Def Con สาธารณะ
[search 0]
เพิ่มเติม
ดาวน์โหลดแอปเลย!
show episodes
 
Artwork

1
Day[0]

dayzerosec

Unsubscribe
Unsubscribe
รายเดือน+
 
A weekly podcast for bounty hunters, exploit developers or anyone interesting in the details of the latest disclosed vulnerabilities and exploits.
  continue reading
 
Artwork

1
The Hacker's Cache

Kyser Clark - Cybersecurity

Unsubscribe
Unsubscribe
รายสัปดาห์
 
The show that decrypts the secrets of offensive cybersecurity, one byte at a time. Every week I invite you into the world of ethical hacking by interviewing leading offensive security practitioners. If you are a penetration tester, bug bounty hunter, red teamer, or blue teamer who wants to better understand the modern hacker mindset, whether you are new or experienced, this show is for you.
  continue reading
 
Artwork

1
Cyber Consulting Room

Gordon Draper

Unsubscribe
Unsubscribe
รายเดือน
 
The Cyber Consulting Room Podcast and Meetup Network is your gateway to a world of knowledge and collaboration in the ever-evolving realm of cyber security and consulting. Our podcast, hosted by Gordon Draper, brings you in-depth interviews with industry leaders, experts, and trailblazers, offering invaluable insights, strategies, and experiences. From award-winning professionals to those paving the way for diversity in the field, we delve into the most pressing issues and emerging trends. B ...
  continue reading
 
Artwork

1
Tradecraft Security Weekly (Video)

Security Weekly

Unsubscribe
Unsubscribe
รายเดือน
 
Want to learn about all of the latest security tools and techniques? This is the show for you! We show you how to install, configure and use a wide variety of security tools for both offense and defense. Whether you are a penetration tester or defending enterprise networks, this show will help you
  continue reading
 
Artwork

1
Global Bob Show

Global Bob

Unsubscribe
Unsubscribe
รายเดือน
 
Global Bob who is a cyber security expert and political science hobbyist brings you a show that fuses these topics together to explain in simple terms the interaction between the two. He uses his years of experience in both the government, commercial and private sector to give a unique perspective on these topics.
  continue reading
 
Artwork

1
Tradecraft Security Weekly (Audio)

Security Weekly

Unsubscribe
Unsubscribe
รายเดือน
 
Want to learn about all of the latest security tools and techniques? This is the show for you! We show you how to install, configure and use a wide variety of security tools for both offense and defense. Whether you are a penetration tester or defending enterprise networks, this show will help you!
  continue reading
 
Loading …
show series
 
In this week's episode, Specter recaps his experiences at Hardwear.IO and a PS5 hypervisor exploit chain presented there. We also cover some of the recently released DEF CON 32 talks. After the conference talk, we get into some filesystem exploit tricks and how arbitrary file write can be taken to code execution in read-only environments. Links and…
  continue reading
 
Kyser Clark interviews Trent Miller, a cybersecurity professional with a diverse background in IT and security roles. They discuss Trent's career journey, the challenges of breaking into cybersecurity, the importance of networking, and insights on certifications like OSCP. Trent shares his experiences with the job market, the reality of skill short…
  continue reading
 
In this week's episode, we talk a little bit about LLMs and how they can be used with static analysis. We also cover GitHub Security Blog's post on attacking browser extensions, as well as a somewhat controversial CyberPanel Pre-Auth RCE that was disclosed. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/…
  continue reading
 
Kyser Clark interviews James Scott, a cybersecurity professional with a diverse background in the military and digital forensics. They discuss James's journey into penetration testing, the challenges he faced in landing his first role, and the importance of networking and creating personal tools. The conversation also covers the significance of pro…
  continue reading
 
Kyser Clark interviews 0xD1CE, a seasoned penetration tester, who shares his extensive journey from IT to cybersecurity. 0xD1CE discusses his various roles, certifications, and the impact of COVID on his career shift. The conversation gets into the differences between consulting and internal roles, the value of certain cybersecurity certifications,…
  continue reading
 
Did you know that Australian businesses are facing a rapidly evolving cybersecurity landscape? In this episode of the Cyber Consulting Room podcast, host Gordon Draper interviews cybersecurity expert Simona Dimovski. Simona shares her journey into the field, emphasizing the importance of understanding business strategy and the human element in tech…
  continue reading
 
In this episode, explore the most significant cyber threats impacting businesses today. From emerging risks to the persistent attack vectors that continue to catch companies off-guard, we’ll cover it all in a dynamic and insightful discussion. Join our host, Will Morrish, as he chats with Dahvid Schloss, Swarm Leader and former State-Sponsored Hack…
  continue reading
 
In this week's episode, we cover the fiasco of a vulnerability in Zendesk that could allow intrusion into multiple fortune 500 companies. We also discuss a project zero blogpost that talks about fuzzing Dav1d and the challenges of fuzzing, as well as rooting Linux via EMFI with a lighter. Links and vulnerability summaries for this episode are avail…
  continue reading
 
Cybersecurity professionals Kyser Clark and Pranit Garud (RootSploit) discuss their experiences in the field. They cover topics such as bug bounty programs, the role of an offensive security engineer, and the differences between consulting and working for a Fortune 500 company. Pranit shares tips for getting started in bug bounty hunting and emphas…
  continue reading
 
Kyser Clark interviews Opeyemi Kolawole, a full-time red teamer and cybersecurity professional. They discuss Opeyemi's background in biology and his transition into the cybersecurity field. Opeyemi shares his experience and insights on various certifications, including the Cyberwarfare Lab Certified Red Team Analyst (CPTA) and the importance of sta…
  continue reading
 
In our summer recap, we discuss Phrack's latest issue and talks from the new Off-by-One conference. We also cover some interesting bugs, such as a factorio lua RCE and another RCE via iconv. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/258.html [00:00:00] Introduction [00:01:06] Getting Started…
  continue reading
 
In this solo episode, Kyser Clark discusses the accessibility of cybersecurity careers, emphasizing that anyone can enter the field regardless of their background. He shares his personal journey from blue-collar jobs to becoming a penetration tester, highlighting the importance of certifications and continuous learning. Kyser provides actionable st…
  continue reading
 
In this week's episode, we cover an attack utilizing HSTS for exploiting Android WebViews and abusing YouTube embeds in Google Slides for clickjacking. We also talk about the infamous CUPS attack, and the nuances that seem to be left behind in much of the discussion around it. Links and vulnerability summaries for this episode are available at: htt…
  continue reading
 
Join our host and Academy Hive Leader, Iain Jackson, as he sits down with Phill and Joao, members of the inaugural CovertSwarm Academy intake. In this episode, they reflect on their transformative journey and share insights from their successful first year at the Academy. Thanks for listening! Follow us on LinkedIn.…
  continue reading
 
Kyser Clark interviews Jacob Villarreal, a penetration tester, about his journey into the cybersecurity field, his experiences at DEFCON, and various topics related to cybersecurity. Jacob shares his background, including his education, certifications, and transition from IT roles to penetration testing. The discussion covers the importance of netw…
  continue reading
 
In this week's episode, we discuss Microsoft's summit with vendors on their intention to lock down the Windows kernel from endpoint security drivers and possibly anti-cheats. We also talk cryptography and about the problems of nonce reuse. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/256.html […
  continue reading
 
Are cybersecurity conferences just another industry event, or are they the driving force behind the next big leap in the field? When you think about the future of cybersecurity, do you consider the role of gatherings like Black Hat USA and DEF CON? In this episode of the Cyber Consulting Room podcast, host Gordon Draper explores the recent Black Ha…
  continue reading
 
Kyser Clark interviews Trent Darrow, a senior penetration tester and cyber protection team crew lead. They discuss Trent's background, certifications, and his role in building a red team. They also touch on ethical dilemmas in the industry, the effectiveness of certifications in preparing for real-world pen testing, and the importance of skills lik…
  continue reading
 
We are back and testing out a new episode format focusing more on discussion than summaries. We start talking a bit about the value of learning hacking by iterating on the same exploit and challenging yourself as a means of practicing the creative parts of exploitation. Then we dive into the recent Intel SGX fuse key leak, talk a bit about what it …
  continue reading
 
Kyser Clark and Evan Isaac discuss their experiences and insights in cybersecurity. They cover topics such as certifications, content creation on LinkedIn, web hacking resources, job searching advice, and the importance of offensive and defensive cybersecurity skills. Connect with Evan Isaac on LinkedIn: https://www.linkedin.com/in/evan-isaac/ Take…
  continue reading
 
Kyser Clark interviews Nouha Ben Brahim, a Python programmer turned bug bounty hunter and founder of No Breach. They discuss Nouha's journey into cybersecurity, the most concerning cyber breach, common web hacking vulnerabilities, becoming a speaker at events, starting a cybersecurity company, and Nouha's podcast, The Hackers Line. Connect with Nou…
  continue reading
 
In this conversation, Kyser Clark interviews Jake Mayhew, a senior penetration tester, about his background and experiences in cybersecurity. They discuss the importance of internships, the value of creating a home lab, and the benefits of networking at local conferences and meetups. Jake also shares advice for job seekers, including the significan…
  continue reading
 
Earlier this month, our Swarm of ethical hackers attended DEF CON 32 in Las Vegas, one of the most anticipated events in the hacking community. On this episode, join our Head of People and Culture and host, Ellie Lancaster, as she interviews our colleagues Faith, Alex, and Joao about their standout moments from the event. Learn about the different …
  continue reading
 
In this conversation, Kyser Clark interviews Nathan Rice, a senior penetration tester, about his background and experience in cybersecurity. They discuss the differences between penetration testing and red team operations, the importance of starting with penetration testing before moving to red teaming, and the challenges and rewards of obtaining c…
  continue reading
 
Can we ever truly trust the technology that runs our lives? Think about it: every time we use a phone, share a photo, or shop online, we’re putting a lot of trust in these digital systems. But how safe are they? In this episode of the Cyber Consulting Room podcast, host Gordon Draper continues his conversation with Helen Patton, a distinguished cyb…
  continue reading
 
Kyser Clark interviews Aaron Tran, a military veteran who successfully transitioned into a career in cybersecurity. They discuss Aaron's journey from the military to becoming a penetration tester, the challenges he faced, and the steps he took to bridge the gap between non-cyber and cyber roles. They also touch on the importance of having a plan an…
  continue reading
 
In this conversation, Kyser Clark interviews Ryan Daub, an Offensive Security Analyst Associate, about his journey in cybersecurity and his current role as an internal penetration tester for healthcare organizations. They discuss topics such as landing a job in cybersecurity, the role of AI in penetration testing, the differences between internal a…
  continue reading
 
In this conversation, Kyser Clark interviews Mike Finkel, a penetration tester, about his background and experiences in the cybersecurity field. They discuss certifications, the importance of customer service skills in pentesting, and the role of AI in the industry. Mike shares his hot take on AI, expressing his excitement for its potential in pent…
  continue reading
 
Those of you at DEF CON 31 might remember the badges our swarm members had. Well, this year, we've got something even better! With DEF CON 32 around the corner, we are ready to introduce the team behind the awesome badge we will bring to the event. Meet our host and Head of People and Culture, Ellie Lancaster, as she discusses with Paul, John, and …
  continue reading
 
In this conversation, George Raileanu discusses the importance of mentoring, strategies for finding a mentor, and the benefits of building a strong network in cybersecurity. He also shares advice on continuous learning, dealing with imposter syndrome and burnout, and the value of paying it forward in the industry. Connect with George Raileanu on Li…
  continue reading
 
Did you know that your organization's security culture could be its strongest defense—or its weakest link? In today's digital landscape, where cyber threats lurk around every corner, relying solely on technological safeguards isn't enough. Building a resilient security culture within your organization is paramount. This episode of The Cyber Consult…
  continue reading
 
Kyser Clark and Kristopher Johnson's conversation covers various topics related to offensive security, certifications, career progression, and distinguishing between vulnerability assessments and penetration tests. Kristopher shares his journey into offensive security, his challenges, and the importance of continuous learning and perseverance. The …
  continue reading
 
The conversation between Kyser Clark and Robert O'Connor covers a wide range of topics related to penetration testing, certifications, career progression, and personal experiences in the cybersecurity field. Robert shares insights on his journey from IT intern to senior analyst to penetration tester, discussing certifications, specialization in Act…
  continue reading
 
The conversation covers a wide range of topics related to cybersecurity, including the background and career journey of the guest, the importance of offensive security, the cybersecurity skills shortage, strategies for excelling in CTF competitions, and the correlation between cybersecurity and everyday life. The guest also shares insights on preve…
  continue reading
 
Adolfo (Val) Vask, a seasoned cybersecurity professional, shares insights on his journey from intelligence analysis to penetration testing and red teaming. He discusses certifications, the MetaSploit Pro Specialist, the relevance of education in cybersecurity, and the transition from penetration tester to senior penetration tester. He also provides…
  continue reading
 
In this episode, I introduce myself, Kyser Clark, and share my background in cybersecurity. I talk about my experience as a client systems technician in the United States Air Force and my transition into penetration testing. I also discuss my certifications and educational background in cybersecurity. I explain the purpose of this podcast, which is…
  continue reading
 
The YOU DESERVE TO BE HACKED™ slogan has reached Hartford, the insurance capital of North America, to challenge the cybersecurity approach of CISOs in the industry. On this episode, listen to our host and CRO, Will Morrish, and Ilan Fehler, our first hired member in the US, as they explore the type of fraud companies are exposed to, what we have le…
  continue reading
 
In this episode of the Cyber Consulting Room podcast, host Gordon Draper interviews Akshaye Kalkura, a cybersecurity leader from Consulting Firm Razilio with extensive experience in the field. Akshaye discusses his journey into cybersecurity, his education and certifications, and the challenges of hiring the right consultants. He also shares his ex…
  continue reading
 
Listen to our host and Swarm Director, Louis Blackburn, as he discusses with our new Hive Member, Ben Stickland, their interpretation of DORA (Digital Operational Resilience Act) and NIS2 (Network and Information Security Directive 2) and how they will help financial entities and critical infrastructure sectors to strengthen their cybersecurity pos…
  continue reading
 
In this episode of the Cyber Consulting Room podcast, host Gordon Draper interviews cybersecurity veteran David Jorm. David Jorm discusses his journey into cybersecurity, his experience in the industry, and his passion for nurturing new talent. He shares stories from his consulting career, including pen testing a plane and working on what may have …
  continue reading
 
Memory corruption is a difficult problem to solve, but many such as CISA are pushing for moves to memory safe languages. How viable is rewriting compared to mitigating? Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/254.html [00:00:00] Introduction [00:01:12] Clarifying Scope & Short/Long Term [0…
  continue reading
 
Immersed in the world of cryptography, WWII espionage and the remarkable story behind Alan Turing and his team's groundbreaking efforts to crack the Nazi encryption system, the Enigma code, our Swarm came from all over the world to share, learn and collaborate with each other. On this episode of our podcast, our host and new Head of People and Cult…
  continue reading
 
Mark Nicholls, CEO of Information Professionals Group, shares his insights and advice on cybersecurity and information security. He emphasizes the importance of learning from mistakes and taking an iterative approach to career development. Nicholls also highlights the significance of threat and risk assessments in cybersecurity decision-making. He …
  continue reading
 
Change is in the air for the DAY[0] podcast! In this episode, we go into some behind the scenes info on the history of the podcast, how it's evolved, and what our plans are for the future. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/253.html [00:00:00] Introduction[00:01:30] Early days of the …
  continue reading
 
Welcome to the Cyber Consulting Room podcast, where host Gordon Draper leads engaging discussions with cybersecurity experts Prashant Mahajan, Amy Nightingale, and John Gerardos. In this episode, the panel delves into the ethical considerations guiding cybersecurity consultants, the essential skills and attributes sought in hiring processes, and th…
  continue reading
 
On this episode meet our CEO, Anders Reeves, as he interviews Swarm Director, Louis Blackburn, on the topics of the 'Cyber Kill Chain' and how 'Initial Access Brokers' (IAB) play a key role in enabling mass negative impact by threat actors seeking to deploy Ransomware, and more. Watch on YouTube! Thanks for listening! Follow us on LinkedIn.…
  continue reading
 
Bit of a lighter episode this week with a Linux Kernel ASLR bypass and a clever exploit to RCE FortiGate SSL VPN. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/252.html [00:00:00] Introduction [00:00:29] KASLR bypass in privilege-less containers [00:13:13] Two Bytes is Plenty: FortiGate RCE with…
  continue reading
 
In this week's bounty episode, an attack takes an XSS to RCE on Mailspring, a simple MFA bypass is covered, and a .NET CRLF injection is detailed in its FTP functionality. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/251.html [00:00:00] Introduction [00:00:20] Making Desync attacks easy with TR…
  continue reading
 
In this episode we have an libXPC root privilege escalation, a run-as debuggability check bypass in Android, and digital lockpicking on smart locks. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/249.html [00:00:00] Introduction [00:00:21] Progress OpenEdge Authentication Bypass Deep-Dive [CVE-20…
  continue reading
 
Loading …

คู่มืออ้างอิงด่วน