#resources

1 messages Β· Page 3 of 1

jade shell
native falcon
#

+rep

odd sinewBOT
#

Gave +1 Rep to @jade shell (current: #3 - 2097)

half osprey
#

+rep

odd sinewBOT
#

Gave +1 Rep to @cyan tundra (current: #29 - 333)

half osprey
#

Thanks for the awesome resources

cyan tundra
prisma bison
rain depot
#

This is a good resource for ADCS

#

This site and author has blogs on the major escs and walks through how they work

#

Also this article going over using metasploit for them. I highly recommend you learn how to do them as manual as possible to actually understand them and don’t forget to do your research on bloodhound to learn how to spot these.

shut ferry
#

Epic, much appreciated πŸ™‚

cyan tundra
rain depot
stuck abyss
#

@main ether Please don't self promote in this server.

livid wren
#

are their any courses here for penetration test/ red teaming

#

wrong place

jade shell
livid wren
#

not on tryhackme

#

anywhere

#

or industrial practices

tepid patio
#

Hi!!!

For the people here who have to suffer rote memorisation exams and want to learn stuff which is not easy to put on flashcards, I wrote about methods for memorising things using Anki as a scheduler

You can apply this to many things, for example doing a THM room on a schedule

I suggest against memorising everything and also remember you can always google things.

But if you do find yourself in need of implementing a spaced repetition system for things that aren't flashcards, this works quite well πŸ™‚

https://skerritt.blog/memorising-leetcode-by-using-anki-as-a-scheduler/

Skerritt.blog
Memorising Leetcode by using Anki as a Scheduler

Problem: When you have to do Leetcode, you often cram it all in a few weeks before your coding interivew.

It sucks. The interviewer knows it sucks. But there's nothing that can be done.

Everyone knows cramming leads to worse retention, and you do not really "grok" it.

Everyone knows

sonic abyss
#

^ Memorising keybinds in Anki is really useful to

distant pagoda
#

Hello lads, I am looking to do an online streaming session where I talk about AI and prompt engineering. Any books, articles, THM rooms etc that you can recommend? Please and thank you ❀️

jade shell
distant pagoda
#

yes I did that but I was thinking I will go a bit more in detail and even jail break DeepSekk R1 about topics that are censored

stuck abyss
#

@bright osprey Please don't post referal links in this server.

half osprey
signal hornet
half osprey
stuck abyss
#

Please don't self promote. πŸ™‚

tribal crow
#

Forgive me if this is the wrong channel to query, but does anyone have any recommendations on a room that deals with cookie manipulation? I'm doing my Sec+ course and the subject of cookies came up, and now I have this itch to poke around and learn how you can manipulate and leverage cookies

jade shell
tribal crow
#

Thank ya!

sonic abyss
unique crown
#

for Women in Cyber Security podcast The Cyber Queens (on Youtube, Apple podcasts, etc)

unique crown
#

for UK cyber security Smashing Security podcast

signal hornet
#

What is this?

jade shell
orchid lynx
#

Hey can anyone help me get rid of the virtual box turtle

I tried bcdedit /set hypervisorlaunchtype off

Disabled core isolation

I did turned off all the hyper v feature and even check the control pannel

In the task manager virtualization is also enabled

heady island
sonic abyss
coral scaffold
half osprey
karmic basin
#

Hello team, do you have any resources, tools, or software to improve online security and anonymity (OpSec)? I'm looking for solutions to be more anonymous and secure on the internet and in the context of a CTF. Thank you in advance!

heady island
sonic abyss
unique crown
#

windows DLL hijacking and more

true karma
#

I dont know if anyone requested this yet, but would it be possible to install mysql on the parrot os thm attackbox

jade shell
fast crag
#

Do you have any cool free resources that talk about analysing portable executables?

edgy beacon
boreal forge
#

Can Anyone help me how to start learning hacking I need a road map to become a pentester and a mentor

jade shell
sonic abyss
boreal forge
misty geyser
balmy wave
#

Does anyone know a good resource for event filtering/searching on Windows event viewer, I think it was Xpath/XML

simple creek
balmy wave
#

What's that?

jade shell
balmy wave
#

Ohhh

balmy wave
odd sinewBOT
#

Gave +1 Rep to @jade shell (current: #1 - 4229)

round orchid
balmy wave
balmy wave
odd sinewBOT
#

Gave +1 Rep to @round orchid (current: #312 - 21)

round orchid
stuck abyss
#

This is also going in accordance with our community rules.

balmy wave
balmy wave
round orchid
# balmy wave No worries, I don't really need help with the module. I just needed some resourc...

For sure I understand. Well the most basic filtering via XML would probably be by log type and event ID. Something like this.
Just replace Path with your desired log type (on both lines) and EventID with the ID you want to filter for. Easy peasy.
Another article that should get you all the way to your desired goal.
https://techcommunity.microsoft.com/blog/askds/advanced-xml-filtering-in-the-windows-event-viewer/399761

image.png
#

feel free to dm if needed

balmy wave
odd sinewBOT
#

Gave +1 Rep to @round orchid (current: #304 - 22)

lament perch
#

Hey

Does anyone know good resources for maldev? Maybe a roadmap?

stuck abyss
bold fractalBOT
lament perch
odd sinewBOT
#

Gave +1 Rep to @stuck abyss (current: #2 - 3581)

stuck abyss
lament perch
brave harbor
ripe adder
topaz bolt
#

Thats actually cool

#

Now its time to spend the day customizing to get ready to do it

#

Hehehe

idle robin
jade shell
#

Please don't advertise here πŸ™‚

earnest quartz
#

anyone know where i can get a T568A Flag? Lawrencesystems sells one but I'm looking for the whole flag to be color

vestal locust
#

Welcome to the Damn Vulnerable RESTaurant 🍝
You ordered a new YouTube video, right? πŸ˜‰

I recorded myself solving the Damn Vulnerable RESTaurant challenge live πŸ”΄
https://youtu.be/CdVTG3aWTew?si=inmuQ6aFZ-Atipel

YouTube
PinkDraconian
Damn Vulnerable RESTaurant - API hacking

Play around with the DamnVulnerableRESTaurant yourself: https://github.com/theowni/Damn-Vulnerable-RESTaurant-API-Game

▢️ YouTube: https://www.youtube.com/c/PinkDraconian
🎁 Patreon: https://www.patreon.com/PinkDraconian
🐦 Twitter: https://twitter.com/PinkDraconian
🎡 TikTok: https://www.tiktok.com/@pinkdraconian
ℹ️ LinkedIn: htt...

β–Ά Play video
daring socket
shy saffron
tender zephyr
#

https://www.humblebundle.com/books/networking-and-security-cert-prep-pearson-it-certification-exam-cram-books?utm_source=facebook&utm_medium=paid&utm_campaign=07_ACQ_Bundles_Books_2025-April_ExamCram_Meta&utm_content=Bundle_Books_ExamCram_Static-V2-Products-Square&utm_term=2025-April_Bundle_Books_ExamCram_ROW&utm_id=6671719560481&fbclid=PAY2xjawJlKTVleHRuA2FlbQEwAGFkaWQAAAYRYu2OKQGnkIkm3W_IVGvkUuvkAoZg8F2bo0-w5Op7GzbXGj8ptOhj8zXS6n-QFStf9-g_aem_lNnt72AUVHApnLzx9awxig

Humble Bundle
Humble Tech Book Bundle: Networking and Security Cert Prep by Pears...

No timeβ€”no problem! Ace your networking and security exams in a jiffy with this curated library of tech courses by Pearson.

sweet lily
#

Hey guys, just wanted to share - unfortunately for the french speakers only - a sub free magazine about Cyber I ran into during the InCyber forum last week : https://www.cyberun.net/cyberun. Good stuff, well written and organized. (I have no affiliation to it)

glass furnace
raven cove
#

Need some SANS advice from y'all.. these are the 4 I'm considering getting, ordered from most desirable to least.

SEC511
SEC573
SEC598
FOR498

This will be my first SANS cert.. any advice on which one to pursue or any other really solid courses I might have missed?

wintry vortex
prisma bison
#

Vencord is against Discord's terms of service, please do not promote it here.

brittle light
bronze geyser
#

is there a place i can find all the free SOC resources, cant afford any subscription right now

jade shell
simple creek
idle robin
steep flower
bronze geyser
steep flower
dusky sorrel
#

Hey, Anyone with Student Id need Perplexity AI Pro Free 1 Month?

heady island
fading glade
pallid sandal
#

Does anyone have good recommendations on Youtube channels and/or podcasts that are both entertaining and useful for learning a thing or two? I have a lot of traditional learning resources but I'd love to find content like storytellers and that sort of thing. Thinking Darknet Diaries and stuff along that line. Any ideas?

copper trout
#

2 YouTube channels:
mental outlaw
Tech with jono

#

Mental outlaw is great to catch up what’s new/interesting to learn and from time to time shows hands on tutorials

#

Tech with jono is very good at giving a visual aid in showing what he does as a SOC analyst

pallid sandal
#

Awesome, thanks for the suggestions! I already do watch Mental Outlaw from time to time but hadn't heard of Tech with Jono. I'll definitely give it a look!

mortal sonnet
#

hi there. Any good study materials ( video will be nice) about active directory?

wooden anchor
#

I'll also look for some videos you can use

#

One minute

shut ferry
#

I'm doing a CTF (not on THM), and I need to escalate my privileges in Linux. Linpeas flagged /proc mounted. However, I don't know how to exploit that to escalate my privileges.

#

Any resource that could help me with that is welcome

jade shell
stuck abyss
shut ferry
# stuck abyss Which CTF are you doing?

It is a school challenge, so I doubt it is publicly available. I completed the linprivesc room on THM, but it doesn't cover privilege escalation related to the Docker container.

stuck abyss
pallid sandal
#

What would y'all recommend when you're trying hard to study but can't seem to keep your mind focused? I've tried total silence, calm music quietly playing, drinking tea (I do that either way), really struggling to focus today though. Just curious if anyone has some tips to help in cases like that

hallow plank
#

howdy peepz. I made a little site putting my notes online here https://pwnpedia.com/
let me know if you think it's cool or if you think there's anything else I should add or take away! happy hacking friends!

round orchid
hallow plank
#

hell yeah! thank you!

idle robin
tepid patio
topaz gulch
idle robin
tepid patio
tepid patio
topaz gulch
#

You can keep your ransomware. I'll just send in my Elf

idle robin
stuck abyss
#

Where is elf?

vapid mountain
olive oyster
#

Hello, I wanted to get into developing rooms (Web app pentesting) for TryHackMe, where should I start?

vapid mountain
vapid mountain
round orchid
limber apex
#

Hey guys need some good resources for Blockchain pentesting

i came across cryptozombies and ethernaut, also i saw some machines on HTB

my issue is i dont understand whats happening in these challenges

i would like to know if there are any free course/resources

golden wedge
#

IT people, do you know about proxy tunneling? Proxy strings... threading? Where you line up like 9 proxy IPs to hide your own.
Any videos, tutorials or resources to help would be appreciated 🀺

golden wedge
#

Nvm i was a dumbass and that shit is easy

tired geyser
wooden anchor
#

Not a "direct" resource, but I just found a free demo on Steam for a pretty good hacking game. It's pretty barebones but it gives an introduction to some industry standard tools while providing a ctf-esque environment to practice in

#

It's called HackHub

#

Not to be confused with a game by the same name on Itch

tiny condor
#

I have installed neo4j and bloodhound, once i start both services, i use neo4j credential to login to bloodhound, but it says login failed?
anyone know how to configure it properly?, In bloodhound interface it asks for Email Address and Password instead of username, bolt url, password

last wing
last wing
#

https://vim.rtorr.com/

Vim Cheat Sheet

Explore vim.rtorr.com for an extensive Vim cheat sheet, offering clear, concise commands and shortcuts for Vim users. Whether you're a beginner or an experienced developer, find tips and tricks to enhance your coding efficiency in Vim.

gritty barn
last wing
last wing
#

https://www.youtube.com/watch?v=uTAaFExLgwQ
This is good too

YouTube
NetworkChuck
the hacker’s roadmap (how to get started in IT in 2023)

Start your IT Path with ITProTV: https://ntck.co/itprotv (30% off FOREVER) *affiliate link

Are you wanting to get started in IT in 2023? Do you want to become a Hacker? A Network Engineer? Cloud Engineer? System Administrator? In this video, NetworkChuck will show you the path to getting started in IT and Cybersecurity that will help you rea...

β–Ά Play video
idle robin
prisma bison
#

It's still advertising, please don't do it here.

fast wagon
last wing
#

Ah nevermind, that was for something else from before. Nevermind

last wing
sudden fern
final heart
proud cloak
#

Does tryhackme have any OSINT type modules or does anyone know any other good resources for OSINT related things

stable meteor
proud cloak
#

Finished

#

Remember any others

rapid snow
stark flame
#

Can you tell me here

compact kayak
#

Did anyone else struggle with the pre-security area of the THM website? I'm struggling digesting the material. Can you guys recommend me some resources that found that helped you process the information? Preferably visual if there is one.

jade shell
prisma bison
#

This isn’t a place for self promotion and must be resources, not links to music

last wing
#

That's most of all I have

plain zealot
#

Thanks!
Ill try most of em out
Always appriciate a little help in OSINT

winter iris
#

why does he change the language between English and Hindi 😭

tight jungle
hearty scaffold
tight jungle
winter iris
#

a mix of hindi and english?

#

why would he speak that way

#

the indians that dont speak english wont be able to understand 100% of it and the english speakers who dont speak hindi wont be able to understand 100% of it ;/

tight jungle
prisma bison
#

@tight jungle Please keep this channel for resources and avoid self promotion

winter iris
vapid mountain
#

if you wanna drop all ip's that have tried to brute your box

journalctl -u ssh | grep 'Failed password' | awk '{print $(NF-3)}' | sort -u | while read ip; do iptables -C INPUT -s "$ip" -j DROP 2>/dev/null || iptables -I INPUT -s "$ip" -j DROP && echo "Dropped $ip"; done
cobalt cobalt
#

I don't know if this counts as resource serarching but im starting my cybersec school soon and they asked me to buy a laptop that had rtx 2060 or higher. Now if it was my choice i'd just go for a thinkpad T-series but no gpu. So i have couple of laptops in my list, any recommendations are welcome : 1. Lenovo Legion 5 2. Thinkpad T14 gen 3 (lack of gpu) 3. HP Omen 16-c0600nz . I was also thinking the ones that are specifically designed for pentesting but they somehow also lack GPU other than ones that cost alot.

worldly palm
cobalt cobalt
odd sinewBOT
#

Gave +1 Rep to @worldly palm (current: #1463 - 3)

worldly palm
cobalt cobalt
worldly palm
cobalt cobalt
#

Thanks for the info tho.

fierce mauve
idle robin
light crystal
#

hey do you guys have any recommended youtube playlist or resources to learn proper impacket usage? and methodology based things?

tough kindle
light crystal
vapid mountain
tough kindle
light crystal
raven elm
hexed fiber
vapid mountain
vapid mountain
#

I wrote this patch

shy sand
lucid remnant
#

I’m an Indian student pursuing a BTech in Computer Science and currently relying on an education loan. I’m really interested in cybersecurity, specifically Red Teaming, and want to earn industry-recognized certifications. However, due to financial constraints, I’m unsure which certifications to focus on. Can someone help me with any advice on affordable yet credible options.

tough kindle
vast dragon
#

hey is anyone a hacker

tough kindle
vapid mountain
tough kindle
#

No promotions in here please. πŸ™‚

vapid mountain
#

i use that one a lot

vapid mountain
sonic abyss
#

this gitbrew organisation seems to be compromised

#

just tried to visit it and it gave me the fake cloudflare verification phish

harsh jetty
#

I want cool certs

#

Like with cool designs

tame lake
#

HI everyone I need lots of essential combos in brazil governments, educations and medicals. I can pay it with your comfortable demands.

jaunty zenith
tame lake
#

I mean those sites

#

gov, edu, med sites.

jaunty zenith
#

why?

tame lake
#

you do not need to know it anyway i can afford to pay for them if they are accurate.

jaunty zenith
#

lmao automodded

sweet musk
#

Erm

#

What is a combo

north nymph
#

what is this dude on about

sweet musk
#

An essential combo

north nymph
#

bro use google translate please

jaunty zenith
#

oh they might mean combo lists

snow knot
shut ferry
#

Fuck

snow knot
#

πŸ˜‚

jaunty zenith
#

you need to verify to embed

bold fractalBOT
shut ferry
#

πŸ™„ too boring

jaunty zenith
#

do that ^

shut ferry
#

Nah too bored I just finished my lessons

#

I'll do it later

sonic abyss
#

πŸ’€

#

@prisma bison

jaunty zenith
#

i sent a report lol

prisma bison
#

omg meee

heavy elmBOT
#

:hammer: blackadamas__#0 has been banned.

sonic abyss
#

404

vapid mountain
vapid mountain
tough kindle
#

Self promotion is not allowed in here and please do not promote this everywhere.

marble epoch
#

Anyone wanting to do the EJPT exam it’s on sale. EJPT exam voucher and 3 months of prep for 125 dollar.

IMG_6846.png
prisma bison
nova loom
nova loom
#

It'll definitely make my notes shorter not having to write down tool syntax kekw

narrow isle
#

Hello

sudden slate
cold willow
#

Hey folks
Anyone got good resources (blogs/writeups/cheatsheets) on:

β€’ PHP upload bypass
β€’ PHP reverse shells

Working on THM’s Root Me and would love some study material.
Thanks a ton

soft lodge
jade shell
vague river
#

Anyone here prepping for Python basics / Security+ / THM modules / AZ-900 and wants to form a beginner study group?

jade shell
vague river
#

Ok πŸ‘

#

Where can I get help

cold willow
#

Thanks a ton !

gusty sparrow
#

Ok, so if you want to learn to use OpenUSD here's 2 ways to do it. https://www.youtube.com/playlist?list=PL3jK4xNnlCVcae9UrxpVWyFw63QCFA6JA is the Video's, and https://www.nvidia.com/en-us/learn/learning-path/openusd/?ncid=em-prom-338923&nvweb_e=lJODT593j9w2yguzju_bEA2Aza5yS211RIr2IB13Z0vGlCEPqmt01Ec54mPD8ga2lEIw0xTXCuxd9vN1No--4g&mkt_tok=MTU2LU9GTi03NDIAAAGb9gXmA_qkLbVGeNnZTHtotIt9g3anL0BDziQts-DNtjQk1ID-R808ILCafl378fl3pWStbOFXTqN13KZHwQkMJAPxOxGZruA8MuqM2NM76BQYEbDbKKU0iAguoDvzn08 is the course's which might have videos too, I am not sure yet.

#

Though it might not exactly be something to do with Cyber Security, remember that learning all different things can always come in handy sometimes, especially when it might have to do with security for code or other programs.

#

They also do offer an exam for Certification, so look it up if you finish the courses and want the certification. Not sure of the price though.

marble epoch
nova loom
marble epoch
prisma bison
marble epoch
prisma bison
marble epoch
bleak fossil
vital snow
marble epoch
odd sinewBOT
#

Gave +1 Rep to @vital snow (current: #3072 - 1)

edgy canyon
#

Hello everyone

prisma bison
mossy token
#

Hi Does anyone have a notion AI subscription?

minor falcon
#

Hey does anybody have any recommendations or resources for learning AWS quickly?

jade shell
minor falcon
odd sinewBOT
#

Gave +1 Rep to @jade shell (current: #1 - 5833)

wooden gull
#

Udemy course

tough kindle
#

Hello, sorry but advertisement is not allowed in here.

wanton urchin
#

@slim kiln Let's hang well we knock out these out and learn

floral canopy
#

Does anyone have any cyber news podcast recommendations? I tried CyberWire Daily, but the guys voice sounds like a tiktok voice filter. Can't cope.

#

Preferably uk based

jade shell
finite patio
#

mod this is advertisement

wooden gull
latent island
#

Is there kleopatra for windows? I want to practice pgp

steel girder
#

Is this free

#

Any one have free hacking videos practical resources

wooden gull
#

I've removed it

ripe adder
formal thunder
#

If i want to study for CompTia would the security+ SYO-601 be the best book option?

vocal fjord
formal thunder
odd sinewBOT
#

Gave +1 Rep to @vocal fjord (current: #3092 - 1)

vocal fjord
formal thunder
odd sinewBOT
#

Gave +1 Rep to @vocal fjord (current: #2035 - 2)

jagged tiger
#

@prisma bison can help you

heavy elmBOT
#

:hammer: anonymous_player45_02076#0 has been banned.

latent island
#

Like pgp keys

latent island
#

sorry

ripe adder
latent island
odd sinewBOT
#

Gave +1 Rep to @ripe adder (current: #1238 - 4)

rustic fable
#

RE tool

#

❀️

rigid totem
#

Greetings all! I’m Havoc, based in New Zealand.
I’m here to connect with mentors, peers on similar learning paths, and people who share my values. I’m starting with OSINT and plan to follow a cybersecurity learning pathβ€”unless mentors suggest a better direction.
My goal is to use these skills for humanitarian causes I care deeply about, such as countering human trafficking and promoting child safety. If you’re already working in this space, I’d be grateful for any advice on the best pathways to follow.
I work full-time and can dedicate around 16 hours a week to learning. Once I’ve built up my skills, I’m committed to giving back by mentoring others.
If you’re on the same path and want to collaborateβ€”or if you’re experienced, share my values and want to clone yourself in me to amplify your impactβ€”hit me up!

glass vessel
#

Hello I am looking for a mentor and someone to help me on my journey to become a pentester, it would be great anyone can message me and I'm ready to learn like a padawan

narrow shore
#

If you wish to be a pen tester, i would suggest reading the hacking exposed books as a baseline, old but relevant. Then try the junior pen tester path, learn linux (virtualbox + kali), python, study owasp guides and VMs plus ensure you have a good under standing of basic networking, services and web technologies.

nova loom
clear grove
#

Very cool website for beginners in Linux.
https://explainshell.com/

It explains what each part of a command does.

For example if you find a Linux command in tryhackme and you will understand what each switch and each part does exactly.

azure harness
#

is there any blog or github repo for free Reverse engineering tools ? Anyone to follow for methods to solve ctf challenges related to RE ?

mild socket
onyx rune
#

Hey everyone! πŸ‘‹
I’m currently diving into C and Assembly to get a deeper understanding of hardware-level attack techniques. On TryHackMe, my plan so far is:

x86 Architecture Overviewβœ…
x86 Assembly Crash Course (almost done)
Buffer Overflow Prep
Buffer Overflows
Sudo Buffer Overflow
NoNameCTF
Binary Heaven

Are there any other THM modules you’d recommend for learning more about low-level exploitation? I know there’s a lot to explore and I want to make sure I don’t miss any essential content.

nova loom
vast garnet
#

I'm not sure if I am asking in the right place. but I need to decrypt a SHA256 Hash. I hit a dead end. this is my bash: 2025-09-05 00:14:25 [INFO] Decrypting secrets.enc
Passphrase (no echo):
2025-09-05 00:15:47 [ERROR] Decryption failed: [Errno 2] No such file or directory: 'secrets.enc'
this is the part of the code that has the passphrase info : def derive_key(passphrase: str, salt: bytes) -> bytes: log("DEBUG", f"Deriving key with PBKDF2 iterations={PBKDF2_ITERS} salt={salt.hex()}") key = PBKDF2(passphrase.encode("utf-8"), salt, dkLen=KEY_LEN, count=PBKDF2_ITERS, hmac_hash_module=SHA256) log("DEBUG", f"Derived key {key.hex()[:32]}...") return key

#

I hope someone reaches out. i can give more info. i reached out to some well known Hackers only to be Ghosted. hey, i aint mad at them.

onyx rune
odd sinewBOT
#

Gave +1 Rep to @nova loom (current: #203 - 48)

void mesa
#

https://github.com/zahidaz/jezail

Jezail is a powerful, all-in-one Android application that runs entirely on your rooted device, transforming it into a comprehensive security testing and device management platform.

rich pasture
tough kindle
#

No promos in here.

jaunty perch
#

Where is a good place to leaen python coding?

south jetty
#

whats your exp level

jaunty perch
#

None. Want to learn python cause im doing cybersec101 moving into pen testing.

south jetty
#

never ever buy a non-discounted course there

#

they should be 20 bucks max, more like 10

molten hamlet
jade shell
sonic abyss
#

Udemy courses aren't the most reliable either

#

https://www.youtube.com/channel/UCCezIgC97PvUuR4_gbFUs5g

YouTube
Corey Schafer

Welcome to my Channel. This channel is focused on creating tutorials and walkthroughs for software developers, programmers, and engineers. We cover topics for all different skill levels, so whether you are a beginner or have many years of experience, this channel will have something for you.

We've already released a wide variety of videos on to...

south jetty
#

I would recommend them

#

I am sure there are also bad ones

#

I am however not convinced by things like freecodecamp

sonic abyss
sonic abyss
south jetty
#

But I'm sure if you make this recommendation they are a good choice

proven cloud
delicate juniper
#

Does anyone know of any learning resources that teach specifically IDORs? All content I've been able to find is too superficial, I'd like something in-depth

fathom osprey
#

.

jade shell
light hare
#

Here are some of my recent articles:

https://medium.com/@sahilmalvi1806/interlock-ransomware-deconstructed-safe-bas-for-bfsi-beyond-f942871f75f9

https://medium.com/@sahilmalvi1806/no-harm-real-alarms-how-bas-simulates-ransomware-to-test-edr-resilience-4fac7c8aa056

https://medium.com/@sahilmalvi1806/atomic-testing-with-picus-first-thing-first-one-test-at-a-time-5161b13b3591

Do give them a read I’d love to hear your overview and perspective on how these approaches resonate with today’s CTEM priorities.

Medium
Interlock Ransomware Deconstructed: Safe BAS for BFSI & Beyond

Change in perspective

Medium
No Harm, Real Alarms: How BAS Simulates Ransomware to Test EDR Resi...

~By Sahil Malvi

Medium
Atomic Testing with Picus: First thing First - One Test at a Time

By Sahil Malvi is and always Malvious

drowsy lagoon
#

Hi, I just completed the web application roadmap and I was wondering if there would be a list where there would be all the rooms related to web vulnerabilities thanks

tiny lion
#

https://www.linkedin.com/posts/dcollaoa_bloodyad-activedirectory-cybersecurity-activity-7373988099074342912-wfO0?utm_source=share&utm_medium=member_desktop&rcm=ACoAABnMecQB-SvhTIJXUUn77YW1z1QZnWDmPgo

#bloodyad #activedirectory #cybersecurity #infosec #redteam #automa...

I've developed bloodyAD-mcp (Model Context Protocol), a personal project aimed at simplifying Active Directory interactions for cybersecurity tasks.
The core idea is to enable control of bloodyAD (a powerful AD tool) via natural language, using AI assistants like Gemini-CLI or Claude Desktop. bloodyAD-mcp acts as a secure Docker container wrappe...

hushed ice
#

.

mossy token
#

hi everyone,

So I am learning about networking. I have learned all the concepts like IP, MAC, the OSI/TCP-IP layers, DNS, routing, NAT, and different protocols. But I am still confused about how everything works together. I mean, how does each part play its role, and how does it all come together in practice?

is there any resource that can help me understand that?

nova loom
zealous fern
# mossy token hi everyone, So I am learning about networking. I have learned all the concept...

I found these two YouTube channels to be very helpful when I was in my "Intro to Networking" class in my CS degree:

https://www.youtube.com/@PracticalNetworking/featured

https://www.youtube.com/@PowerCertAnimatedVideos

YouTube
Practical Networking

If you’ve been in the Network Engineering career field for any small amount of time, then you’ve probably been frustrated at how difficult it was to find articles and videos that were reliable, thorough, and understandable.

You found articles that were very entry level, that perhaps gave simple definitions but did not communicate enough to ...

YouTube
PowerCert Animated Videos

Learn Visually. A channel of animated information technology videos such as networking, computers, routers, switches, servers, comptia courses, etc. Thank you for stopping by.

All videos are copyrighted. Re-uploading these videos to youtube or any other platform is strictly prohibited.

sudden slate
next knot
#

Hi everyone!

I’m really interested in learning ethical hacking and penetration testing, but I’m not sure where to start. I want to build a strong foundation and learn the right way.

Could anyone here share:

  • A recommended roadmap or learning path for beginners?
  • Essential resources (books, courses, labs, or YouTube channels)?
  • Any communities or platforms where I can practice safely ?

I’d appreciate any advice or guidance you can offer. Thanks in advance!

tough kindle
obtuse nymph
#

Get the hell out of here scammer

jolly barn
next knot
odd sinewBOT
#

Gave +1 Rep to @tough kindle (current: #25 - 404)

viral knoll
teal breach
sleek olive
#

Hi, can any one suggest me how can I practice networking

gritty barn
sleek olive
#

Like for application

timber meadow
#

Its pretty depressing when you can only access the intro part of the rooms and then you have to learn the rest from Indian teachers on YouTube 😭

frank flax
fierce mirage
tough kindle
idle robin
glacial marsh
#

Hi, can any one suggest me how can I practice networking

timid lake
#

Any mobile apps yall have for learning resources/tools, any that is related to cybersec or any that helps you in learning generally?

tough kindle
#

No advertisement in here please.

flint geyser
#

It's not an advertisment

#

it's a resource

tough kindle
#

Yep, your own. ;D

shut ferry
#

Hey Brothers

#

is there anyone from Pakistan ?

tough kindle
#

No promotions in here. Read the rules.

glass thunder
torn raven
#

Does anyone have a good book/resource on secure SDLC, looking for scalable ideas, tooling, best practices that they can reccomned. Most of the stuff I'm finding is pretty entry level or expensive? I'm fine with it being expensive as long as it's worth it

glacial marsh
#

Like for application

shut ferry
#

Discord / THM recruitment message

Hey β€” I’m Lone Wolf, learning THM (web & pentesting). Looking for 1–2 motivated people for daily 1–2 hour lab sprints & write-up exchange (remote). If you’re consistent, reply and let’s set a trial 3-day sprint.

torpid viper
gritty field
teal breach
teal breach
#

https://youtu.be/9HOpanT0GRs

YouTube
freeCodeCamp.org
Harvard CS50’s Intro to Cybersecurity – Full University Course

This full-length course is an introduction to cybersecurity for technical and non-technical audiences alike. You'll learn how to secure your accounts, data, systems, and software against today’s threats and how to recognize and evaluate tomorrow’s as well, both at home and at work. Learn how to preserve your own privacy. Learn to view cybers...

β–Ά Play video
tawny bronze
odd sinewBOT
#

Gave +1 Rep to @teal breach (current: #260 - 36)

idle robin
teal breach
hidden geyser
#

New blog drop for quick tech learning: https://chandsk03.github.io/blog/ β€” clean notes, tutorials, and updates for students and self-learners. Save it, share it, and send feedback to help improve!

lethal sinew
surreal glen
sonic abyss
surreal glen
sonic abyss
#

yes, its just enumeration

surreal glen
sharp halo
sonic abyss
tough kindle
#

Avoid massively promoting please.

ripe adder
#

It's nice. Is the application open source or closed source?

vernal shoal
#

Hi can I hack this

ripe adder
#

Your application is good. Explains commands very well by breaking it down.
If it was open source I just wanted to see how you have implemented it.

sonic abyss
#

Does this use a LLM?

#

Ok my feedback would be: take it down, remove the client side gemini API request (have it be done server side), reset your API token and then put it back up

#

Your google API token is leaked

sonic abyss
#

Literally just open the devtools and make a rqeuest

south dirge
#

Hi everyone where can I get an OTA app

wispy citrus
#

Please i am in need of a study mate, please someone serious.

teal breach
#

https://youtu.be/47NRaBVxgVM

YouTube
freeCodeCamp.org
Internet History, Technology, and Security - Full Course from Dr. C...

Learn about the history of the Internet. In this course you will learn how the Internet was created, who created it, and how it works. Along the way you will meet many of the innovators who developed the Internet and Web technologies that we use today.

πŸ”— Course website: https://ihts.pr4e.com/

✏️ Dr. Charles Severance developed this cour...

β–Ά Play video
sharp halo
teal breach
#

same guy as the internet history video, this was how i learned to program;

#

its aged like fine wine imo and its 100% free;

#

there are lots of videos on youtube as well that help teach this stuff;

#

there's also 3 editions, make sure to read the 3rd edition as it is the most up to date and also free;

unkempt quartz
#

Does anyone know where I can find the full question set for the boss of the soc challenge? The whole set, not just the ones on the thm lab

nova ember
slow jay
#

Does any one know how can I prepare for cnsp exam or matterial for it

lusty oracle
#

Hello

I would like to practise web vulnerabilities (client and server)
Do you have any boxes to recommend that are purely practical and not based on a CVE, etc...?

latent tapir
#

OWASP Juice Shop?

simple creek
abstract zodiac
odd sinewBOT
#

Gave +1 Rep to @simple creek (current: #973 - 6)

teal breach
#

for when you need a break from stress;

fringe badger
wheat tendon
#

I’m waiting until this Friday to get the subscription for THM. In the meantime, does anyone recommend or have any resources they could share to me for me to learn more about the Network/Lan or the Lenox modules that are in the pre-security section?

dry tendon
teal breach
teal breach
#

git is probably the most important tool you will learn in almost any area of tech and one area i think everyone should learn regardless of cyber or dev work or even just wanting to write poetry;

#

having version control on my documents has saved me far too many times to count;

teal breach
wheat tendon
winged jay
#

AdPeek is a small Python tool for extracting useful information from Active Directory over LDAP. It focuses on fast enumeration and identifying misconfigured ACL paths without requiring a database or GUI (Poor man's bloodhound-ce).
https://github.com/0xUnd3adBeef/AdPeek

strong loom
#

Hey guyss , im currently trying to find any good recourse for some projects/virtual home labs and such focused on blue stuff that is worth putting on my CV trying to build my portfolio, if you guys know any projects guides like these or any recommendations will help a lot and thankss

raven coral
teal breach
teal breach
# strong loom Hey guyss , im currently trying to find any good recourse for some projects/vir...

https://m.youtube.com/watch?v=FMazVA-iZHw&t=207s

YouTube
UnixGuy | Cyber Security
Cyber Security Projects That Give You UNFAIR Advantage

To win the giveaway:
LinkedIn post: https://www.linkedin.com/posts/abedhamdan_heres-a-giveaway-from-one-of-my-favourite-activity-7399209845511602176-x4v0

Letsdefend:
https://app.letsdefend.io/pricing

Letsdefend SIEM Engineer Pathway:
https://app.letsdefend.io/path/siem-engineer-career-path

Letsdefend SOC Monitoring Simulation:
https://app.le...

β–Ά Play video
#

https://m.youtube.com/watch?v=CWtLdR2SxNY

This is a good collection too;

YouTube
UnixGuy | Cyber Security
13 Cyber Security Projects to get you HIRED (Updated 2025)

Use β€˜unixguyβ€˜ coupon code at http://nordpass.com/unixguy to get NordPass Business with a 20% off! The coupon applies to all new Business plans.

To follow through, download the FREE Cyber Security Resume/CV references in the video: https://unixguy.com/free

Start a non-Technical Cyber Security Career! Get lifetime access to GRC Mastery Train...

β–Ά Play video
civic flare
#

Hello

#

Here is a proper roadmap for ai ml and for blue team

toxic path
#

https://course.ysap.sh/

passing along from one of my co-workers. intro to advanced bash shell scripting, free course

stray blaze
#

gm

flat kraken
#

For students: HackTheBox is doing a holiday CTF on December 19-21 if anyone is interested:

https://ctf.hackthebox.com/event/details/university-ctf-2025-tinsel-trouble-2993

HTB - Capture The Flag
University CTF 2025: Tinsel Trouble | HTB CTF

Play the University CTF 2025: Tinsel Trouble event on the Hack The Box CTF Platform. <div><strong>πŸŽ„ Grand Legend β€” </strong><strong><em>The Tinsel Trouble of Tinselwick<br></em></strong><br></div><div><strong>In the snow-glittered village of Tinselwick</strong>, where peppermint chimneys puff cinnamon steam and toy trains zip between roofto...

teal breach
fast crag
#

https://www.youtube.com/watch?v=e-lM_vP6HwQ

YouTube
The Weekly Purple Team
🚨 Zero-Day NTLMv2 Hash Leak via Microsoft Photos URI Scheme

In this episode of Weekly Purple Team, we explore a vulnerability in Microsoft's ms-photos URI scheme that allows attackers to leak NTLMv2-SSP hashes directly from web browsers with just one click. Although reported, Microsoft did not recognize it as a vulnerability, and no CVE was issued.

πŸ”΄ RED TEAM PERSPECTIVE:
Watch as we demonstrate how ...

β–Ά Play video
tranquil hare
#

Hello group,
I’m looking for someone experienced in ethical hacking or cybersecurity who’s willing to teach or mentor me for free. I’m a beginner, motivated, and interested in learning the right and legal way. Any help or guidance is appreciated.

shut ferry
tranquil hare
#

Okay

cinder dome
torpid cloak
#

Can someone give me a roadmap for ethical hacking

steep flower
torpid cloak
#

Thanks you soo much

teal breach
#

https://www.youtube.com/watch?v=9ReSHQihuZw

YouTube
freeCodeCamp.org
Command Line Hacking – Over The Wire Bandit Walkthrough (CTF Warg...

Improve your cybersecurity and Linux skills by solving challenges in the Bandit Wargame from OverTheWire. This video is a walk through of how to solve the challengesβ€”but make sure to try each on your own before watching the solution!

πŸ”— Start the game here: https://overthewire.org/wargames/bandit/

✏️ Tutorial from Sabyasachi Paul. Chec...

β–Ά Play video
marble jungle
keen fable
sonic dagger
rain jewel
#

I'm Neha Khatri .. and a beginner in the field of Cyber security
i have seen roadmaps alot and everywhere the starting point is Cover IT fundamentals
can anyone please guide me any recourse of this ?

simple creek
finite yarrow
#

if you ever have a path traversal/file read exploit and find yourself lost in what files to find or just find yourself within a lowkey CMS - this tool allows you to input the framework, web server running, OS and users in /etc/passwd and will generate a wordlist you can use to FUZZ for high priority files depending on your context -> https://pwnbase.org/helpers/file-read

Pwnbase
Pwnbase - Offensive Security Platform for Pentesters

Community-driven platform for security tools, CTF writeups, penetration testing techniques, and collaboration. Free security resources for OSCP students and security researchers.

twin venture
finite yarrow
twin venture
#

is it yours? can I dm for some info about it?

finite yarrow
#

its mine and yeah sure

manic garnet
dim olive
#

what's the really real paid website that really teach u everything and better than the others , paid recources for learn the real hack not just commands like metasploit...)

storm quartz
brittle dome
shut crystal
teal breach
#

https://youtu.be/c3Cn4xYfxJY
On @faint sluice 's recommendation (ty kindly!), going to be taking this course since not only does it teach aws cloud in detail, but more importantly it has lots of practical labs i can use as portfolio projects;

YouTube
freeCodeCamp.org
AWS Solutions Architect Associate Certification (SAA-C03) – Full ...

Prepare for the AWS Certified Solutions Architect - Associate certification and pass! Certify your knowledge and skills in AWS technology, across a wide range of AWS services.

✏️ Course developed by Andrew Brown of ExamPro. @ExamProChannel

⭐️ Contents ⭐️
0:00:00 Introduction
0:34:47 Setup
0:52:38 Amazon S3
10:52:02 AWS API
12:19:...

β–Ά Play video
faint sluice
restive wigeon
#

Are there any good articles or blog sites where we can read different type of vulnerabilities and how we can actually replicate them step by step?

#

When I do a pentesting on an application, I am having difficulty to figure out when to do what so I feel that learning about attacks and how to perform them will eventually help me have a broader perspective and would help me in doing pentesting properly. Is it a right approach?

shut ferry
# restive wigeon When I do a pentesting on an application, I am having difficulty to figure out w...

you won’t get far with only frameworks like MITRE, CWE, and CVE; you need real hands-on experience to actually get better. what separates the skilled from the unskilled is the ability to not just see an application, but understand it; and know which vulnerabilities are likely to apply so you can save time, set focus, and find issues that others simply won’t

I wouldn’t say there are necessarily specific blogs you can read to immediately get better, but my best advice is using PortSwigger Web Security Academy and other exploitation-focused CTFs/labs, and reading HackerOne Hacktivity posts along with things like NCC Groups reports and PortSwigger blogs and just overall gain more experience

restive wigeon
odd sinewBOT
#

Gave +1 Rep to @tall condor (current: #70 - 150)

latent salmon
#

any one from india

shy osprey
#

^^^ This was engaging!

pseudo lintel
#

Sorry can you help me VPN is not working I tried everything

shut ferry
teal breach
tawdry mesa
#

I’ve created ShadowHorn, an open-source OSINT & threat intelligence platform.
It gathers data from social media, code repos, and breaches, then uses AI to correlate everything into graphs and reports.

If anyone wants to contribute or collaborate, you’re most welcome!

https://github.com/furious-05/ShadowHorn

serene jay
tawdry mesa
odd sinewBOT
#

Gave +1 Rep to @serene jay (current: #202 - 51)

formal hill
harsh birch
magic quail
#

Is there anyone who can help me to get a better start in cyber security career for red team pentenstester
Pls guide me in depth with certificatation

nova current
magic quail
#

Help me buddy

#

Guide me

worldly path
half trout
magic quail
magic quail
gloomy swift
magic quail
teal breach
gloomy swift
teal breach
#

https://m.youtube.com/watch?v=U1w4T03B30I&pp=ygUkbGludXggZm9yIGV0aGljYWwgaGFja2VyIGZ1bGwgY291cnNl

YouTube
The Cyber Mentor
Linux for Ethical Hackers (2022 - Full Kali Linux Course)

0:00 - Introduction
4:12 - Installing VMWare or VirtualBox
10:27 - Installing Linux
16:00 - Configuring VirtualBox
19:15 - Kali Linux Overview
22:45 - Sudo Overview
27:58 - Navigating the File System
46:10 - Users and Privileges
1:03:05 - Common Network Commands
1:11:32 - Viewing, Creating, and Editing Files
1:17:54 - Starting and Stopping Servi...

β–Ά Play video
magic quail
gloomy swift
teal breach
magic quail
magic quail
gloomy swift
magic quail
gloomy swift
magic quail
#

What should I have to do after sign up in try hack me

gloomy swift
magic quail
#

And thanks for the help buddy

cinder chasm
harsh birch
#

Hello team!
I've created a course on learning Linux. It's a beginner's course designed to give you the skills you need to get started in Cybersecurity or DevOps/Sysadmin. So I'm looking for people to critique my course πŸ˜…. FYI, each chapter is linked to a Google form. You can also DM me with your feedback.
Course link: https://github.com/N0vachr0n0/Hands-on-Linux-course
Arigatoooo πŸ™‡πŸΎβ€β™‚οΈ

GitHub
GitHub - N0vachr0n0/Hands-on-Linux-course: Hands-on Linux course es...

Hands-on Linux course est un cours pratique pour apprendre Linux à travers des chapitres structurés, clairs et concrets. Que vous soyez débutant curieux, futur administrateur système ou passionné d...

#

@stuck abyss

finite verge
#

Heyy guys today i got the Advent of Cyber rewards and i have got 75$ voucher but i am not able to utilize it cause i already have the premium so if anyone wants it .
Dm me .

indigo ridge
scarlet topazBOT
#

Done!

inland ore
harsh birch
inland ore
harsh birch
inland ore
harsh birch
harsh birch
odd sinewBOT
#

Gave +1 Rep to @inland ore (current: #3550 - 1)

inland ore
young plume
#

Hii guys I want to learn free el ethical hacking h from basic , anyone have idea Abt free alternative. ?? Plz DM and reply me..

hollow wyvern
#

Hello, could someone help me with aireplay-ng and airodump-ng?
Here is my command with airmon-ng:
airmon-ng -b a wlan0
Then when I select a channel with airodump:
airodump-ng -c 1 --bssid XX:XX:XX:XX:XX:XX wlan0mon
Problem: as soon as I fix the channel, my card automatically switches back to 2.4 GHz (I can see it with iwconfig), while the target is in 5 GHz.
Then, when I try a deauth attack with aireplay-ng or with reaver, nothing happens.
I specify that:
the interface is correctly in monitor mode
the target is on 5 GHz
but the channel selection seems to force it back to 2.4 GHz
If anyone has an idea

inland ore
#

Hey! I've been creating free educational content on cybersecurity topics, especially** Windows privilege escalation** these days. I make these for my own learning journey.

Saw the warning about self-promotion and don't want to violate any rules, so if anyone's interested I can DM the link. Just wanted to offer it as a learning resource!

And.... I'm using TryHackMe content and labs as well as guides from OffSec for most of my learning and videos.

image.png
idle robin
cyan perch
#

hello

weak basin
#

Hey people! I am looking to learn to work with various levels of safety, but currently I have one goal that I really want to work towards:

  • Learn to create programs that allow/disallow access to various targets (think of IP/hostname addresses, applications/programs already installed on the PC) and create various conditions to allow this.

Key features:

  1. Ability to give or remove access to a user/device on those various levels,
  2. Give or remove the access based on various context (timezone, tasks completed, privileges that the user has)
  3. Make it very hard to remove/overcome that access. Not something that you could essentially restart the pc/turn off the program and now the access is reclaimed. Instead, it could only be overcome with a specific password/set of passwords or only after a certain timeframe.

I have this idea specifically to try and create such a tool for ppl like me who are having a hard time controlling themselves in terms of entertainment (video games, youtube, netflix and all). The key component is removal/taking away the access so that the person has to do something else and can't overcome it (I know that absolute inability to overcome this obstacle probably doesn't exist, cuz you can always reinstall OS or replace PC parts, but you get the idea)

#

So, if any of you would have any ideas on what these topics are specifically, what materials I could look into to start learning such things, it would be great.

Example of such tools would be app called "Freedom". I have no idea how they have created it, and how I could do it myself (something similar, but over time potentially more sophisticated and more suited for various contexts).

modern root
#

Hello guys, I built a small Chrome/Edge extension to help SOC analysts and threat hunters save time during IOCs lookup.
With one click on the extension, it automatically extracts IP addresses, domains, emails, and file hashes from current webpage and lets you analyze them instantly through api calls or using external TI platforms.

If you are dealing with a huge amount of IOCs, I believe this will help you from copy-pasting and multiple tabs headache :).
https://github.com/AnisseHounaoui/IOChaser

GitHub
GitHub - AnisseHounaoui/IOChaser: Browser extension that makes IOC ...

Browser extension that makes IOC lookups faster than you ever seen. - AnisseHounaoui/IOChaser

fallow birch
fallow birch
tough kindle
small path
tacit harness
jagged ice
#

I am trying to figure out how to engage my team on thm. Unfortunately the help page is not really helping much. To you experienced team members or team creators out there how did you do it

frail ingot
#

90-Day Cybersecurity Study Plan

This repository contains a 90-day
cybersecurity study plan with daily
tasks and learning resources...

https://github.com/farhanashrafdev/90DaysOfCyberSecurity?tab=readme-ov-file#introduction

GitHub
GitHub - farhanashrafdev/90DaysOfCyberSecurity: This repository con...

This repository contains a 90-day cybersecurity study plan, along with resources and materials for learning various cybersecurity concepts and technologies. The plan is organized into daily tasks, ...

young plume
odd sinewBOT
#

Gave +1 Rep to @frail ingot (current: #3585 - 1)

raven thunder
bold fractalBOT
worldly stone
#

Hello guys ! If I buy SEC1, can I take the test whenever I want?

teal breach
visual tapir
tough kindle
#

Please verify your account and interact with the community more before advertising.

swift tangle
#

I just bought the sec1 certification which said it is 40%off but when I buy it, it is just $126. I really don’t know why that happened to me and I am a premium user.

#

Can some one tell this situation to THM team members for me please ?

#

@bold fractal

umbral topaz
#

Hello everyone,

I have a $10 Swag Voucher left. I hope it is allowed to share. Feel free to use it:

kuwctj-79o2gr-gpyp8h-h5al4g

storm abyss
#

Hello,
I'm really new to all this and was looking at the free training course first on THM website. Why there's some links, when I open, says "This is a private room". Why it is private? Can I get access?
For example - Intro to Offensive Security.

amber spruce
# storm abyss Hello, I'm really new to all this and was looking at the free training course f...

Private rooms are generally "retired" and not accessible but by the owner/staff (or "in progress" if it's a new room soon to be deployed).
But the room you mention can be found at https://tryhackme.com/room/offensivesecurityintrokK
Maybe it's a newer version of the link you have.

TryHackMe
Offensive Security Intro

Hack your first website (legally in a safe environment) and experience an ethical hacker's job.

storm abyss
#

@amber spruce Thanks buddy! The one you shared is helpful.

odd sinewBOT
#

Gave +1 Rep to @amber spruce (current: #304 - 33)

pallid niche
#

do someone have a swag voucher giving away

teal breach
nova loom
#

Any good resources people recommend for getting fundamentals of web dev down?

surreal elk
#

https://youtu.be/y0bO0Y0Xqns?si=1D2p6uHUHpn8NKw3

YouTube
Gamuchirai
OWASP Top 10 2025: Application Design Flaws on @RealTryHackMe

In this video, I cover the OWASP Top 10 2025: Application Design Flaws room on TryHackMe.

This room focuses on security issues that originate from poor design, configuration, and architectural decisions, rather than simple coding mistakes. These flaws are often built into systems early and can have serious real-world impact if left unaddressed....

β–Ά Play video
idle robin
void trout
#

Hello guys do you know any websites to view written triaging alerts? thx

inland ore
fathom grove
#

Please suggest any recommended edits

rancid narwhal
odd sinewBOT
#

Gave +1 Rep to @fathom grove (current: #3615 - 1)

stuck abyss
amber spruce
#

thus the use of the word generally, I suspected there could be another obscure or rare explanation and wanted to focus on providing help in this case. ty for the clarification.

north stag
odd sinewBOT
#

Gave +1 Rep to @fathom grove (current: #2342 - 2)

raven thunder
jovial pagoda
#

hello all, do yall know what room or challenge to practice AD pentesting other than Compromising Active Directory room? really need it for exam prep

onyx prairie
jaunty zenith
idle robin
fervent grove
#

Anyone got any good web app resources?

simple creek
hexed sable
#

Anyone know some good papers on LLM and AI security ? πŸ™‚

keen slate
#

.

inland plank
flint geyser
wild steeple
storm bane
icy ledge
#

Anybody got a good template for writing up investigation reports? been struggling to know with what to put/format into a report

jade shell
icy ledge
jade shell
# icy ledge incident response pls πŸ™‚

`Time of activity:

List of Affected Entities:

Reason for Classifying as True Positive:

Reason for Escalating the Alert:

Recommended Remediation Actions:

List of Attack Indicators: `

#

This is from THM SOC sim πŸ™‚

icy ledge
#

Ah thank you so much! I have not checked out the THM SOC sim yet but this is very helpful

tough kindle
tropic basin
#

Hey everyone, I made a video explaining how Nmap works (host discovery, port scanning, SYN scans, service detection, NSE, etc.).

It’s meant to be a beginner-to-intermediate guide for anyone new to Nmap.

Would really appreciate your feedback.

https://youtu.be/tnKJZ1VsdqI

YouTube
HackWithDD
Nmap Explained | The ONLY Guide You Need in 2026

In this video, I explain how Nmap actually works and how hackers use it to scan networks, discover hosts, detect services, identify operating systems, and automate enumeration using the Nmap Scripting Engine (NSE).

We go from basic network scanning concepts to powerful NSE scripts, helping you understand how Nmap performs scans at the packet le...

β–Ά Play video
drowsy ocean
#

Hi, anyone got some web to check sender mail reputation?

amber spruce
# drowsy ocean Hi, anyone got some web to check sender mail reputation?

DKIM Record Checker β†’ https://dmarcian.com/dkim-inspector
DKIM Record Validator β†’ https://dmarcian.com/dkim-validator
TO CHECK DMARK RECORD of a domain β†’ https://dmarcian.com/dmarc-inspector
Domain Health Checker β†’ https://dmarcian.com/domain-checker
Reputation check on email addresses (account required iirc) β†’ https://emailrep.io
Also maybe https://talosintelligence.com/reputation_center

dmarcian
mangrove-team
DKIM Inspector - dmarcian

Utilize dmarcian's DKIM Inspector to see if the public part of your DKIM signature has been implemented correctly in the DNS of your domain.

dmarcian
mangrove-team
DKIM Validator - dmarcian

Utilize dmarcian's DKIM Validator diagnostic tool to validate the content of DKIM records, and learn why that is important.

dmarcian
mangrove-team
DMARC Inspector - dmarcian

dmarcian's DMARC Record Checker allows you to view the DMARC record of any domain and test if the TXT record is valid and published correctly.

dmarcian
mangrove-team
DMARC Domain Checker - dmarcian

Use dmarcian's DMARC Domain Checker to find out if an email domain is protected against phishing, spoofing or fraud.

Simple Email Reputation

Illuminate the reputation behind an email address.

drowsy ocean
odd sinewBOT
#

Gave +1 Rep to @amber spruce (current: #304 - 34)

nocturne flame
#

Hello

urban ridge
#

So as curious for yall...is there any github relating to cyber security projects would love to check it out!

untold patrol
untold patrol
subtle cosmos
#

Hi guys! Not sure, if this is the right channel, but maybe it helps any of you. Happy to receive feedback:

Built a CLI tool that might be useful for anyone doing SOC Level 1 or DFIR rooms β€” especially anything involving VirusTotal lookups (Invite Only, MrPhisher, that kind of room).
vex-ioc β€” VirusTotal IOC enrichment from the terminal.
Instead of opening VirusTotal in the browser and pasting hashes manually:

vex triage 44d88612fea8a8f36de82e1278abb02f
vex investigate evil-domain.com -o rich```

Auto-detects IOC type, handles defanged formats, two modes (fast triage vs. deep investigation), MITRE ATT&CK mapping from sandbox results, STIX 2.1 export, SQLite cache. Works with a free VT API key.
Useful for rooms where you're working through a list of IOCs and don't want to context-switch to the browser every 30 seconds.
GitHub + install instructions: https://github.com/duathron/vex
PyPI: https://pypi.org/project/vex-ioc/
tough kindle
untold patrol
topaz cave
#

Anybody got a good resource for cloud security projects/mentors?

tawny mesa
#

i want to start cybersecurity but my tutor is charging 58k which i cannot afford can anyone hele me to learn it with free resourses

inland plank
#

Youtube

shy geyser
#

Hey, I just put together a full walkthrough on exploiting OWASP Juice Shop β€” covers getting into the admin account and manipulating the payment system with Burp Suite. Thought it might help anyone trying to learn web exploitation. youtube.com/watch?v=TCU8e5z9ghE

shut ferry
shy geyser
#

Appreciate that man 😎

#

I’ve been wanting to do more long form videos so I’ll do more in the future

crystal sail
#

Hey everyone, can anyone help me with notes of cyber security 101 rooms , I am not very good at making notes , so was just hoping if there is any resource that could help

hallow sun
#

hi, I was looking for ADWS libraries in c++ but found nothing, so I created it myself by reimplementing the protocol stack, if any of you is interested:
https://github.com/ZakiPedio/BridgeHead

Description:
BridgeHead is a C++20 static library implementing the full Active Directory Web Services (ADWS) protocol stack directly over TCP. Named after the AD bridgehead server, the gateway through which directory traffic flows, it gives your C++ code the same low-level access to port 9389 that PowerShell's Get-ADUser and Get-ADComputer use under the hood.

(this should theoretically works on Linux but I never tested it and I saw that the GitHub tests failed, if this project get a bit of interest I can adjust it)
let me know if this can be any useful for any of you or any comment on it

GitHub
GitHub - ZakiPedio/BridgeHead: Native C++ access to Active Director...

Native C++ access to Active Directory over ADWS, no .NET, no WCF, no HTTP stack. - ZakiPedio/BridgeHead

kind mason
#

Just released pentest-ai, Claude Code subagents for offensive security work.

Install: copy 6 files to ~/.claude/agents/
What it does: Claude auto-routes to specialist agents for recon analysis, AD attack methodology, detection rules, STIG compliance, and report writing.

Every technique maps to ATT&CK, and the exploit guide gives you the defensive perspective too.

Free: https://github.com/0xSteph/pentest-ai

Check the example outputs to see if it's useful for your workflow.

wooden garnet
#

😫

glad gulch
unreal forum
#

Hello Everyone πŸ‘‹

I’ve just published a new blog post on Chisel HTTP Tunneling & Pivoting as part of the NetPivot-X project.

While this topic may seem straightforward at first, it often becomes challengingβ€”especially for beginners. In this article, I’ve broken it down into clear, practical concepts that you can confidently apply during labs or actual engagements.

Read it here:
https://teamsimple.net/blogs/chisel-http-tunneling-pivoting

If you find it valuable, feel free to drop a ❀️ and share your thoughts or questionsβ€”your feedback is always appreciated.

Chisel HTTP Tunneling & Pivoting

Chisel is a lightweight tunneling tool that wraps TCP/UDP traffic in HTTP, enabling stealthy communication over ports 80/443. It uses a simple client/server model with no SSH required. Ideal for restricted environments, it supports reverse tunnels and SOCKS5 proxies for pivoting and accessing internal networks.

brazen pewter
#

are here people who write their own tools?

brazen pewter
#

some tool which log and help to write a report?

#

I know there some for bug bounty

#

your tool looks impressive

cold pagoda
#

Anyone knew best 5ghz supportive wifi adapter for injection

vagrant lion
rugged merlin
#

does anyone have the published a list of the 100,000 most common passwords i need it

chrome jewel
scarlet topazBOT
#

Done!

#

Done!

pine summit
#

Thanks πŸ‘

onyx jacinth
#

hello is there any free resources for the cybesecurity beginners i appriciate for the help

sour wave
#

Can i clone this form my terminal?

inland plank
#

yup use git clone

wet yoke
hollow anvil
#

Hey I'm a newbie in Cybersecurity and I'm eager to learn from others who had experienced with this.

How can I learn or what are the things I need to learn? And the resources if it's possible?

nova current
scarlet topazBOT
#

Done!

#

Done!

mortal ibex
#

hello i am new here give me guid pls

soft forge
gusty mountain
#

Wrote a short blog post about turning Nmap XML into an interactive HTML report for scan triage:
https://mΓΆbius.band/blog/nmapview/

It covers the workflow, why I used XSLT, and where the browser-based approach starts to hit limits.

lost agate
odd sinewBOT
#

Gave +1 Rep to @gusty mountain (current: #3709 - 1)

lost agate
#

CIA & DAD triad, for those unfamiliar.

pentester.jpg
lone dragon
#

Can someone recommend me:

AI tools used in ethical hacking / pentesting

Any good workflows combining AI with cybersecurity tools

lost agate
scarlet topazBOT
#

Done!

tribal solstice
#

Hello guys
I have a question...
I'm very interested in cyber security especially pen testing but I don't know where to start learning... Is the tryhackme pre security path good for a solid start or i should look somewhere else?

lost agate
tribal solstice
odd sinewBOT
#

Gave +1 Rep to @lost agate (current: #1101 - 6)

haughty rover
#

Hey everyone πŸ‘‹ I got tired of trying to remember steghide, zsteg, and binwalk syntax during boxes, so I built an open-source tool to automate the whole stego process.

It's called StegoForge. I compiled it into standalone executables, so you don't even need to mess with your Python environment. You just run it.

The best feature for CTFs is the auto-extractor:
stegoforge ctf --file target.wav
It automatically runs RS analysis, Chi-square, offline HuggingFace ML models, and AES brute-forcing to blindly extract hidden payloads from images, audio, and MP4s. It also generates visual diff heatmaps of the manipulated pixels.

Fully FOSS (MIT). Would love to hear what the THM community thinks or if you end up using it on a room!
Repo: https://github.com/Nour833/StegoForge

frosty olive
modern root
#

Hello guys, I built a Chrome/Edge extension to help SOC analysts and threat hunters and IR save time during IOCs lookup and investigation.
With one click on the extension, it automatically extracts IP addresses, domains, emails, and file hashes from current webpage and lets you analyze them instantly using external TI platforms.

If you are dealing with a huge amount of IOCs, I believe this will help you avoid the repetitive workflow :).
I hope its helpful
https://github.com/AnisseHounaoui/IOChaser

GitHub
GitHub - AnisseHounaoui/IOChaser: Browser extension that makes IOC ...

Browser extension that makes IOC lookups faster than you ever seen. - AnisseHounaoui/IOChaser

manic furnace
#

performing recon

lunar matrix
# 
+ idor-hunter  Β·  Python, MIT

Automated IDOR hunting β€” sends every request as User A, User B, and unauthenticated, compares responses, and flags broken access controls.

Detects horizontal privilege escalation, missing auth middleware, and write-without-read gaps. YAML-configured. Outputs an HTML report, JSON findings, and CSV probe log. For authorized use only (bug bounties, CTFs, own systems).

Repo: https://github.com/11lunaric11/idor-hunter

Questions/feedback welcome via DM!

drifting ermine
#

hey ! im searching for internship in india for cybersecurity . can u help me ?

vale otter
#

does someone where i can find promotion codes for tryhackme payment?

snow lynx
raw pine
#

hello. can i get a few suggestions about coursework to start a career in cyber security?

old shuttle
#

U need the cyber security road map

raw pine
#

please can u help me with that

brave breach
#

Hey, if i start learning to code through roblox studio do yall think it would help me to learn proper coding?

raw pine
#

I know python and basics of linux

#

and currently enrolled in google cybersecurity cert.

#

is there anything else

odd cypress
#

Hello Community,

Built a CVE prioritization platform https://cve.integrate.com.mo/ or whatever you named it, this is not a "Yet another CVE database" kind of style, it do the following in a shot, just submit a CVE number or a Tenable Plugin ID and it will do the heavy work for you.

β€’ Turn scanner findings into practical exploitability decisions
β€’ Tell users which findings actually matter
β€’ Cut through CVSS noise
β€’ Explain severity downgrade/upgrade reason, attack path, friction, compensating controls, and real-world relevance

Hope you like it and let me know your comment!

fast crag
raw pine
#

thanks

raven kettle
#

Hey folks πŸ‘‹ Built a little browser game over the last few months β€” Cyber Defense. You defend against real ransomware groups (LockBit, BlackCat, Cl0p, etc.) using actual TTPs from open-source threat intel (shoutout to ransomware.live).
Free, no signup needed, runs in browser: https://darklayer.ai
Mostly looking for honest feedback β€” what's confusing, what's boring, what breaks. Made by one person (me, 20+ years in security, tired of dry training material πŸ˜…). Roast it if you want.

#

share some top score results lol

narrow canyon
#

Hey everyone. I put together a small Windows auditing tool in Python after finishing the Cyber 101 path. It's meant to help identify suspicious processes and network connections. I had to look up a lot of the process iteration logic on Google to make it work, but it’s been a great learning project. If you're looking for a simple script to see how psutil works with networking, feel free to check it out. Link is here: https://github.com/Oliver-Sec/System-Auditor

raven kettle
#

anyone had time to test it?

deep trout
#

i made a free binary analysis framework thats running 100% in your browser. No ads, no signup, no bullshit, 100% free! just a cool tool for static analysis. check it out if you looking for something like that:

https://aethersec.de/crypteia/

feedback is very welcome

amber spruce
crude glen
modern root
inland plank
#

hey guys, how did y’all learn Flask/InfluxDB/Grafana ?

normal folio
#

Hey everyone, I built a free open-source tool that might be useful for your home lab or CTF setup.
PCYBOX Orbis : real-time network traffic visualizer with anomaly detection

It shows every connection your machine makes as a live graph, and flags:

  • Beaconing behavior
  • Suspicious processes (cmd.exe, certutil, powershell making outbound calls...)
  • Connections to known bad ports (4444, 9050, 1337...)
  • New devices appearing on your LAN

GitHub: https://github.com/Mister-iks/pcybox-orbis

Would love feedback from people in the security space.

worn berry
#

Yo! I'm on the hunt for some solid Bug Bounty learning resourcesβ€”both videos and websites. What are the 'gold mines' you guys would recommend for someone starting out? Appreciate the help!

lost agate
fast crag
#

Btw, will there ever be a version for firefox?

tough kindle
fast crag
odd sinewBOT
#

Gave +1 Rep to @tough kindle (current: #20 - 541)

inland plank
#

can it be integrated in a google sheets request to display the creation date in a cell for example ?

tough kindle
inland plank
#

I mean when it displays a room info, is it inside the extension or is there an url that i can use ?

rain lake
#

Hi, buddies.
Im hear for your help.
I've seen that almost all the phone servicing shops can unlock any phone they want.
I wanna know how. Cuz im trying to learn it. And i can't rest until I've learned it.

pseudo elk
#

Hey guys im not sure if its the right place to post it and if admins will aprove it ,
but i created a Write up tool with some nice features inside. currently im posting THM Writeups over there , each account can create his own writeups and share it with non user friends.

Its very friendly to Newbies , Jr's , builtin commands and shortcuts.

https://D3cSec.net

Send me DM with your request to get approved.

tough kindle
tough kindle
uneven kayak
#

Any sites to practice reverse eng

inland plank
#

crackmes

visual tapir
sly python
deep trout
shell scaffoldBOT
#

@woeful wharf Please slow down. Further spam will result in a short timeout.

#

@woeful wharf Please slow down. Further spam will result in a short timeout.

visual tapir
teal hollow
#

hello

white marsh
#

Hello, Everyone, I'm creating this advanced SQLProbe injection scanner with WAF detection, auto-parameters, headers/cookies testing, and 87+ payloads for modern websites.

This GitHub Resource Link: https://github.com/Shreyaskalyani/SQLProbe.git

And This is an AI-powered XSS vulnerability scanner with a multi-agent architecture. Detects reflected, stored, and DOM-based XSS vulnerabilities.

This GitHub Link: https://github.com/Shreyaskalyani/XSS-Hunter.git

GitHub
GitHub - Shreyaskalyani/SQLProbe: Advanced SQL injection scanner wi...

Advanced SQL injection scanner with WAF detection, auto-parameters, headers/cookies testing, and 87+ payloads for modern websites. - Shreyaskalyani/SQLProbe

GitHub
GitHub - Shreyaskalyani/XSS-Hunter: AI-powered XSS vulnerability sc...

AI-powered XSS vulnerability scanner with multi-agent architecture. Detects reflected, stored, and DOM-based XSS vulnerabilities. - Shreyaskalyani/XSS-Hunter

lament cloud
#

Built VoidAccess, free open source dark web OSINT platform. you put in a query, it runs a 13-step automated pipeline over Tor and returns a full threat intelligence report. extracts IOCs, maps relationships between entities, exports STIX/MISP/Sigma. good for anyone learning threat intel methodology β€” TCM Security's OSINT approach is basically the backbone of how the investigation flow works.

https://github.com/KatrielMoses/voidaccess.git

snow lynx
#

Anyone here use Microsoft Copilot?

If so, you probably share my frustration with Microsoft. They still don't have an option to bulk delete chats!! Well, I got so fed up with it, that I built my own browser extension. It works like a dream. You can select what chats you want to delete, and then bulk delete them at three different speeds, with a pause and a retry option. You can get it on Chrome here: https://chromewebstore.google.com/detail/copilot-chat-batch-delete/ndhlafbieanmkgipgihhpgoelgnhmide

It has no reviews yet because it is brand new, FYI. Hope it helps you turbocharge your workflow!
It's 100% free.
Upvote if helpful

Copilot Chat Batch Delete Helper - Chrome Web Store

Privacy-first batch cleanup for Microsoft Copilot chats using Copilot's own visible delete UI.

kindred sequoia
rose dagger
meager crest
#

Anyone have any information/advice about cryptography and whether cryptographers are at risk of being taken over by ai

lament cloud
#

built a free email OSINT tool, checks 800+ platforms, breach exposure,
infostealer logs, and maps an identity graph showing why each hit is
high confidence (not just a raw dump of results)

tested on my own email β†’ 39 accounts found in ~60 seconds, no API keys needed

pip install mailaccess

github: https://github.com/KatrielMoses/MailAccess

lmk if you try it πŸ‘€

willow stump
inland plank
azure pier
#

Hi, is the correct channel to ask about malware analysis and homelab setup?

untold patrol
delicate sparrow
#

Hi everyone, I’ve started publishing cybersecurity blogs and CTF write-ups on Medium focused on web security, PortSwigger labs, tryhackme labs, hackthebox, huntress labs, authentication vulnerabilities, and practical learning content.

I’ll be consistently posting new write-ups and learning resources. Feel free to follow and support the journey!

Read stories from Inconsistent on Medium: https://medium.com/@buggyboy

deft coral
static totem
shut ferry
#

nice

forest pecan
#

Ohh, this is cool πŸ˜ƒ

deft coral
#

BEST PRACTICE FOR BOF

graceful estuary
#

Don't suppose anyone has any resources on OSINT? πŸ˜ƒ

static totem
deft coral
#

EVERYTHING YOU EVER NEED TO LEARN IS ALL IN HERE.

forest pecan
#

Ohhh, thats awesome

deft coral
#

just bought some materials for OSWP, fuck installing the drivers is the hard part πŸ˜‚

low ermine
#

what exactly do you have to set up? :p

deft coral
#

for conducting attacks

#

like WPA Disturbtion and stuff

left tiger
#

https://gchq.github.io/CyberChef/ This website has some useful tools can even analyze hashes however it can't identify some more complex hashes

CyberChef

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

mild lily
ebon valve
cobalt adder
#

xd good resource

cobalt adder
static totem
whole grove
#

I read that

#

It was a great article

static totem
#

Oh thanks πŸ˜ƒ

civic zodiac
uneven reef
#

good Job ...keep it upp

modern bough
#

Great work.

uneven reef
craggy wyvern
#

Working RCE PoC

forest pecan
#

What's that for?

craggy wyvern
#

RDP

#

RCE

forest pecan
#

Oh BlueKeep

craggy wyvern
#

Tested it out works but just need to add your own payload in code which is in python.

forest pecan
#

You could make a room on it?

#

Enter it for the competition

craggy wyvern
#

Well, the actual code itself is not public just yet. Still waiting for more people to patch.

gusty marsh
silk crane
white pivot
forest pecan
#

^ Pretty cool

white pivot
#

@forest pecan Really?

forest pecan
#

yh

white pivot
#

Thank you very much

#

Btw Skidy, can you tell me what else should I add?

low ingot
#

@white pivot, good naming convention Haha

white pivot
#

Ah, since I always want to have someone like Alfred, I named it after him.

#

Let me know your feedback, though.

cold salmon
#

Alfred, you aren't worth a penny.

#

Sorry, I had to say it. Don't hit me xd

white pivot
#

? @cold salmon

cold salmon
#

Alfred Pennyworth

white pivot
#

I know, I thought you're saying the toolkit doesn't worth a penny.

cold salmon
#

Nah nah

#

It was a joke

white pivot
#

Oh.

#

You seems like a Batman fan, cool.

whole grove
#

@white pivot batman sucks πŸ˜›

white pivot
#

Are you judging him on the basis of live action appearances?

ebon valve
#

@whole grove that's fine, you can be wrong ;P

whole grove
#

Lol I was just trying to provoke robin πŸ˜›

white pivot
#

@whole grove It's not that easy. :p

ebon valve
ebon valve
shut ferry
#

@forest pecan Do we have a high res of the THM logo?

#

have a bunch of stickers i'll be printing soon

forest pecan
#

Heya, what for sorry?

shut ferry
#

Making a sticker for my laptop lol

#

so I can print it

forest pecan
#

Oh right aha

shut ferry
#

A decent res that I can vectorize is fine

#

preferably 512x512 or larger

forest pecan
#

We have TryhackMe stickers

#

Might send some randomally out

#

Hm

shut ferry
#

issue is stuff are expensive when converting it to my currency

#

like $4 for 5 stickers (for example) is just a 'ripoff' as I can print the same stickers but for $3 for 20 for example

#

well when using Liras

forest pecan
#

Yeah annoying tbh

shut ferry
#

disadvantages of a stagnating economy

#

sadly

#

I dontn see a store/swagshop in the site tho

forest pecan
#

We don't do swag/store

#

I'd send you some

#

Whats your profile on TryHackMe?

shut ferry
#

Arszilla

#

one sec

forest pecan
#

If you'd have more completed I'd have sent some for free

#

Something to work up to I guess?

shut ferry
#

i mean I am busy with a few finals. I'll be working on some rooms and writeups that'll be done later this week

#

like I am still waiting to publish my OhSINT

#

but again; self printing the stickers is the most beneficial thing for me as I'll set custom sizes and such when i'll print em

#

like the Ataturk signature will be larger than the rest and maybe Kali will be larger than the rest but smaller than Ataturk

#

you get the point :P

forest pecan
#

Okay awesome πŸ˜ƒ

ebon valve
#

@forest pecan wanna send me that shirt and sticker(s)? ;P

whole grove
#

And since everyone is trying their luck. Let me also ask you; wanna send me that shirt and stickers πŸ˜›

low ingot
#

The THM sticker is cool! As is the tshirt

white pivot
#

I want a sticker too 😭

shut ferry
#

Me too, mind sending me a shirt and some stickers

#

come on no whammies

south frigate
#

here as well πŸ˜… send some swag stuff please

ebon valve
#

Lmao I'm definitely in trouble for this

south frigate
#

haha just share the design would be ok lol

ebon valve
#

I'll harass Skidy to let me set up a Designed By Humans storefront

shut ferry
#

@ebon valve shhhh don't worry about skidy just promise everyone that he'll give shirts and stickers

#

Lol

ebon valve
#

Haha I'm going to be in such a heap of trouble for that

white pivot
#

Good luck

molten kayak
#

@shut ferry how do you print stickers?

shut ferry
#

@molten kayak printing houses

#

My classmate is a creative director at a marketing firm/digital printing service

#

He’ll print em for me and do the inner cuts etc

molten kayak
#

damn

shut ferry
#

I already made em die-cut, just need printing and inner cuts

#

There are websites like Stickermule locally as well but they require bulk orders/quantities

#

Whereas I only need 1 or so

#

So its just easier and way cheaper for me to print what I need

molten kayak
#

@forest pecan THM stickers?? πŸ‘€ πŸ‘€

#

I think I got a local shop next to my house that has printers and like sells books and stuff.

#

ill ask there if they can print me some

#

but how can I give them the pictures

white pivot
#

So @shut ferry you can have Defcon Stickers for cheap?

shut ferry
#

I mean if I can get a good picture of em and import em to Illustrator, why not

#

Or the mozilla sticker

white pivot
#

Man, I need some stickers for my laptop, cheap ones are like $3-5 but import charges are like $25 and that too for a little sticker.

shut ferry
#

25 bucks for a sticker

#

What reality is this

shut ferry
#

@shut ferry thats called living in developing countries sadly

#

Or underdeveloped

glad oyster
#

can anyone suggest any resources/books/websites etc for learning x86 assembly?

white pivot
#

Honestly, there is no straightforward way to learn it. You have to pick a lot of resources like course materials from universities website and in my opinion PMA would be helpful or you can try x86 room.

low ermine
#

@glad oyster did you checkout the x86 room?

glad oyster
#

Yeah, I've done that room, a good tool but looking for even more now :D

shut ferry
#

Mess with C and objdump @glad oyster

#

Or gcc -S

#

Honestly once you know the basics of how asm works

#

You can just google any instructions you find and don't know

glad oyster
#

That's basically what I've been doing so far - also reading "The Art Of Exploitation" which is giving me a decent knowledge of assembly.

#

I'm just struggling with the radare2 room just now and want to know more about assembly

shut ferry
#

Do you need any help?

glad oyster
#

Well I'm on the final exam part and just can't seem to work it out. Doesn't help that I cant execute the binaries on osx :((

shut ferry
#

Use a linux vm then?

glad oyster
#

Good shout. but currently on holiday in the middle of no where with no linuxs boxes downloaded

shut ferry
#

Ah

low ermine
#

@glad oyster this book is supposed to be good: Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation

ebon valve
regal torrent
#

outdated but relevant techniques

shut ferry
#

Boi for a sec I thought you were posting the bdsm test lmao

regal torrent
#

HAHAHAHAAHAH

agile abyss
junior dagger
#

anyone got a good source for some of the more exotic encoding methods?

regal torrent
#

wdym

#

exotic?

shut ferry
#

Yume is our resident cryptologist

regal torrent
#

nah nah

junior dagger
#

as in, non- xor, baseX, utf-16, hex, binary, morse, braille.... but more like stuff that unless you been doing CTFs for a while you probably havent seen... e.g. moo

regal torrent
#

moo cipher?

#

o

#

those ciphers

#

just check cyberchef

junior dagger
#

well moo isnt really an encoding, it more an obscure programming language

regal torrent
#

yeah realised that

#

this ones a good list

#

you may encounter some of these at some point

junior dagger
#

yea i dont think the 2 two im looking at are in cyberchef, but if they were I wouldnt even know it because i cant identify what im looking at

regal torrent
#

mind giving it to me?

#

might be able to uhh identify

junior dagger
#

ill dm you

#

1 sec

#

yea thats kinda what i was looking for, im familiar with most of those on that list but there are a few i havent heard of

regal torrent
#

oh good to hear that's what you're looking for πŸ˜„

shut ferry
#

Good @regal torrent

regal torrent
white pivot
#

Esoteric Programming is different from cryptography.

south frigate
#

can some explain command with strings -e l (is that mean encoding character to print)

tender river
#

yup it encodes character

south frigate
#

alright thank mans

#

when will the emotet blog part 2 release haha

tender river
#

hahhaha well something better is there

whole grove
#

yeah the new post is really really amazing πŸ˜‰

tender river
#

πŸ˜‚

#

i didnt meant it

#

its yet to be released mr.sarcastic

#

πŸ˜‚

whole grove
#

oh damn.... I thought you are referring to that post 😝

tender river
#

πŸ˜‚

#

anyway there is nothing like stealing others credit .....πŸ˜‚

#

@regal torrent and me waiting for ur forensics room

whole grove
#

what which forensics room?

#

btw what happened to your SQLi room?

tender river
#

its still pending

#

once its uploaded to server its loosing half of the vulnerability , due to WAF

whole grove
#

oh

#

that's bad

#

why don't you make a volatility room until then

#

I really want to get my hands dirty with some more mem dumps

tender river
#

once i am done with my Angr script

muted owl
#

Angr wot

tender river
#

its an utility in python

regal torrent
#

oooo

#

pretty solid

tender river
#

what?