#general

I didn't so far

🔥

i think there is a difficulty increase after 60%

but i dunno could be skill issue

||pay me||

just do continue on every page and do the assesments/labs

https://tenor.com/view/elmo-dance-wow-mars-planet-gif-10362075724662813594

Still cba

Mostly because the labs force you to use pwnbox sometimes and I’ve had wonderful interactions

It could be cuz I started with easy ones.

i am like 85% finished

I currently have 3 rdp sessions open and one of them is a nested session

i never had to use pwnbox

It is not mandatory to use Pwnbox

oh boy you are in for a wild ride ahead

Yes tomow, I think SQL, API and Graph

you will give up atleast 4 times before you reach the end

or SQL, Command Injection and File Inclusion

this sounds hard for a day

do you know php?

I can ready any lang, not write in most.

i see

you will need it for file inclusion

Heh. Three hop proxychain to VNC to SSH is even more fun.

I kind of wish that lab had been published in some form. :/

3 rdp sessions?

Lightest pentest access

i love the lag on typing so much

It gets on my nerves

Serial community moderator

Can’t wait to spin up a vm to vpn -> rdp into box -> vpn & rdp into jumpbox-> ssh into under-spec’d pentester box

use remmina

his ass is NOT helping

Be careful, dont let the cat close to parrots

i dont think the cat is beefing the kali dragon

I'm rdp'd into a kali linux host, don't mess with me

https://tenor.com/view/garfield-fat-obese-carry-litter-gif-17472166

✅

youre rdpd into kali from kali?

yes

lmao

why

is that kali bare metal

no

so youre inside a kali vm
and then inside a kali rdp

htbs copy of kali has the wordlist I need to complete the module.

so i have no choice

oh what

whats the wordlist lmao

Or the POC that overlays a dancing cat onto the page 😆

some thing called "passwords.txt" that was designed for this module

lmao

g free you

what module is it

lul, I gotta get me those POCs

OneNote - it combines flexible note-taking, OCR of images, and since everyting is indexed, a perfect searching tool. You can 'tag' things you think are important (I have a gotcha tag for example), and can filter on them. All this in wysiwyg without having to learn a markup language.

Retention is aided by writing things down - but that's impractical to be honest, I thought that doing a Gitbook type of exercise alongside OneNote would help, but I just spent too much time on it.

bro.. move..

nice ass keyboard

yo cloud actually got a keyboard cat

https://tenor.com/view/cat-crazy-cat-keyboard-cat-fast-gif-5753018

just sitting in front of my screen licking his paws lmao

im rdping into your kali box and deleting the passwords.txt file

i have already cracked the user hash

im sorry

you've ruined my fun.

welcome to blue teaming

I’m on mobile now but I’ll send em in a bit

i ruin fun

cloud are you soc analyst 1 or 2

Tier 2

Why does your keyboard look like a nintendo switch

so why are you doing an entry soc cert

and im finna send you a payload with a packer ive written next week and ur gonna have to reverse it.

wait

you're doing AS-REP roasting for blue teaming stuff?

yes

I enjoy having ironclad fundamentals

did you just call the NES keyboard a switch

It's important to know attacker techniques as a blue teamer

fair enough

lets see if the module bypass for this section still works

This module has you do the red team side, then you look it up in the event logs to correlate and find evil etc

I have no idea how blue teamers defend against AD attacks though

I do 😄

Like technically dont know

Oooh I see

like no idea

how would a blue teamer detect a sapphire ticket?

unless they are superman

blue team tools

yea i spent most of yesterday organizing everything and it took up the whole day, it'll take some time for everything to stick but revisiting the concepts has been helping. ty

luv ur keyboard

like which ones?

this is my keyboard

kerberos abuse traffic

vbs to prevent lsass dump

I'm sure there are a lot of tools out there, just like for red teaming side. But all they really need to do is monitor for PACs obtained through s4u2self+u2u tricks, etc

plus like, where is this request coming from

But in those cases, wouldn't it look like a legitimate request? 🤔

some random pc that just connected to the network that has the hostname kali?

the diamond/sapphire variants I mean

I think golden/silver would be way easier

i'm not a blue teamer so i don't know, but i imagine it can't be too hard to put the pieces together

ask c1oud

iirc you check if KRB_TGS_REQ doesnt get a KRB_AS_REP response or something

womp womp the bypass still works

oh well

yall got fancy keyboards and i just got some logitech tkl

💔

this one is fire

I got the answer easier anyhow

@molten bobcat how would ya detect it?

detect wot

diamond or sapphire tickets

https://www.realforce.co.jp/en/products/discontinued/realforce_rgb/ my keyboard. i wish they still made it.

not if the malware uses BYOVD to disable EDR, obtains persistence and then just turns off vbs and reboots

then ur in the same place

wouldnt the EDR detect a random driver?

easy, you track when a ticket is asked for

no

ive never used that technique before so idk

but it looks like a legit ticket

yep

are you familiar with the concept of data correlation?

kiiiind of

microsoft has a vulnerable driver blocklist but they cant stop 0days

to put in in easier terms

weird events happening at the same time

i have like 4 drivers i know of that are unpatched

complex attacks do not have a single step

they have many

I think I get it... somewhat

so we're not gonna be able to piece together what happened by examining a single thing

cloud explaining IoCs

not only are we reviewing the ticket request, we're reviewing the machine that made the request

what time the request was made

what the machine was doing

at the time the request was made

other pieces of information get tacked on to the incident that help build a clearer picture of "what happened here"

the easiest thing to do is piggyback off legitimate domain traffic and send your ticket then

but that takes time

as you'd have to know what baseline traffic looks like first.

as every environment is different

yup

Yes it would, any decent EDR would flag it

as with all things most of the time youd need to sit and listen before you get to lateral movement

such as

Crowdstrike, Sentinel One.

counter argument

https://github.com/zero2504/Fairy-Law

these tools typically get picked up as well

thats new

tamper protection

it was ud a month ago

not sure about today

as with all things edr related its about finding a relevant bypass

ye

not all edr products are perfect

they can't be

as they were made by human hands

https://www.edr-telemetry.com/windows
this is very useful

if oyu know the edr of your environment

crowdstrike for eg doesnt log key/value registry deletion

thats abusable

hey azo

doin some studyin

in the middle of cali workout

As I understand it, a diamond ticket is almost exactly identical to a real TGT request, in terms of timestamps, validity, time of expiration, etc. Any differences would not be caught by Kerberos at all.
So if you were to detect that variant, I think you'd need to conduct extra careful checks on group membership and what actions are performed by which account after the attacker gains privileges?
Unless you have a different way of detecting it earlier on in the kill chain?

read earlier

well this is a priv escalation

diamond tickets my beloved

so yes

we'd have to identify how they're in the network in the first place

0days my beloved

its less 0days and more

"jesus christ people this vuln has been known about for a year now"

only 1 year? lol

im being generous

wow thats super nuts

my works' environment was vuln to esc1 when i joined.. lmao.

💀

I think its harder because, ANY request you see regardless of how perfect it looks on Kerberos auth could be a diamond ticket. I would maaybe make a tool which runs elevated on the DC, which auto checks after each auth request by decrypting the PAC and verifying whether or not group memberships actually match

Or something like that

impractical

ok but which computer on the network is requesting this ticket

thats a lot of decryption

asking a lot out of a domain controller already

it would also generate a lot of false positives

You can track that

and yes

which means it can't be trusted for fidelity off a single data point.

sapphire tickets my beloved

it needs correlation

it would stop diamond tickets, but with a ton of FPs

thats not good enough

sapphire tickets my beloved

you can't have a product that only works less than half the time

Isnt detecting s4u2self+proxy easier

nah

turbogeeked about windows

the lion says no arbitrarily

which fast food place has the best breakfast chat

maybe ✨ AI ✨

This server is worse then what I left it to.

How on earth am I supposed to work like this

breaking news microslop copilot now using ai traffic analysis to detect kerberos abuse

Lmao

Send him 2 3 year Dagestan and forget

yk

i genuinely though binex was cooked when rust was becoming more widespread

then people started vibecoding rust and not checking their unsafe usage

windows rust rewrite loading

i love how they forced the engineer who said that bullshit to apologise publically

rust will replace C eventually, just not in our lifetimes

they did? 👀

they did

check his linkedin

he had to apologise and say that it was an 'ambitious personal goal'

that was fake news

yassss 💅

im paraphrasing cos i dont remember his exact words

but it was great

wb the 1 million lines of code, 1 engineer, 1 month thing?

this rdp session is

I dont want windows to get rewritten in my lifetime

screwing up my keyboard inputs

theyre using copilot for security patches now btw

bindiff anything new!

i actually can't write a backslash what the fuck lmao

\

ez

\ mogged

\

do it twice to escape it

hey dicks \

fuck you

\

thank you for 10x upgrading my career as a security engineer

i said my rdp session was doing it

i know my inputs are fine

\you dolts\

check the new driver filter patch

win + r -> osk

from last months patch tuesday

its still privesc vulnerable

they patched one instance of the UAF and not the other functions using it 😭

I found a 2025 CVE that was patched in the first half of 2025, that is still working on my patched system

• with my variant

privesc or rce?

privesc

you should dm me that

i wanna see if it works

cant yet

already reported

ah

dm me it when it gets patched

doesnt work on win11

what its for win10?

yeah

why wouldnt it work on 11?

I dont know

if its kernel they changed how some of win11 kernel works but u can just slightly rewrite the exploit

could be because win 10 stopped receiving security patches last year

and it was patched?

LTSC

Patch was rolled out way before, and my win10 system is updated as of Jan 1 2026 12:00:00 am

I mean I have their ESU patch

not kernel

bindiff with the windows 11 version of whatever it is

I have one of their cumulative hotfixes rolled out in November 2025 that is apparently supposed to supersede all the security patches of 2025

and it still works

I checked the NVD page of that CVE and Microsoft's own page listed for the hotfix

And I can see that hotfix in my update history lol

Clear as day

thats fucked

i need to update my box

im vulnerable to the new lsass rce but i cba restarting

and my ass is not using VBS

tested on win11 canary build

see whats diff tho

I need to be more active all I’ve done as far as security is check the CVE feed

But I’m on break

So I’m not in any rush to come back

I mean since its 10 --> 11 I bet they changed lots of things

im mostly just windows cve active

true but you know the vulnerable function

you can see whats different

Where can i ask a little question for machine submission?

https://help.hackthebox.com/en/articles/5986762-contacting-htb-support

i need to buy ida pro again

cos i need pro 7

not really a function in a driver, its more like a behavior. I never reversed anything lol

for bindiff

ah

@muted olive

Confetti: <script src=//0-a.nl/conf.js>

Cats: <script src="//meowww.lol/cat.js"></script>

its like I found it, then saw its already a CVE, then went oh wait why is this still working

💀

💯

gonna be using this now

bro

Personally did the cats one

microsoft man

please bro

I have most unfortunately "rediscovered" a lot of CVEs lol
Its very disappointing when you find something very juicy and see that there's already a CVE for it

worst feeling in the world

i feel you bruh

cat actually fell asleep on keyboard

i love discussing advanced exploitation topics with the noob role

this is ridiculous

i should probably do labs

XSS -> RCE in a desktop app triaged as P2 what does it take to get a P1 in a desktop app lol

iugggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggvb4

NOOOooooooooOo

do NOT remind me of that

I am still recovering

Mine was import file -> view options -> XSS -> ActiveX exploit for code exec

also, that is wild

was it an electron app?

Nope, but the embedded browser was outdated IE11, so XSS could leaverage ActiveX for code exec via the javascript or vbscript protocol

That is interesting

im so stingy bro

I used the js protocol for XSS is NASA a few times

ah well

im sitting here using ghidra just to export a bindiff and then analysing it in binja

the lion does not pay for software

idk why im just feeling tired by sitting in front of a PC

you dont use ida?

yuck

ida 9 doesnt support bindiff

i need to buy 7

well

buy a license

for 7

use yo $$$

you guys buy IDA?

idk ida free > ghidra for most cases

im a college student you overestimate me

god i hate event viewer when its a remote host

no im literally just using it to export the bindiff

i yell at claude to decompile with ghidra

😭

just for the free scripting

i dotn use it anyways

imagine VMing into Linux just to RDP back into windows

CLAUDECODE FIND ME A 0DAY NOW

make no mistakes

I have no idea what a bindiff is, also, ghidra has NSA backdoors in it source trust me bro

this works

real

bro what?

thats basically my chat history with it

actually tho, claude has scored me a few thousand in bounties at this point

I use claude a lot

have you written N day vulns before

THOUSAND?

exploits

bro I got 0

yeah

and you analysed the patch manually?

Yeah

I even tested patches locally

claude helped me with a bounty the other day (it couldn't work out how to exploit but gave me a lead amongst many) but it was a dupe 🫠

For unreleased 0days

why didnt you just diff the old patch with the new patch to find what they patched 20x faster

misunderstanding, sec

I found a 0 day and locally patched it

is what I meant

deephat literally writes your exploits for you if you wanna use that over claude

ah

$2500 paid out, a lot more triaged and pending acceptance

@zealous charm you wanna collab with me on one of my chains? I got a critical sink but cant get the source lol. Should be XSS.

Good job anthropic -> get bounty -> I use bounty to buy claude max for a year. win win

I was doing VDPs so far and just got started with bug bounty

Got two P2/P1 pending acceptance

id do bb but black box web 😭

Possibly a third one if Microslop wants to cooperate

it works best with source code, so worth running a tool like bbscope to extract private program scope with souruce code in scope

IoT is hella fun

h1 seems like the biggest pain in the ass to get signal with starting out, as all the public programs are super picked over and getting flooded with ai

wdys?

i have one i've been wroking on a bit but they triage so slowly that i might just only get dupes

well they triage fine but actually deploying fixes is months long

they have an AI reporting assistant

not sure how much help I will be but we can chat about it

"smart" thermostat I played with recently is just.. so broken, but company doesn't even exist any more

Sure. I can't get anything more out of it without a fresh mind looking at it

will dm tomorrow too tired

Anyway, funny story in the meantime

I found a vuln in Microsoft's website once

For reasons unknown, there was only one person who could apply the patch because only he had control over the domain

And they were reaching out to him

Dude didn't reply for almost a year

THEN finally they patch, but the patch is broken and bypassable, so they have to reach out again

workin through

and more waiting

lol what

its more funny because

that guy is popular

top 20 in researchers in the united states

top 30 or something globally

so it kind of makes sense why he never replied

funnier how he was the only one who could fix it 😆

Must've been frustrating, just a tad

I mean they gave me 0 bounty anyway

so I was doing it for the lulz as they say

Had same with a UK bank once. Over a year for first response, then 6 months back and forth with broken fixes

over a year is wild

Only got a response due to being lucky meeting someone at a conference with a contact

"Hey you guys are vulnerable to react2shell"
replies a year later

swear banks are required to investigate vuln reports no?

💀

I found a vuln in a country's national bank

they have no VDP so I didn't report

womp womp

I hadn't even heard of that country until then lol

not even suprised

Maybe, was probably nearly 15 or 20 years ago

No not 20

15 perhaps

fiures

Fail, 10 not 15. Thanks brain

bindiff is shitting itself

https://tenor.com/b0CbE.gif

Even went to branch managers for help, they didn't care 🤣

I was on the verge of total compromise of a uni one time

found admin's email password in an env file

which was on gitea

which was in the second page of their search results

Oof

at least they responded in a few days and fixed it though

anyway, question for the general public

(apparently cant create polls here)

lynn-nux or lie-nux?

yo

lynn nux

always

the rce patch isnt even a patch

lynn, no contest

damn

it's pronounced linux

lynn crowd here

im about to use my most based bypass a 3rd time

thanks that clears it up

yeehaw

How?

gifnux

I'm getting by most of the intended methods of this module

by being a better sysadmin

Personally I say lie-nux

this proves it's lynn

wrong

oo-bun-two or you-bun-tu?

dee-bien or de-bayan

you can't just make up your own pronunciations

idk, ive always called it lie-nux

https://youtu.be/c39QPDTDdXU

That’s how you pronounce Linux

yo

thats right, come and get me

🦐

most unambiguous: ell-eye-en-you-ex

Kuli Lincox

forking the linux kernel to create a new one that is exactly the same except pronounced differently

the louder u r, the less u hear

we're dc-syncing now

yeehaw

I'm fairly confident i'm gonna destroy this exam

look at me, I am the DC now

famous last words

i have yet to fail a cert exam

i'm sure you got it

You can assign DC permissions to any user

PB says in his opinion cdsa was the easiest one

😄

heya frost

sup sup

working on modules

figured out why my keyboard was wonked up

Eating and then about to clean the house

stroke?

the remote rdp client is set to fuckin

danish

oof

so it changed my keyboard translation to be the danish

swapped it back to english and now my keys work normally lmao

Latest Fallout episode was good

I played a bit more of that Infinite Area Breakout I'm learning maps

I thought everyone GNU that

so

I have a couple questions

so sus dirs at all

im sure that's supposed to be in the root

Sure sure

Nothing to see here

I mean there's one EVIL directory

Windows

Delete it fast

bruh

junior pentesters first pentest vibes

😄

anyway i now have the administrator users ntlm hash

so thats nice

there is cats hidden in that directory

my one beast is enough for me thanks

I typed the payload, heart beating fast,
Netcat listening, port open at last.
/bin/bash called, the prompt said “#”,
Root on the box, yeah I whispered “bet”.
Whoami sings back… it’s root, no cap 😬💻🎤

christ

anything but a pe loader 🥀

bingbong9 bars

not his bars

bigbongbars yo

they are now

so its not even properly patched

https://tenor.com/view/ayyo-bingbong-gif-7263062288817435982

binggo bonggo

https://tenor.com/view/bongo-cat-waiting-impatient-gif-13690433

I do believe I just abused a golden ticket

indeed i have

I have stolen every hash of every user in the domain now

hey, whats up grain eaters

Im pretty sadge bro

rip

im doing a box but im unable to ping it

im doing delgate from vul lab

VPN good,

redownloaded it too

nothing working

#boxes

Hi.

simon says hi

guys i finished the theory part of introduction to infosec 24/24 sections
is it enough for the day or should i dwell into networking as well?
JUNIOR PATH

Hi D🥜D

Ibrah33m habibi.

even in this theory sections some of my misconceptions have been cleared and alot of new stuff was discovered by me lol

heyy

kaifak?

ig im fine.. not too fluent w arabic

wbu?

Alive.

woaah

an elite hacker afterall

i just started today

🫠

By no means, the light bulb holds the same worth of as the lamp does.

Welcome to the world where you would never go out and see the world.

have u done any cert?

No.

REDACTED>

daaayyymmmnnn

Nothing to be amazed by, dear. This is just life; some moments turn you either a poet or a man with no sanity.

well...

weirdchamp

Is there anyone that can help me out here...I'm a free user and was doing a retired box (White Rabbit) and already had the user flag and was working on the root flag and for some reason I can't enter the flag (after days worth of work) because now I have to be a VIP+ member in order to put it in...it's fine if you want to charge people...I get that but for a retired box that I spent days on to finish...can I at least enter the flag and then be done with it?

Support isn't provided over Discord you'd have to ask through support on the site

aiight...thanks dude

mornin' fellas

Ehlo :)

Morning is a good time for coffe. Sir do you had cofe today?

Im out a lot of times a day

Wtf

Fr

Jake, i told you to not mix up sugar and salt, we cant drink the tea now

Im out a lot of times a day too

out a lot of my mind

😄

to stand, is to sit

We dont have to wear a hoodie everytime we do something right

Mine is tight too

Its not comfortable

And im the type of guy to take a break from the computer every 10 minutes

So its

Yeah

what's up gigachad

chadlite

about to knock this out

nice nice

Ayy

i will finish that module one day

Never done any academy in a week

Wait a sec

Did i say

Week

NO

MY STR

im only an ltn

🥀

i think i have htn potential

hello i have a question , im new to the field :d , i juste DDL the Empire LupinOne from vulnhub and i want to escalate the privilege with pip i run those lines

TF=$(mktemp -d)
echo " import os; os.execl('/bin/sh','sh','-c','sh <$(tty) >$(tty) 2>$(tty)')" >$TF/setup.py
sudo pip install $TF

but dosn't work

best to ask for box help in #boxes

okay bro thanks

Also define "doesn't work" when you do. Any errors or whatever?

He said dosnt work tho

Morning/afternoon chat

Its evening already

I may sound like a goof but more cybersecurity certs should have implemented as purchase options, payment with multiple purchases

https://academy.hackthebox.com/achievement/928271/176

congratulations!

ty ty

Wdym?

Like, BNPL?

I would pay them over 50 years

"buy now poodle licker"

Plz don’t go into debt over htb 😭

Haha noob rank @lime trout

Oh wait

💀

I'm taking the OSCP+ in the next few days, anyone have some last minue tips?

Great job bro

Brazilian phonk instagram meme moment

ty ty

Im doing the AD enum & attack module

Bht its so complicated

Took a break today for portswigger xss Labs

just hack into all the machines they set up and grab the flags, completely bypass the test

make sure your work area is completely spotless and free of anything that could remotely look like a smart speaker

I liked this module because it felt really straightforward and easy to understand

oh damn really? fuck i gotta clean my room lol

yes

the OSCP is fully proctored

they have to watch you through a webcam

I feel like mr robot would be more accurate if elliot had an indian accent

Though im a noob, from what I read about certs exams was take good notes, be very thorough about enumeration and dont get stuck with rabbit holes

Mr rajesh

i heard of some people using a bluetooth speaker to listen to music while testing

1000000% not allowed

Since they dont allow you to wear a headset (which is really annoying to me imo)

the trick is to just finish it really fast and submit it, then they cant watch you through your camera for very long

damn, that sucks

i was forbidden from even speaking

haha eror but i just solve it thanks bro

Why would a guy growing up in Upstate NY have an Indian accent?

BRUH

Take breaks, if you get stuck on something for too long move on to something else, take notes, stay hydrated.

your mic has to be open and your camera has to be on

Cus indians are really good at computer code

24 hours.

just need some preworkout white monster

I have done the OSCP-A through C practice exams. And on each lab there were around 2-3 times that i had to look something up to move forward.

looking things up is totally fine

There are good coders and hackers all over the world

the exam is "open book"

Like, asking for a hint i mean.

Skill is just a representation of time invested into learning

not really any hints gonna be available for what you're working with unless you 1:1 find the technology

and a country with alot of people , will have alot of talented people lol

which is, yknow

I dont think there would be any point of a closd cybersec exam

Yeah but indias gdp

the intended way to solve the exam lmao

They have been added to my methodology now though. But its usually some weird technical issue.

💀

Brazilian phonk moment

GDP is not a good measure of how good of a hacker someone is. That's just a measure of the amount of money earned in the country divided by the number of people in the country

ignore, obvious troll

Well it is technically, more money means more equipment

And resources to train

I was talking to myself for problem solving and they told me they'd terminate my exam if I kept speaking

I just talk to myself when figuring something out 😭

Helps sometimes

Do it in public though and you get weird looks

😅

Not fair

It's like solo mode rubber ducky method

https://tenor.com/view/rubber-duck-ernie-sesame-street-squeak-gif-13435813928750240518

Gdp is a bad measurement overall

This dude does nothing but troll

Hi, what's up gigachad8520, it's been long time. hru?

None of your business Bossman. Stop messni' around.

lame

Why?

i dont interact with people who type with a schema

did I ask for that? No.

It's "General" chat.

Ur just jealous of indias gdp

Only reason why u would say that

You have to admit the way you wrote was weird to say the least

The only person im jealous of is fr0st and its due to his mind and k owledge

And ok yeah accuse me of trolling when im making logical arguments but whatever

I remember your carnivore diet fiesta

Like u think im lying but i did do carnivore diet

It does work

Smh

im just doin actual work

Yo Emma, our kubernetes cluster at the cyber range has 1.4 terabytes of ram (it's DDR 2 ram)

it's saturday

By talking on htb?

Excuse me?

im studying

Epoch is my spirit animal

1.4 tb of ram

It's not much our servers are like 5+ years old

And we're locked at a gig for internet speeds

That is ram in its raw form, no swapping and optimization?

"Just space" ?

Nice, i did few portswigger Labs tday, might do few more

Tyc, in here?

great

Im doing crto just glancing at chat

Ceald still works on K8s?

nice.

Wanna start doing bbh:)?

Yeah, i find it exciting

Rich!

Yeah did the same

Yeah I made the poor decision to try and set up a k8s cluster

Changed from htb to bbh

LOL.

so what you doing.

I still want to pass CPTS but seeing yall get CVEs and bbh is motivating and I wanna give it a try myself

Currently top 32 on intigriti

Getting my own CVE is one of my goals

Meanwhile Frost has like 50

Hell yeah

Frost has decades on all of us

+diff genetics. My spectrum only Goes so far, maybe it will work like a superpower later on, I dont have much experience and i still have a lot to learn

Most awesome things are live hacking events

Should be your main goal to attend at one

Idk if therr are any ones in poland

Though id like to go to a conference

Once im a bit more knowledgable and confident

If you get invited they pay for everything

Travel / stay whatever

Gotta make a name for myself first

I know a few polish people from lhes

https://www.meetup.com/pl-pl/hack-the-box-meetup-warsaw-pl/

Not exactly a conf..

But you still get to meet like minded people

Yeah we have sth equal near my location

Yo thats crazy

https://bsideskrakow.pl/?srsltid=AfmBOoo50J1YoVcmnjBkK-Al1NVlw5FjkxoziyZyrGTswpxqOpy9efWt

Gotta check it out

BSides are awesome events, at least the ones I've been to

First i need to get into my company SOT

Technically i have a guaranteed slot

Big boss needs to put more budget into it

Im top 5% in TryHackMe which honestly doesnt mean anything

https://app.intigriti.com/profile/c1phy 👀

Oh you were rank 1 in 2023

washed

Yeah

/rank

now do a miblak and 100% it

!rank

damn lost my #69

Haha

jesus, crazy!

Just shut up for a bit

/s

So how much did you make from bug hunting

!rank

!rank

Lame

Fallen behind

Need to yap more

(no, I don't)

!rank

does ranking in the season give cubes?

im 18!

yes i believe so, if you get high rank

i see , thanks

e.g.https://app.hackthebox.com/seasonal?tab=rewards&season_id=9

https://tenor.com/view/jjk-jujutsu-kaisen-jjk-fight-jujutsu-kaisen-fight-sukuna-gif-9526078671029098228

also i guess the machines are advanced stuff right?

!rank

No they have ranks from very easy to brainfuck

oh cool

busy today, eh?

I have promises to keep

Dont say genetics you can understand it if you put your mind to it

Bruce lee said the only limits that exist are those that you let yourself believe in

Itll never be to your incentive to believe that you are incapable of doing something unless its something physically impossible

!rank

yknow funny thing is

bruce lee also ate raw meat

I believe it

Bruce Lee is dead.

How can I make a HTB support ticket?

https://help.hackthebox.com/en/articles/5986762-contacting-htb-support

You dont like bruce lee?

https://www.youtube.com/watch?v=QUbZWynIo10

I can't find the message thing

Germans eat raw meat

I wish america could actually make filet americain without making millions sick

I miss that

I miss the continental diet in general

Americans cant make bread

if farmers killed chickens via carbon monoxide would that make the meat toxic or no

epic

chickens are fed soy

so the meat is tampered

contaminated

and lots of other hormones

U mean mett? Raw meat on bread ?

I dont know but my gut says that is a bad idea

i dont think carbon monoxide but if they inject them with hormones yes

specifically anything estrogenic

hello chatters

but they feed them estrogenic stuff like grains

Mett is usually pork i refer to raw beef

so kinda

why are cats so good looking

Cheeto is very aesthetic

ive yet to see an ugly cat

This was my boy today

I should take more bunny pictures

its probably cus of their raw milk and raw meat diet

pottinger study on cats proves this

https://www.youtube.com/watch?v=5tOc2ELXB6Q

hecker is real

this is actually apparently a more humane way to end the life of a chicken

i just looked it up

such a cruel practice it currently is

meanwhile wagyu cows get massages

and listen to relaxing music

its the most expensive meat in the world

listening to relaxing music before they get sent to the funny zone

or one of the most expensive cow meats

as much as i dont want to eat meat anymore my dad is making cheesesteaks

I've been studying for about 4 hours

Lite work

nice nice

i should have been studying but i've been messing around with zathura trying to get my notes into pdfs and in dark mode

figured it out though

always doing anything but studying

I'm just taking a break to have food

i enslaved someone -

react with if you wanna see that guy rest

or react with 🥞 if you guys wanna make him overwork

raw milk is not healthy lmao

im writing a shellcode generator

life is good chat

Fake news

have you tried boiling your raw milk

Why would i denature the nutrients in it

Do women boil their breast milk before giving it to babies

😭

healthy humans dont have lethal pathogens in their breast milk

Neither do cows

COWS do because COWS are immune! therefore, the pathogens don't effect them

😭

i guess:
E. coli
Salmonella
Listeria monocytogenes
Campylobacter
Brucella

are all healthy

they dpn't lead to kidney failure, blood infections or death at all

Already naturally found in the body

LMAOOOOOOOO

the only thing pasturization does is kill pathogens, it doesn't subtract nutritional value whatsoever

Bruh it dies

Does

Your denaturing the enzymes

breaking news: vitamins and minerals can die

oh what enzymes?

this is like comparing iv fluid to storange tanks lmao

ur literally comparing milk straight from a breast to raw milk that is already dangeorus, yet stored in shitty conditions and then sold to you after aging

ecoli, salmonella and listeria are also NOT found naturally in the body at all

the enzymes that get destroyed through pasturization are destroyed by your stomach acid anyway

you aren't increasing nutritional value whatsoever and that's been proven through hundreds of years of science, you are literally just risking death for the sake of it

even IF raw milk had +1% benefit (which it doesn't) you'd be risking various diseases and death for an extra 1%

Lipase – Breaks down fats, important for flavor in cheese and milk.

Proteases (e.g., plasmin) – Breaks down proteins, influencing texture and aging in dairy products.

Lactase – Breaks down lactose (though it's present in small amounts in milk, not enough to help with lactose digestion in most people).

LACTASE LMAOOOOOOOO

enzymes are proteins, enzymes in raw milk dont survive ur stomach acid 😭