David Bombal

David Bombal
  • 5,0 (25)
  • TECNOLOGIA
  • DUAS VEZES/SEMANA

Want to learn about IT? Want to get ahead in your career? Well, this is the right place! On this channel, I discuss Python, Ethical Hacking, Networking, Network Automation, CCNA, Virtualization and other IT related topics. This YouTube channel has new videos every week! Subscribe for technical, detailed, no fluff content. David’s details: Discord: https://discord.com/invite/usKSyzb Twitter: https://www.twitter.com/davidbombal Instagram: https://www.instagram.com/davidbombal LinkedIn: https://www.linkedin.com/in/davidbombal Facebook: https://www.facebook.com/davidbombal.co Website: http://www.davidbombal.com YouTube: https://www.youtube.com/davidbombal All the best! David

  1. #559: How Splunk unlocks the Agentic AI transition in 2026

    HÁ 1 DIA

    #559: How Splunk unlocks the Agentic AI transition in 2026

    In this exclusive interview, Kamal Hathi reveals how the new Cisco Data Fabric and Splunk Machine GPT are unlocking agentic AI for cybersecurity. Discover the future of SOC analysts and network telemetry in 2026! Big thanks to Cisco for sponsoring this video and sponsoring my trip to Cisco Live Amsterdam 2026. // Kamal Hathi’s’ SOCIAL // LinkedIn: / kamal-hathi // Website REFERENCE // https://www.splunk.com/ / David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming up 0:36 - Kamal Hathi introduction and machine gpt update 03:36 - Splunk and machine data 05:47 - Resources to learn Splunk 06:48 - Cisco Time Series Model on Hugging Face 07:50 - Cisco Data Fabric explained 09:37 - Updates in 2026 15:51 - Cisco & Splunk 17:50 - Conclusion Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #cisco #splunk #ciscolive

    18min
  2. #558: Top 4 Web hacking demos for aspiring hackers (with labs and CTF)

    HÁ 1 DIA

    #558: Top 4 Web hacking demos for aspiring hackers (with labs and CTF)

    Big thanks to ‪@ThreatLocker‬ for sponsoring my trip to ZTW26 and also for sponsoring this video. To start your free trial with ThreatLocker please use the following link: https://www.threatlocker.com/davidbombal Are you looking to get into bug bounty hunting but feel overwhelmed or worried the field is oversaturated? In this video, full-time bug bounty hunter Justin Gardner shares a realistic, actionable guide to web hacking for beginners. We dive straight into the practical side with five live demonstrations of common web vulnerabilities—all done using just your browser and DevTools. Justin explains how Insecure Direct Object Reference (IDOR), Broken Access Controls, Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF) work in the real world, including stories of finding these exact bugs on major platforms like Google. After the demos, we tackle the biggest questions new hackers have: Is there still money to be made in 2026? How has AI changed the landscape? And what is the exact roadmap to landing your first bounty? Justin breaks down his "200-hour rule" for learning, why you need to get comfortable with failing, and the best resources (like HackerOne and PortSwigger) to help you launch your cybersecurity career today. // Labs and more here: // Labs: https://ztw.ctbb.show/ More labs: https://labs.cai.do/ And more labs: https://portswigger.net/web-security // Justin Gardner’s SOCIAL // YouTube: / @criticalthinkingpodcast LinkedIn: / rhynorater X: https://x.com/Rhynorater GitHub: https://rhynorater.github.io/aboutme/ / David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming Up 0:40 - Introduction 01:50 - Getting Started in Bug Bounty 03:11 - Can I Make Money in Bug Bounty? 04:11 - Demo 1 06:55 - Demo 2 08:47 - Lessons for Upcoming Hackers 10:09 - Demo 3 13:49 - Are There Demos on Justin’s Podcast? 14:20 - Demo 4 18:11 - Real-Life Date of Birth Vulnerability 19:13 - Advice on Becoming a Hacker Like Justin 20:20 - What & Where to Study to Become a Bug Bounty Hacker 21:49 - How Long Does It Take? 25:07 - Outro & Conclusion Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #webhacking #bugbounty #hack

    25min
  3. #557: Every Reason Why I Hate AI and You Should Too

    HÁ 3 DIAS

    #557: Every Reason Why I Hate AI and You Should Too

    Big thanks to ‪@ThreatLocker‬ for sponsoring my trip to ZTW26 and also for sponsoring this video. To start your free trial with ThreatLocker please use the following link: https://www.threatlocker.com/davidbombal Cybersecurity expert Marcus Hutchins (MalwareTech) sits down to cut through the 2026 AI hype, explaining why threat actors aren't using generative AI and why it won't replace tech jobs. In this deep dive, Marcus reveals the reality behind the AI tech bubble and how executive hype is distracting from actual network vulnerabilities. We discuss the dangers of "vibe coding" critical infrastructure, why reactive SOC teams are giving attackers too much time, and why mastering foundational cybersecurity skills is more important now than ever. If you're navigating the current tech job market or working in threat intelligence, this is the reality check you need. // Blog Entry // Every Reason Why I Hate AI and you should too: https://malwaretech.com/2025/08/every... // Marcus Hutchins’ SOCIAL // YouTube: / malwaretechblog Website: https://marcushutchins.com/ Discord: / discord LinkedIn: / malwaretech BlueSky: https://bsky.app/profile/malwaretech.com TikTok: / itsmarcushutchins Mastadon: https://infosec.exchange/@malwaretech Instagram: / malwaretech X: https://x.com/malwaretechblog / David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming Up 0:58 - Intro 03:03 - Why Marcus Is Tired Of AI 04:49 - Threat Actors Hurting Themselves 06:35 - Data Centres In Space 09:07 - Will AI Damage Cybersecurity? 13:25 - AI Makes Developers Lazy (Vibe Coding) 19:58 - Every Reason Why Marcus Hates AI 24:07 - Is AI A Bubble? 25:54 - Will AI Take People's Jobs? 30:56 - When Will The AI Bubble Pop? 33:55 - Marcus' Advice To The Youth 34:40 - Is AI Malware Affective? 36:27 - Proactive Defence 40:26 - Marcus Is An AI Hater 45:58 - Will There Ever Be Enough Guardrails? 48:07 - Final Thoughts 49:57 - Conclusion Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #ai #cybersecurity #aimalware

    51min
  4. #556: Stop HARVEST Now DECRYPT Later Attacks: Survive Post Quantum Attacks

    HÁ 3 DIAS

    #556: Stop HARVEST Now DECRYPT Later Attacks: Survive Post Quantum Attacks

    Quantum computing isn’t just 10 years away, it’s happening now. In this deep dive, I sit down with Ramana Kompella, Head of Research at Cisco Outshift, to separate the sci-fi vaporware from the engineering reality. We discuss the immediate threat of "Harvest Now, Decrypt Later" attacks, where bad actors steal your encrypted data today to unlock it with quantum computers tomorrow. Ramana breaks down exactly how Cisco is building the "Quantum Network" to counter this, leveraging the "No Cloning Theorem" to create unhackable communication channels. If you are in cybersecurity, networking, or studying computer science, this is your roadmap to the future. We cover the math you need to learn (Linear Algebra), the timeline for real-world adoption (it’s closer than you think), and how Quantum Teleportation actually works at a packet level. Topics Covered: • The 5-Year Timeline: Why the "decade away" myth is wrong. • Quantum Networking vs. Computing: Why we need to interconnect quantum processors. • The Physics of Security: How Entanglement and Teleportation prevent eavesdropping. • Career Advice: Why Linear Algebra is the most critical skill for AI and Quantum jobs. • Cisco x IBM: The partnership building the future internet. Big thanks to Cisco for sponsoring this video and sponsoring my trip to Cisco Live Amsterdam 2026. // Ramana Kompella’s SOCIAL // LinkedIn: / rkompella / David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming Up 0:43 - Introduction 02:36 - The Exciting Part about OutShift 04:12 - The Promise of Quantum Computing 07:09 - The Importance of Partnership between IBM & Cisco 07:55 - The Difference between Classical Computing & Quantum Computing 11:25 - Why It is Important to study Maths 12:31 - Technical Details About Quantum Computing 19:19 - When Will Quantum Computing Become a Reality? 20:00 - Will Quantum Computing Break Encryption? 25:36 - Outro & Conclusion Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #quantumnetworking #ciscooutshift #cybersecurity

    26min
  5. #555: VirtualBox VM Escape: Integer Overflow Explained Clearly

    10 DE MAR.

    #555: VirtualBox VM Escape: Integer Overflow Explained Clearly

    In this episode, David Bombal sits down with vulnerability researcher Vladimir Tokarev (with Dawid on the interview) to show what AI-assisted vulnerability research looks like when it actually works. Vladimir walks through two real vulnerability case studies and uses them to explain a practical workflow for finding bugs faster with LLMs, without pretending the AI is “fully autonomous.” Demo 1: Gemini CLI command injection Vladimir demonstrates a command injection issue in Gemini CLI tied to the IDE / VS Code extension install flow. He shows how a malicious VSIX file name or path can be crafted so that when the install command is executed, the system ends up running an attacker-controlled command (the demo uses a harmless calculator launch to prove execution). The conversation then breaks down what a VSIX is, what the realistic attack paths are (user tricked into installing a malicious extension or placing it in the right directory), and why this class of bug matters for endpoints running local AI agents. Demo 2: VirtualBox integer overflow and VM escape class impact Next, Vladimir switches to a VirtualBox vulnerability involving an integer overflow that can lead to out-of-bounds read/write in the host process. Because of architecture constraints, he shows the exploit behavior via a recorded clip, then explains the bug using source code. The key teaching moment is the mismatch between 32-bit arithmetic used in bounds checking and 64-bit pointer arithmetic used during the actual memory move, creating a pathway to bypass checks and copy memory outside the intended buffer. Vladimir also explains why having both read and write primitives is powerful for exploitation, and how modern mitigations make “blind” exploitation unrealistic without memory disclosure. How the bugs were found with AI Vladimir then explains the workflow he uses in real engagements: • Run static analysis to generate leads at scale • Use an LLM to triage and filter out noise • Validate the remaining findings by tracing code paths and checking exploitability • Use AI again to accelerate setup, debugging, reverse engineering, and iteration He shares a key insight: the win is not “AI finds everything for you,” it is that AI helps you spend your time on the hardest parts—validation, exploit logic, and decision-making—instead of drowning in thousands (or millions) of findings. Why there is no fully autonomous vuln-research agent yet Finally, Vladimir lays out four practical blockers: 1. Depth reasoning (long multi-step exploit chains) 2. Context limits (missing system-level constraints and assumptions) 3. Learning from failure (repeating bad leads) 4. Exploration (poor goal-driven search without strong reinforcement learning) // Vladimir Tokarev’s SOCIAL // X: https://x.com/G1ND1L4 LinkedIn: / vladimir-eliezer-tokarev // Dawid van Straaten’s SOCIAL // LinkedIn: / dawid-van-straaten-31a3742b X: https://x.com/nullaxiom?s=21 // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... Disclaimer: This video is for educational purposes only.

    48min
  6. #554: WHY Your Cheap Chinese IoT Camera Is A Network NIGHTMARE

    10 DE MAR.

    #554: WHY Your Cheap Chinese IoT Camera Is A Network NIGHTMARE

    Are your smart home devices spying on you? In this video, David Bombal interviews cybersecurity researcher and IoT penetration tester, Matt Brown, to reveal how to intercept and decrypt supposedly secure SSL/TLS traffic from IoT devices. Matt demonstrates his open-source tool, "Man in the Middle Router," a specialized Linux-based bash script designed to simplify IoT hardware hacking labs. This tool stitches together essential Linux utilities—including HostAPD (for access points), DNSmasq (for DHCP), and iptables (for traffic routing)—to transform any Linux computer or Raspberry Pi into a transparent intercepting router. In this technical deep-dive, you will learn: How a Man in the Middle (MITM) attack intercepts encrypted TLS (HTTPS) communications. How to set up an IoT penetration testing lab using minimal hardware, such as an Alpha Wi-Fi adapter and an Ethernet dongle. The difference between theoretical attacks and real-world vulnerabilities like the failure of IoT devices to validate server certificates. Transparent proxy setup using tools like mitmproxy to visualize raw API data. Live Hacking Demonstration Matt moves beyond theory to demonstrate a live hack of an Anran Wi-Fi security camera purchased from eBay. He shows the exact process of capturing and decrypting the camera's API traffic (apis.us-west.cloudedge360.com). This demonstration exposes that the device is transmitting sensitive information—including authentication credentials—in cleartext over HTTP inside the broken TLS tunnel. Whether you are a network engineer, network security analyst, or a hardware hacking enthusiast, this video provides a step-by-step framework for auditing the security and privacy of the devices on your network. // Matt Brown’s SOCIAL // X: https://x.com/nmatt0 YouTube: / @mattbrwn LinkedIn: / mattbrwn GitHub: https://github.com/nmatt0 Reddit: https://github.com/nmatt0 Website (with training courses): https://training.brownfinesecurity.com/ // GitHub REFERENCE // mitmrouter: https://github.com/nmatt0/mitmrouter // Camera REFERECE // https://www.amazon.com/ANRAN-Security... // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming Up 0:33 - Introduction 02:33 - Matt’s Solution for IoT Devices 05:38 - Getting around SSL Pining / Certificate Validation 08:55 - Demo - The Basics 12:00 - Demo - Man In The Middle Router Tool 15:00 - Demo - Software/Hardware Considerations 20:12 - Demo - MITM Proxy 24:43 - Demo - MITM Router 33:58 - Example Using a Real IoT Device 36:33 - David’s Questions 37:50 - More About Matt Brown 38:41 - Android Vs Apple 40:33 - Outro Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #iot #hacking #iothacking

    42min
  7. #553: AVOID the Grep Trap: Why Splunk is the Future of Networks

    3 DE MAR.

    #553: AVOID the Grep Trap: Why Splunk is the Future of Networks

    Learn Splunk basics with James Hodge in this introductory tutorial. We dive into SPL, analyzing Linux logs, and a powerful AI Canvas demo for network troubleshooting. Big thanks to Cisco for sponsoring this video and sponsoring my trip to Cisco Live Amsterdam 2026. // James Hodge’s SOCIAL // LinkedIn: / jameshodge / David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming up 0:47 - James' background 01:36 - Splunk basics // What is Splunk? 04:17 - Splunk demo 07:35 - How Splunk analyses the data 10:13 - Bringing in raw data 12:22 - Splunk demo continued 21:38 - Dark Mode funny story 22:25 - Splunk demo continued 24:12 - The toilet story 27:56 - Modern Splunk dashboard demo 30:45 - AI Canvas demo 34:53 - Conclusion Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #splunk #cisco #ciscolive

    35min
  8. #552: Why The Matrix Was Right: 6 AI Movies Warned Us

    28 DE FEV.

    #552: Why The Matrix Was Right: 6 AI Movies Warned Us

    Big thanks to Brilliant for sponsoring this video. To try everything Brilliant has to offer, visit https://brilliant.org/davidbombal to start your 30-day free trial or scan the QR code onscreen – You’ll also get 20% off an annual premium subscription Join hacker OTW and David Bombal as they rank the top 6 AI movies that predicted the future of cybersecurity. From Ex Machina to The Matrix, discover which films got 2026 right. In this video, OTW breaks down his curated list of the best Artificial Intelligence movies that every tech enthusiast and cybersecurity professional needs to watch. We aren't just reviewing films; we are analyzing how sci-fi predictions from decades ago are becoming reality in 2026. We discuss the dangers of removing AI guardrails as seen in Companion, the terrifying reality of predictive policing and surveillance mirrored in Minority Report, and the ethical dilemmas of AI consciousness explored in Her and Ex Machina. OTW also dives into 2001: A Space Odyssey and The Matrix to discuss Neuralink, data center energy consumption, and the risks of AI self-preservation. Are we heading toward a dystopian future, or can we still implement the right regulations? // Occupy The Web SOCIAL // X: / three_cube Website: https://hackers-arise.net/ // Occupy The Web Books // Linux Basics for Hackers 2nd Ed US: https://amzn.to/3TscpxY UK: https://amzn.to/45XaF7j Linux Basics for Hackers: US: https://amzn.to/3wqukgC UK: https://amzn.to/43PHFev Getting Started Becoming a Master Hacker US: https://amzn.to/4bmGqX2 UK: https://amzn.to/43JG2iA Network Basics for hackers: US: https://amzn.to/3yeYVyb UK: https://amzn.to/4aInbGK // OTW Discount // Use the code BOMBAL to get a 20% discount off anything from OTW's website: https://hackers-arise.net/ // Playlists REFERENCE // Linux Basics for Hackers: • Linux for Hackers Tutorial (And Free Courses) Mr Robot: • Hack like Mr Robot // WiFi, Bluetooth and ... Hackers Arise / Occupy the Web Hacks: • Hacking Tools (with demos) that you need t... / David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming up 0:47 - OTW introduction // OTW books 02:02 - Brilliant sponsored segment 04:08 - AI in Hollywood and media 08:06 - Top 6 movies about AI 11:29 - Movie #6 // Guardrails on AI 19:27 - Movie #5 // AI-controlled media 27:35 - Movie #4 // AI crime detection 39:38 - Movie #3 // AI self-preservation 48:55 - Movie #2 // Human & AI relationships 55:23 - Movie #1 // AI Turing test 01:04:57 - Top 6 AI movies summary 01:11:02 - Conclusion Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #ai #movies #aimovies

    1h12min
Ver tudo (500)

5
de 5
25 avaliações

Sobre

Want to learn about IT? Want to get ahead in your career? Well, this is the right place! On this channel, I discuss Python, Ethical Hacking, Networking, Network Automation, CCNA, Virtualization and other IT related topics. This YouTube channel has new videos every week! Subscribe for technical, detailed, no fluff content. David’s details: Discord: https://discord.com/invite/usKSyzb Twitter: https://www.twitter.com/davidbombal Instagram: https://www.instagram.com/davidbombal LinkedIn: https://www.linkedin.com/in/davidbombal Facebook: https://www.facebook.com/davidbombal.co Website: http://www.davidbombal.com YouTube: https://www.youtube.com/davidbombal All the best! David

Informações

  • Criado por
    David Bombal
  • Anos de atividade
    2019 - 2026
  • Episódios
    500
  • Classificação
    Livre
  • Copyright
    © All rights reserved
  • Site do podcast
    David Bombal

Você também pode gostar de