A week? My guy I solve a box in 2 hours

What I've done in the past / what I've trained in

If it's easy

💔🥀

i do it in 3minutes if its easy

Alone

I wish for a day when I'm better at this

alone

depends on the box really

Theres a light at the end bro, dont give in

flukey is just a god lol

Yea I dont plan on giving up

Yea

Just wanna be as good as him someday

I'm just okay at defensive stuff

https://tenor.com/view/cap-cap-check-gif-24989004

the more i learn the more i realize i'm just bad or mediocre at everything

lets be honest most work is defensive, so not a bad thing at all

Imposter syndrome

Me too

i suffer so hard tbh

i know stuff, but i know i don't know a lot more

so i'm a noob

I don't even know stuff

COME TO BRASIL

Man we have industry veterans still learning, it's an incredibly wide and deep pool

You can never know it all

Exactly

No, and those people that know a lot of something is a very narrow focused something.

The government is logging our messages btw

Brasil mentioned

fixing the economy

Are you brazilian kami?

im not

i just love sayng come to brazil

Dont come to brazil

why

I mean dont come here to live

To visit

Sure

oh yeah definitely not live sorry lol

@meager kernel

Dont give up

I am trying

Not to

We still have a long way to go

And boxes are hard

Do a kickflip

Dont measure yourself on boxes

Dont compare yourself with your teammates

You got this

yeah, echoes has years of experience

I still feel like shit when I do boxes

So true

https://cdn.discordapp.com/attachments/1042539281341763714/1273889704923893802/attachment.gif

Boxes are cool to learn new things

And you shouldn’t expect to know how to solve all of them

Im sure you learn a fuckton specially when it takes you a lot of time

Approach them as a learning resource and don’t worry if it takes you a lot of time to solve them

Most of them indeed

I agree

That’s why I like to follow the tracks

Like AD one

Bc they are picked to be there

If its a seasonal box its worth the time just to have a cooler badge here

https://cdn.discordapp.com/emojis/1308772568865574983.webp?size=128&animated=true

Im joking

Bitch

Lmfaooo

But yeah, dw overall

Meoware time

Jesus

Idk how that translates to kg

But ik thata a lot

Fucking hell bro

I just ate some chicken and mashed potatoes.

I forget we are on different timezones

10:30pm here

Translating lbs to kg is essential to understanding your American friends.

I dont want to understand my American friends

Sure bro

Whatever

I just ate a tsunami combo

This is how zumi treats his day ones

I haven't brushed my teeth in like 2 weeks

I love you

Pookie bear

Ok asmongold

Thnx man, im just trying

Lets go get itt kratooooos

What is that

First world problems: can't have two enterprise subs on one account

You can give me one

Dw

Okay I just need your entire identity

Thank you for attending my humblebrag

Guys even 1000+ years from now, in spacecrafts, they still use sql btw

They will use glorpql

Wow that's not very nice

Bogos pinted

Interesting, i am a student

One is for my college's National Cyber League team.

https://youtu.be/A7B_ZWQFsYI

Yeah man he’s super evil today

Don't advertise

Should i go evil again?

Result of an ugly soul!!!!

My bad.

Real the #rules, remove the message

Its okay

We all learn and grow

Only good souls have cape

Boooo

https://cdn.discordapp.com/attachments/1170728194626826320/1295953122371571712/togif.gif

Thank you.

1

Removed the messages.

🙌

Damn both

Goblin constantly reminds me of the Vikings

https://tenor.com/view/packwatch-gif-22219180

Wasn't trying to steal anyone from HTB. That league is seasonal I'm pretty sure and it's only for students and minors.

Are you a cs student?

Yes

Nice which semester

I'm a senior at a CAE-CD program going for a B.S. in cybersecurity.

Calling me a kid is wild

Idk what any word here means but hey congrats bro

Sounds cool

It's really not. I can audit an entire company lol

I did a master's and it sucked but it instantly netted me a 35k pay rise so that was nice

What do you want? I'm busy

I’m a cs student

College sucks

Money

A lot of my cohort didn't get anything though

Yeah

College taught me how to do full lifecycle audits using the RMF and other benchmarks like the ISO/IEC benchmark (which the NIST maps to).

college taught me how to body 40 natty lights a day

College taught me I should skip classes to hack

Certs aren't super hard to get if you have the knowledge. Just have to pay for the tests.

I wouldn't advocate for a cyber degree unless it's tied to a job requirement and you already at least work in IT

That would be relative to your expertise, I guess.

yeah zumi u suck

get good

And I don't blame you. Certs can certainly land you a job.

No worries, it was just a URL drop for a commercial site. Maybe I was a little trigger happy, but if you had linked to the event that would've been better 🙂

I would be happy to link to the actual event if you aren't going to give me a ban hammer 😂

I'm not a moderator

Last time I tried to ban someone

I banned someone else

So can degrees it's just so much more money and people doing either have the expectation of a job at the end which is rarely the case

Maybe chuck it in #community-content instead

I vaguely remember that

Friendly fire

Oh, I see. No shield.

I mean technically I could

but I don't want to risk it

so I am not touching the / key ever again

werent they like a mod too or something you banned lol?

Unless it's to flex my yap

No it was echoes I think

@eternal mango I would be happy to DM you the page that has the NCL on it.

I went to ban someone else, and it auto corrected to echoes

NCL 2026, $45?

Yes

Ask a mod please

Again, it's restricted to students and minors.

Up to 1 year post-graduation.

My goat

So humble

They outline who is eligible on the page.

So humble

are minors even allowed to have discord anymore

or windows

And the rules on sharing league challenges are strict just like HTB active machines.

https://tenor.com/view/doubt-press-x-la-noire-meme-x-button-gif-19259237

arrogant and yumi

Right, but please ask a mod

Fair.

hi goblinnnn

It's still promoting another platform, and a paid platform at that

hru

Barbecue beer sauce 🔥

Hey DonutMaster 🙂 All good thank you, just in bed with Rick and Morty on for a bit before bed. How're you

doing good myself
gngn!

ur in bed with a rick and morty?

nice goblin

Fair.

Double trouble

I read this was and was like wth

no ping

Not my goat, so rude

Zumi

Barbecue beer sauce

Y no yumizumi?

whyyy

I’m not a kid lil bro

Watch your mouth

https://klipy.com/gifs/dont-even-joke-lad

https://giphy.com/gifs/fwcGzF1l2cILe

Dont even joke

I finally decided on my next laptop purchase. Instead of Framework Laptop 16, I am going for System76 Serval WS.

YumiZumi the army man

this isn’t a ping

ping 8.8.8.8

that can't be the real payload hahahaha

But y? Who said?

I hv read tht article bruhh

The podcast one

After the podcast he lost the humble spirit

I love your pfp lol

Lmfaoooooo

Old people these days are pissing me off

wat

tracert, what?

you mean karens? hahaha

I wish i had a thinkpad

hmm

I mean zumi

yes sir

Okay boomer

Good for you

I am

Jk

we all balding

True

thats why I’ll stop at cpts /j

Never doing cpts

That will stress the shit out of me

Web😭😭

https://tenor.com/view/the-office-michael-scott-thank-you-bow-steve-carell-gif-5009516783019270794

I feel dumb overall

yeah web cooks me

same lol

is a web cert first like viable

we must learn from @supple plume

Lets do it together baby girl

Fuck

Wront message

wat

👀

Lets do it together baby girl

wat

https://tenor.com/view/dob-dob-dob-rizz-black-man-ha-ha-ha-gif-17039177668047803738

The art of pinging

indeed

I want to do osep too

echoes the web goat

Im so jealous

Stooooop bro

I need to catch up

noice

Jfc

one day ill have read all of academ

Take a year break or so

Retire idk

heap is evil

I never got my head around it

i think ima just learn astral projecting and do academy in my dreams or something

Introduction to Cyber Security

Back to basics

Skid

i need to learn networking

Bruh

The boy who cried niche hacking

Wtf is that

https://klipy.com/gifs/jgmm-cat-meme

Damn

There are levels to this

https://phrack.org/issues/66/10#article

That’s why im retiring, too many sweats

Im getting mad

Not even joking

Fault Injection is also under Physical hacking ryt? not sure

Skipping oscp and going straight for osep bc its much cooler

Jk

Thank god

prolly, my friend did CRTO n then OSEP and he got OSEP

im skipping to nationstate level

Employers dont exist

They are a myth

I cant even do oscp rn

So nothing to worry

Dont bruh me

Pipsqueak

Bruh has cape not cpts

Yeah

Web is scary

I dont joke

When i say cpts is more scary

Than cape

For me

Face your fears

Smash it

Cape way harder than cpts

I will do, I’m just having a lot to do regards college

drop out

Pandas with python💔 💔

Just let me hack

Snakes and Pandas are not good bed fellows

God damn it

You beat me to it

Lmfaoooo

He’s always faster

That's what she said

Old man still has some speed

I’m not mentioning why we call you yummy😫😫

What about numpy, scipy, seaborn, and matplotlib??

You should be proud of that

Sybau

Dont mention that

In my presence

..where did Python hurt you

I am LITERALLY taking applied statistics in STEM right now. I just wrote up 2 scripts for auditing using data science lol.

Yes

Yes

Yes

Yes

I just dont like data science

Yes

I only think about hacking

Thats all

It's important for understanding risk assessments.

Bruh

Yeah for sure i guess

Im too old for that👴

Python is not Ruby

That's my argument

Pen Testing + Risk Management = Purple Team = more money.

Thats for sure a fact

Python is indeed not ruby

.rb ftw

https://klipy.com/gifs/sleepy-cat-sleeby

Ok

Morning

I had a bad experience with Ruby, it confused the shit out of me.. I still got the job done, but I swore never to let it touch me again

Where is the caveman code

..so the next time, I was the aggressor, and regretted it all the same

It just feels weird to me for some reason

I haven't coded in ruby yet but I enjoy looking at all the payloads written in ruby in Metasploit-framework.

That's like python every day. It is a very abusive relationship

Ruby should only touch you with your permission, congrats for setting boundaries gob

Omfg

The take base64

will always get me

i code in brainfuck

I believe you

I'm so sorry to hear that, are you ok?

Excellent

import pandas as pd
import numpy as np
import matplotlib.pyplot as plt
import seaborn as sns
from scipy import stats

def run_single_audit(file_path, label, target_col, baseline, comparison_type):
# ---PHASE 1: Data Ingestion---
column_names = [target_col, 'group'] # Adjust these to match your file's structure
df = pd.read_csv(file_path, header=None, names=column_names)
data = df[target_col].dropna()
df['Source_File'] = label

# ---PHASE 2: The "A to Z" Math Engine---
n = len(data)
compliance_rate = (df[target_col] < baseline).mean() if comparison_type == 'less' else (df[target_col] >= baseline).mean()

stats_results = {
    "Mean": np.mean(data),
    "Median": np.median(data),
    "Mode": stats.mode(data, keepdims=True).mode[0],
    "Variance": np.var(data, ddof=1),
    "Std_Dev": np.std(data, ddof=1),
    "Range": np.ptp(data),
    "Std_Error": stats.sem(data),
    "CI_95": stats.t.interval(0.95, n-1, loc=np.mean(data), scale=stats.sem(data))
}

# ---PHASE 3: Individual Graph---
plt.figure(figsize=(8,4))
sns.histplot(data, kde=True, color="skyblue")
plt.axvline(baseline, color='red', linestyle='--', label=f'Baseline: {baseline}')
plt.title(f"Distribution: {label} ({target_col}")
plt.legend()
plt.show()

# ---PHASE 4: Individual Printout---
ci_low, ci_high = stats_results['CI_95']
margin_of_error = (ci_high - ci_low) / 2

print(f"\n" + "="*80)
print(f"\n--- INDIVIDUAL AUDIT: {label} ---")
print(f"-"*80)
print(f"Samples Examined:       {n}")
print(f"Control Compliance:     {compliance_rate*100:.2f}%")
print(f"\n" + "-"*80)
print(f"Mean:       {stats_results['Mean']:.4f}")
print(f"Median:     {stats_results['Median']:.4f}")
print(f"Mode:       {stats_results['Mode']:.4f}")
print(f"Variance:   {stats_results['Variance']:.6f}")
print(f"Std_Dev:    {stats_results['Std_Dev']:.6f}")
print(f"Range:      {stats_results['Range']:.4f}")
print(f"Std_Error:  {stats_results['Std_Error']:.6f}")
print(f"\n")
print(f"CI_95:               ({ci_low:.4f}, {ci_high:.4f})")
print(f"CI_95 (ROUNDED):     ({ci_low:.2f}, {ci_high:.2f})")
print(f"margin_of_error:      +/- {margin_of_error:.4f}")
print("="*80)


return df, stats_results

def master_comparator(file1, file2, target_col='latency', baseline=2.0, comp_type='less'):
# 1. Audit File 1
df1, stats1 = run_single_audit(file1, "FILE A", target_col, baseline, comp_type)

# 2. Audit File 2
df2, stats2 = run_single_audit(file2, "FILE B", target_col, baseline, comp_type)

# 3. Master Comparison
combined_df = pd.concat([df1, df2], ignore_index=True)

# Stats: Independent T-Test (Is there a significant difference?)
t_stat, p_val = stats.ttest_ind(df1[target_col], df2[target_col], equal_var=False)

# 4. Comparison Graph (Box Plot)
plt.figure(figsize=(10, 6))
sns.boxplot(x='Source_File', y=target_col, data=combined_df, hue='Source_File', palette="Set2", legend=False)
plt.axhline(baseline, color='red', linestyle='--', label=f'Baseline: {baseline}')
plt.title(f"Master Comparison: File A vs File B")
plt.legend()
plt.show()

# 5. Final Verdict
print("\n" + "="*80)
print("     MASTER COMPARISON VERDICT      ")
print("-"*80)
diff = stats1['Mean'] - stats2['Mean']
print(f"Mean Difference: {diff:.4f}")
print(f"P-Value: {p_val:.4f}")
if p_val < 0.05:
    print("VERDICT: Statistically Signficant Difference Detected.")
else:
    print("VERDICT: No Signficant Difference Between Files Detected.")
print("="*80)

Execute

master_comparator('MassiveAudit.csv', 'MassiveAudit2.csv', baseline=2.0)

Holyfudge

LOL

This isnt github bro

Damn give us some warning

I can't share pics 🙁

Wrong tab

lol

Cealddd

Hallo

Hallo

the kubernetes guy

I don't use claud and that's a fully functioning script.

If you were trying to get people to love Python, I don't think you're turning many heads there

It creates graphs and everything.

Use code blocks

https://tenor.com/view/an-iq-too-high-raven-crow-tiktok-gif-3869671553367641450

It looks cleaner in my PyCharm IDE lol

Unfortunately one of the control nodes broke and I'm too lazy to fix it, it's someone else's problem now

Lmfao

Somethin to do with PVC volumes

https://docs.pwntools.com/en/stable/

Based64

You could do it. Learn golang vro

Let's make pwntools lib for go

Omg bro same

15 minutes isn't anywhere near enough time 🥀

So hard

Idk shit about binexp

15m is way too much

Imp

Imo

Same, maybe we learn something from it

https://youtu.be/8uiZC0l4Ajw

1hour?

Too much

I cant do that

Watch on 2x

Working with data structures is just nice in Python, and surprisingly (nobody will believe me) if you know how to put the introspection helpers together, in Java too. Excluding lower level languages, best two in my experience.

Nah I'm good man. Imma stick to active directory for golang and windows crap

Give me a tiktok or something

15s or less

Anyone here ever messed with Firebase?

No, that guy is dangerous

Not with that attitude

Not for a loooong time

Dont mess with him

Yeah, it's been a long time for me too. Google offered a free learning path some years back.

I mentally associate firebase with vibecoders that have no business vibecoding and leaking all their user data

if configured right it is good ig

Well, they should've reviewed their code

It's really a mentality thing that you learn the more you do it tbh.

Firebase is awesome, the og pubsub

Poor sanitization.

Start with python then go 🔥

for sure, its not necessarily a knock against firebase itself. its just that whenever I see it its always in hyper insecure vibe apps lol

not everybody puts the time to learn painting. People dont just wake up and know how to do it .

that and supabase

Yeah

The good news is, once you learn one language... recognizing syntax differences and structures comes pretty easy.

Python allows for unoptimized and hackier code than go, once you have an idea of how to structure your projects and solutions then you can learn go to write fault tolerant and type strict code

Messed with PartyKit recently.. completely painless

*learns python*

*then learns rust*

The type strictness of go is both a blessing and a curse

That's why you keep doing it vro

I only code because college forces me to

But I'm enjoying malware code

It takes practice. You should probably read about data types, variables, boolean logic, loops, etc.

That's where the adaptability comes in clutch.. like you said, the patterns are (more or less) the same

Lot of topics to get a decent grasp of it. But it's essential for pen testing bro.

the hardest language to learn is your first. It literally only gets easier from there

Doesn't take long to drop in from one language to another if you're experienced enough

i "learned" c as my first lang

Coding is puzzle solving 🙂

It really is.

That's probably one of the more annoying ones to learn first lol.

Not always. You can always look at the docs and stack overflow

..you can still have artistic flair too though.. sure, it's logic, but you can always leave your mark

It gets really annoying if you're reviewing a different language coded by a different person each week

..like, making it completely weird and messed up, to curse the person after you

Trail and error

or so elegant that you cannot comprehend how you even achieved the task

I liked the obfuscated c competition

I dont think it i

is

C is still one my favorites

if not my favorite

i think it is the perfect language to start

It's probably just because I learned Python first, tbh.

you learn a fuckton from C

C Isn't annoying to learn, it's annoying to master

Always have a huge ass ASCII art logo whenever your code runs 🔥

true

exactly

I dont get anything

everything is hard

nothing sticks

https://giphy.com/gifs/bench-outstanding-recognize-13PR67zViZjXi

It's like go but with way more skill issues for me

Probably one of the best piece of information I learned is how the IDEs read the code. Left to right, and anything indented is part of a block.

I fell asleep on my phone and skulled yah

CUPID!!!!

cupidcupid

hru

It just helps you start to learn it better when you know how it parses the code. But, you should really dig in and learn a language tbh.

wtf you are hacker rank and ruby, since when

https://tenor.com/bdSyy.gif

I was learning go and liked it til I got to the stupid error handling... cmon man why I can't I just turn these into types...

Sleepy, hbu R? I see the cape emblem

hades my goat 😭

doing goood

Since whatever last season I played since my team wanted me to do it.

https://klipy.com/gifs/cat-cat-blush

you are so goated

congrats for the rank

The error handling is great when you're working with generics or constrained interfaces but yeah the type casting is a bitch

keep up

I'mma find a library that makes Rust understand Go syntax just so I can typecast the errors

You're in Microsoft?

There's also size limits on arrays

error handling is one of the best things about Go

After I'm done customizing my new PC, so like next week ❤️

Microsoft Discord Server?

Funny to think the whole pattern of a language can fit in to such a small file https://github.com/maheenamin9/mini-php-compiler/blob/main/lexicalpart.l

Yes

It's the unofficial community server for Microsoft

Go learn about Rust's error handling and come back to it.

or Haskell

To whoever says AI will take over hacking, I dare you to ask Opus 4.6 to help you bypass either semi-strong path traversal or SQL parameterization and see how long it goes around in circles

interesting

Opus 4.6 just like me then 🔥

AI is only taking over programming. No way it will take over the security industry.

"Claude hack a bank for me"

and even then, it is not good at making secure programs.

I like the error handling but the problem I have is nil pointers but I get why they don't allow them and why it's that way

zumi is either typing a fucking book or he died on the keyboard

Pick a language or two and master them. You're trying to diversify too much.

https://tenor.com/view/ahhh-yes-yes-gif-24225701

He isn't diversifying too much, it's his damn job to review that code.

even then, after a year or two, developers will be in demand to fix the AI slop code

He has a job reviewing code he doesn't understand?

ok bro

like

He's a Pentester

cmon

Yeah, but he's saying that it doesn't click lol.

It's not like you understand all the systems you pentest right off the bat

DW Zumi, noone does

Paste the code in an LLM and ask it to write a review and copy and paste the review in the report. The trick is to cheat and earn money, not honest hard work.

Just takes time. It's muscle memory.

Can't remember, but you can still follow the logic right?

This is a privacy concern

Point is you're not trying to be a coder, you're auditing

llol

Right

Then I think it makes more sense to you then you're giving yourself credit for. That's probably the gap in my understanding of where you are in your journey lol.

Hey g0blin can u run something by in the next big boss round table meeting

Make a compliance cert

i'm going to rewrite some notes, wish me a good time or I quit cysec right now

Ok I'll bite, compliance to WHICH standard specifically?

I hate Anthropic, the Claude free tier is now 3 prompts and then a 5 hour break

I have to decrypt some RSA really quick

Ok nice, you got this

there's tonnes of them and each one has their own certs for a reason...

You know the one

thank you man, that's so kind of you

JSIG

Do JSIG

Just use Gemini

compliance evolves but the baseline is still relatively the same.

the worst LLM ive ever encountered

Nice knowing you

Yeah but that's why a compliance cert would be pointless, that's why HTB does general knowledge certs

how are your cats gubarz?

No like the ones in the pro version aren't that bad

The cert can have multiple standards, 1 module per standard. shows all the assessment procedure as a module, different assessment types as a module, like "Risk Assessment" and "Maturity Assessment" etc.

That's true, but the underlying fundementals of compliance stay relatively the same. That's where the CIA triad comes in.

They are fat, happy, and healthy, couldn't ask for more.

that's so good to know, kudos to them

I just use it for generic troubleshooting tbh, I do that all the time

Do you know how massive that path would be? let alone each module...

A compliance cert would not only require that we teach the full subject of the established compliance framework, but also build upon them with practical exercises which in themselves would likely just feel like a box ticking exercise I think?

Governance, Risk, and Compliance is literally what CAE-CD programs tailor towards.

the compliance cert would have to be compliant to another compliant cert, and so on

Now open the spreadsheet in pwnbox

any paint dry watching enjoyers?

hack my frisbee

https://tenor.com/view/uk-police-officer-screaming-no-noo-gif-3163377484734570206

And that's why I am going to be a unicorn in this field. Not only do I have a very solid foundation of GRC, I will be among the few with the actual technical skills.

Just comply to my idea and make the cert

@cloud osprey

Now run this specific nessus preset

Trust me, I am. Everyone hates "that's not in our budget."

Ay, you stealing my gifs now 👀

Was mine first

Communicating technical risks to c-suite execs is an art form.

https://klipy.com/gifs/flight-reacts-shocked-1

Imagine the negotiations with the compliance officers of the compliance assurance officer to ensure our certificate is appropriately compliant to the compliance requirements of the compliance definitions

Ayy yooo congrats @molten bobcat 😄

Not all 😄

Rather not hey

Depends on how tech-illiterate the execs are lol

I mean each compliance standard probably already has a certification to go with it, just take whichever one is required of you

It does

How it should be

Will see about that

Hello Homie CEO,

Found a bug in yar network

That'll be 50,000$

https://tenor.com/view/i-got-my-eye-on-you-i-see-you-i-got-you-popoviach-key-and-peele-gif-13844641

ty ty brotha ❤️

Yeah, but what I was getting at is explaining technical problems to people that are tech-illiterate. They are still just people.

yes

I'd do it for 50,000

Fair point, translating for the target audience is indeed an art form

not if you have a fancy bidet

For another $200,000, I'll write up a full remediation plan with a risk heatmap and gap analysis.

https://tenor.com/view/oh-my-star-trek-gif-19129737

✍️ taking notes here

Might even be nice enough to top it off with a BIA.

That's a long poop

BIA?

Business Impact Analysis.

They had the gun loaded

Ready to post

Bro going full on GRC

https://tenor.com/view/we-dont-do-that-here-black-panther-tchalla-bruce-gif-16558003

Literally.

"please rewrite this as professional but not overly formal"

You're speaking the language of c-suite execs 🙂

I learned hacking to break the rules not follow them damn it

will doing starting point machines increase my rank?

Only active challenges and boxes increase rank

oh

yeah

more aura points

I only did the free ones, am I still handsome?

No u zumiyumi

you two are handsome for me

it's ok am dumber than u anyway

son, you need to finish starting point or youre gonna end up like him
points

You? Dumb? Cap

if you're dumb wtf am I?

if my body supposedly has so many microplastics in it how come they havent caused a blocked artery and killed me yet?

zumi just a lil stupid

but he fine

Nahh but you did CPTS in 1 attempt, I needed 2

Give it time

not joking now but this means nothing imo

🙊

And even now I don't understand wtf I did

maybe you had a luck thought process

Still pissed though, I was 1 flag short on first attempt and I had it in the palm of my hand I just didn't realize it

I'll do it for free. Why? Was talking to my friend about this. When in your early stages of your cyber security career, connections and association matters much more than profit.

Smart new guys know this too. I see it all the time

My iterative process: Try it once, no work, ok move on to the next thing

I submitted my CAPE report with 40m left because I was re-reading the report for a whole day

without sleep

only coffee

and anxiety

idek how to do one thing 10 different ways...

Too late to give you a proper answer now without people thinking it was from AI now hey @maiden anvil

4/5 days to write a report and then 1 day to re-read it over and over

gemini, claude, chatgpt, certipy

that's 4

probably check if web enrollment is a thing

2nd way is just: if it does, go try it

can't recall if it's one of the ESCs certipy can check for

Lemme check certipy real quick

I know there's a few that certipy can't check

guys no one actually knows hacking, it's just magic

relay time baby

you call it a day

https://tenor.com/view/brooklyn99-all-right-i-am-gonna-go-cry-gif-22431383

good question

certipy find

idk check existing certs?

you want some clairvoyance atp

ask the domain admin personally

He wants something to do with the cards or something

Group policy I'd assume

https://giphy.com/gifs/crashout-pc-smash-fIUtHGbjuJ2nReKiY9

OU?

idk if that could be a thing

honestly if I only have kiosk access which is hardened, last thing I'm checking for is ESC8

W1ld has a zero two emoji for everything

or a korean girl gif

Then you probably can't access anything ad cs since you probably also can't get access ldap

this is absolutely nuts

damn

fastest star in my whole life

10y old repo

fahh

Hey guys

Does any one here can teach me how to setup and use an advanced hacker AI that works with me

Or can recommend a resource

I recommended not trying to set up an advanced hacker AI

[ruNTiME.IntEROPSeRVICEs.mARSHAl]::PtRtOstRInGAuto( [rUNt my eyes gave up

If you need a tutorial for one, you don't need one, you gotta prioritize other things

jfc

ok I give up

Idk I feel like if there are gaps in my knowledge during boxes then the AI could help

just research more 🥀

But how do you even arrive at such a conclusion

You can learn a lot more by doing the research yourself rather than relying on an AI, it'll just hinder your learning

ffs

bruh

never talk to me ever again

next thing I know it's no evasion and I'll just run a claude agent

I'm still dumb

I have to learn how to use impacket scripts for a machine

my means of doing ESC8: certipy, I'll forward ADCS if I have to

I need to get smarter

@ocean marsh what modules should I use for learning impacket scripts for a machine

Academy modules

documentation

yeah

lol

literally just read

btw the modules that are tool related are a joke imo

nxc module

just read the docs

and do the exercises

or pick an AD ldap/kerberos attack and do it, pretty sure impacket doesn't have any ADCS or ADFS tools though

the exercises are good ofc

There was a machine I was stuck on last night and couldn't get past a point cause I didn't know how to use impacket mssqlclient

--help

Bro wtf is impersonate

In mssqlclient

impersonate a user

Huhhhhh?????

booo

You need to learn how to self teach yourself

modules are good to introduce yourself to topics

then you go research on your own

should I use this instead of the impacket thingie

using that on cpts

i will still be using impacket-mssqlclient

😼

I wish I was a computer

y'all use mssqlclient?

nxc mssql

nah

I hate entering interactive shell sessions

What?

for anything really

not as good afaik

been using it for years now

I is Angy

@warped plank how long have you been hacking for?

it's one command at a time and doesn't come with enable_xp_cmdshell and others

I could've saved so much time by reading the README, instead of reading through the whole thing to figure out what that MSBuildShell you posted did..

I logged in as "guest" even though I used the credentials for the guy whose creds I was given

what a terrible fate

..well, learning is learning I guess 🤷‍♂️

since 2024 around December-ish

nice

so just over a year

Stubs, supers, nops and emulation 😅

that's wild

good progress w1ld

Like it was guest@[machine].htb even though I used the creds of the guy I was given @ocean marsh
Why is that

yup

looks like applocker bypass by compiling the code into something kinda like powershell

ive seen people use that general method to bypass av as well

xp_cmdshell in 2026???

Yeah.. got that after reading, then saw the README

after you enable it yes

mssql has its own auth, separate from AD

You can't, closest you'll get is Kerberos tickets

I think same for me

that's why you sometimes need the --local-auth flag smth or other

who in their right minds would allow that

we started together

https://klipy.com/gifs/devious-evil-cat

the attacker after getting dbo on an mssql server

https://tenor.com/view/doggo-henlo-fren-fren-dog-smile-dog-gif-17984668

@meager kernel sql can have a different context

I'm dead tired I'm going to sleep

same here, march 22nd 2024, i remember lol

Ehh??
So if I login using impacket-mssqlclient -p 1433 [name]@[machine].htb

Why does it show <[name] guest@[machine].htb>

I'm mad

nah but like in 2026 how is a sysadmin just gonna leave their account with a weak password seems like a 5% chance of working

💀

sa:sa is fine right

on my last pentest the sysadmins password was like John12 or something like that

that is something

yep

probably because your account only has guest access to the default db or something, idk depends on config

industry standard

How much time did you dedicate to hacking in a day

yo

yo

Weird ass machine then

Oh my nitro expired

nah man

Unlucky

discord nitro 💔

Not really, it's just:

Login using AD credentials to mssql but mssql configured to only allow guest for this user

in the big 2026

I did the same but overall 6-8 hours a day

😭💔

during vacations I would push that to 10 hours depending on the day

indeed

then take a break (burn out)

Im currently saving up for a PS5, otherwise I would be ruthlessly spending my money on games and nitro

and come back

when you start doing 10 boxes a day thats how you know you're locked

sheesh

Crazy

10 boxes a day is not realistic

I tried doing one easy module a day along with a machine

when you have shit grades and nothing to do all day it is

But schedule kinda cramped rn

Y'all have time to do 10 boxes a day? I do 1 box a week, I do a lot of post-root exploring though

not anymore lol but 2024 i did

See I never worked in the industry but it's my belief that in 2026 people would at least become conscious that stronger passwords are a must. If a password attack works it's the company's fault for not having stronger policies

nowadays its like 2-3 boxes a day (when i care to do them)

@ocean marsh I have to travel one hour to my office today just to be there for 3 hours so I can come back home with another 1 hour trip
W

What a fun day

I used to travel 4 hours a day to get to college

people are super lazy and just dont care

dont pmo

Waste of time 💔🥀

human error will never change really

My college is 1.5 hours away

I used to study in that time

Nah I meant college is a waste of time

oh that's for sure

This is why password policies exist

but I also study cysec during classes

I've never gained knowledge from college, I only gained knowledge from college friends

???

on my last test the password policy was like 14 characters complex or something but the sysadmins hash cracked to his first name and a 2 digit number

in AD

I kept thinking you know...oh the kinds of attacks left: privesc via some unbeknownst object in some software....or something

ceald slop 🔥 I didn't salt the pasta water enough before microwaving it

it's very bland

damn, maybe I should make lunch...

I've been studying hard but I still feel dead stupid when I talk to zumi

ntlm reflection, web client coercion, mitm6, adcs misconfigurations are the most reliable ive seen so far

man this is so fucked, I need to sit down and find a way to destress from yet another disappointment produced by humanity

https://tenor.com/view/active-directory-adcs-gif-17526664428159845181

idk how you make so much progress and learn that fast bro

that's fucking crazy

https://tenor.com/view/truth-nuke-truth-true-soyjak-wojak-gif-14828627546768133163

just really hungry

I think I'm not trying hard enough

wtf is mitm6?

6 mans in the middle

dhcpv6 spoofing or something like that

I added a bunch of onion and garlic and it's now a bit more edible

wpad abuse

whatever it is it ends up in you having http auth and you can relay that to ldap

o

i feel dumb man, like real dumb

when it works (which it usually does) it's INSANELY useful

because its http auth

i really wanna do another internal now

https://tenor.com/view/luccabug-angry-cat-angry-cat-being-pet-cat-pet-cat-gif-16721872127246114794

ntlm reflection is just fun, plain and simple

basically something like: forgot to turn of x dhcpv6 feature or something?

what dissapointed you?

yep and wpad

im sure by default mitm6 should work

me 2

that to this day password attacks still work

i remember on this one test after i ran secretsdump i put all the nt hashes in a list and like 50 cracked in 3 seconds

It should be impossible i mean we got fiber gigabit internet speeds in our own house

jfc

The day it stops working idk how else the majority of dependent processes would look like

one interesting thing was some of them were in the format of the date the password was changed

when you forget to use the --only-ad-user flag in secretsdump

https://tenor.com/view/oopsies-ohno-gif-25793283

so with that i looked in AD at when these other accounts last changed their password and i got a few of them that way, it was the most htb shit ive ever seen on a test

i just dump the whole god damn dc

Yeah FTW

Nothing like losing all faith in common sense being a thing when the passwords more often than not comprise of the users name, the year and an exclamation mark

getting bombed with 250 users and scrolling back like a mf just to get the admin hash

i dont do pentests on companies that care enough to even have a blue team lmao, they wont care.

well i only dump all because i like to do a "password assessment" afterwards

ive seen many testers do that so i just take after them

at that point you're just asking for people to rob your business and livelihood it's like an invitation; or a storekeeper leaving the door unlocked and the shiny jewel unguarded

too much pressure

I would pass out

i'll give you one example from my hashcat potfile

August08072023

mmann

not even a salt

that's embarrassing

imagine working in soc watch someone pwn your whole network

Give me the $200k a year job I'll fix that in 10 min

yep lmaoo

oh yea lmao

smarties!!!

KGFOkpoKVFQO_PKFF_)!KTFG_)!KIGF)!<LK_F)!LK+LE+)K!I)RRFI!)(FK!)(@IK$)($I!)(%I!)FGVK)!K@T)_

Imagine it's a known APT, at that point I'm just gonna microwave some popcorn

They just abuse 0 day after 0 day

funny passwords ive cracked, 1. Fordranger1

why is :3 inside a cauldron here