good. Opening one’s mind to it’s existence is crucial especially in this age when most business is migrating online & getting to understand the hardware & software - layers & layers of it & how it can get compromised by their developers not having a “pen-test” mindset & doing sloppy programming. Then there are 0 days, the granddaddy of them all. It is also important to remember that A.I. does not discriminate & it will serve hackers bent on doing damage as well. The question is whether a positive differential between the good & bad sides can be maintained & (hopefully) increased as well.

Very clever guy with the right mindset. He will make an excellent Cyber Security professional.

Brilliant Interview/Podcast Very smart Young man.

hey David! your glass is so pretty! Thank you

Not only is David curious, but he also acts like a bummer 😅. Like when he asks questions he keep his finger at his lips just like when people were scared when asking question. David ur are great out there in these helping us learn things and motivate us. Thankyou sir. 😊

Thanks 🙏 David am so inspired by the story

Fascinating, thanks!

I love this guy this was how I started And it has been a great help to me and those around me ❤🎉😊

Great interview, 👍

Number one cyber security channel ❤

@davidbombal

5 ай бұрын

Thank you very much!

I’m more impressed with the questions David asks 👏👏

What a humble and intelligent young man. Keep it up, mate. Thank you for another great interview, David. Inspirational!

@atomiczsec

26 күн бұрын

thank you!

Amazing thank you for sharing!!!

At 31, with a 127 iq and 2 months of experience; idk if I feel so overwhelmed with this anymore. If he could do it in high school, I think I’ll be ok. I am a single dad with primary custody, but thankfully my dad has been super supportive and extremely helpful throughout all this. I’m quitting my full time job soon, so I’ll have even more time on my hands to figure all of this out. Being an auto mechanic really sucks ass. After a decade, it’s literally gotten me nowhere… I basically consider myself a 21 year old, with a toddler, and 10 years of experience 😂😂😂

as someone the same age as Gavin, this is an inspiration for me to work harder in my field. I'm not even close to his level but I'm going to keep pushing especially after high school.

Such an inspiration to us young people.

one of the best interview ever.

Boss, could you please create a comprehensive video series covering advanced topics such as advanced time based blind SQL injection injection, XSS, LFI, RFI, and RCE, including the process of uploading web shells on Apache and IIS web servers in live website scenarios? Traditional platforms like test.vulner, DVWA, bWapp, PortSwigger, etc., fail to address real-world challenges like identifying origin IPs, DNS brute force attacks, reverse IP lookups, WAF/IDS/IPS circumvention, AWS/CDN/Tor, reverse proxies, and CMS security 🤙. Your unique content would be invaluable in educating the bug bounty hunting community about genuine issues and solutions. Thanks in advance for your contributions to the community.

Not going to lie, I'm a little jealous...here's why. My teachers wasn't the best to me, to the point. If I was to do what he did, I would get into big trouble and wouldn't be supported like that.😭😕 Just saying, I'm not much older than he is...and I pretty much just started. I'm about a year into learning this stuff, and in my head I've (solved)...more like, how more experienced people could go about it. So pretty much a different outlook on things.😎 It could be just a lack of confidence in myself, just because I don't know how to go about explaining it, outside of my brain.😅

For me, I delved in to hardware of pc way before the software and hacking stuff. Many many decades ago.

so much inspirational

This was a great interview

Using 4G/5G from my phone with VPN (full tunnel). In worst case scenario I spinup an isolated VM with a virtual USB port bound to a Wifi adapter connected to an non-trusted wifi and again with full-tunnel VPN. 3rd option is just use Tails from a USB stick (with or without persistent storage).

Hopefully, I can influence my son to follow me into cyber security. Get him started early with little fun projects for kids, then get him into Bug Bounties as a teen.

Hey David i would wish to know if it possible to install a change the android os on phone. Like we do with computer os. Upgrading or changing.

This kids teacher did exactly what he was supposed to do

Nice interview ❤

as a kid who started messing with kali Linux in 5th grade, and am now in 8th grade, I respect this man!

@tajayjohnson3499

4 ай бұрын

Hey can you teach me ?

Bravo very inspirational

Hi David. Awesome video. I have a question, have you ever interviewed someone who struggles a lot to get into cybersec? I appreciate the content and POV that skilled tech people provide but I feel they have some "advantage" due to situations or people around them. Maybe I am overthinking the entry process, but I would like to know if someone is into cybersecurity but had to deal with doubts or lack of opportunities during their journey into cybersecurity.

@cbesc

5 ай бұрын

The advantage is curiosity. You can do it.

@babahaze

5 ай бұрын

only rich people are allowed.

@cbesc

5 ай бұрын

@@babahaze excuses

Its hard when your constantly yelled at when you break something

im just diving into the tech scene and i think i wanna study some red team stuff i did a free class on the basics on coursera but were would igo after

Thank you sir your video is really helpful 😊😊😊

21:20 Please corect me If I'm wrong ,but I say that the front end couldn't accept numbers below 0 but in the same time if u gonna go deep in the source code u could do negative numbers and that's whay u could do that ,also is a back-end problem cuz there is no negative numbers and automatically gonna set it to 0+