HackerTrans
TopNewTrendsCommentsPastAskShowJobs

LiveOverflow

no profile record

Submissions

Show HN: Video about the CPU vulnerability Zenbleed (CVE-2023-20593)

youtube.com
4 points·by LiveOverflow·3 lata temu·0 comments

comments

LiveOverflow
·10 lat temu·discuss
> I have reservations about pentesting because For example, I think a lot of it is unskilled work (e.g., pressing scan on nessus, clicking exploit on Burp) or work which will be automated in the near future

My job title is "Penetration tester" but I don't fall into that category. That's why I often refer to it as doing "application security analysis/audits". My current job is to do black/white box testing of single applications - and not a huge organisations where you just phish some employees. I have not worked for other companies, but as far as I can tell, many "penetration testing jobs" are actually what I do.

It's fun, challenging and very technical. And obviously no scanners are used - I have never in my career used nessus or any other click2exploit tool.
LiveOverflow
·10 lat temu·discuss
If you have feedback from infosec students, or topics that would benefit students, please contact me :)
LiveOverflow
·10 lat temu·discuss
Thank you so much!

I have also recently started building https://liveoverflow.com, which might have a better structure than a YouTube channel or subreddit.

Also some people may have actually seen a video of mine, because my most popular video so far is the DirtyCow video which got referenced by news sites and on the dirtycow github repository.

My personal recommendation is to checkout the AngularJS Sandbox bypass series: https://www.youtube.com/playlist?list=PLhixgUqwRTjwJTIkNopKu...

Criticism and feedback is always welcome.