#general

https://tenor.com/view/epic-embed-success-epic-embed-fail-gif-21239189

Good evening ladies and Gentlemen @everyone
I would like to announce that I have managed to complete starting point tier 1. This might not be something big for others but for me it was a great learning experience.
There are only two times I cheated ( I regret it )

1. In responder machine ( I wasn't able to complete the last task so i had to read a walkthrough )
   And
2. In machine name three ( task 4 and task 6 ).
   I know I shouldn't have but I'll work on my weaknesses and learn from them.
   Next step is to move onto tier 2.
   This is just me announcing my journey.
   Please help me out and guide me as I keep on learning.

Bro attempted to @everyone in a server this big lmao

I am new to discord sir

no need to at everyone 🙂 but congrats

Trust me the first day on discord was hilarious af ( I was asking how to chat on discord in general while chatting )

i remember that, but still, congrats

What’s your next step/goal?

It's @crude lynx how are you bro

good, how about you

@green kite I was occupied with college exams but now I am thinking of starting tier 2 and cisco ethcal hacker course on netcad

Cool !

@crude lynx bro the exams almost killed me and I kinda went into hibernation ( I slept for atleast 12 hours straight after my exams yeasterday )

i think i need to start cracking on medium boxes

@crude lynx I'll catch up to you soon bro

Do Media. That’s a fun one

@crude lynx what you have been upto bro

@agile thunder where are you bro

idk, just doing boxes and academy lately, now i'm getting through some of the fundamentals

its a windows box 😢

Yes

i only rooted one windows box

@crude lynx bro have you ever wondered like why learning on THM feels different than HTB
Idk why I feel like completing even one HTB box teaches more than One THM room

@crude lynx ( I am scared of powershell )

It doesn’t have AD, so if you worry about that, don’t 😄

yes, definitely different, htb pushes you to understand protocols you've never seen before

Indeed it does pushes...pushes of the cliff

me also scared

actually, the only windows box i did was an ad one (it's forest), i was having a hard time even following ippsec and 0xdf

Ah yeah! But you’ll get there 💪 you’re doing academy

Ladies and gentleman... They have in fact, hacked the box...

Oh nooo

I just rooted Media

@boreal pike whatttt

https://tenor.com/view/lets-go-mediamarkt-mm-gif-27212680

@boreal pike what's happening in shibuyaa

The box, it got hacked.

It exploded after I visited.

https://tenor.com/view/shaking-dog-white-dog-scared-meme-gif-23585947

https://www.youtube.com/watch?v=n3uVwxAoUdo

We need the honoured to one for this ( someone contact the HQ asap )

Well. It was great talking to all of you my friends, I must bid farewell for today. I will return once I have completed tier 2 .

https://tenor.com/view/coco-goodbye-bye-bye-bye-ongezellig-gif-16325302711456427166

Take care. See you soon

Forest was fun

When is the next machine of season 9?

https://tenor.com/view/bert-kreischer-i-am-the-machine-im-the-man-gif-16355416

Every Saturday at 3 PM EST

Identity Access Management the machine? What's that?

It means that I get access to manage your identity...

You're a random kid on the other side of the solar system now.

How do people get "respect" on HTB? Does it even make a difference?

apart from aura farming*

eh what?

No. Go to bed son

Someone mentioned Arch Linux

https://www.youtube.com/watch?v=uz8A_S_ISFs

I'm gonna try anyway...and probably not learn as well

these guys in a detective show

they kill a professor in the most genius way possible

an automatic gun that fires when a button is pressed.

but then they go and get buddy buddy and chatty with the detective

and then the detective suspects them, goes downhill from there

yoooo

im lowk trying to make a challenge for htb

oh yeah I forgot i got myself a 6600 XT today

nice

less money on the electric bill, more performance, here I come

holy fucking rabbit hole i went down on expressway

couldnt have ben more lost at one point

same xD

My family and I were on a road trip one day

i mean the new box btw

and we took the wrong exit and landed ona highway that left us driving for 40 miles before we got off.

but yeah go on

nvm

i mean well that was it lol

i once used an older builtin navigation system when driving around in switzerland and it send me like 4 hours in the wrong direction

omg that show

throwback

Bro casually mentioned something so awesome 🔥

What in the goddamn

@heady sage idk what this is but damnnnn

It’s Python malware but uhhh very horribly written

what sherlocks you guys doing for htb holme

@agile thunder bro I have finally managed to complete tier 1 and moving into tier 2. I'll text back once I am done with it.

@agile thunder here read this

Gotta go

w

Ya technically python can be used for malware which is cool

You can use python for like anything

the blacklisted IP array lmaooooooo

jesus

sounds like something my loser brain would come up with

well well well

https://tenor.com/view/well-in-that-case-yo-mama-well-case-gif-14405034452477075435

dad humor

Has the new season started yet?

yeah started yesterday

wait why dont i hav my bronze role 😭

nope

hello!

Cuz u took too long

See i already finished season 9

Got holo

You just have to pivot to the next machine from the first one

ahh yes

Go get them

okay, i do the box tomorow

You won't last 5 seconds

In next machine

damn bruh

what machine is it

linux ez?

Yeah it's alright machine

aaaaaaaaaaaaight

User part is atleast

That's what she said?

gng do machines have pronouns yet

like

ze/zim

Bruh

Not sure about machines, but there is bin/bash

hihihihih

bin/bash

hihihi

Hi

please dont ping me, im shy

Real asf

Did yall see the AI-generated minister for AI in Albania

Is Proton Mail secure for a throwaway email address?

Email in itself isn't really secure

True, but proton does utilise end to end encryption, so it's at least a few steps up

You can create a really temporary email address at https://webhook.site if you only need it for like an account sign up and verification code or something

That doesn't really have anything to do with it being secure though

Elaborate

@hoary nebula hi shy, I'm sado

Ooh that's a cool site, cheers!

Salt Typhoon

Never used it as temp email lol
Only for testing random req

No problem lol, I wouldn’t count on its security though and pretty sure you lose access to the email after a day or something and you get a new one, so don’t use it for things you might need to get emails from later lol

There's some open mail service too iirc
Anyone can access just by using username

Ooh that sounds cool

Can't remember what it was called

proton is secure as long as you send emails to other proton users, or if you setup GPG encryption

any other method is insecure

needless to say this is true unless one of the account is compromised

as they are the only ones receiving decrypted data in E2E

hyyyy

I have to stop buying things

https://tenor.com/view/spongebob-meme-i-need-it-i-don’t-need-it-i-definitely-don’t-need-it-thirsty-gif-17101453146721253330

Hi everyone,

I am Gaurav. I completed my graduation last year in cybersecurity. I am looking out for jobs for system admin role or Tech support or Cyber fresher roles where I can learn and practice and start my life. I have lot of responsibilities on my shoulder so I work part time in warehouse to afford my survival and my parent in my home country. Currently, I am planning to resume with practice of Pen 200 labs on offsec and hack the box. Anyone who is interested can team up or anyone who wants I can team up.

Looking forward to learning and sharing with all of you!

Please you can dm me if you want me to join any of you and start practicing!

My honest reaction

New wazuh release dropped

hi chat

wassup emma

nm nm, u?

same

my coworkers all said it's really good

the new one

been playing a bunch of Pokemon Shining Pearl recently 👀

haven't played myself, wondering if it lives up to the standard bl2 set

i just bought the system shock/moros protocol bundle

how come you guys didn't tell me about exegol sooner

Because it went paid

Really? Wow. I wasn't expecting that.

Iirc free ones only get updates once a year or twice now

Which defeats its purpose really

Better to have an install script for your vm lol

what's exegol?

Docker kali

I was lookin at it and I was like "isn't kali free?"

It's a setup wrapper, adds some light features like vpn

but why use it instead of a kali VM with shared folders and other virtualbox additions?

does the shellcode you have on your profile run /bin/sh?

quick question, what's harder OSWA by Offsec or BSCP by Burp Suite

exogol looks like a cash grab ngl

Fresh environment per engagement, fast to spin up.

I dont see the point of exegol honestly

just make a new kali VM or set up your workspace properly to output data to a shared folder in virtualbox so you don't need to wipe your environment?

I mean maybe if you're rich you should use it though

i mean why not. wtvr to get the job done faster ig

Limits cross contamination? I dunno man, I don't use it. My VM for HTB has been the same VM for the past 3 years.

also doesn't kali have vagrant images/boxes or whatever they're called?

why use arch when there's kali?

Yes.

Idk. I use void btw

That's crazy. They didn't always have a business model did they?

We have Linux at home.
-# Linux at home: WSL

what if someone doesn't like XFCE?

ah well there's variants of kali too ;c

Nope not afaik

I have a motherboard that will brick your CPU if you put one in it

Never ever trust ASUS for anything

I'm having a hard time finding out where to start. I need a good pep talk like bad. Help!!??

Asus has been my goto for years. MSI and gigabyte have given me too much hell

yup. asus gang rise up.

Get Started with the HTB Beginners Bible: https://www.hackthebox.com/blog/learn-to-hack-beginners-bible

@keen sage ^^^

Thank you vm Gubarz

Nobody will babysit you

dont ever ride a motorcycle

....in the west

it's just not worth it

get into an accident and you got back pain for years, at minimum

@frail turtle forever

https://tenor.com/view/epic-embed-success-epic-embed-fail-gif-21239189

I'm in an extremely esoteric situation where it's possible I might need to consider fabricating my own PCBs

does anybody have any tips on equipment needed?

I know I'll need a CNC router, that weird UV solvent, and some solder trap thing but idk what else

#hardware-iot-ics check here. General is not a good place for serious help

thanks homie 👍

Welcome bud

anyone can help me partition my disk I'm trying to have a dual boot windows linux but I'm a bit confuse if what I need to do to my disk

for the HTB CTF platform, is there a way to see which members of your team have signed up for a particular CTF?

What payment options cube are there besides card?

https://help.hackthebox.com/en/articles/5185500-what-payment-options-are-supported-and-do-you-store-payment-details

do yall take meme coins

It turns out that I can’t create a link or QR code so that someone can pay the bill.

I do!

Put them straight into my mouth please

Bro don't you just pentest PoS systems what

Bro needs a crabberry

everyone tests piece of shit systems

https://cdn.discordapp.com/emojis/1143580498568953997.webp?size=32&animated=true

6am here

Bout to sleep as well

I frogor to slep 💀

hey bro

im reading a book

and it told me that we dont ever truly die

because we're never truly born

our true self is immortal

even tho our physical bodies are not

its pretty good ngl

Sounds deep

actually thats just a guy talking in the book

https://tenor.com/view/splash-puddle-shock-shocked-deeper-gif-6779150623423967131

but the guy is actually fighting in a war

against his cousins and uncles

How can a man be sleep deprived if we're never truly born 😩

Real

Crazy? I was crazy once

They locked me in a room

A rubber room

A rubber room with rats

And the rats made me crazy

Hello general

Which platoon do you command

and you are a guy talking in discord 😩

https://tenor.com/view/cats-kitty-hello-cute-cat-gif-12376270795471334165

How have you been?

doing well

you?

alcohol

I'm well too, thanks for asking

What are you doing these days?

Any vibe coders

Golammmm

claude: clean this code up

homeless ctf happeing

react

hehe AI creating jobs

THEJUS0x06

how'd you find my profile

nuts

super nuts

Peak unemployment

Your tag
Lol

hello chat

hello

how are you

"Father and son"

I am working on a challenge, can i pls dm someone ?
It is not from HTB

Is it for an active CTF?

Nope it is B2R machine

B2R?

Boot2Root

Like HTB but you get the iso

Ask in that discord then

Alright

Bobs battlebit community

Anyways would you have good SSTI resources. One of my payloads dosent seem to work

.....

I am pretty sure it is for Jinja2 but

that flowchart always worked for me

Battle bit is based, I wish that it got newer content more frequently

Yes right here: https://www.google.com/

${{<%[%'"}}%\.

Crazy

I was crazy once

They locked me in a room

A rubber room

😭

A rubber room with rats

And the rats made me crazy

Crazy?

https://tenor.com/view/crazy-i-was-crazy-once-gif-13785912751198548358

https://tenor.com/view/cat-sphere-las-vegas-orange-cat-spinning-gif-14402153341257920008

quick question, what's harder OSWA or BSCP by Burp Suite

Oswa because you have to deal with the offsec material

sooo... I've understood, and decided that AI can't be ignored anymore. I've asked the ChatGPT service the three questions, important questions for my pentesting career planning:

1. Can AI replace ethical hackers?
2. How pentesters can use AI to help them in their work?
3. Can AI analyze output of the LinPeas.sh script?

full article: [ https://project-wraithstar.blogspot.com/2025/09/ai-ethical-hacking.html ].

constructive comments welcome. 🙂

Clankers will never be good enough to replace real people in such a complex field

thankfully!

Stuff like linpeas doesn't account for custom patches, it just spits out based on a criteria and doesn't actually test or look for custom patches

Also you shouldn't use AI for helping yourself during a pentest, you're probably violating your contract or NDA by doing so

But this can be included in contract. 🙂

Ask a lawyer

yes.

''Recent HTB competitions show AI agents and LLM-assisted operations can rival top human teams.

This isn’t a threat to learners;
it’s a head start'.

-- Gerasimos Marketos, Chief Product Officer at Hack The Box.'

That's HTB not real life bud

good point.

we must write bad code to sabotage AIs code writing abilities

🫡

hehe.

🙂

If you use chatgpt in a real pentest you're probably going to get sued.

Stop the clankers!

Maybe arrested too.

thanks for info! 🙂

thats why you use local ai

You might as well just do it yourself then instead of having a clanker locally set up

😩 fr

A decent amount of the time gpt or Gemini is hallucinating and pulls info from thin air in my experience with a bunch of stuff I work with

ye just good for writimg simple scripts and analyzing log files

i know a guy who just abuses it on sherelocks

vibe blue teamer (he is also employed as a blue teamer)

I've only had positive experience with elastic search's anomaly detection AI crap.

Damn, the bar must be low for that position

in simple terms he greps and pastes

i mean he is htb guru tho

👁️

👀

clanker

This is a real panel

Batman was afk for 2 weeks. Please give him time to heal his wounds. Thanks for your understanding!

The last time Bats did that he had to deal with some guy taking it wayyyyy tooo far after a Spaniard broke his back

But this time Batman had to climb the Mount of Moses

what is the fastest way to be moving in rank , machines or challenges ?

both

sherlocks dont do shit

right ?

Uhh nope

you gain skill

its kinda of a realworld a bit

not just internet points

Maybe the real Sherlocks were the friends we made along the way

we can make friends here?

oh

https://tenor.com/view/special-ed-special-gif-14524557650897979460

wanna be my friend?

https://tenor.com/view/dead-my-honest-reaction-damn-skull-skeleton-gif-15885937969029652188

The only prerequisite to have friends, is to be a friend.

🙂

Fuck the cold actually woke me up

good thing it was not too cold

https://tenor.com/view/code-gif-17835951585747046033

or you'd not have woken up

Truen't

Hallicon you should stop sleeping naked

With no covers

With the fan on

and the AC on too

wdym, thats the best way

And Windows open

just order some HTB jammies

I dont commando

Age reveal right there mate

How

Yet*

that dog is still sleeping

That's a big cat

embed fail

indeed.

indeed backwars

deed in

https://tenor.com/view/bills-ugh-gif-9811803164280522639

I was continuing to learn css last night

It's evil because this has to be the most boring part of learning webdev

CSS boring?

Bro

My body has been trying to avoid it for 2 weeks now

its true

No way you think CSS is more boring than HTML?

Imagine no fault tolerance in CSS

HTML is nice and smooth like butter.

There's no way

Short and quick.

JS

Try Shaders then

you will love shaders

C'mon, draw a square that reflects incoming light 🙂

HTML does what HTML needs to do and does it well

No MoRE BoXEs

It's not a box

Pls

it's a square

4 lines

You can also draw a squircle

If you are that good with curve parametrization

I will complete the boring CSS i swear it. Just another 10.5 hours left on the topic

Good thing you are only Austistic

If you were Autistic with ADHD

You could be sure there would be no CSS studying

Ah yes just learn webdev with no CSS. Perfect. Life is complete.

Why learn webdev btw?

In 2025?

And using standard methods of studying?

in 2025?

The demand is high

And the supply is low

I want the chi square of that statement

or no believe

Oh

Good

Wait theres just a bit more

Demand for Excellent Web Developers

Good luck, for "Excellent" is a moving goal post

Ye i have a plan for that

You have a plan for a moving goal post

An insane....plan not something normal people do

Ok I see

Is it a Cascading Style Plan?

Yes actually o.O

la genta esta muertos

https://tenor.com/view/young-sheldon-wolf-pack-gif-1318621075966529470

sheldon is the goat

Wrong gif

but whatever sheldon is goat

bazinga

Hello i made a team for beginners my team name is ClaudeGenerated

sheldon is not a virgin, lmao L take

he even has 2 kids

I mean, he was at this age

I should go back to hacking again.

This age

XSS >>>> CSS

Exactly

eX(ss)actly

anyone?

You are anyone

Yes

Your team is cool

But is it rad

?

!

!

There is a channel for advertising recruitment i think

marud-khazad

This is general

it's only for advertising slow decent (actually ascent) into insanity

Why the name ClaudeGenerated?

''Recent HTB competitions show AI agents and LLM-assisted operations can rival top human teams.

This isn’t a threat to learners;
it’s a head start'.

-- Gerasimos Marketos, Chief Product Officer at Hack The Box.'

because i am a often claude user

I see

Honestly he has a good point.

Hey Hallicon

did you know that people been studying CSS for decades now

and... don't want to frighten you or anything but

Every single one, who studied CSS, has died

...

Just for your information bro

I care about you

Delete CSS

the day open ai came all came to hell

If I die I will come back to haunt people

You mean ClosedAsfAI

Haunt me

I sleep naked always

I will haunt you at work

I do home office

And I often work like I sleep

Naked

Clothes are for meetings and eating

On second though Im gonna haunt Yannick

Oh

Every platform wants you to join their 'Annual Subscription'

meow

Theres was something specific i wanted to learn though its about websockets

There was this site at one point i remember you had to brute force the password to get it in its like a haha joke hacking website.

But that was like something unique. Different protocol and all.

The soccer box uses a websocket i remember and you can use SQLmap to attack it.

Was probably the most eye opening experience i had in HTB

Or one of the most

Rather

Dude websockets are amazing

Why tho? Are websockets that terrible?

It's a way to do event-driven that's bidirectional

Websockets aren't used enough

In college I made this RPG tabletop helper, for the game master (usually me)

That used and abused Websockets

O.o

Lost the code though

But yeah, they are underappreciated and underrated

Some of my plans involve replacing python and go for backend as well but thats another topic for another time

based asf

python for backend is so copium

Yooo which TTRPGs you run?

It was D&D only, cringe I know

Nahh I love D&D, nowadays I prefer Daggerheart though

I will mostly definetly take notes of that

I've been trying to get back in TTRPG

I was literally running a Daggerheart session for my campaign last night

Damn, and I was stuck on trafic

Congrats I guess

Oh no

No congrats

@rustic carbon that's bannable btw

what is the best way to type in a pdf document?

Yeah I know, just saying don't actually do it

https://tenor.com/view/zero-two-yes-anime-zero-two-anime-anime-girl-gif-2704573795378408610

@warped plank

https://tenor.com/view/i-know-what-you-are-boykisser-ominous-stare-gif-1854943194524266546

@warped plank

https://tenor.com/view/-gif-4331350

I get spammed 40 times a day by the same scam call center and I’m really debating spinning up an infected VM

They want to connect to me via any desk or connect wise and claim to be from PayPal

Like it’s literally 30+ calls a day from different VOIP numbers

So I have to change my number that I’ve hard for 20+ years ?

Don’t think so

so whoever leaked his data?

hi

hi

hi

how is it going

everything is well what about you

I'm building cool stuff

what are you building

I own a company and have the number in my email signature. Probably I’m to blame for this but still. I’m in a GDPR governed country and what they are doing is unlawful, (reaching out alone let alone scamming money from poor old people)

funny

oooh i see

this

maybe if you can search somewhat

Bro the amount of numbers it is is insane

It’s 30+ different numbers a day

All different country codes

a terminal emulator with python to automatize stuff

so I will finally get first blood

autocompletion, session storage, scanning on background, etc

is this for terminal to make your work faster

only to pwn htb machines

yeah

can we use it

because its too useful

well maybe I make it opensource at some point

its great

haha

sorry didn't get it

it is python so it will be easy to see what it does

it was a joke or what it was

suggested that I would put malware on my stuff

and I will

but only for pwingn boxes

but before running we have to study it that what is written inside the script

it will be able to connect via netcat and run the same terminal remotely on ssh

run linpeas

make xss servers, attack chains

all kinds of crazy shit

yeah last blood pissed me of so bad

These mf blood before my nmap finishes

what are you talking about which blood and who is getting blood

I got to spawn the machine when it already had first blood

is this about challenging someone

Brother what

no, first blood is a little badge that htb gives to the first player that gets the flag of a new machine

I mean, if you take a look at how they do things half the time it's just a script that immediately spits out flags if it gets them

the only blood i got, i missed the release day, then checked out the box on day 2 and saw nobody had rooted it, so I went in and got it

on hackthebox what type of competition is this and what is in the competition

you could read this https://help.hackthebox.com/en/articles/5185158-introduction-to-hack-the-box

It's about the lab boxes

I know there’s linpeas, and winpeas but is there macpeas?

I think linpeas works on macOs

Cus unix or what

TIL

yeah

I vibe coded a kali Linux bootstrapper for freshly installed VMs

Would love some feedback on it

mmm

ok

Sending in DMs

andpeas

I really want sorcery to go retired so I can understand more about this machine

getting stuck like a mf on offshore, i'm almost 75% done

but now i have no clue

I let a company know about a vuln I accidentally stumbled upon and they just responded "already aware, thanks".

Hey
I want to participate in a CTF but I dont have a team so can I participate in ctf?

sometimes they don't even care

Yeah, hate that part about security. But it was a pretty blatant LFI, so figured I should at least send them a message.

unless you are working for them or doing bbh I recommend just stop using their services if you are

I've been there myself

cybersec is usually not appreciated by smaller companies, and it is ilegal in many countries to even spot vulns as they can claim you were trying to find it

even if you report it to them

In the UK it is a bit of a grey area, assuming I dont actively test or abuse an issue I am legally okay, but yeah, gonna have to just tie my hands behind my back and try to not notice anything else.

Have u solved timesync error in docker? How did it furn out

I lost my docker instance and I got into building a tool so I will go back to that in the future

@signal mica

Azomaxie

Hello, do you know if it is possible to unsign for an upcoming ctf to resign with another team ?

Right u already told me i forgor

What we doin on this monday yannick

The new box

I went grocery shopping so now im exhausted for 2 weeks

the new box is lame

I just came home from grocery shopping

I'm going to grocery shopping in 2 hours

xd

We are consumers

I bought a corona beer after 6 years or so

I wonder if they changed it

hopefully also the lime

Forgot corona is all about that

I do have lemons

xd

no, lime not lemons hehe

Family

"vin diesel gif"

You lost embed perms?

what is embed perms

I lost my embed

no more silver rank

Those min requirements so you can send gifs links etc

oh

skid -> hacker, does that take long?

No

skid = noob ?

I navigated the dictionaries today and I realized I don't know nothing anymore

english is not my first language

noob -> skid -> hacker -> pro hacker -> elite hacker -> guru -> omni

Don’t worry

noob -> pro hacker took me 5 weeks

but spending my whole 5 weeks full time everyday

Academy only >>

full time = at least 8 to 10 hours a day

You got 8-10 hours a day just to do HTB?

Damn

I didn't hack anything before

Applaud for you

I am unemployed

I lost my job and I don't get hired

You’ve earned my respect

@supple plume

thanks

What the?

yeah I was a software developer

I was making tripple of what people make avg in my country

last year

this year I sent 1000 resumes

nobody wanted me

so I sayd fuck it

I'm going to become a hacker

But you do have savings and r jus chilling and learning/advancing in other fields?

Thats more or less my strat

Gang shit

my family have a small appartment where I can live and I have still a client that ripps me off as a freelancer for a small things

Nice

Keep going fam, follow your heart

oh nice you have a family

when i dropped out of college my parents refused to help me in anyway i borrowed money from my uncle to study HTB

i wish they would die

It make you strong fam

i'm not gonna visit those motherfuckers even on the death bed

This is so bizarre to me how were boomers so brainwashed

Why do they believe college is like "win"

Its really really not

yeah it's crazy how much of a dumbfuck they are

Dont bother hating them, rather show them you took your own path and succeeded

@versed wadi you have been afk in retired voice channel for 3 days, ????!?!??!

That’s the mentality

I was a web dev before

Now I’m also unemployed

i'm employed and instead of being a broke depressed i am just depressed

nothing important changes really

Do you work in cyber?

yeah in pentesting

I guess working and playing boxes must be different things

well actually it's pretty similar, it's just that you have a more defined scope and things you can and cannot do

Davincio how often do you have a scope thats like "hell yeah we can have fun here"

I’m curious how often are you simulating attacks where you have to be stealthy vs just testing systems where you’re allowed to be pretty loud?

sometimes they setup staging systems equivalent to production systems and we can attack the staging system however we like

But in real life, you don’t actually have a path to win flags

doesn't matter that much, i'm still gonna treat the system exactly like an hack the box IP

Basically “how quickly can I get root”?

not how quickly, but in "how many ways"

which is the same thing i do on hack the box

Damn, that’s the mentality I must learn

it's nice to compare your approach to the approach of other people sometimes, even if the machine has no uninteded way you still learn about multiple ways of enumeration

so asking in how many ways you would have found something is a nice thing to do

How efficient are you timewise? How far have you taken the automation of the methodologies applied?

sometimes you follow your heart and it leads you to places

Then I don’t get it, why’d you get depressed from working?

I have 0 automated i do everything raw

my automation functions are open source and here: https://github.com/Dirac231/PentestVault/blob/main/FUNCTIONS.sh

same for notes

• student debt that they probably cant pay in the next decade

3k lines NICE

i automate everything I can when it comes to enumeration, not too much but a little bit, exploitation is all manual though

except for some cases

and then mortage insurances and other costs as well

Damn

for external enum and OSINT i try to automate as much as possible but that's just because a matter of chaining togheter domain sources and DNS stuff and shi

bro going against linpeas 💪

I like the name PentestVault, my shit is just named root and description is "how to get root"

Guru for a reason, simplicity and everything manual

but how do you get user

has also a "user" folder called "how to get user" probably

has to be

Ready for Friday

The master is ready

Next weekend I got offensive Ai con

Doing active challenges gives very low % for progress towards hacker

https://www.youtube.com/watch?v=mghhLqu31cQ&list=RDmghhLqu31cQ&start_radio=1

Just gonna show my age.

you are my age

that was peak memes

Idk this song and in old

Hmm i think i got hacker with all active easy+med and a few challs?

🫡

I'm a firing mah lazer!

yeah im at 50% rn towards hacker, just gonna do the active machines for now

All medium and easy almost got me to pro hacker last year, then I got a new job that had a massive learning curve for enterprise neteng and stopped and only restarted again

"All your box are belong to us."

Last 10% is the worst part

Would work on the last few boxes and then a new one releases

yeah that's terrible

Round 2

i got close to elite when i was grinding a bit harder, but then the point system is hardcore on HTB and you have to maintain this grind

Maybe timing it up with holidays like Christmas would be best idea

getting to elite is honestly so hard

If they don’t release a box at that time

I just wanted orange but I regret not getting Omni when I was there

Guys I got stuck, I installed Kali Linux and then I opened metasploit, but how do I do hackz?

you have to run sudo sudo metasploit hack_plz

Thanks D4V! ❤️

bro has to do it all over for omni 😩

Pretty much lol

The omni for omnipresent.

omni would be insane to get rn

https://tenor.com/view/ongezellig-coco-computer-gif-18670825

Dammit.

i mean, maybe not so much for Frosto but just because bro is a genius

But I traded Omni for bugcrowd 2021-2024 MVP and top %

yeah see, frosto is the real shi

At any given time there's always 20 active machines, 174 active challenges, and 50 flags for fortresses.

thats what it takes for omni

Once we get HTB ent, I’ll do the prolabs again

I did offshore awhile ago

Golam please give me free hackor pointz for ranks, I heardz that asking for pointz helps.

man offshore is slugghis it's so big and the flags are also hidden on top of that, yuck...

how diff was it than doing boxes / challs

i am 75% but getting so bored rn

+1

Fortresses not needed?

Frick yeah!

Bugbounty? I mean boxes you expect a bug

Real world, it’s hit or miss

Free pointz!

you do it for the good luck 😩

Alright, I should actually try to hack again, time to fire up me virtual box.

bbh must be tough on htbers who always expect a bug ig

https://tenor.com/view/of-course-gif-21373815

I’m did it back when some big DC RCE was out and people kept knocking out the dc

Was a mess

Me when someone explains to me that I have to turn on the PC first before hacking.

it's a mess also now, the connection drops are insane

I think HTB has their own prolab instance

it's too CHONK, i'm close to finishing but i am getting super bored of it

So it might help

Wait what i have to do forts too for omni

No way

RIPR IPR IP

Isnt it just boxer and chall

nah you dont need forts

I wish ent came with all the certs

Ent is one seat one cert

frosto make a book about how to become OP in hacking plz?

i would buy instant

so you can have one cert per year or what?

You thought about hacking the box, but have you thought about the box... Hacking you?

Idk I think it’s just one cert you only get 1 cert? But if HTB wants to hook us up, I’ll do every cert

lol same i told him too he doesnt write blogs or anything just pure hacking

he is too good for all that fancy social media shi, my bro is a real one

Honestly, social media is just a burden for your mental health. ((And still here I am, talking on Discord.))

you should make ur company talk to sales for yalls special needs
i am sure yall can find middle ground

You think they would wiggle for it

they might

i mean thats kinda the point of ent that businesses can get their needs met

I believe every year they stock you up with new cert attempts per seat. But who knows, HTB does like making you pay for stuff

If it's just one seat one cert then buy more seats? 🤔

It's way more affordable to just buy cert attempts at that point

i mean it would be cheaper to just get ep
do every module
get rid of ep and do every cert

a seat is atleast like 2000 ish afaik

2500 per seat, with a minimum of five seats

2500 what

cubes?

Dollars

Depends on the plan

$250/min per seat

What’s yalls largest

Seats to what chat...

soo 25000 cubes

so the actual question is can you get a seat to do do call the certs

I know my dad has 50 for one of his teams

to sit

by getting a job that pays for HTB, yes

htb ep

😩

whats ep?

i got no idea 👍

enterprise

Cool

Our B2B Offering

finally b2b makes some sense now

HTB 4 Suits

so it actually stands for business 2 business

yeah shortforms
hard to understand sometimes

It's good stuff tbf

Yes

ISSTLTFNOL

its also for B2U tbf

Brand 2 brand

If it wasn't for the fact that we need to share it between so many team members I would use it solely instead of purchasing VIP

Brand 2 brand encryption

Oh and I don't think it counts towards my ranking

but how what did yapping in genchat teach you about b2b
linkedin needs to know

EP & MP Sync

the only thing that doesnt is seasonal points iirc?

Post it, ill report the post

i will do the same o7

I've had issues with the syncing in the past. My pro lab stuff didnt sync at all (which was a good thing in my case) and a bunch of EP labs I have done show as not completed on the main platform

so in theory if you do the ep machines then it should appear completed in labs

did you ask support

No drivers? Write your own golam

but how do you write drivers in javascript

I did when it didnt sync my academy stuff

did they help