David Bombal

Big thank you to DeleteMe for sponsoring this video. Use my link http://joindeleteme.com/Bombal to receive a 20% discount or use the QR Code in the video.

In this interview, David Bombal sits down with Dr. Mike Pound (Computerphile) to clear up one of the biggest crypto misconceptions on the Internet: hashing is not encryption, and hash functions are not reversible.

In this video you’ll learn what a hash function actually does (a deterministic, fixed-length, “random-looking” summary of data) and why the whole point is that you cannot take a hash and reconstruct the original file. Dr Mike explains the key properties of secure hashing, including the avalanche effect (tiny input change, massive output change), and why older algorithms like MD5 and SHA-1 became unsafe due to collisions. We also cover what “collisions” really mean, why they must exist in theory (the pigeonhole principle) and why they can appear sooner than expected (the birthday paradox).

Then we tackle the YouTube-comments classic: rainbow tables. If hashes are one-way, how do attackers “crack” passwords? The answer: they don’t reverse hashes. They guess passwords, hash them forward, and match the results. Mike breaks down how rainbow tables speed this up with precomputed hashes, and why salting makes those precomputations far less effective by forcing attackers to redo work per user.

Finally, we zoom out into modern cryptography: why SHA-2 is widely used today, why SHA-3 exists as a structurally different backup option, what length extension attacks are, and what quantum computing changes (and doesn’t change) for hashing and encryption. We also touch on how hashes power digital signatures, file integrity checks (like verifying an ISO download), and why AES dominates symmetric encryption.

// Mike's SOCIAL //
X: / _mikepound

// YouTube Video REFERENCE //
SHA: Secure Hashing Algorithm: • SHA: Secure Hashing Algorithm - Computerphile
Birthday Paradox: • Hash Collisions & The Birthday Paradox - C...
The Next Big SHA? SHA3 Sponge Function Explained: • The Next Big SHA? SHA3 Sponge Function Exp...

// David's SOCIAL //
Discord: discord.com/invite/usKSyzb
Twitter: www.twitter.com/davidbombal
Instagram: www.instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: www.facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
YouTube: / @davidbombal
Spotify: open.spotify.com/show/3f6k6gE...
SoundCloud: / davidbombal
Apple Podcast: podcasts.apple.com/us/podcast...

// MY STUFF //
https://www.amazon.com/shop/davidbombal

// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: [email protected]

// MENU //
0:00 - Coming up
01:09 - DeleteMe sponsored segment
02:54 - Hashing is not Encryption // Encryption and Hashing explained
09:47 - Hash functions are irreversible
15:22 - How hashing works
17:23 - Why MD5 is bad
20:09 - Recommended hashing function
21:47 - Birthday paradox explained
23:39 - Rainbow table explained
29:44 - Salting explained
33:35 - Pigeon Hole principle explained
36:35 - SHA-2 is the answer
37:17 - SHA-3 vs SHA-2
40:42 - The effect of quantum computing
42:47 - Quick summary
43:52 - Sign-In with private key
45:21 - Avalanche effect explained
49:10 - Where to learn more about hash functions
50:27 - Conclusion

Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

Disclaimer: This video is for educational purposes only.

#cryptography #hashing #encryption

Big thanks to Brilliant for sponsoring this video. To try everything Brilliant has to offer, visit https://brilliant.org/davidbombal to start your 30 day free trial or scan the QR code onscreen – You’ll also get 20% off an annual premium subscription

Stephen Sims joins David Bombal to discuss Operational Security (OpSec) through the lens of the "Darknet Marketplace Bible" (DNM Bible). While this document is originally designed to help criminals evade law enforcement while buying illegal goods, Stephen argues it is an excellent resource for cybersecurity professionals, journalists, and privacy advocates to learn high-level anonymity and encryption techniques.

Disclaimer: Both David and Stephen repeatedly emphasize that this content is for educational, privacy, and cybersecurity research purposes only. They do not advocate illegal activity.

// Stephen's Social //
Twitter: / steph3nsims
YouTube: / @offbyonesecurity

// David's SOCIAL //
Discord: discord.com/invite/usKSyzb
Twitter: www.twitter.com/davidbombal
Instagram: www.instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: www.facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
YouTube: / @davidbombal
Spotify: open.spotify.com/show/3f6k6gE...
SoundCloud: / davidbombal
Apple Podcast: podcasts.apple.com/us/podcast...

// MY STUFF //
https://www.amazon.com/shop/davidbombal

// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: [email protected]

// MENU //
0:00 - Coming up
01:08 - Brilliant sponsored segment
03:04 - Disclaimer
03:07 - The Dark Web
07:44 - What is the Dark Web?
09:14 - The Dark Net Marketplace Bible
11:42 - DOs and DON'Ts
22:49 - Dark Net Directory
26:09 - Dread walkthrough
31:04 - Recommended Operating systems
42:07 - VPNs, Tor & PGP
53:23 - PGP // Creating key pairs
01:03:53 - How to access Dark Net Marketplaces // Black Ops marketplace
01:12 :39 - Recommended cryptocurrency for the Dark Web
01:18:43 - Shipping
01:21:12 - Communication methods
01:27:28 - JavaScript warnings
01:28:13 - Never trust external links
01:29:29 - DNM Bible summary
01:31:01 - Conclusion

Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

Disclaimer: This video is for educational purposes only.
#darkweb #opsec #tor

In this video, I sit down with OTW (author of Linux Basics for Hackers) to reveal the
definitive list of top hacking and cybersecurity tools for 2026. We cover everything from the
essential foundations like Linux and Python to the "state of the art" in wireless hacking with
DragonOS and SDRs.

// Occupy The Web SOCIAL //
X: / three_cube
Website: https://hackers-arise.net/

// Occupy The Web Books //

Linux Basics for Hackers 2nd Ed
US: https://amzn.to/3TscpxY
UK: https://amzn.to/45XaF7j

Linux Basics for Hackers:
US: https://amzn.to/3wqukgC
UK: https://amzn.to/43PHFev

Getting Started Becoming a Master Hacker
US: https://amzn.to/4bmGqX2
UK: https://amzn.to/43JG2iA

Network Basics for hackers:
US: https://amzn.to/3yeYVyb
UK: https://amzn.to/4aInbGK

// OTW Discount //
Use the code BOMBAL to get a 20% discount off anything from OTW's website: https://hackers-arise.net/

// Playlists REFERENCE //
Linux Basics for Hackers: • Linux for Hackers Tutorial (And Free Courses)

Mr Robot: • Hack like Mr Robot // WiFi, Bluetooth and ...

Hackers Arise / Occupy the Web Hacks: • Hacking Tools (with demos) that you need t...

// David's SOCIAL //
Discord: discord.com/invite/usKSyzb
Twitter: www.twitter.com/davidbombal
Instagram: www.instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: www.facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
YouTube: / @davidbombal
Spotify: open.spotify.com/show/3f6k6gE...
SoundCloud: / davidbombal
Apple Podcast: podcasts.apple.com/us/podcast...

// MY STUFF //
https://www.amazon.com/shop/davidbombal

// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: [email protected]

// MENU //
0:00 - Coming up
01:00 - Top hacking tools for 2026
04:07 - Hacking tool #1: The hacking OS
07:10 - Hacking tool #2: Discovering systems on the network
08:31 - Hacking tool #3: Monitoring network traffic
10:25 - Hacking tool #4: Web app hacking
11:24 - Hacking tool #5: Vulnerability scanner
16:35 - Hacking tool #6: Basic hacking
18:11 - Hacking tool #7: The cybersecurity scripting language
19:38 - Hacking tool #8: Hacking wireless signals
25:27 - Hacking tool #9: Virtual machines
27:38 - Hacking tool #10: IDS (Intrusion Detection System)
32:08 - Hacking tool #11: Learning firewalls
37:07 - Hacking tool #12: Using AI
42:45 - Hacking tools summary
43:25 - The era of AI
45:34 - Conclusion

Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

Disclaimer: This video is for educational purposes only.

In this interview David and Dr Mike Pound discuss Agentic AI and how powerful it is powerful, but prompt injection and untrusted PDFs can leak data or alter records. Learn least privilege, input and output filtering, and model trust risks.

// Sponsored SEGMENT //
Big thank you to Proton Pass for sponsoring this video. To sign up for Proton Pass, please use the following link https://proton.me/davidbombal to get a 40% discount

// Mike SOCIAL //
X: / _mikepound

// David's SOCIAL //
Discord: discord.com/invite/usKSyzb
Twitter: www.twitter.com/davidbombal
Instagram: www.instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: www.facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
YouTube: / @davidbombal
Spotify: open.spotify.com/show/3f6k6gE...
SoundCloud: / davidbombal
Apple Podcast: podcasts.apple.com/us/podcast...

// MY STUFF //
https://www.amazon.com/shop/davidbombal

// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: [email protected]

// MENU //
0:00 - Coming up
0:56 - Proton Pass sponsored segment
02:15 - AI & cybersecurity // Vulnerabilities of AI
12:56 - Direct & Indirect Prompt Injection explained
17:52 - Input & Output Filtering explained
20:20 - AI having access to private data
25:24 - Reactions to AI & cybersecurity
27:06 - Risks of downloading open-source AI models
36:02 - The good and bad of AI models
40:23 - Conclusion

Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

Disclaimer: This video is for educational purposes only.
#cybersecurity #ai #promptinjection

Security researchers Dor Attias and Ofek Itach demonstrate a critical CVSS 10.0 n8n vulnerability (CVE-2026-21858). Watch the full RCE exploit demo using type confusion to bypass authentication and read sensitive local files.

// Dor Attias SOCIAL //
LinkedIn: / dor-attias-740758155

// Ofek Itach SOCIAL //
LinkedIn: / ofek-it

// N8N Hack Blog
https://www.cyera.com/research-labs/n...

// Cyera Blog //
https://www.cyera.com/blog

// David's SOCIAL //
Discord: discord.com/invite/usKSyzb
Twitter: www.twitter.com/davidbombal
Instagram: www.instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: www.facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
YouTube: / @davidbombal
Spotify: open.spotify.com/show/3f6k6gE...
SoundCloud: / davidbombal
Apple Podcast: podcasts.apple.com/us/podcast...

// MY STUFF //
https://www.amazon.com/shop/davidbombal

// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: [email protected]

// MENU //
0:00 - Coming up
0:56 - n8n vulnerability explained
02:33 - n8n hacking demo // How the vulnerability works
09:13 - How bad is it?
11:51 - Vulnerability summary
13:28 - More explained on Cyera blog // Webhooks
16:59 - Webhooks explained
18:09 - Formidable
19:18 - Formidable explained
20:01 - Handling uploaded files in n8n
22:32 - The form webhook node
24:28 - How to exploit
25:54 - Exploit summary
26:46 - How to mitigate
27:37 - How to become a security researcher
32:36 - Conclusion

Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

Disclaimer: This video is for educational purposes only.