Get Proton Mail for FREE: davidbombal.wiki/protonmail2 Big thanks to Proton for Sponsoring the video! This is an amazing collection of books and resources - both free and paid. Big thanks to Jason Haddix for sharing his knowledge to help us learn in 2024! // Books and Resources // Web application hacker's handbook: amzn.to/48sUNYb Web security academy, Port Swigger: portswigger.net/web-security OWASP Web Security Testing Guide: owasp.org/www-project-web-security-testing-guide/ Web Security Testing Guide Ellie Saad and Rick Mitchell v4.2: owasp.org/www-project-web-security-testing-guide/v42/ Real world bug hunting: amzn.to/3TK1mSd Bug Bounty Bootcamp: amzn.to/41DW38B Red Team Field Manual: amzn.to/48ul0pl Red Team Development and Operations: A practical guide: amzn.to/3vez1Jl Operator Handbook: Red Team + OSINT + Blue Team Reference: amzn.to/3vemAgC Tribe of Hackers Red Team: amzn.to/47ef8zv The Pentester Blueprint: amzn.to/3tvA8E6 OSINT Techniques: Resources for uncovering online information: amzn.to/3S6xw9j Evading EDR: amzn.to/3toESeL Attacking Network Protocols: amzn.to/3TEFvv7 Black Hat GraphQL: amzn.to/47gHl8C Hacking API’s: amzn.to/3TzS0Z5 APISEC University: www.apisecuniversity.com/ Black Hat Go: amzn.to/3RXV13W Black Hat Python: amzn.to/3NHFnHo Black Hat Bash: nostarch.com/black-hat-bash Zseano’s methodology: www.bugbountyhunter.com/methodology/zseanos-methodology.pdf Breaking into information security: amzn.to/3TI4n5h Expanding your security horizons: amzn.to/3GU07Iq Wiki Book Pentest living document: github.com/nixawk/pentest-wiki/blob/master/Books/README.md HackTRICKS: book.hacktricks.xyz/welcome/readme Fuzzing lists: github.com/secfigo/Awesome-Fuzzing Sec Lists: github.com/danielmiessler/SecLists Payloads all the things: github.com/swisskyrepo/PayloadsAllTheThings Pentester Lab: pentesterlab.com/ Try Hack Me: Red Team Fundamentals: tryhackme.com/module/red-team-fundamentals HTB Academy: academy.hackthebox.com/ Hacktivity: hackerone.com/hacktivity/overview Vulnerable U: vulnu.mattjay.com/ Grzegorz Niedziela: members.bugbountyexplained.com/premium/ Or kzread.info Sharing what matters in security: securib.ee/newsletter/ Intigriti: www.intigriti.com/ tl;dr sec: tldrsec.com/ Unsupervised learning: danielmiessler.com/subscribe Pentest Book: pentestbook.six2dez.com/ Bugcrowd: bugcrowd.com/crowdstream Trickest: trickest.com/ // Jason Haddix SOCIAL // KZread: kzread.info LinkedIn: www.linkedin.com/in/jhaddix Twitter: twitter.com/Jhaddix Github: github.com/jhaddix Boddobot: buddobot.com/ The Bug Hunters Methodology Live: tbhmlive.com/56 // David's SOCIAL // Discord: discord.com/invite/usKSyzb X / Twitter: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal KZread: www.youtube.com/@davidbombal // MY STUFF // www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 00:00 - Introduction 04:11 - The Web Application Hacker's Handbook 07:16 - PortSwigger Web Security Academy 08:57 - OWASP Testing Guide 12:18 - Real-World Bug Hunting 13:35 - Bug Bounty Bootcamp 14:25 - Red Team Field Manual 16:09 - Red Team Development and Operations 17:24 - Operator Handbook 18:15 - Tribe of Hackers: Red Team 19:14 - The Pentester Blueprint 20:10 - OSINT Techniques 21:32 - Evading EDR 22:28 - Black Hat GraphQL 24:00 - Hacking APIs 26:17 - Black Hat Go 26:39 - Black Hat Python 27:41 - Black Hat Bash 29:04 - zseano's methodology 30:59 - Breaking Into Information Security 32:22 - Jason's Pentester Story 34:32 - Pentest Book 35:36 - HackTricks 36:48 - SecLists 37:23 - SecLists Origin Story 40:27 - Payload All The Things 41:43 - Unsupervised Learning 42:27 - tl;dr sec 43:21 - Bug Bytes Newsletter 44:10 - InsiderPhD 44:21 - High Five Newsletter 44:37 - Grzegorz Niedziela 45:26 - Vulnerable U 47:24 - Hacktivity 50:23 - HTB Academy & Try Hack Me 51:44 - PentesterLab 52:30 - The Bug Hunters Methodology Live 56:01 - Where to Start 58:11 - Attacking Network Protocols hacking books hack hacker hacking python python hacking black hat python gray hat hacking linux linux for hackers bug bounty nsa nsa hacker nsa hacking ethical hacking ceh oscp ine try hack me hack the box hacking ethical hacker oscp certification ctf for beginners Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

@ANTINIE-0283

4 ай бұрын

Hey David can you plz tell me where to get started I want to be pro hacker of phones can you plz tell me

@Ziggy_Scambuster

4 ай бұрын

Dear David, is Port Swigger suitable for noobs? I’ve very basic security knowledge for windows and looking 👀 where to start in cyber security. Appreciate your answer. Cheers from Germany.

@gergemall

4 ай бұрын

Thank you Jason ! ❤

@ArjunRam-so7cr

4 ай бұрын

Hey should i give a shot on ccna exam in 2024 or should i wait until the new version comes out

@felixmoshami17

3 ай бұрын

¹1😊😊😊😊😊

David bombal is the best channel I found in 2023 ❤

@davidbombal

4 ай бұрын

Thank you! Very happy to hear that :)

@gergemall

4 ай бұрын

Hands down . He is honest with integrity and really cares about his fellow humans ❤.

@gergemall

4 ай бұрын

lol

@robotron1236

4 ай бұрын

Straight up the best IT and cybersecurity channel on KZread. Hands down…

@d4nm4c

4 ай бұрын

Agreed! So glad I found this channel. Participated in a few CTFs now and am on the road to doing big bounties part time. Thanks for the inspiration David!

Undoubtedly one of the finest interviews and resources, well done as always!

Thanks a lot David. I'm 15 and I have been into tech, programming and hacking since I was 12. Your videos have helped me with my learning so thank you for helping the community with your content.

I am a complete newbie in this space. Thank you David. I have some catching up to do.

Thanks to both of you This channel and you gentlemen are amazing!

Who needs cable tv when you can get content like this? Thanks a lot Dave, keep up the great work.

Thanks.just downloaded web application hand book .will go through it .

Great list of resources. Thanks David!

Have a great year ahead sir 👏🏾🎊 got so much information

Thank you so much for Jason and David, this is absolutely a very fruitful videos for us. Your fan from Malaysia

Loving the content so far David! I'd love it if yourself or even with Occupy With the Web if you could look into and explore Responder attacks. Again thanks for the content👍

0:33 so sorry to occupy the web but this man is by far my favorite guest of David's! Just listen to this man talk, he actually goes so far in depth in subjects I've been searching for over a decade for and tells me precisely what I need to find them what I need to succeed them when I need to become a civil engineer and my worth work ethic literally knows no bounds when it comes anything I want to learn and become an absolute savant so I have no problem I just like to say thank you so much for both of you gentlemen sharing your knowledge

Thank you David for the effort you put into these videos just for us and our benefit. It means the world to us.😊😊❤❤❤

@davidbombal

4 ай бұрын

You're welcome! Thank you for supporting me!

David and Jason, you are both legends. Thank you so much for this informative & amazing show

Thank you both for this wonderful information, I really enjoyed this

Thank you David for all you do sir for the community!

Thanks for another informative video, David. The RTFM sounds interesting, I'm going to have to give it a read.

I’m glad he mentioned the one guy who hated career pentesting, so many people think working in cyber means not working with people and I keep explaining 1. We are a support function 2 . If you want to “make the money” and have manageable hours you are going to pivot into more non technical roles , but yes you still need the knowledge and experience … the money is actually working with people

@omegadroidzero

12 күн бұрын

100%. I have found the most important things have been knowing how to communicate with people and being likable.

David Bombalbee hit the nail again. This is the video I was waiting for. Thank you.

WOW, this video is amazing. We appreciate you guys, Steve and Jason.

THANKS A LOT FOR THIS, I'M STARTING MY JOURNEY FROM THIS YEAR

Thank you, David and Jason!

🙏Thank you, David and Jason. Very helpful.

Great video! Thank you for all the info!

Two amazing people talking about hacking!!! Once someone told me try to learn from the best, so here i am , learning from the best people!!! Thank you both!!!

I appreciate what you do for your subscribers Sir.🙂🤞👍

@davidbombal

4 ай бұрын

Thank you! And you're welcome!

This is a goldmine, thanks a lot, David!

no idea when to read the WSTG - but a useful information source indeed. thx!

Jason did an amazing video w microsoft. Very helpful.

David, your channel is a treasure I'm so glad I've come across

The best channel I would recommend for anyone getting into security, love your work. keep up the good work! ❤

I love the ground up approach you're taking for 2024 considering the constantly changing climate of this field. Appreciate all your efforts. p.s. Glad to see those suppressed networker yawns at a hacker making the edit :D

I would recommend "Bob and Alice Learn Application Security" too.

Amazing information, thank you!

David is single handedly responsible to education of tens if not hundreds of thousands of people

Good to learn something new everyday through your shots❤

@davidbombal

4 ай бұрын

Glad to hear that! Lots more coming!

thanks for sharing the resource

👏 👏👏👏👏 your videos are right on the money David thank you

Learning a lot from you, Mr Bombal 🙏.

David you are just so phenomenal. Your channel has taught me about hacking and cybersecurity in general more than any other. Thank you for everything you do.

Great video guys. Wish I found it earlier before it was too late for me.

You're mindset is superior and inspiration, thank you 😐😌

Hope We Would Have an Interview With Michael Bazzell on the Channel Soon , Thanks David for the efforts on the channel

Hi David this is so awesome work thank's

love your word David, proud South African here

@davidbombal

4 ай бұрын

Thank you Thobani! I really appreciate you and all my supporters from South Africa!

I appreciate you ❤ Thanks so much ❤ To start all this project as I 2 laptop and server are needed

@davidbombal

4 ай бұрын

You are so welcome! Thank you!

@Abduselam.m

4 ай бұрын

Home lap is needed for this project

Thank you for this information

Hey David,I was just wondering if you would be able to bring us Chris Hadnagy on the show ,I would simply LOVE to see you colab with him and talk about social engineering a little bit ,I always feel like it's always talked about least and yet I personally feel like SE is the most important thing in Red teaming/pentesting,I'd love to see you interview him and share some insight on SE in the future ! As always great content ,I just can't miss a video ,thank you !

Thank you for the various books as the hour was beneficial. Any chance that you can get someone from a Blue Team books Practioner as already downloaded and noted the books to purchase as started on the Andy Gill book, but if you could get a list of blue defence books would be much appreciated as thank you both as well worth listening to and getting the books.

"Real World Bug Hunting " by Peter Yaworski is really good i've read it -- thanks for the other resources

Great stuff as always❤❤

Very excited about Black Hat Bash book!

So much good content. Thanks David.

@davidbombal

4 ай бұрын

Thank you! I hope you learn a lot!

I really appreciate what you do 😊. If I may ask 🙏. Can you please do some videos for digital forensics 🙂😊 please 🥺

awesome and great content .. bravo

Love from India ❤️🇮🇳

@animashaunroselynawa9229

4 ай бұрын

Anish ow are you brother

@davidbombal

4 ай бұрын

Welcome Anish and all my viewers from India! I appreciate you!

@anishbhadouria3186

4 ай бұрын

@@davidbombal thank you David sir

Super helpful video.. We have a lot to do

Thank you very helpfull

Absolutely loved the video🤩🤩🤩! The content was amazing. Could you please tell me the name of the product mentioned at 49:28 ? Thanks!

I gotta lot of reading to do!

I thank you Professor David ❤. Love to learn.#David . I so appreciate you and your mission to educate others and help people grow l thank you.

Great and Worth watching podcast

Using the Web App book, how do you practice the content for out of date material?

Hey should i give a shot on ccna exam in 2024 or should i wait until the new version comes out

Hei David i am from India(kerala you should come visit here great place 😄), i love your videos they are perfect . I am gonna attend the C EH in a few days i am preparing for it. Thanks again for providing us such quality content. You can't even imagine how much I respect you. Thank you sir❤... thanks for your efforts.🙂

@davidbombal

4 ай бұрын

Thank you Nivedh! I really appreciate you and all my supporters from India! Hopefully I'll be able to visit one day :) All the best for your CEH!

@N1v3dh

4 ай бұрын

@@davidbombal ❤

once again thank you ❤

Keep going ur a legend David

Fantastic video!!! Free resource is the heaven for my bugget! It would be great if you could also create a video on how hacking victims should respond! Thank you Jason and David!!!

Thanks for the shout @jhaddix! Appreciate you. +1 to all the resources Jason mentioned as well.

Great resources here!

hello sir, i want to make a career in clod computing specifically as solutions architect role do i need to have a networking knowledge to become solutions architect associate if yes the which networking certification should i go for and on which topics i should focus more??

another amazing video from bombal and friends.

Jason's mind is a treasure trove!

Hello David, love you man❤ I am a new learner. at this time this video is very important for me. maybe it can change my life.

@davidbombal

4 ай бұрын

I hope that the video really helps you!

DAVID! Has anyone told you that you are the freakin man?! Cause you are the freakin man!!!

thanks david for sharing to us useful content will you please recommend me the best place to learn python programming with realword projects for free for me i dont like books i like tutorials

My question is what pre-requisites or how much code or computer knowledge is necessary to even start to embark on this journey and work thru these resources?

I would love to learn how to do this from you

What is the best book for defense and SOC?

Amazing Video ❤

hey david can you make a video on ccna 2024

Thank you,David

@davidbombal

4 ай бұрын

You're welcome!

Ohh this guy is a legend

There is no link to Gwendal's sick dot tools!!!

TO learn CS or hacking do i have to understand API ,stuff which is taught in Computer science

EC concile ceh book is really good.

GREAT INFORMATION!🧠👀👂😃👍

Hello david sir.

David, I feel like rate limiting you with this amount of content lol .. amazing work! p.s love Jason..what an outstanding guest! Final thought: THM has the worst customer service I've ever come across. HTB is a million times better.

@davidbombal

4 ай бұрын

lol... I'm going to slow it down a bit I think :) But, got to start the new year with a big bang!

@camelotenglishtuition6394

4 ай бұрын

@davidbombal love the content regardless .. I actually bought Corey's api book after seeing your interview.. then did his course.. then did the vapi ctfs..joined intigriti and got 2 bugs in 2 months.. also just got a bug on fb ..going to smash 2024

Great stuff again

@davidbombal

4 ай бұрын

Glad you enjoyed it

hello i have a problem with kali llinux wifi adapter it says its no wireless extensions but it worked once can you help me fix this problem

My question David, To what extent can we trust end-to-end products?

@davidbombal

4 ай бұрын

If you are referring to Proton mail, their software is open source.

Great!

great video

Hi David I want to be hacker how long does it take from me to be able doing hacking operations

Im wondering you havent mentioned "Hack the planet" books

Tutti questi libri li trovo in italiano?

Evading EDR is very good at the moment, but the detection system may evolve, the best EDR evasion is... To find the ways not to have one active on the target system, and this is not that complicated in red teaming. Hopefully, there is still a lot not covered on all these resources. Very good choice, but require medium to advanced skills in my opinion. Anyway you need to get your hands onto it quickly, hacking in 2024 is not the same as it was in 2004 and require a lot of various skillset.

Hey. Is it possible to enter ethical hacking without laptop