How to make good HACKING videos

LiveOverflow · Beginner ·🔐 Cybersecurity ·2y ago

Key Takeaways

LiveOverflow shares tips on creating engaging hacking videos, referencing their own experiences and collaborations with other hackers like John Hammond, and promoting resources like Hextree for learning hacking skills.

Full Transcript

you'll probably ask yourself what a weird Windows hotkey has to do with what makes a great hacking YouTube video well I will try to make a point in this video and for that we first have to start exploring what is up with that weird windows hotkey [Music] this video sponsored by hackstreet.io if you want to learn hacking with well-edited video courses go check it out Paul thorod wrote on Twitter that if you type Ctrl shift alt windows and then L LinkedIn will open up in your default browser and this is apparently an operating system hotkey that cannot be turned off I don't know where the suddenly appeared from but suddenly there were also articles here for example from The Verge today I learned this weird Windows keyboard shortcut opens LinkedIn and this article also included a list of other hotkeys that exist they are all part of the office key so there's a key combination to open LinkedIn word excel PowerPoint and so forth and while on regular keyboards it's like this weird combination of Ctrl shift Alton Windows there is actually a so-called office key on some like Microsoft keyboards so you just have to press that key plus l or W and so forth while the Tweet mentioned that there is no way to turn it off this article does link to a post where somebody explained how you can turn this Behavior off now personally I don't really care about this hotkey I don't really understand why people want to turn it off I feel like it's this General mistrust in Microsoft and people not liking that the operating system does something that they didn't agree on or they didn't enable also forth but I mean the operating system is full of stuff like this however the sentiment of I don't quite understand what the operating system is doing and that scares me I can actually agree with that like I have a similar feeling that's why I feel more comfortable with Linux because I have a little bit more of a feeling not that it's controlled by an either cooperation also but that I feel like I have more control and understanding of how everything works and so if you are one of the people that got like an uneasy feeling about a weird hotkey like this and you want to turn it off actually use this feeling as a motivation to dig deeper and understand how it works there's nothing scary about the hotkey but there are slots to learn from this and this is what John Hammond recognized as well and this is now where we finally come to the part where I want to explain what makes a good YouTube video or a good hacking educational YouTube video because John Hammond actually made a video called The Mysterious office key so what does this hotkey have to do with it security or cyber security why would John Hammond being a cyber security educator why would he make a video about that well if you watch this video it's not just like The Verge article just telling you about it you can actually see him using process monitor to look at what happens when he presses the hotkey and you can then watch him use that tool and navigate that tool his thinking and methodology and he noticed that when pressing this shortcut the operating system appears to look into the registry and he saw that it tries to read a value from classes Ms office app shell open command now in case you don't know process monitor process monitor is like a monitoring tool for Windows that gives you real-time information about if certain files are accessed if certain programs are executed or if registry files are accessed it gives you a lot of information about what the system is doing and in his video he was showing how he can use that tool to figure out what happens when you press that hotkey but that's not all that John Hammond does check out this clip from his video so if we wanted to there are a couple things that we could play with in that array of different registry keys that we could modify as a low privilege whatever user MS Office app here and that doesn't have the shell open command sub keys right and then if we set a default value here could we just toggle this to like calc or change it to any other executable or something that we want to run instead and then try to hit that hotkey and there we go oh cool now we can kind of run whatever we want here so do you see his playful approach like not being scared of the operating system not being intimidated by it but playful you know he saw that this registry value was red so let's see it does sound like you can execute some command let's enter a different command and let's see what happens he enters calc.exe and when he presses one of these shortcuts suddenly the calculator opens up now you probably clicked on this video because you were wondering about what makes a great hacking video and well this is kind of like my opinion my summary of what constitutes a good video and you can see it as an example in John Hammond's video first of all you need a great story something to capture to motivate the audience the viewer to watch and in this particular video case the motivation was this weird Windows key John Hammond saw that this was making its round on Twitter maybe it was sent to him and he thought that could be a cool motivating story selecting the right story can make all the difference of if it's gonna be a very popular video or not you you maybe never know in this case maybe it was not a super popular topic but I'm sure there were apparently some people that were confused about this key and so if somebody for whatever reason has an emotional connection maybe being annoyed that Windows does something weird whatever the reason might be some people might now be motivated to watch this video to learn more about this weird hot tea and that's the hook that's the story so now you have figured out the story and that might motivate a person to watch but what about the technical part generally there are two ways how technical stuff can be taught you can just tell people how it is like John Hammond could have just said well here's the registry key and this is how you can modify it or change it like this is kind of like the old school teacher approach just telling how it is but the much more interesting part something that I want to always do with my videos and that's also what John Hammond is doing and that's also why I think his channel belongs to the more popular channels is that he's actually investigating he has a methodology there's like a scientific process there's a playful approach to it there's a let's try this and see what happens and when we see that happens let's play around with this if you watch this video pay attention to that this is exactly what you can observe he enters a command and then notices an error and then reacts to this Arrow makes assumptions about this Arrow adjusts and tests something else so now the video is not just a story but it also shows you the methodology of how professional work looks like in this moment you look a professional over-the-shoulder doing actual work it's not just news and information dump it's you are learning how to do the work yourself and now on top of that comes the third component and that is actually the tool itself maybe you didn't know about process monitor before 4 but now you see John Hammond using it and by seeing how he uses it you immediately develop an intuition how to use this tool yourself you didn't have to watch any tutorial specifically process monitor you didn't go into this video for process monitor but if you were motivated by the story you stayed for the investigation part now accidentally you learned about process Monitor and how to use it and what it is useful for all within a weird YouTube video and as I mentioned that's something that I also try to do with my videos as well the Game Boy hacking series for example which I collaborated on with section is a good example for my videos for that because in this case I'm using Pokemon as a hook this is the story investigating this childhood game lots of people have a Nostalgia feeling about it so that is a story that might hook the people and make it motivated but then I'm not just telling you about a certain glitch or how something works we are investigating it together we are developing tools together to investigate the memory and play around with it and so along this whole way you can learn lots of stuff about low level programming and yeah the game how it works itself all right now I told you about what I think makes a good YouTube video but I do hope that you also see how this can be translated into other mediums I do think these three components are very important for any technical beat blog post or also a talk having a story that hooks people show the investigation show the process the methodology how you move forward your thinking and then of course part of it along the way you teach you know the hard technical facts be the tool or something else but before we end this video Let's quickly cycle back again to the specific shortcut example because there was as I mentioned in the Verge article a way to disable this command so let's look at how to disable this command well this write-up says you have to run the following command as an administrator and look here what it does it says registry ad and then exactly the registry key that also John Hammond figured out then it sets the allow you to run dll 32 so here you can see the default registry which doesn't have this value and now you want to disable this hotkey so see what happens now there is a run dll32 entry so do you know what that means when you want to disable the command you don't really disable the command you just specify a program that really doesn't do anything instead so when you press your hotkey it's not disabled you are actually executing run dll32 so run dll is actually a program where you can pass in a dll name and then it will try to run that dll but if you have seen John Hammond's video and you see that actually when you execute a command with the hotkey then it actually passes an argument to that program so run dll is actually called with a string as a dll name it will attempt to run a dll that is interesting right well I thought two but we are here on live underflow which is full of low effort videos this is not the main Channel live overflow so you are left to your own devices to figure out if that is a security issue or not well to be completely honest with you I just realized this literally right now during recording I had not planned for this if I had planned I would have prepared and tested it out myself but during recording while revisiting this topic I just realized that you actually probably call run dll l32 with this other parameter and I have no clue what the implications of that are so yeah still interesting I think remember that I collaborated with stack smashing on the Gameboy series well we are also Building Together an online training platform to learn hacking on hexade.io we are building courses around web hacking but also reverse engineering and exploitation we are still in the early phases we are right now in the closed beta but eventually we will open up so you can go now on hex3.io and put yourself into a waiting list and if you watch this far into the future then hopefully hex Trio already launched so go check it out

Original Description

Learn Hacking (ad): https://hextree.io/ Buy my font (ad): https://shop.liveoverflow.com/ John Hammond: https://www.youtube.com/watch?v=1zGwA1qMGvM GameBoy Hacking: https://www.youtube.com/playlist?list=PLniOzp3l9V82onKsktyyKlIenAAUj45Mk =[ 📄 Info. ]= Main Channel: https://youtube.com/@LiveOverflow Support LiveOverflow: → per Video: https://www.patreon.com/join/liveoverflow → per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join =[ 🐕 Social ]= → Twitter: https://twitter.com/LiveOverflow/ → Instagram: https://instagram.com/LiveOverflow/ → TikTok: https://www.tiktok.com/@liveoverflow_ → Twitch: https://twitch.tv/LiveOverflow → Website: https://liveoverflow.com/ → Subreddit: https://www.reddit.com/r/LiveOverflow/ → Facebook: https://www.facebook.com/LiveOverflow/ =[ 📄 P.S. ]= Hack the Planet!
Watch on YouTube ↗ (saves to browser)
Sign in to unlock AI tutor explanation · ⚡30

Playlist

Uploads from LiveUnderflow · LiveUnderflow · 37 of 42

1 BUILDING AN 8-BIT COMPUTER FROM SCRATCH #2 (Full Stream)
BUILDING AN 8-BIT COMPUTER FROM SCRATCH #2 (Full Stream)
LiveUnderflow
2 LiveOverflow's Makeup Tutorial #1
LiveOverflow's Makeup Tutorial #1
LiveUnderflow
3 MakeUp Tutorial for Streaming and YouTube
MakeUp Tutorial for Streaming and YouTube
LiveUnderflow
4 MurmusCTF, SSD CTF Challenge, Google CTF writeups - PwnNews 27/06/19
MurmusCTF, SSD CTF Challenge, Google CTF writeups - PwnNews 27/06/19
LiveUnderflow
5 Google CTF 2019 Chat - Looking at Writeups
Google CTF 2019 Chat - Looking at Writeups
LiveUnderflow
6 Discussing Hacking Videos - Community Guidelines YouTube
Discussing Hacking Videos - Community Guidelines YouTube
LiveUnderflow
7 Hacking Skills Perspective
Hacking Skills Perspective
LiveUnderflow
8 Chatting about Cryptography and Exploit Regulations
Chatting about Cryptography and Exploit Regulations
LiveUnderflow
9 BUILDING AN 8-BIT COMPUTER FROM SCRATCH #1 (Full Stream)
BUILDING AN 8-BIT COMPUTER FROM SCRATCH #1 (Full Stream)
LiveUnderflow
10 BUILDING AN 8-BIT COMPUTER FROM SCRATCH #3 (Full Stream)
BUILDING AN 8-BIT COMPUTER FROM SCRATCH #3 (Full Stream)
LiveUnderflow
11 BUILDING AN 8-BIT COMPUTER FROM SCRATCH #4 (Full Stream)
BUILDING AN 8-BIT COMPUTER FROM SCRATCH #4 (Full Stream)
LiveUnderflow
12 Studying Cybersecurity in USA vs. Germany | ReHacked
Studying Cybersecurity in USA vs. Germany | ReHacked
LiveUnderflow
13 Examining JavaScript Inter-Process Communication in Firefox | Watch Together & Q&A
Examining JavaScript Inter-Process Communication in Firefox | Watch Together & Q&A
LiveUnderflow
14 Reading SECRET U.S. Air Force HACKING Document!!
Reading SECRET U.S. Air Force HACKING Document!!
LiveUnderflow
15 Why Don't Use alert(1) for XSS? | Watch Together + Q&A
Why Don't Use alert(1) for XSS? | Watch Together + Q&A
LiveUnderflow
16 Escaping from JavaScript Sandbox (AngularJS)
Escaping from JavaScript Sandbox (AngularJS)
LiveUnderflow
17 Why proofing impact for every XSS is "dumb" - Bug Bounty Reports
Why proofing impact for every XSS is "dumb" - Bug Bounty Reports
LiveUnderflow
18 Password Cracking Explained | ReHacked
Password Cracking Explained | ReHacked
LiveUnderflow
19 HTTP Desync Attack Explained With Paper
HTTP Desync Attack Explained With Paper
LiveUnderflow
20 Better than Stack Overflow for Development
Better than Stack Overflow for Development
LiveUnderflow
21 Thumbnail A/B Test Experiment for CTR
Thumbnail A/B Test Experiment for CTR
LiveUnderflow
22 How To Exploit a Heap Overflow
How To Exploit a Heap Overflow
LiveUnderflow
23 Log4Shell | Bug Bounty Public Service Announcement #shorts
Log4Shell | Bug Bounty Public Service Announcement #shorts
LiveUnderflow
24 New Details on Commercial Spyware Vendor Variston - Revisiting Firefox Sandbox Escape
New Details on Commercial Spyware Vendor Variston - Revisiting Firefox Sandbox Escape
LiveUnderflow
25 Can AI Hack Websites with XSS? #ChatGPT
Can AI Hack Websites with XSS? #ChatGPT
LiveUnderflow
26 ping Vulnerability Patch Analysis (with #ChatGPT) - CVE-2022-23093
ping Vulnerability Patch Analysis (with #ChatGPT) - CVE-2022-23093
LiveUnderflow
27 Using CodeQL to Investigate GraphQL Resolvers
Using CodeQL to Investigate GraphQL Resolvers
LiveUnderflow
28 Security Issue Found in US Gov CISA Tool?
Security Issue Found in US Gov CISA Tool?
LiveUnderflow
29 Using joern to Find GraphQL Authorization Issue
Using joern to Find GraphQL Authorization Issue
LiveUnderflow
30 Analytics from 7 Years on YouTube...
Analytics from 7 Years on YouTube...
LiveUnderflow
31 3D Printer Researching Igus Bearings - Prusa i3 MK3S+ (part 3)
3D Printer Researching Igus Bearings - Prusa i3 MK3S+ (part 3)
LiveOverflow
32 Attacking VSCode Extension from Browser? - Live Security Research
Attacking VSCode Extension from Browser? - Live Security Research
LiveOverflow
33 I Don't Trust Websites! - The Everything API with ChatGPT
I Don't Trust Websites! - The Everything API with ChatGPT
LiveOverflow
34 Do Hackers Need To Know Algorithms and Data Structures?
Do Hackers Need To Know Algorithms and Data Structures?
LiveOverflow
35 "Remove the video as soon as possible"
"Remove the video as soon as possible"
LiveOverflow
36 Arm®-based Video
Arm®-based Video
LiveOverflow
How to make good HACKING videos
How to make good HACKING videos
LiveOverflow
38 LEEROY fällt auf HACKER rein?
LEEROY fällt auf HACKER rein?
LiveOverflow
39 Hacking for an Intelligence Agency
Hacking for an Intelligence Agency
LiveOverflow
40 Tier List of My Worst Tweets
Tier List of My Worst Tweets
LiveOverflow
41 Step by Step Phishing Setup Tutorials are Unethical!
Step by Step Phishing Setup Tutorials are Unethical!
LiveOverflow
42 Hacker Reacts to 23andme Data Leak
Hacker Reacts to 23andme Data Leak
LiveOverflow

To make good hacking videos, focus on engaging storytelling, collaborate with other hackers, and leverage social media platforms to build a community around your content. LiveOverflow shares their own strategies and promotes resources for learning hacking skills.

Key Takeaways
  1. Define your niche in hacking
  2. Develop an engaging storytelling style
  3. Collaborate with other hackers
  4. Leverage social media platforms
  5. Promote resources for learning hacking skills
💡 Building a community around your hacking content is crucial for its success and for promoting cybersecurity awareness.

Related AI Lessons

eCPPTv3 Review
Learn from a firsthand experience of taking the eCPPTv3 exam and gain insights into the certification process
Medium · Cybersecurity
Next-Gen Endpoint Protection Software: Securing Remote Employees Against Modern Cyber Threats
Learn how next-gen endpoint protection software secures remote employees against modern cyber threats and why it matters for business operations
Medium · Cybersecurity
Understanding NAT (Network Address Translation): How Multiple Devices Share a Single Public IP…
Learn how NAT enables multiple devices to share a single public IP address, enhancing network security and efficiency
Medium · Cybersecurity
Why the EC-Council 312-41 Practice Test Is Essential for Certification Success
Boost your EC-Council 312-41 certification chances with practice tests, essential for assessing knowledge and understanding of exam objectives
Dev.to AI
Up next
Cyber security threats @FameWorldEducationalHub #cybersecurity #threats #shorts #ytshorts
FAME WORLD EDUCATIONAL HUB
Watch →