Learn hacking (ad): https://www.hextree.io What does it take to fix a vulnerability in Firefox and release an Update? part 1: https://www.youtube.com/watch?v=YQEq5s4SRxY part 2: https://www.youtube.com/watch?v=uXW_1hepfT4 part 3: https://www.youtube.com/watch?v=NT1VCmJF3mU part 4: https://www.youtube.com/watch?v=x4CUAuwoZVk (Spoilers) Firefox Security Response to pwn2own 2025: https://blog.mozilla.org/security/2025/05/17/firefox-security-response-to-pwn2own-2025/ =[ ❤️ Support ]= → My courses: https://www.hextree.io/ → My font: https://shop.liveoverflow.com/ → per Video: https://www.patreon.com/join/liveoverflow → per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join 2nd Channel: https://www.youtube.com/LiveUnderflow =[ 🐕 Social ]= → LinkedIn: https://www.linkedin.com/in/liveoverflow → X / Twitter: https://x.com/LiveOverflow/ → Instagram: https://instagram.com/LiveOverflow/ → Streaming: https://twitch.tv/LiveOverflow/ → TikTok: https://www.tiktok.com/@liveoverflow_ → Blog: https://liveoverflow.com/

Learn hacking (ad): https://www.hextree.io We talk to Manfred Paul and learn about his research process. We also dive into the technical details about his JIT bug and learn about the optimization he exploited. part 1: https://www.youtube.com/watch?v=YQEq5s4SRxY part 2: https://www.youtube.com/watch?v=uXW_1hepfT4 part 3: https://www.youtube.com/watch?v=NT1VCmJF3mU part 4: https://www.youtube.com/watch?v=x4CUAuwoZVk (Spoilers) Firefox Security Response to pwn2own 2025: https://blog.mozilla.org/security/2025/05/17/firefox-security-response-to-pwn2own-2025/ =[ ❤️ Support ]= → My courses: https://www.hextree.io/ → My font: https://shop.liveoverflow.com/ → per Video: https://www.patreon.com/join/liveoverflow → per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join 2nd Channel: https://www.youtube.com/LiveUnderflow =[ 🐕 Social ]= → LinkedIn: https://www.linkedin.com/in/liveoverflow → X / Twitter: https://x.com/LiveOverflow/ → Instagram: https://instagram.com/LiveOverflow/ → Streaming: https://twitch.tv/LiveOverflow/ → TikTok: https://www.tiktok.com/@liveoverflow_ → Blog: https://liveoverflow.com/

Learn hacking (ad): https://www.hextree.io What happens in the Pwn2Own disclosure room? Let's find out in part 2 of my short documentary about how Mozilla fixes 0days. part 1: https://www.youtube.com/watch?v=YQEq5s4SRxY part 2: https://www.youtube.com/watch?v=uXW_1hepfT4 part 3: https://www.youtube.com/watch?v=NT1VCmJF3mU part 4: https://www.youtube.com/watch?v=x4CUAuwoZVk (Spoilers) Firefox Security Response to pwn2own 2025: https://blog.mozilla.org/security/2025/05/17/firefox-security-response-to-pwn2own-2025/ =[ ❤️ Support ]= → My courses: https://www.hextree.io/ → My font: https://shop.liveoverflow.com/ → per Video: https://www.patreon.com/join/liveoverflow → per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join 2nd Channel: https://www.youtube.com/LiveUnderflow =[ 🐕 Social ]= → LinkedIn: https://www.linkedin.com/in/liveoverflow → X / Twitter: https://x.com/LiveOverflow/ → Instagram: https://instagram.com/LiveOverflow/ → Streaming: https://twitch.tv/LiveOverflow/ → TikTok: https://www.tiktok.com/@liveoverflow_ → Blog: https://liveoverflow.com/

Learn hacking (ad): https://www.hextree.io Pwn2Own 2025 was happening in Berlin and I got the opportunity to follow Mozilla into the disclosure room and document how Mozilla fixes critical vulnerabilities. part 1: https://www.youtube.com/watch?v=YQEq5s4SRxY part 2: https://www.youtube.com/watch?v=uXW_1hepfT4 part 3: https://www.youtube.com/watch?v=NT1VCmJF3mU part 4: https://www.youtube.com/watch?v=x4CUAuwoZVk (Spoilers) Firefox Security Response to pwn2own 2025: https://blog.mozilla.org/security/2025/05/17/firefox-security-response-to-pwn2own-2025/ Sorry for the long delay of this video... Permiere Pro hated me in this project and 2025 was a shit year. =[ ❤️ Support ]= → My courses: https://www.hextree.io/ → My font: https://shop.liveoverflow.com/ → per Video: https://www.patreon.com/join/liveoverflow → per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join 2nd Channel: https://www.youtube.com/LiveUnderflow =[ 🐕 Social ]= → LinkedIn: https://www.linkedin.com/in/liveoverflow → X / Twitter: https://x.com/LiveOverflow/ → Instagram: https://instagram.com/LiveOverflow/ → Streaming: https://twitch.tv/LiveOverflow/ → TikTok: https://www.tiktok.com/@liveoverflow_ → Blog: https://liveoverflow.com/

I met Jonathan in 2018 at the CCC when he was just 18 years old. Back then he referenced my videos which had a little bit of impact on his life. Now a lot of time has passed and in this interview I want to get to know Jonathan better. How did he get into hacking, founding of the CTF team perfect blue, working as a vulnerability researcher and ultimately transitioning into a new career. From Zero to Zero Day (2018): https://www.youtube.com/watch?v=xp1YDOtWohw Jonathan on Twitter: https://x.com/j0nathanj 00:00:00 - How we met 00:02:16 - Jonathan's early life 00:04:24 - Going to college as a teenager 00:18:52 - Meeting like-minded people in CTF 00:27:29 - Getting first VR internship at Checkpoint 00:32:34 - Creating opportunities through networking 00:43:40 - Working at Microsoft Security Response Center (MSRC) 00:51:23 - Mandatory military service 00:58:33 - Moving from hacking to building teams 01:08:26 - Joining a startup 01:17:56 - From Computers to Humans 01:23:20 - Summary =[ ❤️ Support / Ads ]= → My courses: https://www.hextree.io/ → My font: https://shop.liveoverflow.com/ → Support per video: https://www.patreon.com/join/liveoverflow → Support per month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join 2nd Channel: https://www.youtube.com/LiveUnderflow =[ 🐕 Social ]= → LinkedIn: https://www.linkedin.com/in/liveoverflow → X / Twitter: https://x.com/LiveOverflow/ → Instagram: https://instagram.com/LiveOverflow/ → Streaming: https://twitch.tv/LiveOverflow/ → TikTok: https://www.tiktok.com/@liveoverflow_ → Blog: https://liveoverflow.com/

An amazing event for aspiring German hackers is happening right now. I went to the finals in 2024, share a few impressions and tell you about this year's event. Learn hacking: https://www.hextree.io/ (ad) CSCG 2025 runs from 1. March 2025 until 1. May 2025 Rules: https://play.cscg.live/rules Die Hacking Meisterschaft: https://hacking-meisterschaft.de/ NFITS: https://nfits.de/spenden/ European Cybersecurity Challenge: https://ecsc.eu/ 00:00 - Intro DHM 2024 00:52 - CTF Teams vs. CSCG Teams 01:48 - Sponsor Challenges 03:04 - My CSCG History 04:18 - NFITS 05:06 - Die Deutsche Hacking Meisterschaft (DHM) 07:00 - Take the Opportunity! 07:47 - Outro =[ ❤️ Support ]= → My courses: https://www.hextree.io/ → My font: https://shop.liveoverflow.com/ → per Video: https://www.patreon.com/join/liveoverflow → per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join 2nd Channel: https://www.youtube.com/LiveUnderflow =[ 🐕 Social ]= → LinkedIn: https://www.linkedin.com/in/liveoverflow → X / Twitter: https://x.com/LiveOverflow/ → Instagram: https://instagram.com/LiveOverflow/ → Streaming: https://twitch.tv/LiveOverflow/ → TikTok: https://www.tiktok.com/@liveoverflow_ → Blog: https://liveoverflow.com/

When auditing code it's crucial to know about common issues. In this video we explore a Go issue that I was not aware of. Learn hacking on https://www.hextree.io/ (ad) 38c3 CTF - Fajny Jagazyn Wartości Kluczy: https://2024.ctf.link/internal/challenge/fb03748d-7e94-4ca2-8998-a5e0ffcbd761/ Unintended solution: https://msanft.foo/blog/hxp-38c3-web-fajny-jagazyn/ Challenge author writeup: https://hxp.io/blog/114/hxp-38C3-CTF-Fajny-Jagazyn-Wartoci-Kluczy/ VSCode Go debugger client code: https://github.com/golang/vscode-go/blob/39786ea90f18ab98f75d091b9a04367d1b1df82c/extension/src/debugAdapter/goDebug.ts#L1557 00:00 - Intro 00:20 - Go gjson vs json behavior 01:33 - Overview CTF challenge "Fajny Jagazyn Wartości Kluczy" 04:33 - Weird server setup? 05:55 - Arbitrary file read 07:00 - /proc filesystem trick 08:01 - Unintended solution 09:14 - What was the intended solution? 12:58 - Exploiting Go race condition 13:58 - Outro =[ ❤️ Support ]= → My courses: https://www.hextree.io/ → My font: https://shop.liveoverflow.com/ → per Video: https://www.patreon.com/join/liveoverflow → per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join 2nd Channel: https://www.youtube.com/LiveUnderflow =[ 🐕 Social ]= → LinkedIn: https://www.linkedin.com/in/liveoverflow → X / Twitter: https://x.com/LiveOverflow/ → Instagram: https://instagram.com/LiveOverflow/ → Streaming: https://twitch.tv/LiveOverflow/ → TikTok: https://www.tiktok.com/@liveoverflow_ → Blog: https://liveoverflow.com/

"There are not that many people that do Android research [...] There is no lack of targets. If people would actually look, there is lots to it. The scope is huge." - This is a conversation with Kristoffer Blasiak about Google's Mobile Vulnerability Rewards Program (VRP). Learn Android Hacking (ad): https://hextree.io/hextree-x-google Mobile VRP: https://bughunters.google.com/about/rules/android-friends/6618732618186752/google-mobile-vulnerability-reward-program-rules 00:00 - Introducing Kristoffer and Mobile VRP 01:38 - What happens when you submit a bug 05:07 - Android app bug bounty opportunities 08:38 - "There is no lack of targets" 13:06 - The side-loading threat model 17:00 - Bugs in Android app vs. web app 23:30 - Hextree sponsored by Google =[ ❤️ Support ]= → per Video: https://www.patreon.com/join/liveoverflow → per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join 2nd Channel: https://www.youtube.com/LiveUnderflow =[ 🐕 Social ]= → Twitter: https://twitter.com/LiveOverflow/ → Streaming: https://twitch.tvLiveOverflow/ → TikTok: https://www.tiktok.com/@liveoverflow_ → Instagram: https://instagram.com/LiveOverflow/ → Blog: https://liveoverflow.com/ → Subreddit: https://www.reddit.com/r/LiveOverflow/ → Facebook: https://www.facebook.com/LiveOverflow/

Want to learn more about hacking? Checkout our courses on https://www.hextree.io (ad) I have spent many hours looking at the webp vulnerability used in the 0day attack against iPhones. In the past videos we have seen why fuzzers have a hard time finding the issue, so I wanted to understand how this was discovered. And I think I have a good theory! Part 1: Huffman Tables https://youtu.be/lAyhKaclsPM Part 2: Fuzzing libwebp https://youtu.be/PJLWlmp8CDM Sources: https://citizenlab.ca/2023/09/blastpass-nso-group-iphone-zero-click-zero-day-exploit-captured-in-the-wild/ https://googleprojectzero.blogspot.com/2019/08/the-fully-remote-attack-surface-of.html https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-1.html https://googleprojectzero.blogspot.com/2021/01/a-look-at-imessage-in-ios-14.html https://github.com/seemoo-lab/frida-scripts/blob/main/scripts/libdispatch.js https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-into-nso-zero-click.html https://citizenlab.ca/2023/04/nso-groups-pegasus-spyware-returns-in-2022/ https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-into-nso-zero-click.html https://github.com/libjxl/libjxl/blob/4b9dbde293f7f282b6952a02340300abfca2b184/lib/jxl/huffman_table.cc#L51 https://github.com/webmproject/libwebp/blob/7861947813b7ea02198f5d0b46afa5d987b797ae/src/dec/vp8l_dec.c#L86C3-L86C76 https://github.com/Tencent/mars/blob/9ab46e19ed3d4fcafe9d0de4b36547321f5ead83/mars/comm/windows/zlib/inftrees.h#L41 https://github.com/google/brunsli/blob/master/c/enc/jpeg_huffman_decode.h#L20 00:00 - Intro 01:18 - The iPhone Remote Attack Surface 02:49 - Targeting iMessage 04:04 - Dangerous Parsing / BlastDoor 06:53 - Image I/O and libwebp 08:11 - A Pattern of Image Vulnerabilities 09:28 - Huffman Tables are Everywhere! 10:50 - My Theory: known issue with enough.c 13:50 - Outro =[ ❤️ Support ]= → per Video: https://www.patreon.com/join/liveoverflow → per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join 2nd Channel: https://www.youtube.com/LiveUnderflow =[ 🐕 Social ]= → Twitter: https://twitter.com/LiveOverflow/ → Streaming: https://twitch.tv/LiveOverflow/ → TikTok: https://www.tiktok.com/@liveoverflow_ → Instagram: https://instagram.com/LiveOverflow/ → Blog: https://liveoverflow.com/ → Subreddit: https://www.reddit.com/r/LiveOverflow/ → Facebook: https://www.facebook.com/LiveOverflow/

Want to learn more about hacking? Checkout our courses on https://www.hextree.io (ad) I have spent many hours looking at the webp vulnerability used in the 0day attack against iPhones. In the past videos we have seen why fuzzers have a hard time finding the issue, so I wanted to understand how this was discovered. And I think I have a good theory! Part 1: Huffman Tables https://youtu.be/lAyhKaclsPM Part 2: Fuzzing libwebp https://youtu.be/PJLWlmp8CDM Sources: https://citizenlab.ca/2023/09/blastpass-nso-group-iphone-zero-click-zero-day-exploit-captured-in-the-wild/ https://googleprojectzero.blogspot.com/2019/08/the-fully-remote-attack-surface-of.html https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-1.html https://googleprojectzero.blogspot.com/2021/01/a-look-at-imessage-in-ios-14.html https://github.com/seemoo-lab/frida-scripts/blob/main/scripts/libdispatch.js https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-into-nso-zero-click.html https://citizenlab.ca/2023/04/nso-groups-pegasus-spyware-returns-in-2022/ https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-into-nso-zero-click.html https://github.com/libjxl/libjxl/blob/4b9dbde293f7f282b6952a02340300abfca2b184/lib/jxl/huffman_table.cc#L51 https://github.com/webmproject/libwebp/blob/7861947813b7ea02198f5d0b46afa5d987b797ae/src/dec/vp8l_dec.c#L86C3-L86C76 https://github.com/Tencent/mars/blob/9ab46e19ed3d4fcafe9d0de4b36547321f5ead83/mars/comm/windows/zlib/inftrees.h#L41 https://github.com/google/brunsli/blob/master/c/enc/jpeg_huffman_decode.h#L20 00:00 - Intro 01:18 - The iPhone Remote Attack Surface 02:49 - Targeting iMessage 04:04 - Dangerous Parsing / BlastDoor 06:53 - Image I/O and libwebp 08:11 - A Pattern of Image Vulnerabilities 09:28 - Huffman Tables are Everywhere! 10:50 - My Theory: known issue with enough.c 13:50 - Outro =[ ❤️ Support ]= → per Video: https://www.patreon.com/join/liveoverflow → per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join 2nd Channel: https://www.youtube.com/LiveUnderflow =[ 🐕 Social ]= → Twitter: https://twitter.com/LiveOverflow/ → Streaming: https://twitch.tv/LiveOverflow/ → TikTok: https://www.tiktok.com/@liveoverflow_ → Instagram: https://instagram.com/LiveOverflow/ → Blog: https://liveoverflow.com/ → Subreddit: https://www.reddit.com/r/LiveOverflow/ → Facebook: https://www.facebook.com/LiveOverflow/

During DEF CON and Black Hat, Google invited me to give a talk about Android hacking to students as part of init.g at the University Nevada, Las Vegas. In this talk I share my "trick" how to get into Android hacking and reverse engineering, which can also be adapted to any other topic. Learn android hacking (ad): https://app.hextree.io/map/android Watch my Vegas Vlog: https://www.youtube.com/watch?v=bhQ6FF3fCdA Article about the init.g event: https://www.unlv.edu/announcement/academics/google-sponsors-initgvegas-student-event-unlv-during-defcon =[ ❤️ Support ]= → per Video: https://www.patreon.com/join/liveoverflow → per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join 2nd Channel: https://www.youtube.com/LiveUnderflow =[ 🐕 Social ]= → Twitter: https://twitter.com/LiveOverflow/ → Streaming: https://twitch.tvLiveOverflow/ → TikTok: https://www.tiktok.com/@liveoverflow_ → Instagram: https://instagram.com/LiveOverflow/ → Blog: https://liveoverflow.com/ → Subreddit: https://www.reddit.com/r/LiveOverflow/ → Facebook: https://www.facebook.com/LiveOverflow/

My second time in Las Vegas for DEF CON and Black Hat. Lots has changed since I have been here 6 years ago. This trip was quite emotional for me and I am so grateful for the experience. Hope to meet you all again. Learn hacking (ad): https://app.hextree.io/ Buy our Faultier (US): https://1bitsquared.com/collections/embedded-hardware/products/faultier Google x Hextree Android Courses: https://www.hextree.io/hextree-x-google Raspberry Pi Hacking Challenge: https://www.hextree.io/rp2350 Embedded System Village: https://embeddedvillage.org/ My previous DEF CON 26 (6 years ago) Vlog: - https://youtu.be/B8saYocsI-U - https://www.youtube.com/watch?v=RXgp4cDbiq4 =[ ❤️ Support ]= → per Video: https://www.patreon.com/join/liveoverflow → per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join 2nd Channel: https://www.youtube.com/LiveUnderflow =[ 🐕 Social ]= → Twitter: https://twitter.com/LiveOverflow/ → Streaming: https://twitch.tvLiveOverflow/ → TikTok: https://www.tiktok.com/@liveoverflow_ → Instagram: https://instagram.com/LiveOverflow/ → Blog: https://liveoverflow.com/ → Subreddit: https://www.reddit.com/r/LiveOverflow/ → Facebook: https://www.facebook.com/LiveOverflow/

A guide on how to do fuzzing with AFL++ in an attempt to rediscover the libwebp vulnerability CVE-2023-4863 that was used to hack iPhones. Want to learn hacking? Signup to https://hextree.io (ad) Buy my shitty font: https://shop.liveoverflow.com/ (ad) Watch webp Part 1: https://www.youtube.com/watch?v=lAyhKaclsPM Sudo Vulnerability Series: https://www.youtube.com/playlist?list=PLhixgUqwRTjy0gMuT4C3bmjeZjuNQyqdx Docker Video: https://www.youtube.com/watch?v=-YnMr1lj4Z8 OSS-Fuzz: https://github.com/google/oss-fuzz OSS-Fuzz libwebp coverage: https://storage.googleapis.com/oss-fuzz-coverage/libwebp/reports/20230901/linux/src/libwebp/src/utils/report.html AFLplusplus: https://github.com/AFLplusplus/AFLplusplus/blob/stable/docs/fuzzing_in_depth.md vanhauser's blog: https://www.srlabs.de/blog-post/advanced-fuzzing-unmasks-elusive-vulnerabilities vanhauser/thc on twitter: https://twitter.com/hackerschoice AFLpluslus Persistent Mode: https://github.com/AFLplusplus/AFLplusplus/blob/0c054f520eda67b7bb15f95ca58c028e9b68131f/instrumentation/README.persistent_mode.md Grab the code: https://github.com/LiveOverflow/webp-CVE-2023-4863 =[ ❤️ Support ]= Find out how you can support LiveOverflow: https://liveoverflow.com/support/ =[ 🐕 Social ]= → 2nd Channel: https://www.youtube.com/LiveUnderflow → Twitter: https://twitter.com/LiveOverflow/ → Streaming: https://twitch.tvLiveOverflow/ → TikTok: https://www.tiktok.com/@liveoverflow_ → Instagram: https://instagram.com/LiveOverflow/ → Blog: https://liveoverflow.com/ → Subreddit: https://www.reddit.com/r/LiveOverflow/ → Facebook: https://www.facebook.com/LiveOverflow/ Chapters: 00:00 - Intro 00:36 - How to Learn About Fuzzing? 02:36 - Setting Up Fuzzing With AFL++ 04:53 - My Docker Workflow for Fuzzing 06:35 - AFL++ Different Coverage Strategies 09:50 - Start the libwebp Fuzzing Campaign 11:58 - Adjusting the Fuzzer 13:45 - Why Don't We Find a Crash? 15:49 - Fuzzing with AFL++ Persistent Mode 19:47 - Persistent Mode Fuzzing Results 20:46 - Finding the Vulnerability in 8s

Citizenlab discovered BLASTPASS, a 0day being actively exploited in the image format WebP. Known as CVE-2023-4863 and CVE-2023-41064, an issue in webp's build huffman table function can lead to a heap buffer overflow. This vulnerability is very interesting and I'm excited to share with you what I learned. Want to learn hacking? Signup to https://hextree.io (ad) Buy my shitty font: https://shop.liveoverflow.com/ (ad) WebP Fix Commit: https://chromium.googlesource.com/webm/libwebp/+/902bc9190331343b2017211debcec8d2ab87e17a Citizenlab: https://citizenlab.ca/2023/09/blastpass-nso-group-iphone-zero-click-zero-day-exploit-captured-in-the-wild/ Ben Hawkes: https://blog.isosceles.com/the-webp-0day/ Software Updates Apple https://support.apple.com/en-gb/106361 Chrome https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html Firefox https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/ Android https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/ Whose CVE is it Anyway? https://adamcaudill.com/2023/09/14/whose-cve-is-it-anyway/ References: 2014 bug introduction https://github.com/webmproject/libwebp/commit/f75dfbf23d1df1be52350b1a6fc5cfa6c2194499 https://www.youtube.com/watch?v=JsTptu56GM8 https://www.youtube.com/watch?v=B3y0RsVCyrw https://www.youtube.com/watch?v=EFUYNoFRHQI https://www.youtube.com/watch?v=iEm1NRyEe5c https://stackoverflow.com/questions/13804629/huffman-code-with-lookup-table https://web.archive.org/web/20230204211844/https://commandlinefanatic.com/cgi-bin/showarticle.cgi?article=art007 enough.c https://github.com/madler/zlib/blob/develop/examples/enough.c Thanks to: https://twitter.com/mistymntncop https://twitter.com/benhawkes Chapters: 00:00 - Intro to CVE-2023-4863 01:32 - Most Valuable Vulnerability? 03:02 - Heap Overflow Related to Huffman Trees 03:58 - Learning about Huffman Codes 06:24 - What are Huffman Tables? 10:24 - Hardcoded Table Sizes (enough.c) 12:21 - Code Walkthrough - BuildHuffmanTable() 13:04 - The code_lengths[] and count[] Arrays 15:14 - Difference Between Compression and Decompression! 17:04 - Outro =[ ❤️ Support ]= → per Video: https://www.patreon.com/join/liveoverflow → per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join 2nd Channel: https://www.youtube.com/LiveUnderflow =[ 🐕 Social ]= → Twitter: https://twitter.com/LiveOverflow/ → Streaming: https://twitch.tvLiveOverflow/ → TikTok: https://www.tiktok.com/@liveoverflow_ → Instagram: https://instagram.com/LiveOverflow/ → Blog: https://liveoverflow.com/ → Subreddit: https://www.reddit.com/r/LiveOverflow/ → Facebook: https://www.facebook.com/LiveOverflow/

Follow me down the rabbit hole into the wonderful world of IT security. Buy my terrible font (ad): https://shop.liveoverflow.com Learn hacking (ad): https://hextree.io Related Videos: https://www.youtube.com/watch?v=866olNIzbrk https://www.youtube.com/watch?v=lKzsNp4AveY Tweets: https://twitter.com/LiveOverflow/status/1720734431659376995 https://twitter.com/LiveOverflow/status/1720799912181284864 https://twitter.com/LiveOverflow/status/1721493232310214910 Understanding the Risks of Stolen Credentials: https://static.googleusercontent.com/media/research.google.com/en//pubs/archive/46437.pdf Chapters: 00:00 - Intro 00:40 - Security Terminology 01:38 - Direct Database Access 03:40 - Introducing a Security Boundary 05:36 - Typical Web Security Vulnerabilities 07:03 - Clear-text Passwords in Database 09:28 - Security Weakness vs. Vulnerability 11:05 - Effective Mitigations 13:03 - Useless Mitigations 16:37 - Summary: Vulnerability vs. Weakness 19:00 - Outro =[ ❤️ Support ]= → per Video: https://www.patreon.com/join/liveoverflow → per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join 2nd Channel: https://www.youtube.com/LiveUnderflow =[ 🐕 Social ]= → Twitter: https://twitter.com/LiveOverflow/ → Streaming: https://twitch.tvLiveOverflow/ → TikTok: https://www.tiktok.com/@liveoverflow_ → Instagram: https://instagram.com/LiveOverflow/ → Blog: https://liveoverflow.com/ → Subreddit: https://www.reddit.com/r/LiveOverflow/ → Facebook: https://www.facebook.com/LiveOverflow/