<![CDATA[Chat with a White Hat]]>Real stories from the people breaking and defending the internet

Every week, Michel Chamberland sits down with a cybersecurity professional to dig into the moments that shaped their career, from their first encounter with a computer to the coolest hack they ever pulled off.

Every guest answers the same core questions, giving you a unique window into how different people approach the same craft. Whether you're a seasoned red teamer, a bug bounty hunter, a vulnerability analyst, or just getting started, there's something here for you.

]]>https://integsec.com/chatwhitehatRiverside.fm (https://riverside.com)Thu, 16 Apr 2026 04:45:34 GMTFri, 13 Feb 2026 01:25:54 GMT60Michel Chamberland<h2><b>Real stories from the people breaking and defending the internet</b></h2><p>Every week, Michel Chamberland sits down with a cybersecurity professional to dig into the moments that shaped their career, from their first encounter with a computer to the coolest hack they ever pulled off.</p><p></p><p>Every guest answers the same core questions, giving you a unique window into how different people approach the same craft. Whether you're a seasoned red teamer, a bug bounty hunter, a vulnerability analyst, or just getting started, there's something here for you.</p>episodicMichel Chamberlandmike.chamberland@integsec.comno<![CDATA[Bureaucracy in Security Testing]]>The conversation delves into the art of bureaucracy and its impact on security testing, emphasizing the need to remove bureaucracy and reduce friction in user interfaces for effective testing.

Takeaways

  • Bureaucracy as an art
  • Reducing friction in user interfaces

Chapters

  • 00:00 The Art of Bureaucracy
]]>4ced0d83-4448-4a6c-ba65-1a8c7fa811ddWed, 15 Apr 2026 16:00:00 GMT<p>The conversation delves into the art of bureaucracy and its impact on security testing, emphasizing the need to remove bureaucracy and reduce friction in user interfaces for effective testing.</p><p></p><p>Takeaways</p><ul><li>Bureaucracy as an art</li><li>Reducing friction in user interfaces</li></ul><p></p><p>Chapters</p><ul><li>00:00 The Art of Bureaucracy</li></ul>no00:00:46Bureaucracy in Security Testingtrailer<![CDATA[Slow Down: Key to Effective Security Testing]]>The conversation emphasizes the importance of slowing down and conducting thorough reconnaissance in cybersecurity testing. It highlights the need to pay attention to details and avoid making assumptions based on incomplete information.

Takeaways

  • Slow down
  • Thorough reconnaissance

Chapters

  • 00:00 Importance of Slowing Down and Thorough Reconnaissance
]]>e70e70a6-5b93-473e-8b29-c219a71c99c3Wed, 15 Apr 2026 13:00:00 GMT<p>The conversation emphasizes the importance of slowing down and conducting thorough reconnaissance in cybersecurity testing. It highlights the need to pay attention to details and avoid making assumptions based on incomplete information.</p><p></p><p>Takeaways</p><ul><li>Slow down</li><li>Thorough reconnaissance</li></ul><p></p><p>Chapters</p><ul><li>00:00 Importance of Slowing Down and Thorough Reconnaissance</li></ul>no00:04:31Slow Down: Key to Effective Security Testingtrailer<![CDATA[Web App Pentesting: Eye-Opening Factor]]>Nick Aures discusses his fascination with web application pen testing, highlighting the enjoyment, eye-opening factor, and impact of reporting on vulnerabilities. He emphasizes the prevalence of web applications in modern life.

Takeaways

  • Fascination with web app pen testing
  • Prevalence of web applications in modern life

Chapters

  • 00:00 The Fascination with Web Application Pen Testing
]]>2cbb12bf-4426-49a0-b23c-3dc510f38c28Tue, 14 Apr 2026 16:00:00 GMT<p>Nick Aures discusses his fascination with web application pen testing, highlighting the enjoyment, eye-opening factor, and impact of reporting on vulnerabilities. He emphasizes the prevalence of web applications in modern life.</p><p></p><p>Takeaways</p><ul><li>Fascination with web app pen testing</li><li>Prevalence of web applications in modern life</li></ul><p></p><p>Chapters</p><ul><li>00:00 The Fascination with Web Application Pen Testing</li></ul>no00:00:56Web App Pentesting: Eye-Opening Factortrailer<![CDATA[Pentesting: More Than Just Hacking]]>The conversation delves into the multifaceted role of a cybersecurity consultant, highlighting the responsibilities, client interactions, and report generation. It also explores the balance between pen testing and consultancy, emphasizing the importance of being a consultant as well as a pen tester. The discussion concludes with a reflection on the dual role of a cybersecurity professional.

Takeaways

  • Cybersecurity consulting involves client interaction and report generation.
  • A cybersecurity professional must balance pen testing skills with consultancy responsibilities.

Chapters

  • 00:00 The Role of a Consultant
]]>7caeea44-2858-4c9e-a1f4-1946ee5d59e3Tue, 14 Apr 2026 13:00:00 GMT<p>The conversation delves into the multifaceted role of a cybersecurity consultant, highlighting the responsibilities, client interactions, and report generation. It also explores the balance between pen testing and consultancy, emphasizing the importance of being a consultant as well as a pen tester. The discussion concludes with a reflection on the dual role of a cybersecurity professional.</p><p></p><p>Takeaways</p><ul><li>Cybersecurity consulting involves client interaction and report generation.</li><li>A cybersecurity professional must balance pen testing skills with consultancy responsibilities.</li></ul><p></p><p>Chapters</p><ul><li>00:00 The Role of a Consultant</li></ul>no00:00:56Pentesting: More Than Just Hackingtrailer<![CDATA[Market Economy Hides Cyber Exploits]]>The conversation delves into the impact of market economy on the visibility of remote system exploits, highlighting the concealment of such exploits due to economic factors. It also explores the influence of the highest bidder in the cybersecurity industry, leading to the secrecy and privatization of valuable exploits.

Takeaways

  • Market economy conceals remote exploits
  • Tyranny of the highest bidder in cybersecurity industry

Chapters

  • 00:00 Market Economy and Remote Exploits
]]>eb7edb1b-8bf6-4319-86f1-495f0d7e44bdMon, 13 Apr 2026 16:00:00 GMT<p>The conversation delves into the impact of market economy on the visibility of remote system exploits, highlighting the concealment of such exploits due to economic factors. It also explores the influence of the highest bidder in the cybersecurity industry, leading to the secrecy and privatization of valuable exploits.</p><p></p><p>Takeaways</p><ul><li>Market economy conceals remote exploits</li><li>Tyranny of the highest bidder in cybersecurity industry</li></ul><p></p><p>Chapters</p><ul><li>00:00 Market Economy and Remote Exploits</li></ul>no00:01:06Market Economy Hides Cyber Exploitstrailer<![CDATA[Cybersecurity Threats Are Piling Up Faster Than Ever ]]>The conversation delves into the rising frequency of cyber vulnerabilities and its impact on defensive measures. It also explores the challenges in cybersecurity, defensive measures, and strategies, as well as the offensive side of cybersecurity with a focus on cyber attacks and offensive strategies.

Takeaways

  • Rising frequency of cyber vulnerabilities
  • Challenges in cybersecurity

Chapters

  • 00:00 Rising Frequency of Cyber Vulnerabilities
]]>92fe5212-b74b-4efc-be8c-b7edd6df7b6dMon, 13 Apr 2026 13:00:00 GMT<p>The conversation delves into the rising frequency of cyber vulnerabilities and its impact on defensive measures. It also explores the challenges in cybersecurity, defensive measures, and strategies, as well as the offensive side of cybersecurity with a focus on cyber attacks and offensive strategies.</p><p></p><p>Takeaways</p><ul><li>Rising frequency of cyber vulnerabilities</li><li>Challenges in cybersecurity</li></ul><p></p><p>Chapters</p><ul><li>00:00 Rising Frequency of Cyber Vulnerabilities</li></ul>no00:00:09Cybersecurity Threats Are Piling Up Faster Than Ever trailer<![CDATA[Reverse Engineering IIS Exploit]]>The conversation delves into the discovery of exploits and the impact of reverse engineering on program modification and distribution.

Takeaways

  • Reverse Engineering
  • Impact of Exploits

Chapters

  • 00:00 Uncovering Exploits and Reverse Engineering
]]>af60984a-5576-4267-83e6-ec6cd1fdd3a6Sun, 12 Apr 2026 16:00:00 GMT<p>The conversation delves into the discovery of exploits and the impact of reverse engineering on program modification and distribution.</p><p></p><p>Takeaways</p><ul><li>Reverse Engineering</li><li>Impact of Exploits</li></ul><p></p><p>Chapters</p><ul><li>00:00 Uncovering Exploits and Reverse Engineering</li></ul>no00:00:50Reverse Engineering IIS Exploittrailer<![CDATA[AI Boosts Penetration Testing Speed]]>The conversation delves into the impact of cloud code on penetration testing, highlighting the significant power it provides to pen testers. Additionally, the need for increased testing frequency is discussed, emphasizing the rapid changes in technology and the necessity for more frequent and efficient testing methods.

Takeaways

  • Cloud code
  • Penetration testing
  • Testing frequency

Chapters

  • 00:00 The Power of Cloud Code in Penetration Testing
]]>e53e1184-5ccf-4588-8f75-3cadee185015Sat, 11 Apr 2026 16:00:00 GMT<p>The conversation delves into the impact of cloud code on penetration testing, highlighting the significant power it provides to pen testers. Additionally, the need for increased testing frequency is discussed, emphasizing the rapid changes in technology and the necessity for more frequent and efficient testing methods.</p><p></p><p>Takeaways</p><ul><li>Cloud code</li><li>Penetration testing</li><li>Testing frequency</li></ul><p></p><p>Chapters</p><ul><li>00:00 The Power of Cloud Code in Penetration Testing</li></ul>no00:01:04AI Boosts Penetration Testing Speedtrailer<![CDATA[The Hidden Threat: Market Economy & Exploits]]>The conversation delves into the underestimation of vulnerabilities, the impact of the market economy on security, and the centralization of skills in the industry. It highlights the hidden nature of vulnerabilities, the influence of market economy on the visibility of exploits, and the decreasing number of skilled individuals in the field.

Takeaways

  • Hidden vulnerabilities
  • Impact of market economy on security
  • Centralization of skills

Chapters

  • 00:00 Underestimated Vulnerabilities
]]>1e61276d-902d-4cdd-9443-1c407f1e2744Sat, 11 Apr 2026 13:00:00 GMT<p>The conversation delves into the underestimation of vulnerabilities, the impact of the market economy on security, and the centralization of skills in the industry. It highlights the hidden nature of vulnerabilities, the influence of market economy on the visibility of exploits, and the decreasing number of skilled individuals in the field.</p><p></p><p>Takeaways</p><ul><li>Hidden vulnerabilities</li><li>Impact of market economy on security</li><li>Centralization of skills</li></ul><p></p><p>Chapters</p><ul><li>00:00 Underestimated Vulnerabilities</li></ul>no00:04:45The Hidden Threat: Market Economy & Exploitstrailer<![CDATA[AI in Security: Hype, Reality, and Future]]>The conversation explores the impact of AI on security testing and technology, drawing parallels to the impact of cloud technology. It delves into the changes in offensive and defensive security testing due to AI and compares the initial hype and subsequent evolution of AI to that of cloud technology.

Takeaways

  • Impact of AI on offensive and defensive security testing
  • Comparison of AI impact to the impact of cloud technology

Chapters

  • 00:00 The Impact of AI on Security Testing and Technology
]]>557da51a-90d9-47c7-9dc7-2c7e6ece4401Fri, 10 Apr 2026 16:00:00 GMT<p>The conversation explores the impact of AI on security testing and technology, drawing parallels to the impact of cloud technology. It delves into the changes in offensive and defensive security testing due to AI and compares the initial hype and subsequent evolution of AI to that of cloud technology.</p><p></p><p>Takeaways</p><ul><li>Impact of AI on offensive and defensive security testing</li><li>Comparison of AI impact to the impact of cloud technology</li></ul><p></p><p>Chapters</p><ul><li>00:00 The Impact of AI on Security Testing and Technology</li></ul>no00:04:40AI in Security: Hype, Reality, and Futuretrailer<![CDATA[AI: The New Computer ]]>The conversation explores the parallels between AI adoption and computer adoption, highlighting the potential for AI to bring efficiency and free up time for other activities. It also delves into the impact of AI on work and art, expressing hope for a future where AI enhances human creativity and productivity.

Takeaways

  • AI adoption similar to computer adoption
  • AI will bring efficiency and free up time for other activities

Chapters

  • 00:00 AI Adoption and Efficiency
]]>ddff6924-7aa8-404d-8372-a8896d6f1698Fri, 10 Apr 2026 13:00:00 GMT<p>The conversation explores the parallels between AI adoption and computer adoption, highlighting the potential for AI to bring efficiency and free up time for other activities. It also delves into the impact of AI on work and art, expressing hope for a future where AI enhances human creativity and productivity.</p><p></p><p>Takeaways</p><ul><li>AI adoption similar to computer adoption</li><li>AI will bring efficiency and free up time for other activities</li></ul><p></p><p>Chapters</p><ul><li>00:00 AI Adoption and Efficiency</li></ul>no00:01:07AI: The New Computer trailer<![CDATA[Cybersecurity: Learn the Core Science]]>The conversation covers the comparison between cybersecurity and computer science degrees, emphasizing the importance of theoretical computer science. It also delves into the concept of thinking inside the box and the limitations it imposes.

Takeaways

  • Cybersecurity degree vs. computer science
  • Importance of theoretical computer science

Chapters

  • 00:00 Choosing the Right Education
]]>b349102f-7b6b-43ce-ac82-d9aaa1122356Thu, 09 Apr 2026 16:00:00 GMT<p>The conversation covers the comparison between cybersecurity and computer science degrees, emphasizing the importance of theoretical computer science. It also delves into the concept of thinking inside the box and the limitations it imposes.</p><p></p><p>Takeaways</p><ul><li>Cybersecurity degree vs. computer science</li><li>Importance of theoretical computer science</li></ul><p></p><p>Chapters</p><ul><li>00:00 Choosing the Right Education</li></ul>no00:01:03Cybersecurity: Learn the Core Sciencetrailer<![CDATA[AI: Not Innovative, Just Fast ]]>The conversation delves into the limitations of AI and its inability to be truly innovative, as well as the concept of artificial creativity. The discussion highlights the fact that AI is limited to predefined tasks and lacks the ability to generate new ideas or solutions.

Takeaways

  • AI limitations
  • Artificial creativity

Chapters

  • 00:00 AI Limitations and Creativity
]]>7372a026-9594-4f98-841f-c86144e52f33Thu, 09 Apr 2026 13:00:00 GMT<p>The conversation delves into the limitations of AI and its inability to be truly innovative, as well as the concept of artificial creativity. The discussion highlights the fact that AI is limited to predefined tasks and lacks the ability to generate new ideas or solutions.</p><p></p><p>Takeaways</p><ul><li>AI limitations</li><li>Artificial creativity</li></ul><p></p><p>Chapters</p><ul><li>00:00 AI Limitations and Creativity</li></ul>no00:01:17AI: Not Innovative, Just Fast trailer<![CDATA[Mastering Assembler for C Fluency]]>The conversation delves into the importance of mastering the core concepts, deep understanding of programming languages, achieving fluency, and the application of knowledge to all code. It emphasizes the significance of practice and open source code, as well as the idea that all code is open source and can be understood through reading the assembler.

Takeaways

  • Master the core concepts
  • Achieve fluency in programming languages

Chapters

  • 00:00 Mastering the Core
]]>51bb45c6-b011-4cd0-ae62-a91b4ed93ffcWed, 08 Apr 2026 16:00:00 GMT<p>The conversation delves into the importance of mastering the core concepts, deep understanding of programming languages, achieving fluency, and the application of knowledge to all code. It emphasizes the significance of practice and open source code, as well as the idea that all code is open source and can be understood through reading the assembler.</p><p></p><p>Takeaways</p><ul><li>Master the core concepts</li><li>Achieve fluency in programming languages</li></ul><p></p><p>Chapters</p><ul><li>00:00 Mastering the Core</li></ul>no00:00:51Mastering Assembler for C Fluencytrailer<![CDATA[Pentesting: More Than Just Hacking]]>The conversation highlights the importance of consulting in the day-to-day work of a cybersecurity consultant, emphasizing the need for pen testers to also act as consultants and not just focus on hacking tricks.

Takeaways

  • Consulting is a significant part of a cybersecurity consultant's day-to-day work.
  • Pen testers need to also be consultants and not just focus on showing off their hacking tricks.

Chapters

  • 00:00 The Role of a Cybersecurity Consultant
]]>a0f099ae-9a31-4ca8-8341-ff3979baba87Sun, 12 Apr 2026 13:00:00 GMT<p>The conversation highlights the importance of consulting in the day-to-day work of a cybersecurity consultant, emphasizing the need for pen testers to also act as consultants and not just focus on hacking tricks.</p><p></p><p>Takeaways</p><ul><li>Consulting is a significant part of a cybersecurity consultant's day-to-day work.</li><li>Pen testers need to also be consultants and not just focus on showing off their hacking tricks.</li></ul><p></p><p>Chapters</p><ul><li>00:00 The Role of a Cybersecurity Consultant</li></ul>no00:00:56Pentesting: More Than Just Hackingtrailer<![CDATA[Security Testing: More Than Just Scanning]]>The conversation delves into the misconceptions surrounding security testing and highlights the manual probing and hard thinking involved in the process.

Takeaways

  • Misconceptions about security testing
  • Manual probing and hard thinking involved in security testing

Chapters

  • Misconceptions About Security Testing
]]>7c7fd265-3bcb-4aa9-b2cd-4b803fa49668Tue, 07 Apr 2026 19:45:00 GMT<p>The conversation delves into the misconceptions surrounding security testing and highlights the manual probing and hard thinking involved in the process.</p><p></p><p>Takeaways</p><ul><li>Misconceptions about security testing</li><li>Manual probing and hard thinking involved in security testing</li></ul><p></p><p>Chapters</p><ul><li>Misconceptions About Security Testing</li></ul>no00:01:02Security Testing: More Than Just Scanningtrailer<![CDATA[Hacking Mac OS X]]>The conversation covers the topic of key logging on Mac OS X without informing the user, and the process of reverse engineering Apple's implementation to achieve this. The discovery of the backdoor in Mac OS X is also discussed.

Takeaways

  • Key logging on Mac OS X without user notification
  • Discovery of backdoor in Mac OS X
]]>97aaf43a-dea4-4cdf-b175-241a2cf32795Sat, 04 Apr 2026 16:15:00 GMT<p>The conversation covers the topic of key logging on Mac OS X without informing the user, and the process of reverse engineering Apple's implementation to achieve this. The discovery of the backdoor in Mac OS X is also discussed.</p><p></p><p>Takeaways</p><ul><li>Key logging on Mac OS X without user notification</li><li>Discovery of backdoor in Mac OS X</li></ul>no00:00:29Hacking Mac OS Xfull<![CDATA[Nick Aures Talks Zero Days and Exploit Techniques]]>The conversation covers zero-day discoveries and cloud code exploits. Nick discusses his recent findings of zero-day vulnerabilities and his improved understanding of obscure exploit techniques. Additionally, the use of cloud code to write exploits is explored, highlighting its potential for executing commands and writing code.

Takeaways

  • Zero-day discoveries
  • Cloud code exploits
]]>4d00dce3-cf17-463c-8493-89529e85fbfcSun, 05 Apr 2026 16:15:00 GMT<p>The conversation covers zero-day discoveries and cloud code exploits. Nick discusses his recent findings of zero-day vulnerabilities and his improved understanding of obscure exploit techniques. Additionally, the use of cloud code to write exploits is explored, highlighting its potential for executing commands and writing code.</p><p></p><p>Takeaways</p><ul><li>Zero-day discoveries</li><li>Cloud code exploits</li></ul>no00:00:18Nick Aures Talks Zero Days and Exploit Techniquesfull<![CDATA[AI in Cybersecurity: 2026 Advice]]>Advice for breaking into cybersecurity and pen testing in 2026, including the importance of showcasing seriousness and considering automation with AI.

Takeaways

  • Show seriousness and dedication
  • Consider automation with AI
]]>d05106f2-17d3-4ccd-a092-047294b8817cMon, 06 Apr 2026 16:15:00 GMT<p>Advice for breaking into cybersecurity and pen testing in 2026, including the importance of showcasing seriousness and considering automation with AI.</p><p></p><p>Takeaways</p><ul><li>Show seriousness and dedication</li><li>Consider automation with AI</li></ul>no00:00:55AI in Cybersecurity: 2026 Advicefull<![CDATA[Pentesting: A Fool's Errand]]>The conversation covers Neil Kettle's favorite type of testing and the challenges of pen testing, highlighting the dilemma and pressure associated with it.

Takeaways

  • Favorite testing type
  • Challenges of pen testing
]]>e34a2b3e-8fde-496e-88f8-75bd2c8671f8Mon, 06 Apr 2026 16:15:00 GMT<p>The conversation covers Neil Kettle's favorite type of testing and the challenges of pen testing, highlighting the dilemma and pressure associated with it.</p><p></p><p>Takeaways</p><ul><li>Favorite testing type</li><li>Challenges of pen testing</li></ul>no00:00:46Pentesting: A Fool's Errandtrailer<![CDATA[Nick Aures (Senior Pentester)]]>Nick Aures, a senior pen tester, shares his journey into cybersecurity, the evolution of his interest in computers, and the impact of AI on pen testing. He also discusses the underestimated attack vector of 'execution after redirect' and offers advice for aspiring cybersecurity professionals.

Takeaways

  • Continuous pen testing models are essential for staying on top of new vulnerabilities and threats.
  • AI is revolutionizing cybersecurity, offering new capabilities and challenges for both offensive and defensive strategies.

Chapters

  • 00:00 Introduction and Career Journey
  • 05:06 The Coolest Hack and Continuous Pen Testing
  • 10:12 Favorite Type of Security Testing and AI in Cybersecurity
  • 14:58 Impact of AI on Pen Testing and Cybersecurity
  • 19:56 Misconceptions and Underestimated Attack Vectors
  • 25:11 Advice for Aspiring Cybersecurity Professionals and Conclusion
]]>1d523b56-c1d8-44ac-8a03-a1e11327cb97Sat, 04 Apr 2026 16:15:00 GMT<p>Nick Aures, a senior pen tester, shares his journey into cybersecurity, the evolution of his interest in computers, and the impact of AI on pen testing. He also discusses the underestimated attack vector of 'execution after redirect' and offers advice for aspiring cybersecurity professionals.</p><p></p><p>Takeaways</p><ul><li>Continuous pen testing models are essential for staying on top of new vulnerabilities and threats.</li><li>AI is revolutionizing cybersecurity, offering new capabilities and challenges for both offensive and defensive strategies.</li></ul><p></p><p>Chapters</p><ul><li>00:00 Introduction and Career Journey</li><li>05:06 The Coolest Hack and Continuous Pen Testing</li><li>10:12 Favorite Type of Security Testing and AI in Cybersecurity</li><li>14:58 Impact of AI on Pen Testing and Cybersecurity</li><li>19:56 Misconceptions and Underestimated Attack Vectors</li><li>25:11 Advice for Aspiring Cybersecurity Professionals and Conclusion</li></ul>no00:31:3013Nick Aures (Senior Pentester)full<![CDATA[Just Start: Hands-On Cybersecurity]]>The conversation emphasizes the importance of hands-on experience in cybersecurity, highlighting the transition from network play to CTFs and the value of practical keyboard experience in learning.

Takeaways

  • Hands-on experience is crucial
  • CTFs are a valuable learning tool

Chapters

  • 00:00 The Value of Hands-On Keyboard Experience
]]>0640e6ef-e180-4835-b9fb-afd512ead022Sun, 05 Apr 2026 16:00:00 GMT<p>The conversation emphasizes the importance of hands-on experience in cybersecurity, highlighting the transition from network play to CTFs and the value of practical keyboard experience in learning.</p><p></p><p>Takeaways</p><ul><li>Hands-on experience is crucial</li><li>CTFs are a valuable learning tool</li></ul><p></p><p>Chapters</p><ul><li>00:00 The Value of Hands-On Keyboard Experience</li></ul>no00:01:01Just Start: Hands-On Cybersecuritytrailer<![CDATA[Slow Down: CTF & Pen Testing Mistakes]]>In this conversation, the speaker discusses the importance of slowing down in pen testing and CTFs to avoid missing critical vulnerabilities and attack chains. They emphasize the need to focus on the details and not rush to the end goal.

Takeaways

  • Slowing down is crucial in pen testing and CTFs
  • Low severity vulnerabilities can pose high risk when combined

Chapters

  • 00:00 The Need to Slow Down
]]>29ba6a33-11bd-40c4-bfff-88804d4f6156Sun, 05 Apr 2026 13:00:00 GMT<p>In this conversation, the speaker discusses the importance of slowing down in pen testing and CTFs to avoid missing critical vulnerabilities and attack chains. They emphasize the need to focus on the details and not rush to the end goal.</p><p></p><p>Takeaways</p><ul><li>Slowing down is crucial in pen testing and CTFs</li><li>Low severity vulnerabilities can pose high risk when combined</li></ul><p></p><p>Chapters</p><ul><li>00:00 The Need to Slow Down</li></ul>no00:00:41Slow Down: CTF & Pen Testing Mistakestrailer<![CDATA[Exploiting EDR Console for Mass Deployment]]>A security breach led to unauthorized access to the EDR console, allowing for the deployment of payloads and extensive access to the organization's systems.

Takeaways

  • Unauthorized access to EDR consoles can lead to the deployment of payloads and extensive system access.
  • EDR consoles are often overlooked as a potential point of compromise in a security breach.

Chapters

  • 00:00 Unauthorized Access to EDR Console
]]>f3320754-203a-48c9-8722-025f346f5fd5Sat, 04 Apr 2026 16:00:00 GMT<p>A security breach led to unauthorized access to the EDR console, allowing for the deployment of payloads and extensive access to the organization's systems.</p><p></p><p>Takeaways</p><ul><li>Unauthorized access to EDR consoles can lead to the deployment of payloads and extensive system access.</li><li>EDR consoles are often overlooked as a potential point of compromise in a security breach.</li></ul><p></p><p>Chapters</p><ul><li>00:00 Unauthorized Access to EDR Console</li></ul>no00:00:49Exploiting EDR Console for Mass Deploymenttrailer<![CDATA[AI Boosting Red Teaming Efficiency]]>The conversation explores the impact of AI on red teaming and the considerations of efficiency and cost for companies.

Takeaways

  • AI can enhance red teaming
  • Efficiency and cost are key considerations for companies

Chapters

  • 00:00 The Impact of AI on Red Teaming
]]>5e7fed4f-e76b-442f-aeb1-af1133ecd32bSat, 04 Apr 2026 13:00:00 GMT<p>The conversation explores the impact of AI on red teaming and the considerations of efficiency and cost for companies.</p><p></p><p>Takeaways</p><ul><li>AI can enhance red teaming</li><li>Efficiency and cost are key considerations for companies</li></ul><p></p><p>Chapters</p><ul><li>00:00 The Impact of AI on Red Teaming</li></ul>no00:00:54AI Boosting Red Teaming Efficiencytrailer<![CDATA[AI in Pen Testing: Client Concerns]]>The conversation explores the apprehension around using AI in penetration testing and draws parallels with the skepticism around self-driving cars. It delves into the fear of unmanaged AI and the need to consider the bigger picture.

Takeaways

  • AI skepticism in penetration testing
  • Parallels with self-driving cars

Chapters

  • 00:00 AI in Penetration Testing
]]>ff60be0b-cbc6-4fd1-80c9-186573bb3676Fri, 03 Apr 2026 16:00:00 GMT<p>The conversation explores the apprehension around using AI in penetration testing and draws parallels with the skepticism around self-driving cars. It delves into the fear of unmanaged AI and the need to consider the bigger picture.</p><p></p><p>Takeaways</p><ul><li>AI skepticism in penetration testing</li><li>Parallels with self-driving cars</li></ul><p></p><p>Chapters</p><ul><li>00:00 AI in Penetration Testing</li></ul>no00:01:04AI in Pen Testing: Client Concernsfull<![CDATA[AI: Not Replacing Human Expertise]]>The conversation explores the role of AI in client communication and the importance of pairing AI with skill for optimal results.

Takeaways

  • AI should be paired with skill for optimal results
  • Client communication with AI requires a skilled person to guide the process.

Chapters

  • 00:00 The Role of AI in Client Communication
]]>be2f2d4b-acb4-4544-8e49-679dbc03040dFri, 03 Apr 2026 13:00:00 GMT<p>The conversation explores the role of AI in client communication and the importance of pairing AI with skill for optimal results.</p><p></p><p>Takeaways</p><ul><li>AI should be paired with skill for optimal results</li><li>Client communication with AI requires a skilled person to guide the process.</li></ul><p></p><p>Chapters</p><ul><li>00:00 The Role of AI in Client Communication</li></ul>no00:00:44AI: Not Replacing Human Expertisefull<![CDATA[Red Teaming vs Pen Testing: A Hacker's Perspective]]>The conversation covers the topics of Red Teaming and Internal Pen Testing, highlighting the differences between the two and the challenges associated with Red Teaming engagements.

Takeaways

  • Red Teaming
  • Internal Pen Test

Chapters

  • 00:00 Red Teaming vs. Pen Testing
]]>80b60aff-971c-4cd1-9e95-862f0261c4b0Thu, 02 Apr 2026 17:00:00 GMT<p>The conversation covers the topics of Red Teaming and Internal Pen Testing, highlighting the differences between the two and the challenges associated with Red Teaming engagements.</p><p></p><p>Takeaways</p><ul><li>Red Teaming</li><li>Internal Pen Test</li></ul><p></p><p>Chapters</p><ul><li>00:00 Red Teaming vs. Pen Testing</li></ul>no00:01:06Red Teaming vs Pen Testing: A Hacker's Perspectivetrailer<![CDATA[AI in Cybersecurity: Offense & Defense]]>The conversation explores the impact of AI on offensive and defensive operations, highlighting the advantages and capabilities it offers in both areas.

Takeaways

  • AI enables faster and more efficient operations in offensive tasks.
  • AI enhances the capabilities of defense operations, enabling the identification of advanced threat chains.

Chapters

  • 00:00 Advantages of AI in Offensive Operations
]]>efc2455a-a858-416f-bbdf-8263ced1965eThu, 02 Apr 2026 13:00:00 GMT<p>The conversation explores the impact of AI on offensive and defensive operations, highlighting the advantages and capabilities it offers in both areas.</p><p></p><p>Takeaways</p><ul><li>AI enables faster and more efficient operations in offensive tasks.</li><li>AI enhances the capabilities of defense operations, enabling the identification of advanced threat chains.</li></ul><p></p><p>Chapters</p><ul><li>00:00 Advantages of AI in Offensive Operations</li></ul>no00:00:47AI in Cybersecurity: Offense & Defensetrailer<![CDATA[EDR Deployment: When One Payload Triggers Hundreds of Beacons]]>The conversation covers the use of EDR for payload deployment and the overwhelming number of callbacks and beacons that followed.

Takeaways

  • EDR for fast payload deployment
  • Managing overwhelming callbacks and beacons

Chapters

  • 00:00 EDR Payload Deployment
]]>a9f29ae4-3272-49dd-9fac-35f21ab7157dThu, 02 Apr 2026 04:00:00 GMT<p>The conversation covers the use of EDR for payload deployment and the overwhelming number of callbacks and beacons that followed.</p><p></p><p>Takeaways</p><ul><li>EDR for fast payload deployment</li><li>Managing overwhelming callbacks and beacons</li></ul><p></p><p>Chapters</p><ul><li>00:00 EDR Payload Deployment</li></ul>no00:00:26EDR Deployment: When One Payload Triggers Hundreds of Beaconstrailer<![CDATA[Compromising the Target using their EDR]]>A discussion about compromising the mail server and accessing the EDR admin console, followed by an exploration of security vulnerabilities post-COVID.

Takeaways

  • Compromising the mail server
  • Security vulnerabilities post-COVID

Chapters

  • 00:00 Compromising the Mail Server
]]>cb0c487d-daf3-4162-b17f-17ab816554bfWed, 01 Apr 2026 13:00:00 GMT<p>A discussion about compromising the mail server and accessing the EDR admin console, followed by an exploration of security vulnerabilities post-COVID.</p><p></p><p>Takeaways</p><ul><li>Compromising the mail server</li><li>Security vulnerabilities post-COVID</li></ul><p></p><p>Chapters</p><ul><li>00:00 Compromising the Mail Server</li></ul>no00:00:54Compromising the Target using their EDRtrailer<![CDATA[HaxrByte (Penetration Tester/Ethical Hacker; Red Teamer/Red Team Operator)]]>HaxrByte is a cybersecurity-focused YouTube channel built for professionals, students, and cyber-curious minds who want to dive deep into the art of offensive security. From stealthy Red Team operations to cutting-edge adversary emulation, we break down complex concepts with real-world walkthroughs, technical demos, and tactical breakdowns.

https://www.youtube.com/@haxrbyte https://haxrbyte.com

LinkedIn URL: https://www.linkedin.com/company/haxrbyte/

Twitter username: haxrbyte

LiveStream every Thursday 8 PM ET (7 PM CT):

"Using CTFs to Train YOUR Hacker Brain — Pentester Tradecraft."

]]>1f1751b1-f40e-4733-a411-f7fef238389bTue, 31 Mar 2026 19:27:50 GMT<p>HaxrByte is a cybersecurity-focused YouTube channel built for professionals, students, and cyber-curious minds who want to dive deep into the art of offensive security. From stealthy Red Team operations to cutting-edge adversary emulation, we break down complex concepts with real-world walkthroughs, technical demos, and tactical breakdowns. <br /><br /><a rel="noopener noreferrer nofollow" href="https://www.youtube.com/@haxrbyte" target="_blank">https://www.youtube.com/@haxrbyte</a> <a rel="noopener noreferrer nofollow" href="https://haxrbyte.com" target="_blank">https://haxrbyte.com</a><br /><br />LinkedIn URL: <a rel="noopener noreferrer nofollow" href="https://www.linkedin.com/company/haxrbyte/" target="_blank">https://www.linkedin.com/company/haxrbyte/</a><br /><br />Twitter username: haxrbyte<br /></p><p>LiveStream every Thursday 8 PM ET (7 PM CT): </p><p>"Using CTFs to Train YOUR Hacker Brain — Pentester Tradecraft."</p>no00:44:3312HaxrByte (Penetration Tester/Ethical Hacker; Red Teamer/Red Team Operator)full<![CDATA[Neil Kettle - Vulnerability Researcher]]>Neil Kettle, a vulnerability researcher and bug hunter, shares his journey from early interest in computers to becoming a cybersecurity expert. He discusses his coolest hacks and exploits, favorite type of testing, and offers insights on improving security testing. The conversation covers challenges of screen sharing, bureaucratic impositions, educating the industry for efficiency, misconceptions about security testing, underestimated vulnerabilities, market economy and security exploits, old class of vulnerabilities in new technologies, advice for breaking into cybersecurity, and where to find more about Neil Kettle.

Takeaways

  • Early exposure to computers can shape a career in cybersecurity.
  • Reverse engineering and crypto-related testing are preferred due to their depth and lack of bureaucratic obstacles. Security testing is not 100% technical, it's 20% technical and 80% bureaucratic.
  • Learning the premise is more important than memorizing the antecedent in cybersecurity education.

Chapters

  • 00:00 Introduction and Background
  • 06:01 Entry into Cybersecurity
  • 16:34 Favorite Type of Testing
  • 22:20 Misconceptions About Security Testing
  • 27:36 Old Class of Vulnerabilities in New Technologies
  • 36:10 Where to Find More About Neil Kettle
]]>65711397-b285-4ccc-8bce-46e939ed345fTue, 31 Mar 2026 19:30:00 GMT<p>Neil Kettle, a vulnerability researcher and bug hunter, shares his journey from early interest in computers to becoming a cybersecurity expert. He discusses his coolest hacks and exploits, favorite type of testing, and offers insights on improving security testing. The conversation covers challenges of screen sharing, bureaucratic impositions, educating the industry for efficiency, misconceptions about security testing, underestimated vulnerabilities, market economy and security exploits, old class of vulnerabilities in new technologies, advice for breaking into cybersecurity, and where to find more about Neil Kettle.</p><p></p><p>Takeaways</p><ul><li>Early exposure to computers can shape a career in cybersecurity.</li><li>Reverse engineering and crypto-related testing are preferred due to their depth and lack of bureaucratic obstacles. Security testing is not 100% technical, it's 20% technical and 80% bureaucratic.</li><li>Learning the premise is more important than memorizing the antecedent in cybersecurity education.</li></ul><p></p><p>Chapters</p><ul><li>00:00 Introduction and Background</li><li>06:01 Entry into Cybersecurity</li><li>16:34 Favorite Type of Testing</li><li>22:20 Misconceptions About Security Testing</li><li>27:36 Old Class of Vulnerabilities in New Technologies</li><li>36:10 Where to Find More About Neil Kettle</li></ul>no00:38:4811Neil Kettle - Vulnerability Researcherfull