NSA - Projeto X: Ataque Atômico (Documentário de Laura Poitras - Narrado por Rami Malek) [Legendado]

O misterioso edifício 33 Thomas Street, é capaz de resistir a uma bomba atômica nele há bilhões de e-mails e registros de metadados, espionando mais de 38 países. A NSA (Agência de Segurança Nacional) coletou estes dados.

https://youtu.be/JLrtmPAV8I4

hacker:HUNTER - Wannacry: The Marcus Hutchins Story - All 3 Chapters

One day in May 2017, computers all around the world suddenly shut down.
A malware called WannaCry asks for a ransom. The epidemic suddenly stops,
because a young, British researcher finds a killswitch, by accident.

https://youtu.be/vveLaA-z3-o

🧬 @Phantasm_Lab

Who hacked the 2018 Winter Games?

hacker:HUNTER Olympic Destroyer tells the story of one of the most deceptive hacks in history – the 2018 Pyeongchang Olympic Games.
But what makes this hacking attempt so slippery? And what makes the response so ‘extraordinarily brilliant?’ Find out a

https://youtu.be/1jgdMY12mI8

Architecture: The Stuff That's Hard to Change - Dylan Beattie

In this talk, Dylan will share his own insights into the idea of architecture as part of a software development process. We’ll explore some popular architectural patterns and processes - and a couple of obscure ones as well - and look at how, and when, you can incorporate those patterns into your own projects. We’ll talk about how the idea of software architecture has changed over time, and share some tips and advice for developers who find themselves working with architecture as part of their role.

https://youtu.be/3LtQWxhqjqI

NDC Conferences

After launching in Oslo 2008, NDC quickly became one of Europe’s largest conferences
for .NET & Agile development. Since then, the conference has evolved to encompass all technologies relevant to Software Developers. NDC speakers come from all over the world and are recognized as experts and thought leaders in their field.

https://www.youtube.com/c/NDCConferences/videos

The Hacker PlayBook 3 - Pratical Guide To Penetration Testing

This is the third iteration of The Hacker Playbook (THP) series. Below is an overview of all the new vulnerabilities and attacks that will be discussed. In addition to the new content, some attacks and techniques from the prior books (which are still relevant today) are included to eliminate the need to refer back to the prior books. So, what's new? Some of the updated topics from the past couple of years include:

- Abusing Active Directory
- Abusing Kerberos
- Advanced Web Attacks
- Better Ways to Move Laterally
- Cloud Vulnerabilities
- Faster/Smarter Password Cracking
- Living Off the Land
- Lateral Movement Attacks
- Multiple Custom Labs
- Newer Web Language Vulnerabilities
- Physical Attacks
- Privilege Escalation
- PowerShell Attacks
- Ransomware Attacks
- Red Team vs Penetration Testing
- Setting Up Your Red Team Infrastructure
- Usable Red Team Metrics
- Writing Malware and Evading AV
- And so much more

🕴🏽 @Phantasm_Lab

Web Hacking Pro Tips #6 with @fransrosen

In the sixth Web Hacking 101 Interview, I chat with Frans Rosen, super bug bounty hacker. In it, we discuss how Frans got started hacking, how he approaches sites, what he looks for, tools he uses, how he improves his skills and why he is so generous with his information sharing.

https://www.youtube.com/watch?v=h55yTacK5HU&feature=youtu.be

🕴🏼 @Phantasm_Lab

Inteligência Artificial destruindo no dinossauro da Google! (Rede Neural)

Neste vídeo você verá como a Inteligência Artificial aprendeu a jogar o dinossauro da Google! Machine Learning é um ramo da Inteligência Artificial que vem crescendo ano após ano, e junto do Deep Learning, tem realizado feitos incríveis!

Foi utilizado uma Rede Neural Artificial (Perceptron Multilayer) com 3 camadas!

https://youtu.be/NZlIYr1slAk

Bypassing Firewalls with DNS Tunnelling (Defence Evasion, Exfiltration and Command & Control)

In this video we'll be exploring how to attack, detect and defend against DNS Tunnelling, a technique that can bypass certain firewall restrictions and provide an attacker with a command & control and data transfer channel. It can also be used to bypass many of the Captive Portals found on public wifi networks.

https://youtu.be/49F0co_VrTY

Execution Guardrails & Environmental Keying (Defence Evasion)

In this video we'll be exploring how to attack, detect and defend against Execution Guardrails & Environmental Keying. These techniques allow an attacker to write stealthy malware which only triggers on specifically-intended target victim machines so as to try and avoid detection, or to fustrate analysis within a sandbox.

https://youtu.be/tqxrAlHEwXc

Stealing Passwords via Forced Authenticaton (Credential Access)

In this video we'll be exploring how to attack, detect and defend against Forced Authentication – a technique of tricking a user’s device into giving up their credentials without the user even realising.

https://youtu.be/iJtFcPkJfEk

Bypassing User Account Control (Defense Evasion)

In this video we'll be exploring how to attack, detect and defend against bypassing User Account Control (UAC). Granting local admin rights to users is generally a bad idea, but if you really have to, UAC can help reduce that risk a bit – but probably not as much as you think.

https://youtu.be/k-QaEgPndZ4

Stealing Web Session Cookies to Bypass MFA (Credential Access)

In this video we'll be exploring how to attack, detect and defend against the theft of session cookies. A session token acts like a temporary password, meaning this technique can be used by an attacker to gain access to applications by bypassing the logon process altogether - including any multi-factor authentication steps.

https://youtu.be/Yeik-Ks-q8U

NTFS Alternate Data Streams (Defence Evasion)

In this video we'll be exploring how to attack, detect and defend against the abuse of NTFS alternate data streams. Originally designed for interoperability, this feature has been commandeered by attackers to hide data and malware in otherwise benign files.

https://youtu.be/S4MBzeni9Eo

Abusing Windows Admin Shares (Lateral Movement)

In this video we'll be exploring how to attack, detect and defend against the abuse of windows admin shares. The humble file share is a reliable lateral movement vector for attackers once they have their hands on valid credentials – especially with a little extra tooling such as PSEXEC.

https://youtu.be/41MUhlHGZ4E

[Vulnerability] - Cookie Stored injection - XSS at Heroic Third Service, call cookies!

the application calls an external service to create the cookies and they are sent back to the server!

https://youtu.be/maatBdt8TPY

Youtube: @Phatansm_Lab

Code Rush is a documentary following the lives of a group of Netscape engineers in Silicon Valley. It covers Netscape's last year as an independent company, from their announcement of the Mozilla open source project until their acquisition by AOL. It particularly focuses on the last minute rush to make the Mozilla source code ready for release by the deadline of March 31 1998, and the impact on the engineers' lives and families as they attempt to save the company from ruin.
Code Rush by David Winton is licensed under a CC 3.0 US License.

https://www.youtube.com/watch?v=4Q7FTjhvZ7Y

🕴 @Phantasm_Lab