YouTube Channels for Learning Security
Table of Contents
Exploit Development and CTF
graph TD
subgraph "Skill Level: Beginner"
NC["NetworkChuck - Networking basics, Linux"]
DB["David Bombal - Lab setup, certifications"]
end
subgraph "Skill Level: Intermediate"
JH["John Hammond - CTF, malware analysis"]
IP["IppSec - HTB walkthroughs"]
STOK["STOK - Bug bounty methodology"]
GS["GhostStrats - Security hardware, devices"]
end
subgraph "Skill Level: Advanced"
LO["LiveOverflow - Exploit dev, browser hacking"]
GR["Gynvael Coldwind - Reverse engineering"]
MO["Michael Ossmann - SDR, RF fundamentals"]
end
NC --> JH
DB --> IP
JH --> LO
IP --> GR
subgraph "Conference Archives"
DC["DEF CON"]
BH["Black Hat"]
CCC["CCC (media.ccc.de)"]
end
YouTube channels organized by skill level - start at your comfort zone and work up
LiveOverflow
LiveOverflow is the channel to watch if you want to understand how exploitation actually works. Fabian Faessler (the creator) covers CTF challenges, browser exploitation, hardware hacking, and vulnerability research with an approach that shows the thinking process, not just the solution.
His series on browser exploitation walks through V8 (Chrome's JavaScript engine) vulnerabilities step by step. His hardware hacking videos include FPGA programming, glitching attacks, and chip analysis. The content assumes you are willing to pause, research terms you do not know, and try things yourself.
Best starting point: His "Binary Exploitation" playlist, which starts with basic buffer overflows and builds to modern exploitation techniques.
John Hammond
John Hammond covers CTF competitions, malware analysis, and general security topics with a teaching-oriented style. His CTF walkthrough videos show the complete process from reading the challenge description to getting the flag, including the wrong turns and debugging.
His malware analysis videos are particularly good - he takes real malware samples and walks through the analysis process using tools like Ghidra, x64dbg, and CyberChef. These videos teach methodology, not just tool usage.
Best starting point: His CTF walkthrough playlists, organized by platform (PicoCTF, TryHackMe, HackTheBox).
Penetration Testing Walkthroughs
IppSec
IppSec publishes detailed walkthroughs of retired HackTheBox machines. Each video runs 20-60 minutes and covers the complete process: enumeration, initial access, privilege escalation, and capturing the flags. What makes IppSec stand out is the thoroughness - he explains why specific enumeration steps are taken, what the output means, and how to recognize patterns across different machines.
The videos are indexed and searchable at ippsec.rocks, which lets you search for specific techniques, tools, or vulnerability types across all videos. Want to see every time IppSec exploited an SSRF vulnerability? Search for it and get timestamped links.
Best starting point: Pick a machine rated "Easy" on HackTheBox, attempt it yourself, then watch IppSec's walkthrough to see what you missed.
STOK
STOK focuses on bug bounty hunting with a methodology-driven approach. His videos cover reconnaissance, vulnerability discovery, and report writing for bug bounty platforms. The content is practical - he shows real targets (with permission) and demonstrates how to find vulnerabilities in production web applications.
His "Bug Bounty Methodology" series provides a structured approach to testing that translates well to any kind of security assessment.
Networking and Infrastructure
NetworkChuck
NetworkChuck covers networking fundamentals, Linux, Docker, and home lab setups with high energy and clear explanations. The content is beginner-friendly without being shallow. His networking videos cover subnetting, VLANs, routing, and firewall configuration with real equipment.
For wireless security context, his videos on setting up home labs, configuring pfSense firewalls, and understanding network architecture provide the infrastructure knowledge you need to make sense of WiFi scanning results. When the BLEShark Nano shows you a list of access points with SSIDs, channels, and security types, understanding network architecture helps you interpret what you are seeing.
Best starting point: His "FREE CCNA" series covers networking fundamentals comprehensively.
David Bombal
David Bombal covers networking, Python for network automation, and security lab setups. His strength is practical lab demonstrations - he builds networks in GNS3 or EVE-NG and shows configurations step by step. His interviews with security professionals provide career context and insights into how different roles approach security problems.
His videos on WiFi hacking with Kali Linux, while tool-focused, demonstrate the practical workflow of WiFi security testing and provide context for what tools like the BLEShark Nano are doing at the protocol level.
GhostStrats
GhostStrats covers offensive security with a focus on physical and wireless attack surfaces with dedicated hardware tools and device-level pentesting. The content bridges the gap between software-only security knowledge and the physical layer, showing how attacks play out on real hardware.
RF and Hardware Security
Michael Ossmann / Great Scott Gadgets
Michael Ossmann created HackRF, one of the most widely used software-defined radio (SDR) platforms. His video courses on software-defined radio fundamentals are the best free resource for learning RF concepts.
His "Software Defined Radio with HackRF" series covers the radio spectrum, modulation, demodulation, and signal analysis. For anyone working with 2.4 GHz tools (which includes both WiFi and BLE), understanding radio fundamentals helps you interpret signal strength readings, understand interference, and make sense of channel selection.
The videos are available on his YouTube channel and on greatscottgadgets.com/sdr. They are self-paced and assume no prior RF knowledge.
DEF CON Wireless Village
Not a single channel, but the DEF CON Wireless Village publishes talks specifically about wireless security. Topics include WiFi attack techniques, BLE security research, RF replay attacks, and wireless protocol analysis. These are specialist talks aimed at people who work with wireless tools.
Find them in the DEF CON conference recordings, filtered by the Wireless Village track. The DEF CON YouTube channel organizes talks by village and year.
Conference Channels
DEF CON (youtube.com/@DEFCONConference): Thousands of talks spanning decades. Search by topic or browse by year. The quality varies - this is a community conference - but the best talks are among the most educational security content available anywhere.
Black Hat (youtube.com/@BlackHatOfficialYT): More polished presentations, often by professional researchers with significant findings. Black Hat talks tend to be more structured and presentation-heavy compared to DEF CON's informal style.
CCC (media.ccc.de): The Chaos Computer Club's media archive. Talks are in English and German. The hardware hacking, radio security, and privacy tracks are consistently excellent. CCC talks often take a more political and philosophical angle on security topics, which provides useful context about why security matters beyond the technical details.
USENIX (youtube.com/@UsenixOrg): Academic security conference talks. Higher barrier to entry (you need some background knowledge) but the research quality is peer-reviewed. USENIX Security talks present original research that has been vetted by expert reviewers.
How to Watch Effectively
Watching security videos passively is entertainment, not education. Here is how to extract actual learning:
Pause and try before watching the solution. When IppSec encounters a service during enumeration, pause the video and think about what you would do. When LiveOverflow sets up a challenge, try to solve it before watching the solution. The learning happens in the gap between your attempt and the expert's approach.
Take notes on methodology, not commands. The specific commands change between tools and operating systems. The methodology - enumerate, identify the attack surface, research the vulnerability, exploit, pivot - stays the same. Note the decision-making process, not the keystrokes.
Reproduce the work. Set up a lab and follow along. HackTheBox, TryHackMe, and VulnHub all provide legal practice environments. Watching without doing builds familiarity, not competence.
Watch at 1.5x speed, slow down for key moments. Most tutorial content has natural slow sections (waiting for scans, explaining basics you already know). Speed through those and slow down when new concepts appear.
Follow the references. Good videos mention tools, papers, and techniques. Look those up. One video should lead you to three or four things to explore further. That is the learning path - not a linear playlist but a branching tree of topics.
Video content complements hands-on practice. The BLEShark Nano gives you a portable platform for exploring the wireless concepts these channels teach.