Level: Beginner | Prior Knowledge Required: None | Description:
Kickstart your IT career with Day 0 of this comprehensive CCNA course.
This video simplifies complex networking concepts by tracing the path of data through a real-world gaming analogy.
You will learn the fundamental roles of essential hardware including routers, switches, and firewalls and see how they work together to form the global internet.
It is the perfect starting point for beginners looking to master the essentials required for the Cisco CCNA certification.
The goal of this complete series by NetworkChuck is to take you from zero knowledge to being exam ready for the Cisco 200-301 CCNA certification.
By watching the entire playlist, you will gain a deep understanding of how the modern digital world stays connected.
Level: Beginner | Prior Knowledge Required: None | Description:
Jumpstart your career in tech with Episode 1 of this hands-on Python course designed for everyone from network engineers to ethical hackers.
This video removes the barriers to entry by showing you how to start coding immediately in your browser without the need for complex installations.
You will learn the core foundations of programming including the print function, the anatomy of strings, and how to use comments to organize your code.
It is the perfect starting point for beginners looking to gain the most in-demand skill in the IT industry today.
The goal of this complete series by NetworkChuck is to take you from zero knowledge to being dangerous and proficient in Python programming.
By watching the entire playlist, you will gain a deep understanding of how to automate tasks, hack ethically, and use code to solve real-world problems.
Level: Beginner | Prior Knowledge Required: None | Description:
Launch your journey into the world of cybersecurity with this high-energy introduction to ethical hacking.
This video demystifies what it actually means to be a "hacker" and explores the roadmap to achieving the Certified Ethical Hacker (CEH) certification.
You will learn about the foundational phases of hacking, the high-demand job roles available for ethical hackers, and the essential study tools required to pass one of the industry's most respected exams.
It is the perfect starting point for beginners looking to transition into a career where they are paid to legally break into systems and secure networks.
The goal of this complete series by NetworkChuck is to document his personal journey through the CEH certification and provide you with a clear path to follow.
By watching the entire playlist, you will gain a deep understanding of the hacker mindset and the technical frameworks used to defend against modern cyber threats.
Level: Intermediate | Prior Knowledge Required: Basic Computer Skills | Description:
Elevate your privacy and security by learning five distinct methods hackers use to conceal files and folders across Windows, Mac, and Linux.
This video moves beyond simple visibility toggles to explore advanced techniques like alternate data streams, invisible folder creation, and steganography.
You will learn how to create encrypted hidden containers using tools like VeraCrypt and how to embed secret files inside everyday images or audio files without changing their appearance or sound.
It is the perfect guide for anyone looking to protect sensitive data from unauthorized access using professional level obfuscation and encryption strategies.
The goal of this tutorial by NetworkChuck is to provide a comprehensive look at both the "attack" and "defense" sides of file concealment.
By watching this video, you will gain a deep understanding of how to both hide data securely and detect when others are using these same techniques on your systems.
Level: Beginner | Prior Knowledge Required: None | Description:
Experience the best of both worlds with this comprehensive guide to the Windows Subsystem for Linux (WSL).
This video provides a 2 minute quick start to running multiple Linux distributions like Ubuntu and Kali Linux directly on your Windows machine alongside your favorite apps.
You will learn how to seamlessly share files between systems, run Linux commands in PowerShell, and even launch GUI-based Linux applications and Docker containers with high-performance GPU access.
It is the perfect starting point for developers, students, and IT professionals looking to harness the power of Linux without leaving the Windows environment.
The goal of this tutorial by NetworkChuck is to prove that Linux and Windows can truly become one, providing you with a versatile and powerful local development lab.
By watching this video, you will master everything from initial installation and custom configuration to advanced backup and restoration of your virtual Linux environments.
Level: Beginner | Prior Knowledge Required: None | Description:
Master the essential Linux skills required for every cybersecurity professional in this foundational tutorial featuring David Bombal and "Occupy the Web."
This video explains why Linux is the industry standard for hacking, highlighting that nearly all professional penetration testing tools are built for its open source environment.
You will learn to navigate the Linux file system, master the command line, and utilize powerful search tools like locate, whereis, and find to manage your hacking toolkit.
It is the perfect starting point for beginners who need to "crawl before they run" by building the technical confidence required for advanced ethical hacking.
The goal of this complete series is to provide a comprehensive companion to the "Linux Basics for Hackers" curriculum, ensuring you have a solid grasp of the OS.
By watching the entire playlist, you will gain a deep understanding of root privileges, piping with grep, and the administrative control necessary to succeed in any cybersecurity role.
Level: Beginner/Intermediate | Prior Knowledge Required: Basic Networking | Description:
Master the inner workings of the TCP three-way handshake in this technical deep dive featuring networking expert Chris Greer and David Bombal.
This video moves beyond basic theory to show how TCP establishes reliable connections, using Wireshark to visualize the exchange of SYN, SYN-ACK, and ACK packets.
You will learn to track data flow using sequence and acknowledgement numbers, understanding how they increment based on bytes sent to ensure no data is lost.
The tutorial explains the critical role of the TCP Window Size and how modern Window Scaling allows for high-performance data transfers over long distances.
The goal of this session is to equip you with the diagnostic skills to identify network bottlenecks, such as the dreaded Zero Window state that halts communication.
By watching this lesson, you will gain the ability to use packet analysis to determine if performance issues are caused by the network or the application itself.
Level: Beginner | Prior Knowledge Required: None | Description:
Explore the world of Open Source Intelligence (OSINT) in this comprehensive panel discussion featuring David Bombal and experts from the OSINT Curious project.
This video defines OSINT as the art of turning publicly available data into actionable intelligence, a vital skill used by law enforcement, red teams, and private investigators alike.
You will learn the fundamental techniques of "pivoting," where a single email address or username is used to uncover connected accounts across hundreds of different platforms.
The experts demonstrate essential tools like "What's My Name" and specialized Google dorks that allow you to filter through billions of results to find specific digital footprints.
The tutorial shares real-world "war stories," including how geolocation was used to find a missing person in under two hours using only social media photos.
The goal of this session is to teach you how to conduct an OSINT investigation on yourself to identify privacy "skeletons" and secure your data from malicious actors.
By watching this discussion, you will understand how to build an investigative mindset and utilize community resources to stay ahead of the constantly changing digital landscape.
Level: Intermediate | Prior Knowledge Required: Basic Cybersecurity | Description:
Discover the hard truth about staying invisible online in this eye-opening discussion between David Bombal and the mysterious cybersecurity expert "Occupy the Web".
This video challenges the common obsession with IP addresses, explaining that true anonymity requires understanding both forensics and open-source intelligence to avoid leaving digital breadcrumbs.
You will learn why relying solely on VPNs can be a false security blanket and how powerful intelligence agencies like the NSA utilize "exit nodes" to monitor supposedly private traffic.
The tutorial provides a practical guide to creating an "anonymous infrastructure" by using burner phones purchased with cash, secondary laptops, and hardened operating systems like Kali or Tails.
It emphasizes the importance of behavioral separation, advising viewers to maintain entirely different digital identities and even put out false information to lead investigators astray.
By watching this lesson, you will gain a realistic understanding of the layered defenses needed to protect your privacy from both commercial interests and government surveillance.
Level: Beginner | Prior Knowledge Required: None | Description:
Learn how to create a highly secure, "amnesic" operating system on a USB flash drive using Tails Linux in this practical step-by-step tutorial.
This video explains the unique benefits of Tails, a portable OS recommended by Edward Snowden that runs entirely in RAM to ensure no digital footprint is left on the host computer.
You will learn the full installation process, including how to safely download the image, verify its integrity, and flash it to a USB drive using tools like BalenaEtcher.
The tutorial demonstrates how to set up an encrypted persistent storage volume, allowing you to save important documents and Wi-Fi passwords while keeping the rest of the OS ephemeral.
It provides essential guidance on booting from USB, navigating BIOS settings like Secure Boot, and connecting to the Tor network via bridges to bypass censorship.
By watching this guide, you will be able to turn any computer into a private workstation that automatically wipes all activity the moment the system is powered down.
Level: Intermediate | Prior Knowledge Required: Basic Networking & Kali Linux | Description:
Experience a comprehensive, full-scale simulated penetration test on a Windows Active Directory domain in this expert-led tutorial.
This video features Remy from OffSec, who demonstrates the advanced methodologies and tools used in real-world engagements to compromise a modern Windows environment.
You will learn the critical stages of a pentest, including initial enumeration, lateral movement using PSExec, and privilege escalation techniques to gain control over domain clients.
The tutorial provides a deep dive into using Mimikatz for credential harvesting and the creation of "Golden Tickets" to achieve persistent administrative access across the entire domain.
It highlights the devastating impact of Kerberos exploits, showing how an attacker can manipulate authentication to become a Domain Admin with Enterprise privileges.
By watching this lesson, you will understand the importance of defensive best practices, such as patching systems and implementing strong password policies to prevent "Game Over" scenarios in Active Directory.
Level: Beginner | Prior Knowledge Required: None | Description:
Discover the hidden world of social engineering and human-based hacking in this captivating interview with Rachel Tobac and David Bombal.
This video highlights that no one is 100% secure, demonstrating how even high-profile targets can be compromised through simple phone calls and manipulated human processes.
You will learn the fundamental difference between ethical hackers and cyber criminals, and how "politely paranoid" habits can protect you from becoming a victim.
The tutorial explains the critical importance of matching your security measures to your personal threat model, advocating for multi-factor authentication and the use of hardware keys like YubiKeys.
Rachel shares shocking stories of hacking into banks and impersonating job candidates, proving that technical defenses often fail when human trust is exploited.
By watching this session, you will gain practical advice on securing your digital life, from salting your password manager to verifying the identity of anyone requesting sensitive information.
Level: Intermediate / Advanced | Prior Knowledge Required: Networking & Attack Surface. | Description:
In this technical deep dive, ethical hacker Jason Haddix (CEO of Arishti and creator of "The Bug Hunter's Methodology") joins David Bombal to demonstrate how professional red teamers and bug bounty hunters perform high-level reconnaissance.
Using Tesla as a real-world example, Haddix explains that the goal of reconnaissance (Recon) is to find "under-secured" or forgotten assets that are easier to compromise than a company's main website.
The tutorial covers a multi-layered methodology, starting with passive techniques like identifying a company's Autonomous System Number (ASN) and IP space using tools like Hurricane Electric.
It then moves into tracking corporate acquisitions via Crunchbase and investigative journalism databases (OCCRP Aleph) to find newly absorbed infrastructure that may lack robust security controls.
Haddix also showcases "next-level" Recon tricks, such as reverse-searching Google Analytics tags via BuiltWith to find hidden domains and using Shodan (and the tool Karma) to identify VPN logins, development servers, and even IPv6 addresses that developers often assume are invisible.
By the end of this hour-long session, viewers understand that successful hacking isn't just about technical exploits, but about the diligent, cyclical process of mapping an organization's entire digital footprint to find the weakest link.
Level: Intermediate | Prior Knowledge Required: Basic Cybersecurity & Linux | Description:
Witness a real-world reconnaissance demonstration as ethical hacker Jason Haddix uncovers live credentials and hidden assets of NASA in this compelling tutorial.
This video showcases how high-level reconnaissance can expose critical vulnerabilities, such as hard-coded bearer tokens and API keys leaked by employees on public GitHub repositories.
You will learn to use professional tools like GitHub Subdomains and Amass to map out thousands of subdomains, revealing the massive attack surface of a large-scale organization.
The tutorial explores "GitHub dorking" techniques to search for sensitive files like bash profiles, Docker configs, and AWS access keys that developers often accidentally leave public.
Jason introduces the three levels of credential hunting, from clear web breach databases like Dehashed to the dark web's "Ransomware as a Service" (RaaS) ecosystems and private communication channels.
By watching this session, you will understand the "hacker intuition" required to prioritize targets and the importance of continuous monitoring to secure an organization's digital footprint.
Level: Intermediate | Prior Knowledge Required: Basic C Programming & Linux CLI | Description:
Explore the fundamental mechanics of buffer overflow vulnerabilities and how they are exploited to bypass security controls in this technical deep dive.
This video features Sans Institute instructor Stephen Sims, who explains how memory is allocated on the stack and what happens when a program fails to check the boundaries of user input.
You will learn to identify vulnerable C functions like "gets" and "strcpy" and use the GDB debugger to visualize how overflowing a buffer can overwrite a function's return pointer.
The tutorial demonstrates practical exploit techniques, including "Return-to-libc," which allows an attacker to execute existing system commands like "bin/bash" even when data execution prevention (DEP) is active.
Stephen provides a side-by-side comparison of stack and heap overflows, illustrating how integer overflows in complex services like DNS can lead to critical remote code execution.
By watching this lesson, you will understand the importance of memory-safe languages like Rust and the role of modern hardware mitigations in defending against low-level memory corruption attacks.
Level: Intermediate | Prior Knowledge Required: Basic C Programming & Command Line | Description:
Dive into the core concepts of reverse engineering with this comprehensive tutorial led by SANS Institute instructor Stephen Sims.
This video provides a practical walkthrough of how to deconstruct programs on both Linux and Windows, starting from a simple "Hello World" application to understanding complex memory management.
You will learn the fundamental differences between static compilation and dynamic linking, and why identifying Procedure Linkage Tables (PLT) and Global Offset Tables (GOT) is crucial for understanding how programs interact with system libraries.
The tutorial covers essential debugging techniques using GDB on Linux, including how to switch between AT&T and Intel disassembly flavors and how to analyze the procedure prologue and epilogue that manage stack frames.
Stephen also demonstrates how to identify security mitigations like Stack Canaries and Address Space Layout Randomization (ASLR), showing how these defenses look at the assembly level.
By watching this session, you will gain insights into Windows-specific reversing using Ida Pro, learning how to use the Vergilius Project to map out internal structures like the Thread Information Block (TIB) to verify stack integrity.
Level: Advanced | Prior Knowledge Required: PowerShell, DNS, & Networking Fundamentals | Description:
Explore groundbreaking exploitation and exfiltration techniques in this deep-dive interview with ethical hacker Jacobe.
The video reveals a critical vulnerability in the PowerShell Gallery that allows attackers to "typo-squat" on popular module names and execute malicious code via module descriptions.
You will see a demonstration of a polymorphic reverse shell generator that creates unique, obfuscated payloads every time it is run, successfully bypassing top-tier EDR and antivirus solutions used by government agencies.
A major highlight of the tutorial is the concept of "Data Bouncing," a stealthy exfiltration method that leverages public DNS records of major websites like Adobe to bounce stolen data back to an attacker's listener without direct contact.
Jacobe explains how modifying HTTP headers can force trusted third-party websites to perform DNS lookups on behalf of the attacker, making the traffic appear legitimate and nearly impossible to trace.
Beyond the technical demos, the video features a powerful personal story about overcoming imposter syndrome, the transition from military service to cybersecurity, and the vital role of the ethical hacking community in securing the digital world.
Level: Beginner/Intermediate | Prior Knowledge Required: Basic Linux & Networking | Description:
Discover how to build a powerful, free, and open-source cybersecurity defense system using Wazuh, a comprehensive SIEM and XDR platform.
This video guides you through the rapid installation of a Wazuh server on Ubuntu and demonstrates how to deploy lightweight agents across Windows and Linux endpoints to centralize security monitoring.
You will learn to perform real-time vulnerability detection, identify system weaknesses, and track compliance with industry standards like HIPAA, GDPR, and the CIS benchmarks for system hardening.
The tutorial features advanced demonstrations of the MITRE ATT&CK framework integration, showing how to map malicious activity and "living off the land" techniques directly to known adversary tactics.
A major highlight is the configuration of automated active responses, where Wazuh uses the VirusTotal API to automatically detect and delete malware samples the moment they are downloaded to an endpoint.
By watching this session, you will gain the skills to implement a professional-grade security operations center (SOC) that provides deep visibility and automated protection for any digital environment.
Level: Intermediate | Prior Knowledge Required: Basic Malware Analysis & Windows Internals | Description:
Deconstruct the sophisticated infection chain of Gootloader malware in this step-by-step reverse engineering and behavioral analysis session.
The video begins with the discovery of a suspicious ZIP file in a user's downloads folder, containing a heavily obfuscated JScript (.js) file masquerading as a legitimate backbone.js library.
You will learn how to use Remnux and tools like meld to perform a differential analysis, carving out the malicious code injected into the genuine JavaScript file.
The tutorial demonstrates dynamic analysis within a Flare VM, using procmon, procwatch, and Process Explorer to monitor the malware as it executes via cscript.exe.
You will observe how Gootloader creates persistence through scheduled tasks and generates massive 40MB "inflated" files—a clever technique designed to choke antivirus scanners and static analysis tools.
The analysis reveals the final stage: a PowerShell-based command and control (C2) implant that exfiltrates system metadata through gzip-compressed and Base64-encoded cookies to various hard-coded domains.
By following this walkthrough, you will understand the tradecraft behind modern "loader" threats and gain practical experience in uncovering stealthy persistence and exfiltration mechanisms.
Level: Advanced | Prior Knowledge Required: Windows Internals, PowerShell & ACLs | Description:
Uncover the secrets of the most powerful account in Windows, the TrustedInstaller, and learn how to bypass the restrictions that prevent even administrators from deleting system files.
This video explains that the TrustedInstaller is not a traditional user but a specialized service security identifier (SID) that owns critical directories like "Program Files" and "Windows\System32".
You will learn how to use the sc.exe utility to hijack the TrustedInstaller service by modifying its binary path, allowing you to execute arbitrary commands such as spawning a shell or deleting persistent files—with "God Mode" privileges.
The tutorial demonstrates how to use the NTObjectManager PowerShell module from Google Project Zero to impersonate the TrustedInstaller token without needing to break the service binary.
Advanced techniques are covered, including calling undocumented Windows APIs like NtImpersonateThread to steal security tokens from running processes and apply them to your current session.
By watching this session, you will understand the nuances of Windows token manipulation and gain practical tools for forensic research, malware analysis, and advanced system administration.
Level: Intermediate Prior Knowledge | Required: Windows CLI, Red Teaming & LotL | Description:
This video explores the hidden capabilities of IExpress.exe, a legacy Windows utility present since Windows 2000 that allows users to create self-extracting and self-installing packages.
The demonstration shows how security researchers and threat actors can abuse this native tool for LotL tactics, such as masking malware as legitimate installers like Google Chrome.
The tutorial covers the manipulation of the Self-Extraction Directive (.SED) file, which is a plain-text blueprint defining bundled files, commands executed upon extraction, and options to hide extraction animations from the user.
Advanced hidden features are revealed, including command overrides that execute different payloads depending on whether the user has admin or standard permissions.
Another technique involves Quantum Compression Hijacking, where setting the compression type to "Quantum" forces the system to look for a non-existent diamond.exe, which can be replaced with a malicious file.
Additionally, the video shows how to modify the Extractor Stub to change the default extraction engine to any other executable, effectively turning the self-extractor into a proxy for programs like cmd.exe or powershell.exe.
The session concludes with a recursive "fork bomb" demonstration where the executable is made to call itself repeatedly. This is a deep dive into how overlooked native Windows tools can be weaponized for persistence, evasion, and social engineering.
Level: Intermediate / Advanced | Prior Knowledge Required: JavaScript, PowerShell, & Malware Analysis | Description:
This video deconstructs a sophisticated multi-stage malware campaign discovered via a drive-by download from the Discord CDN, highlighting a unique steganography technique used to bypass traditional security defenses.
John Hammond walks through the attack chain, starting with an obfuscated JScript file that serves as an initial stager to fetch further instructions from a paste site.
This leads to the execution of a PowerShell script that downloads a legitimate "Lost in Space" wallpaper from archive.org, which acts as a carrier for the next stage of the attack.
By identifying a specific byte marker within the JPEG data, the script extracts raw RGB color values from the image's pixels and reassembles them into a functional .NET assembly (DLL).
This DLL is loaded directly into the system's memory without ever touching the disk, effectively evading signature-based antivirus scanners.
Through dynamic analysis in the Any.Run sandbox, Hammond reveals that this creative delivery mechanism ultimately installs AsyncRat, a well-known remote access Trojan used for command-and-control.
The demonstration serves as a powerful example of how threat actors weaponize harmless web assets and native Windows scripting to conceal malicious intent within plain sight.
Level: Intermediate | Prior Knowledge Required: Basic Windows installation, XML editing, & OS customization concepts | Description:
This video provides a comprehensive guide on creating a highly optimized, privacy-focused version of Windows 10 or 11 using official Microsoft answer files (AutoUnattend.xml) to automate the removal of bloatware and telemetry during the installation process.
Instead of using potentially untrustworthy third-party ISOs, the tutorial demonstrates how to inject custom scripts including those from Chris Titus Tech and Tiny11 directly into the official Windows installer to bypass hardware requirements and disable resource-heavy features like OneDrive and Microsoft Edge.
Viewers learn how to generate and deploy these XML files via bootable USB drives or custom ISOs, resulting in a significantly lower process count and a cleaner desktop experience immediately upon the first login.
The guide also covers manual customization using AI-powered editors to tailor the "debloat" level, offering a safe and official method to achieve a high-performance, "LTSC-style" environment on standard Windows editions.
Level: Intermediate / Advanced | Prior Knowledge Required: Basic Linux command line, hardware compatibility checking, & ISO imaging | Description:
This comprehensive guide provides a detailed, step-by-step walkthrough for installing Arch Linux in 2024, covering two distinct approaches: the automated "archinstall" script and the traditional manual method.
The first half of the video simplifies the process for beginners using the official installation script to configure partitioning, desktop environments like GNOME, and essential drivers for Intel, AMD, or NVIDIA hardware.
The second half dives into the manual approach, offering a deep dive into advanced concepts such as full-disk encryption with LUKS, Logical Volume Management (LVM), and custom kernel selection for a more robust and secure system.
Throughout the tutorial, viewers learn how to verify hardware compatibility, establish network connectivity via Wi-Fi or SSH, and perform post-installation tweaks like setting locales to ensure all applications run correctly.
By the end of this hour-long masterclass, users are equipped with the knowledge to build a customized, high-performance Arch Linux environment tailored to their specific hardware and security needs.
Level: Intermediate | Prior Knowledge Required: Basic physics (magnetism) & computer hardware components | Description:
This video provides a fascinating 3D-animated deep dive into the engineering marvels of the Hard Disk Drive (HDD), explaining how a library's worth of books can be stored on a single metal disk.
Branch Education breaks down the drive's internal anatomy including the platters, spindle, and the voice coil motor and explains the incredible precision of the "flying" read/write heads that hover just 15 nanometers above the surface.
The tutorial details the process of data storage, from dividing disks into tracks and sectors to the use of Giant Magneto Resistance (GMR) for reading magnetic domain orientations.
It also explores the evolution of storage density, covering advanced technologies like Perpendicular Magnetic Recording (PMR), Shingled Magnetic Recording (SMR), and the future of Heat-Assisted Magnetic Recording (HAMR).
By combining detailed mechanical explanations with the physics of magnetic domains, the video illustrates how HDD technology has increased aerial density by over 50 million times while drastically reducing costs over the last 60 years.