YouTube security scenarios

   from  BBS  And text files , adopt  IRC  And books , To the modern Internet 
 In forums and blogs , Hackers mainly exchange information in the form of text .
 This of course means , Most older hackers prefer text , This makes it difficult to understand 
 It is difficult to establish new media .

   When I was there  2015  When I started making videos in , I often receive such feedback ：
 Words are better , No one will watch the video , I should write 
 article . So when I was asked to write about “YouTube Hacker scenario ” When 
 about  Phrack, I think video production has finally reached a certain level 
 check before acceptance .

   Although the title of this article is “YouTube Hacking Scene”, But I also want to 
 Include  Twitch  And streaming media on other platforms  -  Who knows how long 
 product  YouTube  Will continue to exist , I Believe  Phrack  Will exist in a long time .

   In view of my personal experience is biased , History is hard 
 To study , This article is definitely not objective . So we will go 
 French Proverb “ Preach falsehood to know the truth ”. So if you know 
 Better , Please contact the .


--[ 2. 2014 Years ago 

   Mining about  2000  The information of hacker video in the early S is 
 It is difficult to , But obviously it's not very popular . Personally 
 Remember  2006  Year of “Lenas Reversing for Newbies”[0]  Video series 
 ok , But it's not through  YouTube  Distributed . This is an incredibly detailed 
 as well as  Windows  Practice of reverse engineering and cracking 
OllyDbg. these years , I've seen it get a lot of recommendations , This shows that 
 Desire for visual teaching methods . 

   One of the earliest attempts at hacking seems to have been made by 
2003  Kevin of · Ross [1]. And then in  2005  year , Darren's kitchen started 
Hak5 show[2]  It is worth mentioning , Because it's probably the longest 
 Run hacker video production .YouTube  Already existed at the beginning ,
 But it is not popular yet , So distribution relies heavily on 
 The flood . It's also worth noting  IronGeek, He started uploading meetings 
2007  year  YouTube  Video on . He  2007  Year of  Notacon  The trip may be the first ever 
“ hackers  Vlog”[3]. But most of these video projects are just 
 Touch the surface of the hacker . Few videos are really mining 
 Enter the technical details .

  2007  year ,vivekramac  Launched in India  SecurityTube  project .
 It may be due to  YouTube  Inspired by the , It's a place for everyone 
 Upload and share hacker video content , but  vivekramac  I am 
 Responsible for producing a large number of videos . For years it seemed 
 Is the best source for free video lessons . but 2011 The website is slowly 
 Transition to a new paid course platform  Pentester Academy.
 Interesting facts , When I was there  2015  When I started making videos in , I obviously met 
SecurityTube  And I tried to submit my video there , But they never 
 recognized . The platform has been abandoned , The content is a little bit 
 Out of date , And it's not the depth I've been looking for . For all that , A very 
 An important part of the history of video creators .

   these years , I've been collecting  YouTube  The channel is more or less 
 Technical safety content . And create the following chart （ chart  1）,
 I checked the year when they first uploaded it . And most of them 
 There are only a few videos on the channel , It was soon abandoned .
 But in hindsight , I even noticed some very early attempts 
 Make more technical video drills , for example  lordparody (2009)[4].
 From the data ,2010  There seems to be a slight increase after the year ,
 But I think  2015  Year is the real scene of current hacker creators 
 Begin to grow .

        2005  year ：*
        2006  year ：
        2007  year ：**
        2008  year ：*
        2009: *****
        2010：****
        2011: *******
        2012  year ：************
        2013  year ：*********
        2014  year ：******
        2015  year ：***************
        2016  year ：**************************
        2017  year ：****************************
        2018  year ：*********************
        2019  year ：************
        2020  year ：*********************

             chart  1.  Bar chart showing quantity  
                    Every year there are new hackers  YouTube  Creator 


--[ 3.  my 2015 Year begins 

   Around the  2014  About years ago , I began to run into difficulties in my study progress . Where? 
 There is a lot about network security 、WiFi  Hacker's （ A written ） course ,
Metasploit  And buffer overflow , But the material mainly covers the basic knowledge .
 To really learn more advanced topics , I have to play wargame [6]  and  CTF.
 I remember playing  w3challs  or 
io.smashthestack  Improvement is very, very slow  -  I am a classic annoying 
 rookie , Even by  IRC  Of  bla  prohibit ;）

   I believe that progress should not be so difficult . On the inside 
 The traditional academic scientific community where you rely on papers , To establish 
 Previous research . Although we have the same resources , for example 
Phrack, We lack educational institutions like universities 
 Transfer this knowledge more effectively . So in the past , New people must 
 Take a rough road , Catch up with the most advanced technology . After me 
 finally “ understand ” 了  ret2libc  and  ROP, I think this thing is 
 It's actually easy , But the existing materials are difficult to explain it .

   And then in  2014  end of the year ,2015  Beginning of the year , Two things happened 
 Impact on me . The first is the growing community of programmers 
reddit  be called  /r/WatchPeopleCode[7] -  About the sub section of live broadcast 
 Programming . Although this has nothing to do with safety , But everyone knows 
 If you do any form of deeper learning , Programming skills are essential 
 The hacker attacks . The second event is geohot Solve the problem by yourself pwnable
 come from  overthewire.org[8]  The challenge of .

   What these two events have in common is that this is the first time 
 I looked at the shoulders of professionals . I realize that all 
 Talks 、 Blog posts and articles only cover the results , Rarely involved 
 The actual process . Because I'm not lucky enough to have someone around me 
 I study by myself , Look on the shoulders of experienced people 
 Developer or  geohot  It's eye opening .

   To see  geohot  How to use the terminal , Write exploit scripts and 
 Navigation  IDA Pro  Very insightful . But more importantly , it 
 It also exposes failures and errors in the subsequent process 
 Troubleshoot and fix errors . This pushed me over the wall 
 In my own education .

   I long for more . Where can I find more people or videos 
 Hacking ？ Unfortunately , stay  YouTube  On search , My only video 
 Can find  Metasploit  Tutorial or how to use  aircrack-ng
 Crack WiFi. These topics are boring to me , Because I am more 
 Interested in the process of finding these defects , instead of 
 Just use what others have found .

   Of course I'm away from geohot Your skills are still far away , I do understand ROP
 I think I can help 
 My pursuer . This led me to start the live broadcast  pwnable
 come from exploit-exercises.com（ today exploit.education） The challenge of [9], as well as 
 Cover other  CTF. But I soon noticed that I was 
 Streaming media , And quickly turned to making focused script videos 
 About visual interpretation [10]. Another thing I know is , in fact , I did it 
 Cannot understand correctly  ROP  And other topics . So I have ambition 
 Create better tutorials , It forces me to dig deeper , It means 
 The project also benefited my own education .

   Of course, this is what I said from my own point of view , I don't want to 
 Make it sound like I'm the only one . I just want to offer insights 
 About what motivates people to create videos . So at this time 
 I want to mention some other people who make videos 
 At that time “ senior ” The topic of . From the Dragon kingdom  Gynvael
CTF  The team [11]、MurmusCTF[12]、ipp[13]、psifertex[14]、Zeta Two[15]  and  
 Unfortunately , There may be more that I have never met before .

   Making a good video is very time-consuming , Especially once more  
 instead of “ It's just ” Screen recording or live broadcast . So few creators 
 Can do this in a longer time , I believe johnharmond [16]
 I have the longest and most consistently running release schedule .


--[ 4. Today's scene 

   Like any hacker field , So is commercialization 
 Get into this scene . I am not immune , Because of time 
 Investment is huge , It must be justified in some way . This is unfortunate. 
 As a result, video is sometimes more stimulated by exposure or products ,
 Not pure knowledge sharing ; And it's hard to find 
 Strike a balance between these opposing forces . It also led to the previous generation 
 Free video content for （SecurityTube、Cybrary、...） To put their content 
 Behind the pay wall .

   But I want to achieve an amazing positive business development 
 emphasize . In the past few years , Companies like Google sponsor a lot 
 Technology video [17]  Share insights into your own vulnerabilities 
 product . Who would have thought this would happen , When this 
 Communities used to be afraid of being prosecuted for anything .

  Google/YouTube  And other websites also have new problems 
 Large social media platforms . for example ,YouTube  There is a policy against 
 Some types of hacker videos [18], Lead to several 
 Video and even the entire channel . However , We should also pay attention to  99%  Of 
 Time this is an obvious mistake , The decision was overturned . 

     “ hackers ： Demonstrate how to use a computer or information 
       Designed to steal credentials 、 Compromised technology 
       Personal data or serious injury to others , for example （ but  
         Not limited to, ） Hacking into social media accounts .”
        - YouTube  Harmful or dangerous content policy 

   Can hacker videos be moral or immoral ？ This is a difficult topic 
 I often have conflicts with other creators . I believe there is 
 A way to make “ correct ” Tutorial method —— So far I haven't had any tutorials 
YouTube  The problem of ;）

   for example , I know  Google  Don't want a step-by-step video 
 When phishing happens , Script kid set up a bad phishing page guide 
 The second most common source of Google accounts [19]. and 
 This is not censorship , Because basic skills are very basic network 
 Development . So for me , The phishing tutorial is a bit deceptive 
 Unnecessarily hide the real “ hackers ” Skill  -  Network development . But I 
 I know that many of my colleagues disagree here .

   And then there was “ Hacker influencer ” The evolution of . It is important to 
 I was anonymous at first . But my view over the years 
 Slightly changed . I often think back to when I was sitting 
 Alone in my room trying to understand an article , And hope I have 
 The video I made today . So for me , Use social media and 
 Their algorithm feed maximizes exposure ; I hope to get in touch with that child 
 Trying to break through the wall I hit . Now I believe 
 My desire to make this information easy to find goes beyond 
 Limit educational resources to insignificant （ Or underground ） The place of .

  2019  year  TheCyber​​Mentor  Join the live broadcast foundation 
 stay  Twitch[20]  Take a free test course . It's kind of like OSCP
 material , Video only and free . I have tried before 
 Create a free penetration test course , for example  SecurityTube  or  Cybrary, as well as 
 Maybe the same is true of others . but TheCyber​​Mentor Undoubtedly the most 
 A successful article , Reached millions of views . This does not last 
 however , Since the establishment of the initial audience , He changed and left 
 Also enter paid courses .

   There are also some criticisms about the original content and adoption 
 The existing （ A written ） Tutorials and turn them into videos . There must be 
 Is the added value of improving the presentation . But there is also morality 
 On the issue of prominent sources . This affects newcomers in particular 
 Sometimes it is obvious that they follow the typical contours of others 
 material , No reference .

   In the past few years , There is also an interesting development 
 Topics covered by the video creator's scene . Because it has been completely 
 With “ Vulnerability bounty ” Mainly . Although I like to see a large influx 
 Motivated young people , It feels like this is the version of our community 
“ Get rich fast ” A scam . It has led to a huge demand for fee paying courses 
 And direct or indirect commitments to make you 
 Successful error hunters . At present, we seldom see anything except  bug  Other content 
 money reward , I want more diversity .

   Sometimes I think about how the hacker community is organized , And how to 
 The creator changed that . in the past , Communities are usually divided into 
 Topics of interest , Now the community is formed around personality .
 Sometimes it makes me a little uncomfortable , But it also leads to 
 Increased exposure to the hacker world （ It benefits the Creator 
 As the fan base grows ）.

   When culture changes away from 
 We grew up together . But back in my youth , I wish I had 
 It would have been easier to find such a place , instead of 
 Have to wait until I  20  I fell into it accidentally when I was more than ten years old .

   Besides making videos , There are more and more live broadcasts 
 tic . Most of them are dedicated to dealing with the problems from  HackTheBox  or  TryHackMe  The challenge of , this 
 It is a platform with commercial interests . This means that streaming media provides 
 Provide millions of dollars worth of free advertising for these platforms . In a 
 It's great to see so much , Unfortunately, there are fewer and fewer communities 
 It shows the directional wargame deduction /CTF. It covers a wide variety of topics 
 Very low .

   style （ Video screen 、 People talk and heavy editors ）, as well as 
 The skill levels of creators vary greatly . I don't mind? , Because there are so many kinds 
 Benefit all of us . As long as more people share their work , I'm happy 
 In video form . I would even like to see more beginners record their 
 travel . But deep down , My heart beats for senior professionals , such as 
 Geothermal energy at that time , Who wants us to look back .

   There are also some great channels today , For example, hardware researchers 
stacksmashing[21],gamozo, He has just developed a new operating system 
 For fuzzy testing [22]（ Absolutely crazy ） Or sneak back into the team 
 their  Pwn2Own  Award winning router hacker [23]; Those channels make me 
 excited .

   The popularity of hacker video , And the evolution of the entire Creator 
 scene , Only with the development of social media platforms .
 Their algorithms help us show our videos to those who don't 
 Know they're looking for them . With the rapid changes of the Internet , social contact 
 Media platforms are also changing , And now  TikTok  It seems to be a 
 An interesting platform to attract new audiences , But short format is not 
 Allow to cover in-depth topics .MalwareTech[24]  Take the lead in this regard 
 Millions of views .

--[ 4.  Last words 

   Unfortunately , There are too many creators today , I can't include 
 everyone . But please pay attention to , This article is dedicated to all of you .

   The following people helped me by sharing their articles 
 Empirical or factual verification information （ In alphabetical order ）：

BlindHacker, CryptoCat, gamozo, Gynvael, hacksplained, insiderphd, ipp,
 John Hammond , Justin Steven ,Murmurs,psifertex, Be cold ,stacksmashing,
superhero1, TheColonial, Zeta Two

   Pay tribute to the video creators in Poland and India . I don't understand 
 In a word , But you all seem very active and dedicated . Especially shout 
 To  geohot, Because without him  CTF  live broadcast , I wouldn't be here . and 
 towards  Gynvael  Shout , Because he is the first person I really care about 
 Acknowledge my work .

     “ Don't forget to like 、 Comments and subscriptions .”