Skip to content

Free Exploit Development Training (beginner and advanced)



It’s possible to earn millions of dollars finding zero days and vulnerabilities in software. But, are you prepared to put in the work?

Browser Exploitation Introduction: https://youtu.be/bcnV1dbfKcE
Introduction to Buffer Overflows: https://youtu.be/DHCuvMfGLSU
Modern Windows Kernel Exploitation: https://youtu.be/nauAlHXrkIk
Linux Heap Exploitation: https://youtu.be/dMDoC9DlVzA
Modern Binary/Patch Diffing: https://youtu.be/8jVOvPG4TjA
Crypto and Blockchain Hacks: https://youtu.be/y5JogTgpp-s

My apologies for some of the technical issues in this interview. Zoom is a nightmare 🙁

// MENU //
00:00 – Coming up
00:53 – Stephen Sims introduction & Sans course
03:28 – Stephen’s YouTube channel // Off By One Security
07:56 – Growing up with computers
08:57 – Getting involved with Sans courses // Impressed by instructors
09:52 – “The Golden Age of Hacking” // Bill Gates changed the game
15:44 – Making money from Zero-Days // Ethical and Unethical methods, zerodium.com & safety tips
32:56 – How to get started
46:53 – Opportunities in Crypto
50:26 – Windows vs. iOS vs. Linux
53:47 – Which programming language to start with
56:22 – Recommended Sans courses
01:02:04 – Recommended CTF programs & events
01:04:06 – Recommended books
01:08:23 – The Vergilius project
01:10:25 – Connect with Stephen Sims
01:12:24 – Conclusion

// Stephen’s Social //
Twitter: https://twitter.com/Steph3nSims
YouTube Live: https://www.youtube.com/@OffByOneSecurity/streams
YouTube videos: https://www.youtube.com/@OffByOneSecurity/videos
E-mail: Stephen(at)deadlisting.com

// Stephen’s courses //
SANS Course sans.org. https://www.sans.org/cyber-security-courses/
– Advanced exploit development for penetration testers course
– Advanced penetration testing, exploit writing, and ethical hacking (GXPN)
– ARM Exploit Development

// Books discussed //
Grey Hat Hacking: https://amzn.to/3B1FeIK
Hacking: The art of Exploitation: https://amzn.to/3Us9Uts
The Shellcoder’s Handbook: https://amzn.to/3VqUEhY
Linkers & Loaders: https://amzn.to/3itqtbe

// Websites discussed //
Zerodium: https://zerodium.com/
Corelan Cybersecurity Research: https://www.corelan.be/
Shellphish: https://github.com/suljot/shellphish
Vergilius Project: https://www.vergiliusproject.com/

// David’s Social //
Discord: https://discord.gg/davidbombal
Twitter: https://www.twitter.com/davidbombal
Instagram: https://www.instagram.com/davidbombal
LinkedIn: https://www.linkedin.com/in/davidbombal
Facebook: https://www.facebook.com/davidbombal.co
TikTok: http://tiktok.com/@davidbombal
YouTube Main Channel: https://www.youtube.com/davidbombal
YouTube Tech Channel: https://youtube.com/channel/UCZTIRrENWr_rjVoA7BcUE_A
YouTube Clips Channel: https://www.youtube.com/channel/UCbY5wGxQgIiAeMdNkW5wM6Q
YouTube Shorts Channel: https://www.youtube.com/channel/UCEyCubIF0e8MYi1jkgVepKg
Apple Podcast: https://davidbombal.wiki/applepodcast
Spotify Podcast: https://open.spotify.com/show/3f6k6gERfuriI96efWWLQQ

apple
ios
android
samsung
exploit
exploit development
windows
linux
exploits
zero days
zero day
0day
1day
hack
hacking
hacker
windows kernel
windows kernel exploit
linux heap
linux heap exploit
reverse engineering
reverse engineer
reverse exploit
red team
red teaming
binary diff
binary diffing

#android #ios #linux

source

46 thoughts on “Free Exploit Development Training (beginner and advanced)”

  1. Absolutely fantastic video. I have calculated it will probably take me about 750 years to get anywhere near the level of knowledge displayed here. Either way, I have started writing that Windows driver, using Kernel-Mode Driver Framework (KMDF)…which I had to google.

  2. Thanks for this one, was looking for ages how to start with a clear roadmap, would be nice to have him back to discuss malwares like Shikitega or eternal blue etc

  3. SANS is the country club in the world of cybersecurity. I’d literally have to pay 1/3 of my yearly salary to take a 6 day course.

    SANS in essence is saying you must already be successful to be successful in cybersecurity.

  4. Great content, as usual! Love all of the hacking stuff in this new series of interviews. I'm about to look into driver creation to see if I can move my self past just exploiting Metasploitable on easy ha ha!

  5. I don't know how you do it , I just searched for exploit development thought would be good for my skill set and you just released this video.

    I love your content helped me alot in my work I really wish you grow more and keep bringing this amazing content. Bless you!!!

  6. What he says about sacrifice is totally right. I wake up at 5am, workout and then study for at least 2 hours before running my business. I’m tired a lot but I’ve completed 3 courses in a little over a year. Starting an api hacking course in January. 💪 thanks for another great video David

  7. I like your friend skill that behind the curtain and love your videos also 😍😍😍 I m a c.s.e student really want to learn how to work on language but never understand R.I.P mostly one flaw is Indian teachers 😔 they are followed books not any practicals but now a days study is different I m fast a learner in computing and electronics but when I studied my time is bad I have no teacher like today 😔.

  8. just started my journey in C and Assembly but though this is good information🔥🔥🔥 it is a bit more oriented for intermediate users. wish he recommended books for complete beginners as the way he emphasised on starting with building blocks, books like Hacking the Art of Exploitation when I first bought it, I initially thought it's a complete book but it just made me realise how much I don't know, that I needed to search up more before I understood a certain complex topic…..but ey its life of refusing to be a script kiddie😂😂😂

  9. To all the people complaining about FREE youtubers content being to basic. At some point you have to INVEST into your future, career, and self. Free content is a great way to make sure you have the ability and genuine interest to follow through with the material once it gets difficult.

Leave a Reply

Your email address will not be published. Required fields are marked *