Hackers On The Rocks

Michael Horka sips a Bulleit Old Fashioned and breaks down how NetFlow exposes threat actors hiding in plain sight.

NetFlow is metadata, not packets — no content, no full captures — just the who, what, when, where, and how of network traffic. So how does Lumen's Black Lotus Labs use it to dismantle multi-tiered botnets, track nation-state actors, and catch Volt Typhoon exploiting a Versa zero-day? 200 billion flow record...

Brayden Hustead cracks open a Dr. Pepper and walks us through what he found poking around Spirit Airlines' website the day after they announced their liquidation — no special tools, just a browser and curiosity.

Ten days after Spirit's "orderly wind down" press release, their website was still live, still booking flights, and still processing transactions — with no banner, no warning, and no one watching. Brayden noticed...

Saif Yaseen and Salman Abulatif pour Turkish coffees and walk us through research that makes every wireless device in your home a potential sensor for detecting you.

SNR — signal-to-noise ratio — isn't a new concept, but their research out of Black Hat MEA is: malware that uses Wi-Fi signal data to detect human presence in real time, build a pattern of life, and time its attacks accordingly. Drop the keylogger when the t...

Ofir Hamam pours an arak with lemon juice, raises a glass from Tel Aviv, and opens with a claim worth unpacking: every website using AI is vulnerable at some level.

Ofir is Head of Offensive Security at Terra Security, where his team does two things: pen tests organizations' AI-powered systems, and uses AI agents to conduct those assessments at scale. In this episode, we dig into both.

On the target side — the non-deterministic...

Caleb Lerge sips spiced rum while Casey Ellis drinks Coke Zero and breaks down vulnerability disclosure, bug bounty friction, and why companies still reject real security findings.Today’s episode explores the reality of vulnerability disclosure, from a firsthand account of a security solution bypass being handed directly to a vendor, to the internal breakdowns that lead companies to dismiss real risk. We unpack how bug bounty...

Woosun Song sips Havana Club rum and explains AIxCC (AI Cyber Challenge), how AI is reshaping blockchain security, and his AI focused startup.

Today’s episode explores the future of AI-driven vulnerability discovery, from winning DARPA’s AI Cyber Challenge at DEF CON to uncovering a six-year-old logic flaw in Cosmos’ CometBFT that allowed attackers to manipulate time itself. We break down how autonomous AI agents c...

Joshua Rogers sips on yogurt-flavored soju and talks about AI-Enabled SAST & Automated Vulnerability Discovery

Today’s episode dives into the rapidly evolving world of AI-powered SAST tools and what they actually do. Our guest, researcher Joshua Rogers, walks us through how modern static analysis works, why traditional rule-based SAST has struggled for years, and what changes when you introduce large language models into t...

João Donato (aka p1njc70r) sips Portuguese port wine and talks the most dangerous vulnerability in modern AI systems.

In this episode, we dismantle prompt injection from first principles, why OWASP ranks it as the number one risk for LLM applications, why it has no clean patch, and how natural language itself becomes the attack surface. João breaks down real-world agent exploits like the Cursor Ignore bypass, where an AI tool was tr...

Pierre-Yves Maes (aka Basketmaker) pours a heavy-sparkle Aperol Spritz and takes us on a deep dive into exploiting high performance routers.

In this episode, we explore the philosophy of "Emulate It Until You Make It"—how Pierre reverse-engineered the router firmware via QEMU before ever touching the hardware. He reveals how a seemingly harmless uninitialized variable in the SSL VPN interface turned into a "free anywhere" prim...

Tripp drinks a Salary Man Gin & Tonic and explains the shift in hacking culture in Japan, as well as ShadowLab and TenguCon

In this episode, we travel to Japan to talk about ShadowLab, a remote hardware hacking lab built for global researchers, and TenguCon, the underground security conference that’s redefining what it means to be a hacker in Japan. Tripp shares his story of going from U.S. pen tester to Tokyo community bu...

Gabriel González-García sips on a cold brew coffee and explains fault injection.

Today’s episode dives into hardware hacking at the transistor level, where attackers manipulate the laws of physics instead of software bugs. Gabriel walks us through his research on applying electromagnetic fault injection (EMFI) to DJI drones and using precisely timed electrical pulses to flip bits, bypass protections, and extract secrets from c...

Adam sips on a Rusty Nail and explains threat modeling.Today’s episode tackles the reality of deciding what’s actually worth protecting. Our guest, longtime researcher and open source developer Adam, walks us through how password managers can still leak secrets, why writing passwords on paper isn’t always reckless, and how VPNs simply shift trust from one provider to another. We explore live “war-game”...

Erin (Acorn) sips on a Last Word cocktail and explains systems and security design

Today’s episode dives deep into the world of automotive hacking. Our guest, researcher Erin (aka Acorn), walks us through the fundamentals of car security: CANbus networks, OBD-II ports, and why cars are basically “rolling industrial control plants.”We explore how low-cost tools and junkyard parts can open the door (literally) to lea...

Yael Grauer drinks Empress Southside while walking us through data colletion, OSINT, and privacy concernsWhat happens when your personal data is scattered across the internet and anyone can find it? This week, we shake up an Empress Southside with Yael Grauer and dig into the world of OSINT and privacy. From voter rolls to real estate records, Yael shows how data brokers collect, connect, and cash in on your information, and why &l...

Slava Moskvin drinks radler while walking us through null　pointer dereferencingWhat happens when your code points to nothing and then tries to use it? This week, we crack open a Radler with Slava Muskin and crash into the world of null pointer dereference vulnerabilities. From industrial switches to the Linux kernel’s SMB stack, Slava shares how a single uninitialized pointer can bring down entire systems. We talk root causes...

Olivia Gallucci drinks White Monster while walking us through return-oriented programming

Milliseconds matter. In this episode, we crack open a White Monster with Olivia Galuchcci and dig into TOCTOU attacks: Time-of-Check to Time-of-Use. These race condition vulnerabilities exploit tiny windows in logic, letting attackers escalate privileges, hijack processes, and sneak malicious payloads past your code’s defenses. Olivia sha...

Dane Brown drinks Jamaican Rum Punch while walking us through return-oriented programming

What if you could launch an attack without writing a single line of code? This week, we pour up a proper Jamaican rum punch with Dr. B Hacking and unpack Return-Oriented Programming, which is an old-school exploit technique still alive and kicking in the age of ASLR and NX. From stack smashing to chaining gadgets with surgical precision, this e...

Robel Campbell drinks a Blue Moon and peels back the layers of modern exploitation through shellcode

Shellcode isn’t malware: it’s the crowbar that opens the door. In this episode, we sit down with Roel Campbell to decode what shellcode actually is, how it works, and why attackers still use it in an era of modern EDRs and OS-level protections. From return-oriented programming to kernel-space rootkits, Roel walks us throu...

Katie Moussouris sips on organic super greens, fruits & vegetables and explains vulnerability research workforce.

Bug bounties, vulnerability disclosure, and the economics of exploits: this episode is a potent blend of technical depth and sharp perspective. We sit down with Katie Moussouris, a pioneer in vulnerability research and founder of Luta Security, to unpack the lifecycle of elite hackers, why burnout hits at year seven,...