The Official Offensive Security Podcast
By Offensive Security, Inc.
The one and only official podcast from Offensive Security, Inc. -- creators of the Kali OS, the OSCP certification, and the world's leading cybersecurity training
#11. Second-career pentester, Drew Kirkpatrick (@hoodoer)
Join our host TJNull as he stills down with Drew Kirkpatrick (@hoodoer), Senior Security Consultant at TrustedSec and former Senior Computer Scientist for the U.S. Navy. They discuss his second-career pentesting pursuits and how he made the transition to infosec from a different career. Find out which three skills are the most important to have in pentesting—and how they differ for internal pentesters vs. consultants. They also discuss hoodoer’s favorite tools for web app pentesting as well as some interesting stories from recent engagements he’s been on. Finally, hear some helpful advice for those who are working to become a pentester or enter the infosec field. Enjoy this week’s episode!
August 30, 2021
#10. Team Hashcat Contributor, Dustin Heywood (@EvilMog)
Listen in as our host TJNull chats with Dustin Heywood (@EvilMog), a contributor to Team Hashcat who has an extreme addiction to cracking hashes. In addition, he is a Black Badge Holder at DEF CON, DerbyCon, SkyDogCon, and THOTCON. After covering how EvilMog got into infosec, they discuss the most important quality for a pentester or red teamer: writing. Find out why EvilMog considers writing skills to be more important than technical skills when pentesting. Learn more about Team Hashcat as well and the Crack Me If You Can contest they competed in. TJNull and EvilMog get into some detail on how to crack a hash and EvilMog comments on custom wordlists and tools used. Join us for this exciting conversation. Enjoy!
August 23, 2021
#9. Red Teamers from Oracle: @ttimzen and @r00tkillah
In this episode, our host, FalconSpy, sits down with Topher Timzen (@ttimzen) and Michael Leibowitz (@r00tkillah), two red teamers from Oracle. They discuss a number of topics, including Topher’s and Michael’s DEF CON 27 Endpoint Detection & Response presentation. They dive into how they got into the infosec field and what makes them so passionate about it. Find out their answer to the age-old question: what's the difference between red teaming and pentesting? Plus, get their take on certifications and what you really need these days to be successful. Finally, as BSides Portland organizers, Topher and Michael give you a rundown on the process of developing a security conference. Enjoy!
August 6, 2021
#8. DEF CON Goon, Andy Gill (ZephrFish)
Our host, TJ Null, sat down with Andy Gill (ZephrFish) to hear lots of interesting stories from his 15+ years in infosec, including his experience as a Goon at DEF CON (he even met Elon Musk!). They discuss how he got started, his book on learning the ropes, important qualities every pentester and red teamer should have, and more. Hear what ZephrFish advises aspiring pentesters learn and get into before they embark on this path. They also discuss what ZephrFish would like to see changed in the infosec community and how to get there. Enjoy this week’s episode! Andy Gill on Twitter Breaking into Information Security: Learning the Ropes 101 (Andy’s book)
July 23, 2021
#7. Popular YouTuber talks offense/defense, imposter syndrome, gatekeeping, and more
Hear from Cybersecurity Meg, X-Force Cybersecurity Incident Responder for IBM and popular cybersecurity YouTuber, as she sits down with Harbinger and FalconSpy! They discuss a number of interesting topics, ranging from defense vs. offense and her CISSP journey to what inspired Meg to become a YouTube creator. They also discuss overcoming imposter syndrome and how to handle it as well as naysayers and gatekeepers. Hear about how to maintain mental health, specifically within the information security field, as well as ensuring work-life balance. Finally, learn what Meg has planned next, including earning her OSCP. Enjoy the episode! Meg on Twitter Meg on YouTube Meg's Discord community
June 25, 2021
#6. Chief OffSec content developers pull back the curtain on course development and what’s coming next
In this exciting episode, hear from OffSec’s chief content developers, Morten Schenk and Alex Uifalvi (Sickness). They discuss with hosts TJ Null and Jeremy Miller (Harbinger) a range of topics including course design, pedagogy, their own backgrounds, and exploit development. Learn about the philosophy behind OffSec’s courseware and their most important lesson learned to teach well. They also spill the details on upcoming projects they are working on as well as how to best prepare for an OffSec course. Finally, get tips on how many lab days are best for you, directly from OffSec. Enjoy the episode!
June 11, 2021
#5. Hear from DEF CON Black Badge, Social Engineering CTF winner: Alethe Denis!
In this action-packed episode, our host TJ Null sits down with Alethe Denis, to talk social engineering, red team, blue team, raising chickens, and everything in between! Learn why Alethe was honored by DEF CON with a Black Badge following her win of the Social Engineering Capture the Flag (CTF) contest at DEF CON 27. She shares her favorite tools for social engineering campaigns as well as the best way to gain trust and get the answers you need in a phishing campaign. Alethe breaks down what it takes to be a world-class social engineer. She also touches on her work with the Innocent Lives Foundation (ILF) and what you can do to help.
May 28, 2021
#4. S1REN on advice for women in Infosec, essential technical skills and more!
In this episode, hosts TJ Null and Harbinger talk infosec with S1REN, a very accomplished member of the community and a moderator of OffSec's Discord. Among other things, they discuss how S1REN got into infosec and why, some advice for women looking to get into infosec, and why BASH, Python, and TCP/IP are so essential for people to get into before getting into security. They also touch on good ways to break into infosec and some things S1REN would like to see changed in the infosec field.
May 14, 2021
#3. 0xdade on hacking and making music about the Infosec world
In this action-packed episode, hosts TJ Null and FalconSpy sit down with 0xdade. Here are some of topics they discuss: How 0xdade broke into InfoSec 0xdade’s OSCP advice The importance of note taking and communication skills in InfoSec The most important quality of a pentester or red teamer 0xdade’s project, Natlas - what it is and what it does Advice for those who want to develop and release their own tools for the community How 0xdade wound up writing and recording the hip-hop/rap song, “Red Team”
May 1, 2021
#2. BlindHacker on the importance supporting people with disabilities in cybersecurity
In this second episode of the Official Offensive Security Podcast, hosts TJ Null and Harbinger sit down with the very talented and respected Joe (BlindHacker), where they discuss the challenges and opportunities around improving accessibility for the disabled community in Infosec. BlindHacker provides insights and perspective on how we can all help to provide more accessibility options, considerations and accommodations to people across a range of disabilities -- and why it's critical for filling the skills gap in cybersecurity going forward.
April 13, 2021
#1. The best ways to prepare for PWK/OSCP -- learn how from the experts!
The best ways to prepare for PWK/OSCP -- learn how from the experts! In this first episode of the all-new, official Offensive Security Podcast, hear first hand from experts TJ Null, FalconSpy and Jeremy (Harbinger) share some of the latest, greatest and even lesser-known ways to prepare for the Penetration Testing with Kali (PWK, PEN-200) course in preparation for getting your OSCP certification. Real, frank talk from OffSec experts and OffSec community leaders!
March 22, 2021