#general

Forums?

I worked with DE Glen and DE Rebecca every week on bugs

Nah from the discord

oh yeah idk, this shit was 10 years ago

Yeah, so was mine

we would do 200-250 waves of survvial every day for the support staff to find bugs, they paid us heavily in platinum

We also won every single event

our clan was Tenn O's

we were also the clan that got banned for "cheating" during an event, because we survived so long, the enemy levels overflowed after 9999

anyways, i know yall dont care

but damn i am nostalgic

one of my favorite personal gaming eras was dayz epoch mod. i pretended to be a new player with a british accent, social engineered a clan to give me their base door codes after 3 months of trust and made them all leave the server

Id just play the immortal valkyrie build and do a run in survival mode for 6 hours straight

my fondest memory was when we discovered how many hours it took before the game crashed due to mana and health orbs on the ground

13 hours and 18 minutes

they paid us 2k platinum each for that

nice

I stopped playing because it was too addictive to me and I was burning money on micro transactions that I really didnt need to be doing

so sadly I refuse to play again

i was so addicted that i simply disabled my account

i have been tempted to go back

but i know its just a dumb idea

i would do pvp theorycrafts

https://youtu.be/5JAicesHqQU

this build had max pen at the time and went through every wall on all maps

you could not survive no matter what

lmao wtf

idr the name but I really liked the one that had the channeled ult that was just literally shooting everything that came in range.

it wasnt necessary good but it was better than a lot of people said and most importantly it was hilariously fun

uhh that may have been after my time

i think i quit when the hat frame came out

the one that can go between dimensions

limbo

god that was 2014

Mesa was the one I was thinking of

oh the gunslinger

yeah def after my time

i thik she was just announced

literally who

It's weird how my phone skills

Are helpful in my job lol

A lot of my coworkers struggle with talking to clients

wouldn't that be people skills

Yeah same thing

Need help deciding, RoN, Operator, or FO4?

operator (i have no idea just guessing)

https://store.steampowered.com/app/1913370/OPERATOR/

This is Operator BTW

sounds boring as fuck

Oh it's fun as fuck

as a pew pew owner, the level of detail is amazing 😄

someone want to talk abit about JerryTok?

What's JerryTok?

Jerry Rig Tok?

I too dont know because i am on not on Tikkie Toks

Hello Guys I just Publich My Website So Can you check my bio and You Give me Your Feedback and thank all

an old web challenge 🙂

Why's this the very first message in here

Did you join just to advertise your site?

no but I search for feedback so I can fix all the problem

because I have no security

i have no idea

@alpine pumice

so you want a free pentest

Maybe Yes

Too risky, hire an actual pentesting company

But you can say Need help

it that a problem in this discord ?? server

yeah it's a prety big legal concern

@alpine pumice Oky I'm gonna delete my message

we cant know you own this website

and you can help me right

No

@low lodge That's A good point but If I told will be advertasing
XD

This server is for discussion surrounding the HTB platforms not free pentesting services

But It's Oky I get that poitn

oky

and even if they got free pentest services theyd have no idea if it was of any quality or not lul

true

also I didn't see the link but so many of those personal sites people want checked are just like default wix themes with stripe plugin. Like what do you actually even expect to get tested there?

also very true

Is it also true that u are bald and is 5'5?

real and true, 4'5

those are two measurements

yall seen that litellm service got hacked

🗿

Tday?

very very recently

last two versions was affected i think

had code in it encrypted through like 3 different payloads all bridging to one another to hide it

searched pc for api keys, crypto wallets, etc

Source?

https://www.ox.security/blog/litellm-malware-malicious-pypi-versions-steal-cloud-and-crypto-credentials/

Thnks 💪

bros boutta handle the situation

Lol

U know wht I am gonna hack the hackers moms fridge now

Brb

hacker probably tight as hell that he pulled this off and got caught right away

they reportedly compromised a maintainer account to push the malicious releases public

Hello im a red teamer

i mean, they probably got a lot of data in the time they had lowkey lol i stand corrected

Bit like that xz utils supply chain attack that was immediately uncovered by some gigadork at Microsoft because his ssh connection took 34ms instead of 32ms

lmao i remember that

muscle memory goated

That PFP is goated dude

yea man ive had the goatee for like a year idk how i feel about it

definitely brings out the pink

HTB should launch boxes which also simulate social engineering by using LLMs as people, so you can also do phishing attacks against them. Like finding an employee email through enumeration, creating malware, send it to an employee and trick them into downloading and clicking it for example. Something like that.

any one can help me in Kobold machine ?

Don't need an llm for that, plenty of automated tools do this kinda thing... its how pretty much every phishing attack is done on the platform

No I mean an LLM to act like the victim

You can't really talk to the automated tools and try and trick them into doing something.

i have a harder social engineering challenge

call ur dad and have him say hes proud of u

its been 27years for and i still havent won

one day, trust

that ones easy

tell you dad you won the lottery

then find out it was a fake ticket

task failed successfully

You're getting social engineered

tell your wife you won the lottery

see what happens

https://tenor.com/view/divorce-divorce-papers-i-want-a-divorce-kermie-kiwi-i'm-leaving-you-gif-10169678688851560325

First I must get a wife

my wife communicates with me through cryptic messages and runs away when she sees me in person i love this silly little game we're playing

😄

😁

the urge to yell and scream at this one person for ghosting me

yes i have schizophrenia no i dont care

@sharp shuttle

https://giphy.com/gifs/huptechweb-good-morning-goodmorning-huptech-web-f3p4Hz9b7QZmR2C8HH

Hey guys I'm a little confused abut something, i'm learning pivotting,... and when I do a nmap wuith proxychain in full tcp connect I cant get any open ports, for example the rdp port is in filtered state why is that?

Me too. I see super smart shadow figures while I hack and ask them for advice.

in the module it is state as open

#modules

You'll have better luck asking there

gang stalking delusion is the most disturbing shit genuinely

imagine everyone is plotting against you

and watching you

LOL

haha couldnt be me 😅

how the fuck did pete hegseths hair go from brown to white so fast

i swear these people be dyeing their hair

https://giphy.com/gifs/schittscreek-schitts-creek-pop-tv-poptv-VJqiFbOR5xwB8kf7HV

google it

hrm...

No

then what was the point of the gif

lmao

cuz i didn't understand

conflict on the internet. another day at the office, lol.

every fuckin server i swear to fuck, haha

its not even conflict

im just confused

ah, gotcha. basically, he doesn't know, and wanted to express that. but he doesn't give two shits and won't be bothered to look it up to understand it.

lmao

how are you tonight computertrash?

good man

how are you

nice. that's good. same.

just ate.

yes

stress bro, lmfao

or he's trying to get that silver hawk look lol

i swear the politicians dye their hair bro

it happens so fast

yessir. + makeup lol

yeah, haha

it's part of their onboarding process, lmfao

they funnel them in on a conveyor belt haha

powder them with makeup and spray paint their hair white.

lol

hell yeah. caffeine rocks.

they prob doing colombian

is that like a Brazilian wax?

coke

gotta get them ready for the islands, lol

oh

gotcha

for sure

lmao

hahaha

the coke is part of that readiness too.

coke, cialis, and Brazilian wax, lmfao

ok, i gotta switch gears before i get banned, lmfao

u wont get banned

i don't even want a warning. i hate authority. i try to avoid it.

its not the authority thats the issue for me its the kind of people it attracts, especially in certain environments

dude, spot on, exactly.

some people have the wrong motivations

yessir.

i'm holding back jokes. just know they are good. lol

lmao

hahaha

dude, i'm so fuckin bored man. i love chatting with you, but i've been on the computer all day and have nothing else interesting to do. already spent 3 hours learning Chinese at the cafe. did chores. i'm all tapped out. i need a job...

watch some DNSL on youtube

im endlessly studying and working on ui/ux for hobby, kinda wish i had a job rn

what's that? (DNSL?)

obv not in retail or anything

Yeah I need to quit my 'job' (which is literally just step away from slavery) and get my life back, but I can't bc I need that 6 days per week work $150/month

https://www.youtube.com/@DNSL_

150 a month

Yeah

6 days work

damn. yeah. that sounds terrible.

try to get something before you quit, unless you have a solid safety net. just my 2 cents...

thanks. i'll check him out

i went on vacation and never showed up back to work

i was like fuck this

had too good of a vacation

HTB is not kind enough to hire me (regardless of my skill level) smh

yeah. maybe they just don't have any roles. you'll get something. just keep looking around.

hacker is better than normal human?

a

Yes

No

yeah. hacker is master race.

lol jk

jk jk jk

We aren't hackers

Btw

Real hackers live in NSA and the governments across the world

yeah, they got some good peepz. but lots of talent outside the gov too.

just not the same level of resources.

my wife is wiretapping me

yikes bro

Sounds like a good thing honestly

LMAO

apparently she's a bootlicker (Candy) lmfao jk (kinda ;))

youre working for her arent you

https://tenor.com/view/game-of-thrones-daenerys-targaryen-bend-the-knee-bow-to-me-bend-your-knee-gif-20601038

oh you're the boot. i get it now lol

no wonder you like people licking it lol

haha

no me gusta. por favor mami

lol

I am going to do another box and get to pro hacker

i'm just getting her more turned on. mission failed.

LOL

hahaha

alr im gonna toke

and do htb academy

hell yeah homie. get it.

cya

laterz

can someone explain gojos domain expansion in a hacker analogy

is that like Dragon Ball Z or something? lmfao sorry man. had to make the joke. i have no idea. sorry boss, lol

yes it is

FUCKIN CALLED IT BRO!

lmfao

hell yeah

i've still got it lol

he ddos's your brain

cloudy weather sad...

yeah bro. i lived in Seattle, WA for 2 years. great place, but clouds were brutal.

3 sunny months out of the year.

fuck seattle

no sunlight

always dark and gloomy

bro's comin in hot lol

haha

i watched fraisier

hahahaha

I love Seattle

I seen all the Fraisier episodes

seattle sucks

haha

it's settled. slams hammer

sold.

they got good pho places though. good cafes.

good music scene too.

I'm just kidding

hot chicks too.

haha

very true

seattle has so many hot people

for sure

i dated a russian and an asian while i was up there.

beautiful women.

you like Capitol Hill madf0x? 😉 haha

you can plea the 5th, but Capitol Hill was lit.

lots of great bars.

if it wasn't so gray up there, i may have stayed. but i left for different reasons primarily....

https://www.youtube.com/watch?v=u4AiuqQpB1U

Randy Walters is a son of a bitch

whoah oh

roger that chief

That's why I fucked his wife and got filthy rich

whoah oh

lol

bro is straight savage. great stuff

brb

fix my door, fix my door
stop stealing my dough, stop stealing my dough
stop disconnecting my videoooo

nah Im not a bar guy

Seattle is grungy

Was

I’m from BC…. Behind Calgary

I’m kidding, I’m from a secret BC

Ha! I can tell it’s eating you up inside… weeks from now, you’ll be begging me to tell you

😉

What is grungy about Tacoma?

MOOODSSS... Ban him 😤

Oh! Well that sucks. I grew up in a factory/ industrial town, but moved to the capital city, which is soft

When does the new box come out?

Everything is green and clean… their buildings don’t turn black every 5 years and they don’t wake up to a thick grey dust on their cars once a year… wimps

Saturday

Are there kidnapping victims inside my cds?

https://www.youtube.com/watch?v=_Szw2Aa7FdU these videos are oddly satisfying

May I ask if the hackthebox ambassador programme/meetup hosting still available? @lime trout

Yes

https://hackthebox.com/host-a-meetup

Thanks a lot! May i know a rough estimate of how long it takes for a meetup to be processed?

It varies

Not a huge amount of time though

Understandable, appreciate the swift responses!

who needs a prolab? dm

anybody else stuck on the spinny boi starting a machine?

Target spawning…

I am

spinny boi ™

finally

I just wanna finish this section and go to sleep like💔😢

bye >:D

Ok finally

https://tenor.com/view/hump-day-wednesday-camel-office-wednesday-hump-gif-5522475

finished 3 interactive sections and 2 theoretical ones today. Is that good?

Think like buffer overflow

hey guys

who is jon hammon?

hi im paint

happy hump day brath

hello paint

happy hump day

Hi

Yo

Does anyone know about the HTB Silver Annual if the paths and modules remain after 1 year?

If you complete them

Ohh oke cool

thx ❤️

fr guys who is jon hammon? i watched networkchuck and someone said jon would be a good resource too

Yeah do that

Ya he is cool you should

what makes him cooler than networkchuck

A lot of Rev engineer , malware analysis content

Jon does Reverse Engineering?

Depends on how deep they pushed the orbitoclast

Well in terms of content , i like them both but chuck is more of IT field while John has content about CTFs rev engineering malware analysis

But i didnt say he is cooler XD

Both of them are good content creators of IT & cyber

I'm doing the network chuck ethical hacker path I have spent $14,OOO on certifications through his affiliate links I should be halfway there by October

Does jon also have one of these affiliate paths?

would be hella interested

👀

Oh for sure that's what it's all about

honestly didnt even see about anything related to paths and such

oh

because when i watch either of them

i feel like im watching a 30 minute ad

Its always like this

They’re all ads

most of the time you'll see solar flare at least 1/3 of the video

idk man im just saying

https://cdn.discordapp.com/attachments/890732777513832518/1485141451351261406/Square_Hole_Returns.mp4?ex=69c41502&is=69c2c382&hm=a28cd0800af39e03f24bb5ba1f81c4d48d4c9ac4649a6c50580f4b2b4186c9d4&

What about the prayer at the end

at the end he kisses the mic and blesses it

i work for a multi-billionaire dollar fortune 500, and we think huntress would be a great addition to our EDR stack

may all my viewers be pipelined into my perpetual education machine

we have 9 other EDR's but huntress will for sure be the differentiator

Finally, something to alert on reg key deletions

bought all the EDRs in the market or what

i found an artist on spotify and im about to send you a link to a playlist i made with some of their songs

yes sir, thats my job, as a the director of cyber security at a fortune 500, also to film myself eating food all day

it is very important

I put all the EDRs on one machine and watch them have a turf war

Who can quarantine mimikatz first

what food are we talking about

Buckets of soup

His videos are fucked

0day was on Shawn Ryan podcast

I like to run mimikatz.exe from all my employees shells to challenge their h1b status, i will only employee the strongest outsourced talent

Don’t forget 1% THM

check DMs for playlist

Just the name would motivate you

I demonstrate professional expertise in my guided lab walkthroughs by advising you pump client data into chatgpt

this is a banger but it doesnt outdo your other playlist

debatable

Also I don't go to chatgpt I just Google it and click the first link ensuring that I will likely fall victim to SEO poisoning at some point

sending it to my wife, shes going to love it

anyways i am training an ai model on cyber industry filter channels like chuck and jon so i can usurp their empires with a hot girl who will say the same things and subliminally layer ads better than they could ever imagine

why a hot girl

when it could be hot girlS

All women are beautiful

thats fair, we should make chuck and jon into hot female gender bends and have them pillow fight over a cup

https://klipy.com/gifs/jinji-fat-1

honestly just deepfake them into AI women

Its running nmap

same exact content

you ever watch entire feature films with snapchat filters over them?

thats the only way to watch everything

except its FB filters because im old

it all works, i should start running up my claude code bill by processing each frame to replace the content creator with hot grok girls

its tuesday night where are all the homies

no

its hump day

Its Wednesday afternoon at the pub

sorry paint i dont live in a state that legalizes weave warfare

https://youtu.be/8BtAuGriqVU

You aren't welcome at the tav

i drink alone at home, ty tho

actually quite good

anyone experienced in AD can answer my question in #boxes ?

oh louis

really makes you think

Sure, if you can't really think

LMAO

where the fuck is my invite

Anything not women isn't women

yeah not clanker

@native plume is a clanker in disguise

Yo

Come ori

anyone running a dedicated computer for crackin hashes?

you just have to setup a linux machine with a GPU and ssh on it

yeah, just wondering if overclocking is worth it?

overclocking is for the poor people

overclocking just breaks your hardware faster

for minimal gains

thats what i thought

Hello

hi

Anyone here tried Framework Laptops?

+1 really wanna try but they dont ship to many countries, but now after trying G14 idk if framework is really worth it

i mean you get the modularity for the price but its still up to framework decision what components they will make

what if u wanna upgrade but they dont decide to have that GPU / processor or whatever

I am about to buy one. Especially after finding out HP deprecated the SMC.bin utility. HP decided their users were too stupid to understand that they just crapped all over the Availability part of the CIA triad and transferred the risk to the user (risk avoidance). Forgot a 1kb string? Buy a new motherboard. 🤬

yeah that could work, but if the whole point u are buying is for better support / DIY situation, u wanna think properly but if u have shit ton of money go for it man

😶

pretty strange i dont see tejas here today

I love the modular setup. Although, I must admit that $4,100 is a steep price for a fully loaded device. Not sure where else to look for a device with 64GB of RAM, RTX 5070, and an ethernet port, plus other ports I want.

@ornate ibex slacking?

You do realize he works in automations, not community anymore

yeah 64 ram is hard to find on laptops, but do you really need 64?

yeah but still its strange to not see him

🍿

I really want to mess with open-weight LLMs for cybersecurity learning purposes and it's highly recommended to have a lot of VRAM and RAM for any spillover.

I only see him in bursts of chronic online-ness

the issue with those overkill laptops are, heavy + get hot fast + battery

if you are just learning 64 might be overkill + you can always rent cloud something jarvislabs u can rent something h100 for $2-3 / hr

and im on 32gb ram + RTX 5070 Ti i can run 7B models locally easily, apple devices are good for local LLM the optimized for apple chips afaik

I also want to ditch windows after I finish my last course for my B.S. I am SICK of Microslop.

tejas is changed

You lost me at "Apple."

Laptops have bad cooling so you shouldn't even run hashcat on laptops tbh

+1 go with cpu, but if u are learning idk he might be doing overkill for a laptop

Yeah, fair point. I just don't know if I want to commit to a desktop. I tend to move around a lot.

no like the mac studio its pretty good for local LLMs

My cousin is the same but he didn't want a laptop so he build a desktop into a pelican case

I'm certainly a little past the "script kiddie" phase. I don't know where my expertise sits but I am nearly done with a B.S. in cybersecurity at an NSA/DHS accredited CAE-CD program.

Edit: changed typo

I might have to research that. Sounds cool lol

i have 0 clue it about the B.S cybersecurity and NSA thing , but i get it, if your budget is good and all sure go for framework,

its per experience thing right

i changed 3 laptops in 4 yrs

now happy with current one

0xWild next time we go out man, i need you to be 0xMild

that shit was crazy what you did

I mean even if you did move around a lot you can get away with just a chrome book while accessing a VNC on your Desktop

we went out?

bro you were pretty hammered i do not blame you

ARE YOU CHEATING ON ME?

CAE-CD is just an NSA/DHS accreditation. My school focuses heavily on GRC, but I have done quite a bit of the technical hands-on stuff, too. I also did HTB Starting Point all the way through a few years back. I can easily run commands for a lot of tools and I plan on learning how to compile my own tools using a compiler. I already have paru on my arch laptop. Trying to build a Black Arch similar OS from scratch using the Arch base install. Counterproductive, but I want the hands-on.

I wasn't sober? when tf am I ever not sober?

ah ok yes framework might be overkill ngl

(you are not good at roleplaying bro you need to get with the act man, its showtime)

but dont trust my words i have not tried it

We're Roleplaying?!?

tf is happening

yes we are trying make xclow3n jealous man

https://tenor.com/view/you-guys-are-getting-paid-gif-20686662

ah i was waiting for it to get to a point where one of u starts undressing

sorry xclow3n, its his first time with a wingman

too bad u were just making me jealous

Fair. I just like the idea of having the modularity of a desktop in a laptop but I guess I should do a bit more research on how effective the cooling is on it. My Omen 14 inch gets pretty toasty if I don't run the fans at max speed (which is terrible for fan longevity).

I have no experience in making someone jealous

Hi

I wasn't operating at peak professional capacity? When am I ever not fully committed to excellence and 100% "on"? #ProfessionalGrowth #AlwaysOn #WorkEthic

Ahh yes, LinkedIn speak, it's literally another language at this point

Should i pick brave or zen browser?

We can create more synergies and vertical integration, but let’s circle back to that

Zen personally

I really don’t like supporting chromes monopoly though

isnt brave dead anyway?

muh crypto

To da moooooon

morning

Hi, may I know where I can ask help for technical guidance about my Pwnbox module?

Straight to #modules

Thanks

@warped plank from what I am reading, Framework has significantly worked out cooling issues. The only caveat is that they sell naked RAM chips. What I am reading is that I should source the RAM from a manufacturer that sells RAM with built-in thin metal heat spreaders to avoid throttling and heat issues regarding the RAM.

idrk about framework's stuff

I will also need to make sure I get the expansion bay with the GPU

Yeah, I am definitely going to consider my options some more.

And sorry, I meant to tag @mint raptor

i didn't do anything it was my grandma

calling her now

but yes i mean look around, framework might be a good option for u, maybe some other day, it depends on your budget tbh if u can afford go for it

u dont wanna buy something that u regret later

💅 we are not on good terms

me and my grandma

dont call her

ok ok

My budget is around $4,500, which is what Framework costs with all the bells and whistles but if I can find something efficient for cheaper, I would be more than happy to do so.

Hi Guys, I've a doubt!
For bug bounty, most of the yt video i saw they says we need to strong in one single vuln and focus more on that vuln.
Is it true ?
if it is, i think mine is unrestricted file upload, shall i keep this or need to change to xss or somther ?

linux + 32 is good for learning ngl with good gpu

I mean there's a couple camps:

• Automate and cast a wide enough net
• Specialize in a vulnerability class til you can spot it without even having to intercept a request

Bro first of all its a side gig typa thomh
And you need yo cover atleast a few

Ans even then chances are low

Yeah, I am planning on using Linux. Debating on whether I want to slap Qubes on it or Kali Purple. I have Arch on a cheap Asus I own and I have about 3 Raspberry Pis lol

Also XSS scene is very saturated but the reason why it's so popular is because it can actually have massive impact

Use void Linux

just get a mac

for second, file upload is okay ?

Well file upload is a wide class of vulnerability so I'd say yes

Ahhh! thanks for tht.

got it buddy

everything from:

• xxe in json endpoints

to:

• glibc buffer overflow via image upload php filter chain (holy fuck)

Sleeping

I'm on vacation babe

https://giphy.com/gifs/S4shXWY3zmpqM

Thats so cool

he always is on vacay

just check his messages

he works maybe twice an year

Hi every1!

wdym

https://tenor.com/view/whiskers-mmm-hmm-suspicious-sus-gif-11609747178733891907

4 more modules golam

where r u in the progress?

2 more

good good

altho i dont count the last one as a module

lets fail together

same, I didn't count the theory one

No. let us pass together. ofc we don't cheat 😛

by june

and then ping spam ryan

indeed indeed

Has anyone finished variatype? It's breaking my brain

ask in #1482437610805919765

No one's there

Skill issue
-# Jk dm me

i came halfway but couldn't solve it XD

my friends solved it tho 😭

@zealous charm you arent even a certified claude user
https://anthropic.skilljar.com/claude-certified-architect-foundations-access-request

Try using a linux distro

Hi, shadows are not supported by the underlying library.

However, you could achive something similiar with the following CSS rules:

.markdown img {
  border: 1px solid #cfcfcf;
  outline: 2px solid #efefef;
}

Hope that helps, peace

https://tenor.com/view/aww-hell-nahh-aww-hell-aww-hell-nahh-gif-9659330954843262630

I was kinda stuck on figuring out some file paths lol

Pspspsp

I have solved variatype btw

morning people

Shut up you lil pigeon

Dmmmm

Hi

Tejas is alive and kicking

CTBB podcast put out an interesting episode on using Claude in bug bounty

and why didn't he say that himself? I find that very suspicious

@lunar seal whatchoo want

https://tenor.com/view/hey-tom-hanks-forrest-gump-gif-5114770

@austere sigil

wait why don't I have the verified tag?

I low key wanna jump off a building

I did all that manual enumeration and exploit development when there's literally a Concept Of Proof available only if I googled sooner, I could have saved so much effort

@supple plume this is your fault

I'm incharge of tejas emotional / physical tension

💅 so ik it all

Hi I m looking for ppl for a CTF if anyone is interested pls DM
Thank you

Any tips for studying through the CPTS?

this is great, thank you @dawn aspen

Say hi from me and tell him I appreciate him

Hello there! quick question cause im a bit confuse, do only Season 10 machine during their release week get you points? Cause I read active machine also give you points? Im confused lmao

active machines give points for ur profile, but only the release week machine gives u points for the season

Hello, does anyone know if they can refund a monthly payment I made automatically for not deactivating the annual plan? I didn't spend any cubes or anything

Ask support

https://help.hackthebox.com/en/articles/5986762-contacting-htb-support

thx

I was thinking of switching my OS cuz it's been a very long time since I have been using Linux mint

Im just confused on which option to go for i prefer lightweight ones and there are many new ones like catchyOS and shit

Hey, anyone here maybe has some example of DDoS letter of engagment/Authorization? or knows where i could find it... thanks

If it's not broken, don't fix it

In most cases DDoS will be out of scope, not sure why a company would authorize a DoS on its services

I would imagine if you don't have the resources to get a lawyer for that, you don't have the resources to simulate a DDoS to begin with.

testing its own infra to understand how it behaves in a high traffic/volumetric attack condition

exactly

Yeah, but usually you use a dedicated toolset, often provided by a hosting provider to do it. Ig it depends on the hosting provider how they handle DoS testing

In any case, the contract would have to be EXTREMELY specific

Hello I'm newbie in cybersec does anyone know to protect /swapfile memory?

https://mazebolt.com/ https://www.redwolfsecurity.com/
hosting provider load testing != ddos resilience testing

I get that, what im saying is hosting providers can be restrictive about ddos testing.

or you have your own infrastructure to preform this kind of tests... DDos testing becoming more and more wanted... nwm i just ask for some examples for LOE cuz i need to compare it 🙂

thats why you engage the upstream provider

You can understand the general skepticism people have when someone new to the server asks about DDoS contracts yeah?

Also reverify your account; #welcome <- instructions

Any lawyers here?

What did you do wrong

I didnt do anything wrong but i was just raided by police

They had a search warrant on my house for someone i never even heard of but i lived in this house for 16years

That seems like a huge fuckup on their end and want to see if i can sue

no lawyer is going to give you legal advice over discord for free

Better call Saul

https://www.youtube.com/watch?v=0UnKPSmg3Ec

Better call Saul

Well now im feeling watched on the internet gg gonna call the police office later

i asked the police if i could sue them and they said no

Unless you pissed off a big agency, police aren't able to do that lol

It's not broken i just wanted a change

hii

Yeah but apparently they can have +10 cops/swat walk into my house with false information of a criminal i am not associated with at all

Like people die over swatting going wrong

If you are in the US, a warrant is required to have the correct address and name. Even a typo makes it invalid.

if they were acting on information they believed to be true and valid at the time you probably dont have much recourse but you should get an initial consult with a lawyer

Yeah, lawyer up, hit the gym

Why bother? Shit already happened and you aren't in any trouble
Forget about it

Genuinely reach out to a local lawyer, plenty of lawyers generally ok with offering some advice for free. If you want to retain one that's a different story. As a note you'd be suing the state, not the agency

I understand your point, but my question wasn’t about anything destructive. I was simply looking for an example of a basic DDoS Letter of Engagement. Even without verification (which I’ve now completed, thanks for the reminder), this kind of information wouldn’t really pose a risk.
A Letter of Engagement by itself doesn’t enable any harmful activity, even if someone had malicious intent it’s just a formal authorization document.😅

You kinda missed my point lol

Plenty of skids come in and ask things "for educational purposes," general skepticism comes from that

Well nobody answered so yeah try other server or your connections etc?
People on LinkedIn like to overshare and flex too 😁

I wasn't saying you are or arent doing anything malicious

Hello, do you have access to the support of the Hack The Box website? @obtuse fern

I'm not staff

https://help.hackthebox.com/en/articles/5986762-contacting-htb-support

ok thx

Hey guys

can anyone help me with this #modules message

Any shortcut website scanners I can use

Instead of using my brain

Thanks

shortcut website scanners ?

0 work

1 click

quick fix

U want me to speak french

owasp zap?

why would I want you to speak French?

something like this? https://unshorten.it/

oh i thought he meant crawling

no clue what he means 😅

I meant like a nessus but for websites

nikto?

Burp pro

Does this find anything that burp pro cant

to be fair, these scanners are not perfect lol

this was Burp Pro thinking an internal IP was liked, while it was just part of an svg

I dont get why I get frustrated if the target is overly protected and I cant find vulnerabilities

I think I should be glad instead

yeah 🙂 just sometimes it helps to manually probe a lot

try to get to know the application better

found quite a few IDORs this way

https://tenor.com/view/trump-dance-trump-2024-trump-gif-12734161508561409577

@green kite how you feel about the fuel prices today

they suck, but they will go down again soon

didnt know you were from BE too @rugged dune

am also near you :))

limburg?

it almost x2 the original lol ..

true

haha no am fully in the other side aka brugge but it's belgium the farest is 1 hr drive

ahahaha

then you live closer to @austere sigil

weather good > fuel high
weather crap > fuel 1 euro

indeed

😆

I went to refill 2 weeks ago I think

I will need to fuel again next Thursday probably

2.4 today wdf

yeah painful

painfuel

I see what you did there

i saw it

Hey guys any good free screen recoders to recommand, aside my notes I want to capture myself explaining what I'm oding to add to my notes

I'm thinking of switching my main OS

I'm in a dilema of if I should give archlinux a try or go with fedora

It's more like I want a lightweight and efficient OS

anyone can help me in koblod machine

You want the #1484998637653332200 channel

If you want stability, go with Fedora or Mint or similar, there's loads of options. If you want to explore how Linux really works, spend a while in Arch or Gentoo. Mess around with things in a VM to see where you're comfortable and build from there

ok thank u

the year is 2030, youre being robbed so you plead "please take anything you want just not my tokens those are all i have left for the day"

@supple plume am gonna go insane

anybody can confirm if the machine info card button in HTB Labs removed or i just can't find it, it would show card info like this

one of the best ad machines on the plat

I think of it as each object lives in a different memory address so that's why this behavior would appear (I could be wrong here)

Same thing with OOP in python, you just have to define __eq__ for the class you make in order to make it true

Try const options2 = options1 you will get a different result (now both would point to the same memory address)

Oh me oh my beautiful day outside it’s about time I thought we entered a forever winter

using AI?

I just got cursor pro just rn

react documentation escaping the hatches

if youre struggling with what you sent, just think that the comparation is not by value but in their memory address iirc

i do know obj will be diff the issue is when you are making stuff like that irl with react you prolly wont think of that

and face bugs that will take hours to fix

and the new hooks like useExternalSyncStore and useEffectEvent ai doesnt even know abt those

these were inventted to fix useEffect

largley after the cf disaster

I'm liking cursor so far

Hey i might be stupid but i am on the documention and reporting section and its at the part where it like log in to the writehat instance with the provided creds, where is the provided creds...

back in the days ppl would install viruses to get these cusors

g'day chat

what are we doing today

That's true

and thats why everyone uses vue in prod

the more you know

I'm happy vue user

just vibe code

can anyone help me in starting point?

You need to be self driven to make progress in cyber.
If you don't understand research about it. Ask specific questions only if you are genuinely stuck

Good luck tho

yah

But that is just my opinion you can ask whatever this is general after all

yea from what ive seen people are allowed to help as long as it doesnt spoil any answers but people can help suggest like command arguments and general directions to check and stuff like that from what ive seen

i myself just finished the first section of starting point last night, the fundamental section, so now i get to start the 2nd section which i think gets into exploits exploring which im excited for

what they key to this ?

i already posted my qn in here https://discord.com/channels/473760315293696010/691583669374025802 just wanted a general idea where i messed up in my local machine

@scenic maple spawn

try scanning every port with -p- you might be not catching something with that scan 😄

If the event has a password, generally you need to be invited

so same command just throw a -p- in there

why in instagram they mentioned it public

no idea 🤷

lemme try

https://tenor.com/view/spider-man-we-one-gif-18212100

yeah why would they do that free ctf and then they tell you need to be invited

i was too looking for the access code

am confused asf lol

ill speak to marketing

Answered

most be Renna

i ll ask support how i can get the access code

no its okay

ill handle it and ping you

you are the best 🙂

thanks!

i need to add a second keyboard attachment to my desk because the amount of times i accidentaly use the wrong keyboard because of the placement is really annoying

Did you guys read about the litellm PyPI supply chain attack? Woah!

There is more then renna 😉

Use a USB Switch, no?

hmm i might be infected but idc

shoooot out to all of them nice ppl

Private

no don't dm me

they also posted it to linkedin @lime trout

please remove that logo from next to htb ew selling my data to make an AI

Ai gotta learn too

amma start some thm rooms and bruteforce ssh as always

why not?

https://tenor.com/view/red-pill-blue-pill-neo-keanu-reeves-morpheus-gif-2269751207568341078

He has nothing to hide

their AI gonna be toxic too

😂 😂 😂 😂
that actually made me laugh f

https://tenor.com/view/patrick-bateman-american-psycho-right-yeah-of-course-totally-gif-24784535

too fancy for me, the desktop keyboard is placed directly at the foot of the laptop so when typing on the laptop i have to keep my arms airborne but a lot of the times i just assume the desktops keyboard is the laptops keyboard instead of doing that because my brain runs at 100mph soooo yea 🤣

@scenic maple
#546650767495397376 message
they trynna get ppl

20 free SAL

i know i could just dual monitor and cut the hassle out but well we all know why a 2nd isolated system is useful 😄

Dang 599

is SAL2 like senior SOC?

Thats lot of monry

Yeah, mine too. It happens. Just get one...

Yeah soc2

ok ok sold 🤣

To watch subway surfer

it is, they trying to do like offsec ?

Dunno

does offsec certificates even come with the courses ?

as if labs arent dopamine filling enough smh

SOC+

in the new path you learn how to use AI

Yeah

use THM AI lol

Offsec ramped up prices a lot

"starting with 1400$"

Again? What is it up to?

I think 500 would have been ok and 1000 fpr sr ones

it's a way of collecting more data for the AI

'back in my day, it was $800

https://tenor.com/view/pepperidge-pepperidge-farm-remembers-remember-gif-15527169458174144495

Dunno how latest it is but their new ai cert is 1749 something

i wonder if htb AI also uses my ssh bf for it's EP AI

Back in my day i was going to highschool instead

i did my OSCP when i was in HS lmao

I don’t think the tech/stem industry understands that saying “buzz” words repetitively won’t make you sound smarter

level up

But u had money

Big diff

how even old are you Golam

no, long story

good question .

What happened to goat farming

We are close in age

you wouldnt believe it

they turned it into a simulator

https://tenor.com/view/stop-the-cap-cap-laugh-video-reaction-youtuber-gif-18293251

he is 17 going to 18

yeah and if you dont want it just delet your account

top 3 games oat 😭

but he like to say am 19

he's 21

trust

damn, ancient

youre ruining his opsec

when ever i see a roadmap it say its around 500$

with this information i can find out how old he is

already did was never a fan of that platform i had some convs with their team and didn't like them

LONG TIME ago

atleast he wasnt born in the late 1900's

its like 1.4k now

not horrid, but not great

jurassic park goated

rule n1 : never ask golam for his age

Did the math actually need lots of money to buy land

sorry, the late 20th century

that first one where they start out at the beach and all the little baby dinos come up to the kids

So i would actually need to be making atleast 1.5k

Per month

Then i can start

goto america, u can make 1.5k/month and still be broke!

So would need to work out something remote

That was the second one

Yeah lmao but thats in us there goats cost more

oooooh ok ok

theyre not that bad

i like that scene it gives me chills haha

Land prices would be more i am sure

looks to be like, $200/head

And with the current policies in place hard to get visa

eh, not horrid in my exp

thats what they told their users lol if you dont want us using your info in AI just delet the account

Thats actually close

i got an IR1 pretty easily

yeah and there is like 2000+ pack as well

Deleted my account. Simple as.

Would be 160 ish for a goat here