David Bombal
David Bombal
Want to learn about IT? Want to get ahead in your career? Well, this is the right place!
On this channel, I discuss Python, Ethical Hacking, Networking, Network Automation, CCNA, Virtualization and other IT related topics.
This YouTube channel has new videos every week! Subscribe for technical, detailed, no fluff content.
David’s details:
Discord: https://discord.com/invite/usKSyzb
Twitter: https://www.twitter.com/davidbombal
Instagram: https://www.instagram.com/davidbombal
LinkedIn: https://www.linkedin.com/in/davidbombal
Facebook: https://www.facebook.com/davidbombal.co
Website: http://www.davidbombal.com
YouTube: https://www.youtube.com/davidbombal
All the best!
David
On this channel, I discuss Python, Ethical Hacking, Networking, Network Automation, CCNA, Virtualization and other IT related topics.
This YouTube channel has new videos every week! Subscribe for technical, detailed, no fluff content.
David’s details:
Discord: https://discord.com/invite/usKSyzb
Twitter: https://www.twitter.com/davidbombal
Instagram: https://www.instagram.com/davidbombal
LinkedIn: https://www.linkedin.com/in/davidbombal
Facebook: https://www.facebook.com/davidbombal.co
Website: http://www.davidbombal.com
YouTube: https://www.youtube.com/davidbombal
All the best!
David
Episodes
Mentioned books
Mar 23, 2026 • 10min
#562: Warning and demo: It's possible to Prompt Engineer Malware
Kieran Human, a security practitioner with ThreatLocker, demonstrates prompt-engineered malware techniques and live demos. He shows how LLM guardrails can be bypassed to generate PowerShell ransomware and data-stealing scripts. The conversation covers evading Defender, hiding malicious intent with comments, and testing risks for defenders.
Mar 18, 2026 • 30min
#561: Why 1 small network FAIL breaks your massive 2026 AI job
Hendrik Blokhuis, Cisco CTO for EMEA partners, and Gary Middleton, NTT Data networking lead in Europe, talk infrastructure pressures from AI. They unpack NeoClouds vs hyperscalers. They highlight data sovereignty, extreme power and cooling needs, single-point network failure risks, edge inferencing for robotics, and the urgent skills needed for 2026 networks.
Mar 18, 2026 • 58min
#560: The one BIG mistake you are making with DNS security today
Cricket Liu, longtime DNS expert and author of DNS and BIND, explains why DNS remains the internet’s weakest link. He contrasts encrypted DNS with protective DNS, outlines RPZ defenses, clarifies DNSSEC’s role as validation not encryption, and warns how encrypted DNS can be abused for exfiltration. He also highlights NIST SP 800-81 updates and practical hardening steps for real-world networks.
Mar 16, 2026 • 18min
#559: How Splunk unlocks the Agentic AI transition in 2026
They dig into how Splunk and Cisco Data Fabric prepare telemetry and time-series models for agentic AI in 2026. They cover Machine GPT, open-source time-series models on Hugging Face, and turnkey ingestion for enterprise data. They explore agentic security tools for SOC triage, malware mitigation, observability agents, and trust measures like monitoring and model drift.
Mar 16, 2026 • 25min
#558: Top 4 Web hacking demos for aspiring hackers (with labs and CTF)
Justin Gardner, a full-time bug bounty hunter and podcaster, walks through hands-on web-hacking demos and practical training. He demonstrates IDOR, broken client-side access controls, reflected XSS, and CSRF using only the browser. Short guidance on a 200-hour learning roadmap, labs to practice, and what it takes to start earning in bug bounty work.
18 snips
Mar 14, 2026 • 51min
#557: Every Reason Why I Hate AI and You Should Too
Marcus Hutchins, cybersecurity researcher known as MalwareTech who helped halt WannaCry, digs into the 2026 AI hype and why it distracts from real network risks. He recounts 'vibe coding' disasters, flaws in AI-generated security outputs, shrinking time-to-attack, and why mastering fundamentals beats chasing AI buzz. He also warns about reactive SOCs and why attackers are not flocking to generative AI.
Mar 14, 2026 • 26min
#556: Stop HARVEST Now DECRYPT Later Attacks: Survive Post Quantum Attacks
Ramana Kompella, Head of Research at Cisco OutShift and former networking professor, explains quantum networking, entanglement and teleportation. He warns about harvest-now-decrypt-later risks and outlines post-quantum security work and the Cisco–IBM partnership. He also highlights why linear algebra matters and why quantum timelines are sooner than many think.
Mar 10, 2026 • 48min
#555: VirtualBox VM Escape: Integer Overflow Explained Clearly
Vladimir Tokarev, a vulnerability researcher known for exploit development and AI-assisted security work. He walks through a Gemini CLI VSIX command-injection demo and a VirtualBox integer overflow that can enable VM-to-host memory corruption. He also outlines a practical workflow using static analysis plus LLM triage to find and validate real bugs.
8 snips
Mar 10, 2026 • 42min
#554: WHY Your Cheap Chinese IoT Camera Is A Network NIGHTMARE
Matt Brown, cybersecurity researcher and IoT penetration tester who builds educational hardware hacking tools. He demos his Man in the Middle Router for intercepting IoT TLS traffic. He walks through lab setup, transparent TLS interception with mitmproxy, and a live hack of a cheap Chinese camera that exposes credentials and cleartext API data.
Mar 3, 2026 • 35min
#553: AVOID the Grep Trap: Why Splunk is the Future of Networks
Intro to Splunk as a powerful replacement for manual grep-style searches. A primer on SPL and the new SPL2 search styles. Live demos analyzing web and Linux logs, field extraction, and building dashboards. Unusual real-world uses like train telemetry and even toilet monitoring. A showcase of AI Canvas for natural-language troubleshooting and alert-driven workflows.
