Black Hat Bash: Bash Scripting for Hackers and Pentesters (Bonus: GraphQL and Drone hacking)
Vložit
- čas přidán 13. 06. 2024
- Big thanks to Brilliant for sponsoring this video! To try everything Brilliant has to offer for free for a full 30 days and 20% discount visit: Brilliant.org/DavidBombal
I interview Dolev Farhi and Nick Aleks - the authors of Black Hat Bash and Black Hat GraphQL. Why should you learn either of these? Good reasons including $50K bug bounties :)
// Books //
Black Hat Bash:
USA: amzn.to/3JebZWJ
UK: amzn.to/3PXnk1i
Black Hat GraphQL:
USA: amzn.to/43Y3Ork
UK: amzn.to/3xtle2J
Hacking API’s by Corey J Ball: amzn.to/3TQnp89 US and amzn.to/3vXYQxX UK
// Dolev Farhi’s SOCIAL//
GitHub: github.com/dolevf
X: x.com/dolevfarhi
// Nick Aleks’ SOCIAL //
X: x.com/nick_aleks
LinkedIn: / nick-aleks-2b35389
GitHub: github.com/nicholasaleks
// Source LINK //
github.com/nicholasaleks/Damn...
// CZcams videos REFERENCE //
Free API Hacking course!: • Free API Hacking course!
Free Hacking API courses (And how to use AI to help you hack): • Free Hacking API cours...
// David's SOCIAL //
Discord: / discord
X: / davidbombal
Instagram: / davidbombal
LinkedIn: / davidbombal
Facebook: / davidbombal.co
TikTok: / davidbombal
CZcams: / @davidbombal
// MY STUFF //
www.amazon.com/shop/davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
// MENU //
00:00 - Coming up
01:44 - Brilliant Ad
04:12 - Intro
04:23 - About Black Hat Bash
08:13 - How the book came about
10:40 - Writing the book
15:19 - Tips for writing a book
19:10 - No Starch Press
19:56 - How long have you been hacking?
20:40 - About GraphQL
25:32 - How did the book help?
27:14 - What is GraphQL?
31:31 - History of GraphQL
34:07 - How do I get started?
37:44 - Directive overloading
40:38 - GraphQL end
42:06 - Implementing Black Hat Bash
45:45 - Where do you focus?
47:30 - Can I make money?
50:00 - Zero days
54:41 - Advice for hackers
55:53 - About the labs
01:00:42 - Learning the labs
01:02:08 - Is the book for beginners?
01:07:23 - Using vs making tools
01:10:57 - The book is a great tool
01:14:00 - Writing code raises the ceiling
01:14:55 - What is your favourite part of the book?
01:17:48 - Learn the basics
01:20:56 - Put in the work
01:25:22 - Fun labs
01:27:42 - When is the book coming out?
01:28:30 - Where can we buy it?
01:29:10 - Talk to us
01:35:06 - Drone Hacking
bash
black hat bash
graphql
vim
api
hacking api
api hack
black hat graphql
no starch
no starch press
osint
hack
hacking
pentesting
ethical hacking
penetration testing
black hat python
white hat python
grey hat python
gray hat python
cyber security
kali linux
ethical hacking
python programming
penetration testing
ethical hacker
python for hacking
python full course
black hat book review
how to hack
cyber security course
hacking books
computer hacking
learn black hat python
python tutorial
cyber security career
cyber security analyst
python hacker
python hacking course
python hacking tools
scapy
hack python code
hack python book
python hack wifi
Disclaimer: This video is for educational purposes only.
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
#bash #linux #kalilinux - Věda a technologie
Big thanks to Brilliant for sponsoring this video! To try everything Brilliant has to offer for free for a full 30 days and 20% discount visit: Brilliant.org/DavidBombal
I interview Dolev Farhi and Nick Aleks - the authors of Black Hat Bash and Black Hat GraphQL. Why should you learn either of these? Good reasons including $50K bug bounties :)
// Books //
Black Hat Bash:
USA: amzn.to/3JebZWJ
UK: amzn.to/3PXnk1i
Black Hat GraphQL:
USA: amzn.to/43Y3Ork
UK: amzn.to/3xtle2J
Hacking API’s by Corey J Ball: amzn.to/3TQnp89 US and amzn.to/3vXYQxX UK
// Dolev Farhi’s SOCIAL//
GitHub: github.com/dolevf
X: x.com/dolevfarhi
// Nick Aleks’ SOCIAL //
X: x.com/nick_aleks
LinkedIn: ca.linkedin.com/in/nick-aleks-2b35389
GitHub: github.com/nicholasaleks
// Source LINK //
github.com/nicholasaleks/Damn-Vulnerable-Drone
// CZcams videos REFERENCE //
Free API Hacking course!: czcams.com/video/CkVvB5woQRM/video.html
Free Hacking API courses (And how to use AI to help you hack): czcams.com/video/TcMP_-clMAo/video.html
// David's SOCIAL //
Discord: discord.com/invite/usKSyzb
X: twitter.com/davidbombal
Instagram: instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
CZcams: www.youtube.com/@davidbombal
// MY STUFF //
www.amazon.com/shop/davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
// MENU //
00:00 - Coming up
01:44 - Brilliant Ad
04:12 - Intro
04:23 - About Black Hat Bash
08:13 - How the book came about
10:40 - Writing the book
15:19 - Tips for writing a book
19:10 - No Starch Press
19:56 - How long have you been hacking?
20:40 - About GraphQL
25:32 - How did the book help?
27:14 - What is GraphQL?
31:31 - History of GraphQL
34:07 - How do I get started?
37:44 - Directive overloading
40:38 - GraphQL end
42:06 - Implementing Black Hat Bash
45:45 - Where do you focus?
47:30 - Can I make money?
50:00 - Zero days
54:41 - Advice for hackers
55:53 - About the labs
01:00:42 - Learning the labs
01:02:08 - Is the book for beginners?
01:07:23 - Using vs making tools
01:10:57 - The book is a great tool
01:14:00 - Writing code raises the ceiling
01:14:55 - What is your favourite part of the book?
01:17:48 - Learn the basics
01:20:56 - Put in the work
01:25:22 - Fun labs
01:27:42 - When is the book coming out?
01:28:30 - Where can we buy it?
01:29:10 - Talk to us
01:35:06 - Drone Hacking
bash
black hat bash
graphql
vim
api
hacking api
api hack
black hat graphql
no starch
no starch press
osint
hack
hacking
pentesting
ethical hacking
penetration testing
black hat python
white hat python
grey hat python
gray hat python
cyber security
kali linux
ethical hacking
python programming
penetration testing
ethical hacker
python for hacking
python full course
black hat book review
how to hack
cyber security course
hacking books
computer hacking
learn black hat python
python tutorial
cyber security career
cyber security analyst
python hacker
python hacking course
python hacking tools
scapy
hack python code
hack python book
python hack wifi
Disclaimer: This video is for educational purposes only.
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
#bash #linux #kalilinux
😊😊
many times i had to live off the land/lan and re-invent the wheel in order to make my own tools due to security policies. bash and python and perl and other stuff already installed or present in the environment have helped a lot in tailoring my workflows. it is awesome someone is covering this specific topic and dedicating an entire book on it. lots of this is cobbled together from various sources since there wasn't a single source for it.
Great comment. Thank you for sharing. I think it's high time that this book was written 😀
Thanks to David and all co-operative members who share things with him, we really appreciate them.
You're welcome!
i've been waiting for bash scripting for years, finally uploaded, thanks
The book is out soon. I think it's time that I create videos about this 😀
@@davidbombal I can't wait to buy the book, and no one better than you to make videos for us and explain it , thank you again for the efforts
Excellent interview, loads of insights to hardening graphQL APIs. Thanks for sharing 😊
You're an ocean of knowledge David
Thank you. But my guests are the ones sharing the knowledge here 😀
thank you for everything david
You're welcome!
Bash demos are always high value, but DRONE hacking demos would be amazing! UAVs are growing in popularity at an insane rate, and from what I have been seeing and hearing...not especially secure. Increased visibility may push us in the direction of more security.
Thanks so much David amazing topic
You're very welcome!
I am from Afghanistan and David is the best teacher I have seen❤❤❤❤
Thank you! I appreciate that 😀
Thank you sir for these priceless videos, really helps me know what do to what to learn
hi dad, this came in clutch. i really needed to sharpen my skills with bash. it's about time i stopped using it only for running commands. one could automate many things with bash scripting and it is not even so hard to do that.
Thanks David, youre brilliant man!
Really enjoy your videos thx Rex
Going to learn this right now
David always upload knowledgeable and valuable contant ❤❤
Meanwhile me who's waiting for David and these 2 other dudes to teach me black hat bash basics and scripts,and how to make them °_°
Hi David, thank you very much for always being on the side of who wants to learn. Is there any book you can recommend which covers this same topic but in windows OS prospective? We should not forget that the majority of "common" people's devices are composed of Windows machines and Android phones. Also, I didn't understand if the deone hacking demo will be part of the book and if not where to find it, thank you very much!!
Wowwww and here i wanted to get it, bash sounds exciting. Great video David. Thank you!
Black Hat Bash course let's goo
I think I should create some videos about it 😀
This is cool!
great interview thanks
I'd also say there's a lot of room to uncover improperly secured graphql endpoints since its flexibility can make it easy for developers to lose the overview of how all the different parts can and do interact with one another (on the API side as well as on the code side the API interacts with)
Can't wait for the Black Hat Bash book!
I'v been wanting to learn proper bash scripting for ethical hacking for a while now but have not since other studies etc, but a book is just perfect!! Was so bumbed to go to Amazon and seeing it being released October 1 (need it now!!!)😅But it takes time to make a great book, can't wait, going to be great.
@NickAleks owes me a signed copy for this video !
So glad this happened.
Great video David and cant wait to read the book! Thanks Nick and Dolev!
Yes I do!
"I wanna start learning the technology,,, not troubleshooting the labs"🤣How many times have I done that?... timeless😂
Thank You Sir Great knowledge....🙏
GOOD TIMING
Happy to hear that 😀
Thanks
Thx, giving it a try.
Thank you for all the content you put here, David! Because of you and your clips i've got my first job in cybersecurity, learning more from you than i did in 3 yrs of college.
Greetings from Eastern Europe! 🫡
Fantastic! Well done! Very happy to hear that I've helped you in your journey! 😀
Love this content. 🔥🔥
Great video! But the real question is, when will you have ippsec on here?!
Bash demos please!
Enjoyed the vidoe as always :) the book is pretty hefty though at nearly £50
This is NOT the time to be . . . BASHFUL!
COOL VIDEO🎉
Hello, dear Mr. Bumble. ❤ Can you please post a picture of your bookshelf? I want to see the books you are reading.
Hey david....
I've recently downloaded an app that is not available on play store, after that something is running background and downloading , many advertisements are coming on the screen , for every 10 to 15 mins i am finding an app is running background .After noticing this i've deleted the downloaded application , but it is still the same what do i need to do ?
Mobile name: samsung galaxy m12
I am looking forward for the book, the bash courses all there just show what the command does but do not apply to a real world examples. ✌️
Someone was trying to log into my Amazon account. I phoned amazon. And was told to reset my password and that was all. . . What would u guys do?
You will have to get that guy back for the Drone hacking simulator for more information. Haven't heard much about this recently.
If you can't write a book like me or teach it to someone, write a blog! It really helps in the learning process even if you are a bad writer like myself.
US based Amazon links would be nice
whats the difference between the early access edition & the regular edition?
Early access edition has only few chapters. Think 4? Have to check again. Regular edition will have a lot more. Like all of it.
Edit: 5/13.
Hi David
They are so busy writing the book that they are not on Mastodon yet. 😂
Plz edit out the soaring egoistical flights, e.g , ~05:10.
Finelly bash scripting BRO DUCKING FINALLY YESSSSS
thanks david
you saved me 1 week of searching for bash scripting
David secretly works for No Starch Press.
😂 If only they actually paid me .... I like their books and their focus on cybersecurity. Any other authors you want to see on the channel (from other publishers)?
how to create vulnerable labs to improve our skills
I am one of your invisible fans 👋.
Thanks David for the amazing efforts … just hoping that the videos not to exceed the 60 min long…
Absolutely best video conversation with tech experts and I love it
Thank you @davidbombal
Thank you! Very happy to hear that!
Please , you answer me.
****I need a Neurologist to install a micro c input in my skull.
Someone help me i have been scam
David, are you a Knight?
Bash Scripting vs Shell Scripting? 🤔🤨
Are you referring to the fact that you can use a different language than Bash for shell scripting?
@@WhiteDeVil3 uh, actually I was just curious if they ARE different, NEWBIE here
@@savagepro9060 well then there's your answer mate, "bash scripting" implies usage of specifically Bash to have the shell do something, shell scripting - you get the point, you can use Python for shell scripting.
Hope that cleared things up a bit.
@@WhiteDeVil3 Yep! Thanks
bash makes it clear on syntax because it vouches for what the authors are using. at times you may run into issues if you use a different shell. bash is popular enough to work in various environments and situations.
I'm four years into C#, please don't make me learn python.
Sincerely, learn haskell /j
but seriously, python is really useful (and pretty easy in syntax), while having LOTS of additional packages, it's definitely worth learning alongside c#.
@@hetmanfoko I know you're right, I'm just so burnt out. Things that should only take me a day end up taking me a week or longer and I really have to do something about it.
1st
Thank you for your support!
Welcome sir 😊 actually i have to say thank you sir for providing quality content for free 😊
I wrote a comment to you on Twitter, but you didn't reply.
First🙂
Very close!
@@davidbombal so disappointed, but I really appreciate your content and thank you.
Is it just me, or does David seem like an CIA asset or Agent?, I wonder how many youtubers ARE agents? Anyways David, you give me Stan vibes (from American Dad cartoon). I like your courses and videos. I just think your an agent... for something...
Change your setup, the person you're looking at needs to be where your camera is. Now it looks as if you're doing something else at the same time while doing the interview, it comes across as disrespectful, as if you're watching the internet while the other guy is talking. It's stupid the way you look down the whole time, you don't see any major news station doing this, both interviewer and guest always look at the camera.
Nobody cares, only you. And this is not a major news station.
Takes way too long to get to the point in this talk.
Hello, dear Mr. Bumble. ❤ Can you please post a picture of your bookshelf? I want to see the books you are reading.
Takes way too long to get to the point in this talk.