#general

windows
👊

ai is nice tech in my eyes but i hate how everything is pushing it so forcefully

i love it myself but its actually insane how much companies are forcing its usage

They have to push this shit everywhere to justify their expenses.

The more it’s publicly pushed the more it’s costing them tho

If they taught ppl how to run it themselves then everyone who needs ai can power it themselves

But they need to cater to the idiots they raised

Besides they offer pro and plus labels when they buy their monthly tokens so that the user could feel more like a developer/engineer while busting out them prompts

If we taught people to generate their own power all power-grid problems would be absolved as well as waste being limited.

BUT THEN HOW COULD WE MAKE MONEY OFF THE POOR SAPS??

Yea this goes for a lot of stuff, if the average joe knew how it worked it could save our mother nature a lot of stress

Oh well. It's as I never say: "All's terrible that ends terrible."

So many companies would go under if ppl started growing their own food and harvesting their own energy 😂

Good news, you can only buy seeds from monsanto and have your machines fixed by official techs or they can shut you down 🙂

Yea, exactly, the world has been irreversibly damaged honestly in my opinion, only hope it has is the media keeping up the momentum is has right now I mean this has gotta be the largest percentage of wokeness there’s been in a while

Always a loophole man! Gotta play them with their own methods, they made the game!

I don’t wanna get into politics but there’s a reason why the files are as sensitive as it is, them elites did half of that shi legally as illegal as it looks through the evidence.

Yeah... I use sharepoint as my launchpad now. 🤣

@dull harness

Good Morning

agreed

Morning

morning folks

no work today == Gushu can spam chat a bit

is AI killing everything now development and hacking and he keeping doing it like this ??

yup. give up and quit

😉

I agree. Not a big fan of Academy 2.0. The UI requires way too much clicking to get to where you want to go. You first land on your "Dashboard"/"Enrolled Path", why can I not immediately click on any module within the current job role path I'm on? Why do I need to click on "See Full Path" when the module list could be right there for me to visit or re-visit quickly and then when you click on "See Full Path" and you see your list of modules for that job role path, you click on for example "XSS" and now I have to click on another button "Revisit Module", why would you not just immediately go to the XSS module instead of making the user click on another button. It's way too heavily nested with unnecessary button clicking IMO.
I do like the text change though I'll say that.

You can always swap back to legacy

Yeah but isn't the change to 2.0 being forced soon?

did you?

It's just the default, you can swap back any time

I see. Well that's good if we can switch back. I like the text of 2.0 but too many buttons to get around imo. If they changed that I'd be a fan.

❌

Sure buddy

What do I know

No

Man I need to study alot

What subjects

DBMS for college, AD for pentesting

Oh dbms that is great

Also need to learn Java cause my exams are coming closer

Ill send you something rn

https://tenor.com/bQTHO.gif

I also gotta do Java

i'm software eng developer i know know Ai can generate code and i see people with no knowledge creating code and they want to challenge me LOL and like they saying you only wasting time learning JavaScript and python LOL but i see that they only build without knowledge

Im going out to meet a friend

I'll study when I get back

now i want TO learn about hacking but saw Ai is entring this faild and say what the hell he will find bugs and left nothing for us LOL

After a decade you will stop calling yourself software eng developer

Hopefully

Yeah probably not

what i will cal my self then ??

A developer

Ai generator

Well I think you'll just reach vibe coder

yes true vibe hacking now

??

Sure buddy

pro hacker Challenge noob

Yeah yeah

crazy

i swear

the quastion is what is left for us nothing LOL?

Not worth my time

You're right no more quastions

happy sunday

https://klipy.com/gifs/cardcaptor-sakura-cerberus-1

artificial coffee keeps my high

Morning chat

Wsssp

time to start tthe grinf again

hopefully this works

Hello

best of luck!

thx <333

ngl the diff maybe over

cause this is pretty medium diff but oh well

but please be patient as testing might take some time

ofc

Or just create chaos

And ping them everyday for status

I'll ping you for status

you and @sturdy thistle

thx

lol

you are actually playing Life is Strange?

don't get me wrong,

I am actually impressed

yeah

its rlly good

yup 🙂

This is so weird dude
I dont know why everytime I open my VM, it fails to connect to the internet

are you using vmware workstation?

Virtualbox

Oracle

I think I messed something up

I can't help with that as I don't use it

also i kinda need to thx them cause they helped break my egg🤭

Hmm..

im using mobile so i cant see what is on anyones widget

sad

@marsh shuttle your website is down

something something cloudflare

my pc is dead

again

ugh

ouch

that's painful

Hello guys is riseup VPN a good free VPN?

Free VPN is not free

you pay with your data

Well..
I better stop learning hacking till university then

I wanted to be a Cowboy but they invented the car so now im just a walkman

I would not trust free VPN services bud. Though i can recommend Mullvad VPN for 5 Euros a month. Works like a charm

I trust riseup

they are a collective no a company

Why do you need a VPN?

I recommend proton

love it personally

I don't understand networking basics,any one teach me in tamil..

I'm unlucky,cuz English is not my mothertongue

Neither is mine 🥀

XD

Aren't y'all the one who beat people for not speaking your language in your state

Nah

U sure

thats karnataka

Oh neighbours

India

Lore

https://tenor.com/sUHzxCiAuom.gif

Ok let's talk about network

Have you tried linkedin?

Network,networks ,networking?

It's good for networking

There's always some drama here
If shit goes too well
Someone will create something

No..is this learning platform?

And the cow dong stuff

It's networking platform

Is more like an unlearning platform

You flex on others to show your superiority etc

Tbh I never heard about it or saw it

I've seen videos

What can I do there?

Weird fetish u got

There you can expand your network

Bre is not fetish

Is knowing what your neighbors do

Sounds kinda sus tho worded this way

https://tenor.com/view/fumo-touhou-reimu-reimu-peek-peeking-gif-22922061

I'm using router.but I don't know how to works?

How it works*

Get Started with the HTB Beginners Bible: https://www.hackthebox.com/blog/learn-to-hack-beginners-bible

Do u know how your phone or computer works

Yes

Damn

Working on OS

New OS?

Windows 7os

I'm in 80s

?

Joke 2k

I can't afford that

K

Poor English

I'm Getting likes..going to be famous

Become*

How are you working on an OS when you don't know basic networking?

we need more vibe coded operating systems

OS as in Other Shit

Osmosis?

https://tenor.com/view/nyan-cat-gif-12825572973999723398

Be careful to not accidentally eat thermal paste, the taste lasts at least 24h

When you change it wash your hands

Thanks for the advice I was about to put some on my coffee

LOL

ACCIDENTALLY

what's the point with this quantum thing with cybersec?

Wdym "quantum thing"? There's lots of stuff going on in quantum computing

quantum teleporting to your location rn

i ack that but is there any changes that will be possibly there in mainstream cybersec

At least it should change encryption algorythms, because quantum computers are litterally counterpick against almost any modern encryption. If you had quantum pc, pure bruteforce would've taken hours not billions of years

Deprecation of RSA, for one thing, although that wont happen overnight

exactly

Mostly password cracking tech that'll be obsolete by the time quantum computers gain enough qubits to so it. Quantum resistant algorithms are already being developed and rolled out

bro don't say that this answer is the first 30 minutes of every cube talk

don't spoil please

that and how do I start in hacking

The answer is don't

LOL

i dont listen to them so idk

time for argon2

https://cdn.discordapp.com/emojis/1308772568865574983.webp?size=128&animated=true

Aye yo fellas, Wi-Fi or Ethernet for hacking

I want y'all opinion

the answer is Arch linux

Ethernet

Wifi is slow

I mean not just for speed

Well, I mean about ethical hacking

Ethernet

Hmm..

Well I better get myself a PC then

I am sorry in what context would anyone eat thermal paste again?

I'm crawling with my laptop

Good day

Idk why people still talk about, "hacking wifi"

Well just so u know I'm inside ur router

script kiddies do, or because of new htb course

And?

Nothing much just going to steal some ice cream and then get lost

yet another release of an easy lame machine to be bloded before we can even spawn the ip

find the cve... run the cve... collect the flag...

Mam do not add it!!!
What are you DOING???
NOO!!!
NOOO!!!
Do not REDDEM THAT!!
Do not REDDEM THATTTTT!!

DO NOT REDEEM THE CARD

Thanks for telling me about oracle attacks

Doing CWEE stuff?

Yup

How do you even spot that shit

zimbabwe

Specifically the padding oracle attack? In the wild? Never

Timing oracle attack

I mean

Oracle just basically means you can get some observable response discrepancy, so you can have a UUID/GUID oracle for IDORs, a timing oracle for time based SQLi, etc

Oracle own TikTok

Can this be used to extract responses?

That are otherwise unviewable?

just out of curiousity, I want to learn how to use kali but saw that HTB has their own VM. Should I use my own VM (and install tools as i progress) or do I just use the HTB VM (I'm new to cyber, sorry if its a dumb question)

just use kali

use parrot in academy when it makes sense, like for sql labs

okay, thank you

i need some guidance regarding cybersec certs and balancing uni with hackthebox n certs

drop out of uni and fullbore the htb academy

there ya go, your choice whether or not to take the advice

that's not really an option for me bruh ik uni is useless

i dont care

im actually a bit serious ... if u guys can give some doable advice it will be great

i am too, and the fact you think im not means you arent serious

Ask your actual question.

if any of the following does not apply to you, uni is the worst decision you could make

1. you are a hot woman
2. you are a rich man
3. you are both

Hello everyone !
forgive me if this isnt the appropriate channel for this question. I recently acquired a CompTIA voucher and i plan on taking Security+ cert soon. Im sitll in my uni and i plan on pursing a career in cybersec. I want to know what would be a resonable roadmap to follow to achieve the following (not in any particular order)

1. Pass the certification (right now im planning on just using professor messer's yt)
2. Git gud at CTFs
3. Reach a level where im able to take part in bug bounty programs and potentially find zero days rather than LLM-ing my way through

Hi

I am currently doing OS fundamentals in htb. Which cert should I parallely be doing - CCNA, Comptia, which one?

overwhelming chat..

Im looking more towards resources that i can follow.

your comptia cert and uni degree will not guarantee you any career, at this moment in your life, you are faced with a demoralizing future if you are not extremely specialized in this industry

thats all there is to say

thats a rather pesismistic way to look at things. while i agree that the market is tough out there that is not a good enough reason (at least for me) to stop trying
also that dosent ans my q :)

Disagree with the second half but the first point yes for Brath's statement.

You didn't ask one. :P

i just got done presenting at bsides seattle and talked to over 200 people who asked the same questions you did, i am not talking out of my ass. it was horrific

i feel bad for you

i mean that

its not fair

Yes. I do agree with that. So I need to grind HTB, for sure. But will going without certs convince HRs??

Gooood mornin

in what sense

HR doesnt even look at the resume man

like i dont see ur point

Ai has taken your future

Oh hush

i know. and im sorry

disagree

Really though, your best tool is networking.

It's more important than ever to recognize your own worth

A lot of companies will have very garbage offers and its unfortunately your responsibility to choose a good employer for yourself

1. if u just sit and do nothing thinking ai has taken ur future then ur setting up urself for failure anyway, might as wellgive it ur all n fail than just giving up before even seeing what u achieve
2. the very companies that preach about ai taking jobs are hiring for 350k

that says a lot abt "Ai replacing humans"

jesus man

The only reason it's replacing people is because every moron manager is shoving it into everything and making it mandatory to look cool lol

i get it, the job market is tough, hell im striggling to get internships here i get it. but thats not a good enough reason to not even try

alright, live in the delusion. i gave you solid advice

thanks ig?

no problem, its free

Brath is an acquired taste

Welcome to cybersecurity

id still appreciate if you answers my q even if its just another guy living in dellusion :)

Some people are your friends while being dicks to you?

hack him

What was the question? I don't see any question marks.

Brath cares about people he just has a different approach

.

Sec+ is asked for a lot

Even if it's not the best content ever

Yeah yeah stop demotivating me - I am not quitting. im first thinking of going for an internship and climbing up from there...but the point is - which cert to go for - i ask for your kind advice if you aren't script kiddie and know hacking, networking, os, assembly level malware analysis, debugging with gdb, ghidra, actual wifi hacking using wifiphisher, not a youtube playlist follower, knows backend - session hijacking, burpsuite, actually done some shit...then tell me serious advice. else don't bitch about 'ai taking job'.
i just need some honest advice regarding cert
roadmap.sh seems like all shit at one place
give me real working advice.

I suffered through it once before it's fine lol

im actually followeing the roadmap given my networkchuck

i dont rlly wanna spend money for the a+

I don't really believe in roadmaps

hence jus jumping to sec

But yeah I think at this point A+ isn't gonna serve you well

what does sec+ talk about even , security in corps in general , like things to do and guidelines to follow?

fair, it just gives a good path to follow even if u dont stick to it

A+ is for folks who wanna learn to fix computers

Yes

there r certain iso requirements

It gives an overall view of how security works

that certs help u pass

and hr filters asw.

It's.. real generic just to let y'all know lol

oh no i know you need the cert but i didnt take it yet really i will leave it till i finish any of HTB certs

More a statement but sure. Brath is right, that neither Sec+ nor a degree are silver bullets. No where close but if you are already started I would finish it out. Sec+ isn't going to hurt and if you already have a voucher sure, go for it.

Oh yeah if you have a voucher give it a whirl

i actually do have a devent experience not in terms of cybersec but in terms of linux and stuff that ill be using in the field

That's good 🙂

im not saying that the cert alone /degree will help me standout

been using linux since high school, pretty comfy w terminal, setup my own homelab w proxmox n spun up a mc server etc

I'm of the school of thought that as long as you apply yourself genuinely it'll work out eventually

Humans are very, very capable

since im thinking more seriously abt picking one field

The only thing that matters in the post-human world is knowing the right humans

🧢

network your ass off or suffer man

Knowing the right humans is genuinely how society has operated since time immemorial

Haha

for the past 50 years you could stand out by playing the game

but you are right

guys all that is fine and nice but yall still didnt give me resources to refer 😭

For sec+?

we all have diff views

When I read something that starts with "gen" my brain auto-completes it with "GenericAll"

What specific thing are you after

Sorry I get distracted when it comes to learning philosophy

have you tried google?

apart from prof messer and also for the accomplishments ive listed (ctfs and bug bounty)

Oh uhhh

I actually do have one

What an interesting subject

He's got

A cowboy hat

What's his name..

sorry my 2 brain cells didnt think of that

Mike Myers!

Brath isn't a script kiddie for the record and though I may disagree with tone and long term outlook, they are correct that the market very much sucks currently.

To answer your cert question, HTB certs don't have as much recognition but are great for learning. What I would generally do is look at job listings for jobs you want and see what they are asking for. If a HTB cert is on there that you want anyway, fantastic. If not does it help you learn the skills you otherwise need and show that you know them? That could also be worth doing.

https://www.udemy.com/user/mike-meyers/?utm_campaign=Search_DSA_GammaCatchall_NonP_la.EN_cc.US&utm_source=google&utm_medium=paid-search&portfolio=USA&utm_audience=mx&utm_tactic=nb&utm_term=&utm_content=g&funnel=&test=&gad_source=1&gad_campaignid=21341317636&gclid=Cj0KCQiA5I_NBhDVARIsAOrqIsYlSzC0LwEw4qw55DdODzRcEjE_vrao0xFktRozdLk2vuU6-gOlfuUaAmE3EALw_wcB

I like this guy!

thanks a lot :)

This goober helped me pass my exams

Hi Guys, I came back to htb after a couple of years. In the academy page, where's the OpenVPN download button now? I cant find it

Thanks a lot

Top right?

Unless academy 2.0 moved it

I don't see it 🤣 Could it be that academy 2.0 doesn't have it?

Nah

You still need a vpn

It's somewhere I haven't screwed with academy 2.0 yet

Cloud I just want you to know I don’t bare any hatred for you, I know we don’t always get along but I genuinely hope that your CDSA results come back good

Oh I don't hate you either lol

But thanks!

olive branch extended, refreshing

I'm sure it'll be fine

I'm visiting friends today to help fix his computer and hang out

Had to swtich to legacy, to download it. Just FYI in case you try academy 2.0 at some point

I'm sure the button exists somewhere

i have question guys about server logs can you make the logs so they change a value of something like lets say if i want the logs to always write 127.0.0.1 as 192.168.1.1

Mennyire vannak itt magyarok?🙄

Hm. I believe so yeah

Logs are typically just text documents so if you're talking about altering the log after it's generated or afterwards for analysis

You can use a scheduled script

In terms of configuration.. I'm sure logging solutions have answers for this?

does cloud service providers or any servers service store their own logs of your server or they are stored only on your sever?

Oh yeah you're not getting log storage without paying for it one way or another

They take up space

Anybody buy iranian metal

You either have to provide the storage or pay out the ass for it

Most businesses choose to simply not log

Both tend to be options. Typically theirs but you can send stuff to your own if you wish usually.

El Nasir copper?

@austere sigil omg i got the date wrong on the writeup

hmmm alright

The best solution

Is to ingest log

With log ingestor

Then ditch the copy of the log

Because the log ingestor has recorded it, it doesn't have to take up space on the server

🪵

oh no i asked because in case of a cyber crime for someone using a server service to route things thro it and in the logs it change their Ip if its possible

Log alteration is rare as fuck

It's usually done in the form of "delete the logs"

i mean wouldnt faking it just make it longer for the feds to get to you because you making them look in the wrong direction

No

Because any analyst worth a damn has methods of detecting if files have had their integrity fucked with

thanks very much for the advice. As a college student at this point under peak stress and who doesn't want to quit, I have tussled with so many other areas in IT and tech that my mind is fried. I am sticking to cybersec. I have been through that phase where I didn't exactly knew what to do really - which path to pick - ML, AI, Web dev, ...so...its been pretty tough and when I hear people saying - do this, do that, do everything at once, it feels a bit overwhelming without a structured map of things ..
like if you see, even in HTB, I think you can choose any path you want to - whereever your interest lies. Everything seems interesting to me in cybersec. But I feel your advice is fine when it comes to specificity. Thanks for that.

Timestomping, file deletion, log alteration..

These are things that can be tracked and caught themselves

rocket fins

Good quality ngl

Timestomp my favorite

dont tell me you are the Aluminum for 300 dinar guy

part of hacking is the ability to make your own maps

nobody holds your hand on an engagement

Hold your own hands

Like this

i do remember in one of the labs using something like this to get password change after it got deleted

When a file is deleted

It isn't gone immediately

😉

oh yeah it only mean its space is free to be overwritten or something

Bingo.

Isn't created immediately when its created either... 😈
#TOCTOU

Reverse Cursed technique revealed

is CCNA worth it? Or should I not waste my time after going through networking course included in my IT curriculum ... ????
so do I go for sec+?

not unless you zero all your free space out every time you delete something

CCNA is a Cisco specific networking cert

Throwing it out there

with 100% sincerity, i think your professors are fucking your future up

ik

CCNA is worth it imo

you are naming nonpractical certs

Hey now hang on lmao

those are meaningless to people in the know

The CCNA is asked for

dont impress people inundated

im aware

by idiots

the thing is people take ccna because companies ask for any IT experience before giving you cybersecurity job

Your college gets kick backs for promoting pearson, microsoft, oracle, cisco, etc certs and knowledge

does tails linux do that?

a google search would show you why thats a bad roi

without making it personal user49

ohk so IT deg will be ruling that 'necessity' right!
no need to go for ccna for 3months 😅

did your professors ever work in the industry, ever?

tails is a gimmick OS

It's built for people that either really know what they're doing, or people that think they know what privacy is

yeah anything that get you an IT job because as i see entry level pentesting jobs are asking for 5+ years of experience

i hope internships count as experience

tails is a usbos for sending one irc message that domain fronted c2's listen on and then you set it on fire

hth

im sorry to inform you that internships are for nepobabies

put the ram in the microwave method ?

i mean sure, it works

better to just obliterate it

i wonder if bug bounty count as years of experience

Then what do we mean by experience here

backend job?

in the weeds

U can flex CVEs in resume but i don't think they'll consider it as experience

and you would know if your professors were in the weeds

they would be saying different things to you

brath ik profs suck but please i don't think i hv an option 😭

can you just explain to me why its not an option?

i will talk to my parents abt it

for now it is not, with due respect

yeah, your parents who grew up in a wildly impossibly different timeline

no matter what you do

your parents will not understand

"whys it not working sunny boy?? it worked for me!"

prepare yourself, because dissapointment is inevitable, but its not permanent

it takes time for parents to see CNN finally say what youve been saying

they grew up on "news" telling them whats true

"breaking news there is alot of jobs available out there people just dont want to work"

Wait what?

we all get it, they dont

its frustrating

told ya nobody hates you

ok hold up - what counts as experience?

"youtube co-founder says 2026 is the last year of meaningful work" what do yall think about that🤔

ill make it easy for you

just ask your professor probing questions about their career

and tbh, scrutinize them

I don't mind getting paid for meaningless work

if you dont, you are just getting scammed

True🤔

yup. LLMs inherently suck at writing low level code. There are jobs it just requires u to be hyperspecialized in one thing.

Then explain how I was able to write hello world on rust

exactly

@heady sage exactly here

SAML challenge is 10% done

and here

the thing with experience they ask you about how many years so lets say you are experienced at pentesting or at least in theory you are but how to prove it to them ? they wont give you a CTF to solve they would see where you wroked before and how did you perform there

i disagree, chatbots are writing decent shellcode now, in 3 months it will be professional, in 6 it will be APT level

do you not get that?

im pretty sure LLMs are trained on documentation (as a bare minimum) . hello world shd be like in the first or 2nd page so-

Frosto was kidding

I talked to some guy who is actually there in the industry - he said that internships counts as experience in cybersec

Learning about SAML assertions was…fun at least

I say in the next 5 years it’ll be better than me at reading code

let me pose to you a scenario where you lied and said you worked internships to a prospective employer

you tell me what % chance you think they will follow-up and verify that?

By the time I graduate, I won’t even BE an appsec engineer

Because that job will cease to exist

Pentesting would remain but researching would die down

the guy is actually a malware analysis expert
he hires people
ofcourse they would ask deep questions related to work experience

why so?

I believe AI is reaching the limits where it requires way lot investment to make progress on improvement, it's more like a hope but

by the way user49, i could send you a 1099 form right now, for 0 dollars an hour, and you would be techinically interning for me

usually internship only matter for the comapny that gave it to you try to take it to another company tho

Fuck this shit man, why can’t I just do web secres in peace without filthy clankers getting in the way

you would be surprised

exactly :) i read about it apparently some limit

Best time to get your cves is now

I got 2 new Microsoft bugs last night

I know! But I can’t find anything

do you guys take notes on EVERY exploit?

only if its relevant for my niche

still a very volatile situation this near future

after a certain point the amout of resources u gotta invest to see imporvement becomes insane

like even if the exact notes and scripts do exactly whats needed

No I don’t do notes unless it’s a report

fair

I suck at notes and even if I did do them, I forget about them

Everything is so hardened on grep.app and it scares me

frost use notes as fire starter for pizza oven

Frosto laundry machine broke 2 weeks ago and I finally gave in and went to a laundromat

oops

I am supposed to be taking a break from bug hunting

To play wow

But I’ve been reading code all weekend

play league of legends its more relaxing

New wow xpac is good tho

midnight

Bug hunt wow

ok so I got this idea previously to gain 'experience'
get into some backend based role
(because ig freshers can get that... )
then work to internally switch to sec role or get the 'experience' ...
does this guarentee the experience

you can make your own experience too

what

freelance ?

what did i say that doesnt make sense?

'make your own experience'

agree frost bug hun on wow

setup a homelab, submit a cfp and do a talk, do novel research - post it on a blog (for AI to steal), volunteer, shadow

I user49 certified that user49 worked for me for 35y and he was good

user49 you gatta start thinking like a hacker

join your local hackerspace

go to meetups

like you gatta do something, the old way doesnt work

Do u have any good places to read researches?

i thought cybersec 'research' comes when you are old and done playing bug bounties

i dont do traditional pentesting anymore, im on the cutting edge of drone research, so no

I found a caterpillar

i thought you are private investigator

I got a rock

Data pillar

RSS feeds go brrrr. If you want a couple meta things for overall stuff, Last Week in Security and exploits.club are both pretty solid roughly weekly things.

throw it at the nearby AI server

the best place to learn "research" is to take something that nobodies done any research on and rip it apart

https://tenor.com/view/long-bug-creepy-crawly-millipede-gross-pets-viralhog-gif-13848916

I’ll start my blog next month

lol

if not a friend why friendshaped

Apple and Microsoft bugs will be in it

oh you were serious

0 click safari and hyper v/rdp escape

thats the meme though frost

Welp time to read

theres this neat thing called a career where people may have obtained multiple jobs and employment over the course of their life and obtained various licenses and certifications even

ill start my blog tomorrow, next year

I just want to show my 0 click safari bug lol

Pwn 2 own worthy

RSS feed Frost? 👀

no no lol dont get me wrong i am not saying brathadair is lying i am wondering like if the study became a part of his job or he switched and such

I’ll have to setup the blog first but maybe

Some stuff has it built in so depending on what you pick, it may just be there. :D

After I finish wow, I’ll find other big bugs

i just do whatever i feel like doing, its crazy how easy it is. most things you learn apply in many places

I got a few areas to hit on iPhone

Frosto getting Pegasus 2.0

tbh i only got that from your comment when i was checking on the OSINT module

frosto getting pegged as sus

https://tenor.com/view/cat-gif-26024664

osint doesnt require a certification, if you are curious, all the tools are free

Frosto is just ready for the weekend

Next weekend

frosto airplaine suddenly crushed and there no trace of it or frosto

i mostly got my PI license because my ex-wife pissed me off enough to go help other guys who got cheated on

Oh I also found one super cool bug

I won’t say what it’s about until I report it

But is cool

oh i know but i am still wondering about the module 1000 cube probably have juicy info in it

no, the corporate osint module is the worst one on this platform

by a mile

btw hackthebox, hire me to fix it

ill make it worth 1000 cubes

What is the hardest cert HTB has atm?

Well “most advanced”

CAPE probably

CAPE

I’ll do that eventually then

Company won’t pay atm because someone stole our funds

id be getting the wireless one but i am too fucking busy right now

I was tempted to speed run college

they bought an Ai module with it?

Get a bachelors in a year

brah is that a real fbi server 😭

NO

oops

caps

Can’t tell you

lol

bro dont yell at me oh my gosh

lmao

Ok I won’t

it cant be

i joined and first message i read was about femboys

😭

Femboy psyop

or maybe that solidifies the case..

It’s part of the plan

thats just an alias for a secret operation

Oh yeah plex RCE also is pending

Forgot I found that

whats the first bug bounty service yall ever used as a beginner

like when first starting out

As in platform? Bugcrowd

like program ?

i have a lot to learn and just wanna note it down for when i step into that scene if i ever do

yea

Hackerone i guess

75% of them are femb

i mean when first starting out there wasnt bug bounty platforms for me 😂

ive visited a few and a lot of them just are kind of overwhelming i guess because i still have a lot to learn basically 💀

They run the whole IT too

https://tenor.com/view/betty-white-cheers-salute-shots-drinking-gif-2213666948687721228

i see those memes all the time, white collar suit by day furry suit by night 🤣

and the coding socks

yeaaaa those too haha

when mine @eternal mango

Maybe I’ll add a cape review in my blog

I’ve never done a cert review before

Add the workflow of how u squash bugs

My reviews would be autistic tho, I would tell too much truth

oh id def watch that, a workflow for bug bounty isnt even something id think to search up

I'll just stalk your X and see

thats good

I’ve done a live of bugbounty last year

please dont spam "buy me a coffee" everywhere lol

Found a bunch of NASA bugs on it

lol I make enough to not have to ask

I would just do it for fun and rep

put buy me a pizza oven instead

Tbh I like the autistic peoples
They have created soo many good stuff, the normal guy would give up 10 times
-# not implying ther are abnormal, i guess y'all get the point

whats ur channel/blog?

Yeah it helps me find bugs

I think outside the box and will spend 12 hours straight reading code

Yep a blessing
(Not sure what curse part is)

any idea how i can find a local hacking grp because i think there is none

Defcon groups can be a start. Also https://www.hackerspaces.org/

Or more specifically, https://wiki.hackerspaces.org/List_of_Hacker_Spaces

Sometimes you can Google your city and discord. I know there’s a local discord for it in my city

Or bsides

You can find your local bsides or closest

i think online would work for me

so location doesn't matter then

In my city, there's something called null con

Never went tho

you have a local one, they are difficult to find

its worth it

anybody wanna buy malware.channel from me?

how much u paying?

40

40 hats

32 euro

i just checked

what is it a domain

did that absolutely scumbag loser tyc finally get banned off discord?

haven't heard from him in a while and searched him and saw his insane racist rants in here and his profile can't be loaded anymore

im unable to find one. i wish there was some dorking command to get to it

What

Did I miss some drama

There's like 9 tyc to search for

yes a domain

do not the domain

Ofc drama when I’m not here

looks like hes not banned off discord, no

why you dislike tyc

Is tyc someone

I don't know him

what is there to like about a passport bro that moved to Vietnam to get a "submissive asian wife" that also made the whackiest HTB rip-off website in the world, pretends to be another person to try and get away with this, is constantly going on homophobic, transphobic, and racist rants, and created a browser extension to block LGBTQ emojis from his snowflake eyes?

bro what 😭

🥀

who

ah cool

what if i told you i moved to hawaii to get a "dominant asian wife" and made the raddest HTB collaborative thing in the world, pretended to be cringe to try to mask this, constantly uplifting my homosexual, trans, and accepting peers with schizoid veiled rants, and created a browser extension to extend emojis for my incandescent solar flare emitting eyeballs?

love your skill issue bubble btw

that would also be weird

just be a person lol

you just can't win

https://tenor.com/view/kaiser-michael-kaiser-tweaking-crash-out-screaming-gif-2705162309439021584

I believe that being human is rooted in free will, whatever feels weird to you is completely subjective

fuck i forgot i was in the philosophy discord

Competitive racism?

hiiiiiiiiiiiiiiiiiiiiiiii golammmmmmmm

Donut master 🔥 🔥 🔥 🔥

just, like, focus on your own life and not what other people are doing when it doesn't even affect you, i mean.

also believing skin color or language or sexuality or where someone was born makes anyone superior or inferior is objectively stupid as fuck

and you'd think people with the intelligence to learn this skill would understand that, but i guess like half of our community got radicalized by Epstein on 4chan or something

it's objective to say that african people are physically superior, why would that be stupid?

Oh youre here too

unfortunately lmao

Which one?

Yapyapyap

this one. it's the pseudo-intellectual philosophy group

Ah lol

bold statement

show me where the non-pseudos are

"Focus on your own life" while obviously obsessed by this guy is hilarious

https://tenor.com/view/jgmm-cat-meme-ragebait-cat-think-cat-ponder-gif-7034802297606826390

i'm allowed. i built a whole family in America by being a chad

they're up ur ass brath

Chad like me

let me check

oh

ok lmk

you were right holy shit

i knew

i can see in there

i shall now congregate

when ur sleeping

pls come back to me with ur findings

He sees you when you’re sleeping….

im not sure if htb is worth my time anymore

yoo.. any other nixOS users here? Just switched to it and so far I really impressed!

it's not

im calling safelite to install a windshield in my abdomen

Omw

you can ride shotgun in my ass

azo, you earned that right

Is it normal to only be able to do easy boxes after 1 month ?

yes

Ok !

Thanks

depending on your previous skill level, that might be impressive

https://tenor.com/view/drew-scanlon-blonde-guy-blinking-eyes-blinking-meme-surprised-gif-7852244

Per example, if your previous skill level was forklift driver, it is not impressive

dont worry brother, we saved you a spot on the roof rack

correct. it's common knowledge that forklift drivers can inherently hack

So I won’t have to read anymore if I become a forklift driver

how long did you guys learn before you starting doing bounties? I had a look at hacker1 for example and after learning for the past 5 months I have to say it was a little overwhelming.

you have to actually give up the ability to read if you become a forklift driver

bug bounties are not easy

this is solid logic

so takes quite some time until you MIGHT be able to find some vulns

I learnt for some months before I tried bounties but I was never able to do one but I was bad at finding bounties

find a 0day and sell it to North Korea

2 days

I didn't expect them to be easy but I was totally lost lol

https://tenor.com/view/kim-jong-un-gif-25212933

Majestic

right?

makes sense lol, if you have been learning for 5 months

solid advice right there..

I was unaware of all that I don't know that guy at all

North Korea is the current geo-politics chad, i dont really wanna mess with them

5 months into cybersec but 4 years into a cloud admin role.. so I was looking at things in my field but still

also in these 5 months I made it to top 4% THM xD (way easier than I expected)

doesn't translate into bunty hunts though..

Im gonna go sleep

Dont do this please

% THM

I saw random X post where he was looking for mens for his daughter?

Did you say the forbidden rival word

mostly just to say I have been through the basics lol

5.9 and no vaccine iirc
Could just be a trol
I don't verfy

When i started hecking
I joined VC with a guy who has top 19%
And welp i thought i might be really smart to know shit that even some top guy doesn't know

Later found out top 19 is like just signing up

Hello brath

i heard this one time.. at band camp.. that there was this dude on the internet who said something and like he was lying but she believed...
#sHEbeLIEveD

https://tenor.com/view/she-believed-he-lied-she-believed-he-lied-heartbroken-heart-brocken-gif-22137824

hello jord

are you here to make a fool of me yet again

https://tenor.com/view/amazon-milk-frog-milk-frog-panda-frog-blue-frog-cute-frog-gif-17892284043914592358

CCCCUCUUCUUCUCUCUUUCMMMMM MFFFRFRFRRFFROOOOOGGGGG HOLLLYYY FUCCCKKKK

LETS GOOOOOOO

no as easy but you can break top10 by doing 2-3 hours daily for like 5 months..

Hows it going :)

good bro, we just got back from bsides

I hear there was some public speaking recently 👀

was a blast

Hell yea

fucking DEAD

but got the workshop cherry popped

Nice.

Very very nice :)

next one will be 8 hours 😄

Ooo that’s sick

Tiring though

yeah 4 hours was too easy

it is

Wanted to visit Bsides Germany 2025 but got sick like 3 days before -_-. Very jelly right now.

esp talking to 200 people

8 hr continuous talking?

Yeah so real

yep, i just did 5

I loved it when I did instructing but it was so insanely draining

it turns out im a yapper

Damn i lose my voice completely in like 2 hr or less

By day 3 I couldn’t string a sentence properly lmao

yeah idk how people do the multi day ones

holy shit

you gatta pay me hella for that

Made about 1k/per so wasn’t too bad

solid experience for the future

yeah thats only fair

how long did you do it? 3 days at 8 hours?

Yeah roughly

fuck man

insert You people are getting payed? meme

mad respect

Slightly over with prep before and wind down after

But yeah ~24 total

putting it together took a week

just to yap for 5 hours

i can only imagine how much you covered

But now you get to reuse a lot which is nice

thank god

I find good setup pays dividends

Majorly

just proving the concept makes it easy in the future

i did novel drone red team dev

very fucked up discovery

is there a write up? sounds interesting

you can pay for the next one

my method will be covered in a course

soonTM

where is next one? Already got dates/location?

shooting for defcon

we shall see

https://training.whiteknightlabs.com/wp-content/uploads/2026/01/Advanced-Red-Team-Operations-Lab-Guide-v1.4.5_TOC.pdf
all of this

stuck in Europe okay :c

oh my god

bro how

Making it interactive and feeling out what students already knew

this was a huge struggle for me, alot of the students were not up to par so i had to explain concepts very granuarily