Thanks Man!
#resources
spare oar
Meanwhile just downloaded the book you shared!
spare oar
Yeah!
Got it will look into it in a while!
Meanwhile taking notes is easy!
I always have a bunch of A4 papers on my table along with some pens and pencils@!
gritty barn
yeah, need to start doing that 😄
gritty barn
yeah, how to git gud at note taking
spare oar
@gritty barn join GENERAL - Voice Channel!
spare oar
Well i guess i have plenty of Repos on my github too 😛 (PRIVATE) all notes LOL
white pivot
I depends on my brain lol
midnight shale
spare oar
@gritty barn just read the Web Application Section of the book. Seems good to me!
gritty barn
Wait a sec. I'm supposed to work from home @spare oar
odd quest
@gritty barn you have to fill out so much!
odd quest
Firefox send
gritty barn
doing it now
odd quest
You know, you shouldn't technically share it but it'd be a shame if you dropped it into my DMs with a firefox send link.
spare oar
Yeah it's around 75mb!
spare oar
@gritty barn share the link with me as well!
gritty barn
damn it i just made it download once
spare oar
AHAHAH
spare oar
My internet speed is 512kb/s ATM lol
gritty barn
OP
spare oar
I can't even think about uploading anything neither downloading anything xD
gritty barn
my upload failed successfully
spare oar
Damnnn!
gritty barn
yeah, I should pause my torrents
odd quest
Is there a wordlist from the linkedin breach?
spare oar
@odd quest i had it - let me see if i can find it - if so i will share!
storm ether
@odd quest the LinkedIn leak was entirely hashed data
I can get it for you if you want but it’s pretty useless
odd quest
Un salted
wraith mason
for those interested in security ... free training http://opensecuritytraining.info/Training.html
fresh pasture
odd quest
spare oar
This paper is important!
storm ether
^^
white pivot
Yesterday I was teaching a guy how to do ret2libc attack should have made a YouTube video and posted it
storm ether
frolic on htb does that
white pivot
You did it? @storm ether
storm ether
I'm not a complete degen when it comes to bin exp. I just don't remember much so every time I have to relearn it
ebon valve
spare oar
Loved this SANS DFIR Webcast
gritty barn
From Discover on Google https://udemycoupons.me/comptia-cysa-udemy-coupon-free/
Just got it myself. There's a button at the end saying enroll now
merry hatch
wrong chat
spare oar
Found some EBOOKS and VIDEOS for InfoSec! Hoping it would help someone!
https://drive.google.com/drive/folders/1cjjrILQd0eFkfgX0EU__1uqkd0Q9KaEW
river gate
Does anyone have any recourse for investigating windows system
spare oar
Cool Stuff!
tribal walrus
gritty barn
spare oar
@gritty barn no hell no pleaseee! for god sake! That course is going to ruin ppl lives!
gritty barn
^ agreed. it's a good source of fun @spare oar
spare oar
HAHAHAHA let's see what others have to say about this course 😄
gritty barn
+1
ivory nebula
I...
Literally signed up for the course, and I hear sirens in the distance.
OH NOES BOIZ they comin for me
spare oar
@ivory nebula 🤣
white pivot
@ivory nebula TTL the home.
ebon valve
gritty schooner
forest pecan
There using Twitter as c2
From image metadata
That was interesting, I'll take a look at the discord one too
storm ether
For those who aren't aware of this! It's a must have in /usr/share/wordlists. https://github.com/danielmiessler/SecLists
sand schooner
white pivot
How about we pin some resources?
shut ferry
I feel like we should have a wiki, or a link-only channel
white pivot
A wiki, that's a nice idea to be honest.
@shut ferry Shoot it in #544951750801752079
shut ferry
goahead and repost it 4 me @white pivot :V
honest dock
faint escarp
visual wharf
So guy if you look in github for oscp there is many there like go-for-oscp or oscprepo
Etc
Is there any one repo well arranged ?
visual wharf
Cherrytree files : https://github.com/egonzalez90/cherrytree-files
Password protected
midnight shale
visual wharf
Anyone hv this ebook
Hands-On Application Penetration Testing with Burp Suite
Packt Hands-On Application Penetration Testing with Burp Suite
odd quest
past cape
please make a room for bug bounty practice skills
shut ferry
#room-ideas @past cape
storm ether
tribal walrus
SoonTm
odd quest
Do it @tribal walrus
tribal walrus
I've put far too much time into Hue security 
dreamy belfry
does someone have good resources for tunneling (i.e. hacking from an owned machine)?
dreamy belfry
thanks man!
storm ether
Pwn challenges from previous CTFs https://pastebin.com/EckPRWsg
ebon valve
tribal walrus
keen summit
shut ferry
:o
whole marsh
Notice
prisma crypt
dude awesome
topaz quartz
odd quest
https://nopresearcher.github.io/2020/01/23/OSCP-Like-Boxes.html This has binaries too
tribal walrus
little sapphire
can anyone suggest me a good resource for learning python?
little sapphire
no. i think i could write some simple script in javascript or bash
odd quest
Sololearn should be pretty good then
little sapphire
i've completed the old course from google and the w3 course, but there are only the basics (variables, strings, lists, etc...). Thanks for the advice @odd quest . i'll try that
odd quest
I quite liked sololearn for SQL, Python, JS, jQuery, CSS, Java, HTML
I did a bunch
It's free, don't bother signing up for the pro
Also available mobile
I'm not a shill, but my college was
little sapphire
now i look at that, i remember that i've used that to learn html and javascript
odd quest
If you do more JS, learn ES6
wet yoke
@little sapphire Any of the No Starch Python books; Automate the Boring Stuff or Python Crash course are very gentle intros and Black Hat Python and Gray Hat Python for pen testing. Violent Python is another excellent book, I've had it recommended to me by several OSCPs and pen testers in work. edx or coursera have good courses too
little sapphire
Perfect. Thanks a lot @wet yoke .i'll check those
wet yoke
Keep an eye out for a humble bundle from them soon :)
tepid patio
Automate the boring stuff is 100% free available online (not piracy, the author made it free) https://automatetheboringstuff.com/
wet yoke
Yep and the Linux Command Line book is free from its website
sturdy shell
oooh that's pretty cool!
shut ferry
whats updog?
tepid patio
brittle hedge
spare oar
If you are a fan of markdown - you will love Typora as i am personally using it as well and loving it so far!
sturdy shell
Woah that looks rad, thanks @spare oar!
spare oar
@sturdy shell ;)
gritty barn
brittle hedge
https://evasions.checkpoint.com/
If you are interested in how malware detects virtual environments
tribal walrus
Twitter
shut ferry
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
sturdy shell
Lil' handy tool for people who are new to Linux file perms - or just helpful in general tbh
heavy anchor
I made a repo of my favorite programs.
It contains mainly hacking tools.
hope u like it and share it :D
https://github.com/matesz44/favtools
heavy anchor
+++ :--> updated it
- little more tools that I realised I actually use
- more description, github table format for better appearance
- programming language for each tool
odd quest
pastel iris
bat, ripgrep, lsd, fd all good rust tools. check em out.
shut ferry
if anyone needs to break down regex expressions this is the site
Here is a sample of an regex Explanation on above mentioned site!!!
arctic mist
Sublime is a super nice text editor w/ Regex integration btw
spare oar
anyone having good resources/eBooks for DFIR do share the link (if PDF) share in private!
@arctic mist true!
patent knot
odd quest
Recommend me a network simulator that isn't Opnet
brittle hedge
Have you tried packet tracer?
odd quest
I should have said free...
brittle hedge
oh I get it for free with my uni
shut ferry
Cisco Packet tracer is free afaik
odd quest
I have to sign up in order to download it
fading matrix
Not sure if Autorecon is recommended for OSCP, anyone here actually use it?
keen summit
[Spanish] how use burpsuite | https://www.sniferl4bs.com/p/guia-de-uso-de-burpsuite.html?m=1
fading matrix
@odd quest here you go, follow link below or i could send the pdf, let me know. Its the first link in SANS resources page
shut ferry
My write-up for OverTheWire - Bandit
https://alexbilsland.com/overthewire-bandit/
lost pelican
mmh, no mention of why 32->33 works o; Without an explaination, isn't it just a cheat sheet?
shut ferry
Maybe got a bit impatient. Will add more detail on the later levels
lost pelican
right :3 The bandit series was pretty fun, though
shut ferry
I'm just starting out with Linux tbh. Just writing it up so it sticks in my head better. Full Windows shop at work so I'm trying to expand my skillset
lost pelican
Ever since you could deploy dotnet to linux I've been getting into it. It's a lot simpler than managing (micro)services on windows
shut ferry
I've been going wild with PowerShell for a while. Really interested in learning about Bash scripting
lost pelican
You're gonna hate not piping objects :p
sturdy shell
Oh PowerShell yeah ... the mind wanders ...
lost pelican
As long as it comes back to you.. :)
sturdy shell
You'd hope eventually right
lost pelican
Eventually could be a long time. You won't know for sure if it's ever coming back! O:
gritty barn
This is for y'all that are in US: https://cyber-fasttrack.org/
CTF with a chance of winning a grant
tribal walrus
Twitter
arctic mist
oh?
umbral whale
Hello
Is there any e-book you guys would recommend
It will be better if I can get it for free
lost pelican
How to Win Friends and Influence People
honest dock
The Subtle Art of Not Giving a F###: A Counterintuitive Approach to Living a Good Life
umbral whale
Are these books about hacking?
I was asking books that I can use to improve in cyber security
lost pelican
Mine is about social skills which is a precursor to social engineering
honest dock
same
if you need hacking
1 sec let me check my library
"Web Penetration Testing with Kali Linux" by Joseph Muniz
"CEH v10 Certified Ethical Hacker Study Guide" by Ric Messier
"Hacker's Handbook V2" by Dafydd Stuttard
umbral whale
Thanks
honest dock
Idk if you can get them for free, but all of them are available on amazon and other services
honest dock
yes
that's right
first one is really really good
started off with it and gained a lot of useful knowledge
honest dock
it's pretty useful still. good luck!
storm ether
Anyone got a compiled mimikatz available? cba to build it and the releases don't seem to like me
jolly mauve
Hello everybody- I am new and just joined two days ago. I started with the beginner path and am stuck on finding flag 5 using the Linux find command. Can someone give another hint? By the way i am loving the site and the challenge. Well done! Thank you...
storm ether
@jolly mauve head over to #room-hints and someone will try and assist you
jolly mauve
ok thanks
edgy heron
can i have lil assistance on CTF min challenge
lost pelican
not here. See the response in #thm-community-media to your previous question
spare oar
Burp Suite Free Training. Might help someone!
arctic mist
rumor has it someone is working on a burp room 👀
Port Swigger also has their training academy as well which is worth checking out
gritty barn
https://xmas.htsp.ro/home - Fun CTF
lost pelican
Difficulity level?
worn kelp
can you send the discord url of the CTF? I'm trying to enter but I only can open It in the browser
lost pelican
Cool. I'll probably try to participate :)
gritty barn
feel free to :P, upskilling yourself is always a good idea
especially in this dark times :c
odd quest
@worn kelp huh?
worn kelp
@gritty barn shows a CTF and they have a discord, but I can't enter
lost pelican
it only opens web-discord for me too.
gritty barn
same
lost pelican
I'm trying to sign in so I can get the room link
lost pelican
oh, wait, i might've misunderstood something. It's not an actual link to the room. Lets look in the website's source instead :p
gritty barn
this is the sauce
and this is a good reddit list - https://www.reddit.com/user/goretsky/m/security/new
lost pelican
nice
gritty barn
^^
odd quest
lost pelican
a similar one to the above, but I find it easier to work with https://regex101.com/
odd quest
I've always used regexr
still nexus
Me 2
gritty barn
i never used any of time
i prefer manually scrolling through the stuff because i'm that guy
lost pelican
Why am I not surprised?
gritty barn
i'm sorry but my little brain can't comprehend much
lost pelican
You know, that's usually what smart people say
deep finch
I just finished the zthlinux course. What to do know???
ps i already know python
that was my first room
shut ferry
Anybody has resources (possibly guided ones) for linux privesc?
@shut ferry oh Really, thanks a lot
ebon valve
Unrelated to information security but this is an incredible course: https://www.cnn.com/2020/03/23/health/yale-happiness-course-wellness/index.html
wet yoke
The Cyber Mentor is giving free lifetime access tomorrow to his Udemy course, if any of you are into that. (April 1st) Coupon code STAYINSIDEANDLEARN
https://www.udemy.com/course/practical-ethical-hacking/?referralCode=4A7D5EE973AFBCAD11C6
proven pollen
This is a great read for those doing day 10 of cyber advent room. It details a good aproach to server side attacks aka metasploit
https://security.stackexchange.com/questions/185644/which-exploit-and-which-payload-use
In short, after doing an nmap scan these are the most likely vulnerable services (as of 2017):
SMB/445 -88%
SMTP/25 - 78%
HTTP/80 - 58%
HTTPS/443 - 49%
SSH/22 - 6%
stray orbit
@wet yoke , thnx f0r sharing, yet it shows 75% off discount for me instead.
tribal gull
that's weird, it worked for me
shut ferry
can anyone suggest something to deeply understand “Exploitation” and “exploit development” for beginner?
@lost pelican anything to suggest?
lost pelican
Why me? I'm by no means an expert.
low ermine
@shut ferry the protostar challenges are a good introduction to memory exploits e.g. stack /heap overflow
dim shell
odd quest
wet yoke
@stray orbit By default it will show that 75% off price but you have to click the 'Apply Coupon' button at the bottom just above the 'Share' button and put in the code STAYINSIDEANDLEARN, click Buy Now/Enroll (if you're already logged in) instead of add to cart
odd quest
Ok this sounds really dumb. But I need a source on how to hack. We all know it's basically enumerate/recon, exploit, repeat for escalation but I can't find anything supporting the processes that I'd use
Like, portscans for recon
I guess this is why THM exists
rose bobcat
It's really just finding the tools that work with you. So for my recon phase, I would use Nmap, Gobuster, Nikto, SMBClient, RPCClient, LDAPSearch etc. They're all bundled with Kali. Worth looking at the tools included with Kali and familiarising yourself with them.
odd quest
@rose bobcat I know exactly how to do it
I just can't find anything to back that up. I've learnt how
rose bobcat
What do you mean, back it up? As in training documentation?
odd quest
I just need some material that I can cite
I'll probably end up citing tryhackme otherwise
rose bobcat
Ah is this for an academic paper or blog or something?
odd quest
Yep
Just can't find anything at all that says you can break down stuff into recon/exploit, here's what people normally use for recon
rose bobcat
There's quite a few blog posts out there for things like "pentesting reconnaissance", but I don't know how much provenance you need for the sources - Medium blogposts don't always cut it
odd quest
I mean the information has to come from somewhere, that's what I'm trying to find now
rose bobcat
Ahh okay. I don't think its necessarily something you can pin down to a specific study or paper or training doctrine, it's just the go-to default. But best of luck - if I come across anything I'll be sure to let you know 🙂
odd quest
yeah I mean that's the issue I'm finding
It's just the defacto standard
You have to look for what you can attack before you can attack it
stable bramble
have you tried google scholar and search for key terms?
there has to be some paper, or any publication about this
still portal
Cyber Mentor is giving his ethical hacking course away for a day on Udemy. His only stipulation is that you pay it forward at a certain point! https://www.udemy.com/course/practical-ethical-hacking/?couponCode=STAYINSIDEANDLEARN
stray orbit
@wet yoke Oh man, I was not looking into the text above, just believed discount code is in URL. My bad. I should RTFM first! :)
But yeah, I got it.
THANK YOU SO MUCH!!
Udemy Coupon 100% OFF For Python for Penetration Testers Course
stray orbit
gritty barn
^ got my one over email
delicate epoch
https://www.ethicalhacker.net/register/
@stray orbit I created Caendra account and log in to ethicalhacker.net with it. Should I do something else? I didn't get redeem email?
Now, got the email with a delay of 15 minutes approx : )
honest dock
For those who want to easily learn Vim:
http://www.vimgenius.com/
shut ferry
Anybody got any good Wireshark resources?
white pivot
@shut ferry The book "Practical Packet Analysis"
honest dock
Google XSS training
https://xss-game.appspot.com/
solemn heron
Just finished updating enum4linux to remove some of the errors and add color coding. Open to suggestions.
https://github.com/logicsec/enum4linux
solemn heron
I was going to originally, but wanted to talk to him first about the PR process. Not sure if he is keeping it active
so I kept it seperate until I can have that conversation
odd quest
That's not what a fork is
A fork is your own version
You can PR back to main, or maintain your own
wet yoke
@delicate epoch I had to go a roundabout way to register. There was a CSRF error on the EH site so I registered on Caendra.com and verified. After that I was able to click the Sign-In link at the bottom of your register link and verify there and then about 10-15 minutes after I got the link to sign up to the course 😛
sand schooner
ebon valve
lost pelican
IoT is the worst
odd quest
The S in IoT stands for security
lost pelican
agreed.
fringe spire
https://www.utc.edu/center-academic-excellence-cyber-defense/pdfs/4660-lab6.pdf
@odd quest can you send all labs/exercises?
fringe spire
nvrmnd, just change the lab number and can access all of those
terse scarab
Where would I go for good word lists?
lost pelican
it depends on the type of words you're looking for.
spiral zodiac
Some knowledge can be obsolete
odd quest
Wisdom is the application of knowledge, useless knowledge is harder to apply
spiral zodiac
^
topaz gulch
Wisdom is the application of knowledge, useless knowledge is harder to apply
@odd quest I'm quoting that one, thanks 😁
fringe spire
@spiral zodiac are you the malware from the score board? Ranked 80 something?
spiral zodiac
Yeah, why?
@fringe spire By the way the leader board only shows the top 50 users 😏
fringe spire
i know, i just saw you somewhere and as a pakistani you caught my eye xD
you were in KOTH with 0ptional on his steram
stream*
spiral zodiac
I was?
fringe spire
yeah.. last night
spiral zodiac
Sorry, I am a little distracted right now, doing KOTH
fringe spire
ok np
odd quest
Deleted because writeup with flags
arctic mist
arctic mist
@fiery knoll I'm going to have to ask you to not post Offensive Security's paid courseware
ebon valve
^
arctic mist
That also goes for anyone and any paid course material as well
gritty barn
lol that's quite obvious
arctic mist
unfortunately it needs to be said
gritty barn
write a message and pin it maybe?
arctic mist
you know, that works if people check pinned, but half the time people don't even read the rules 
topaz gulch
It's also already in the rules
fiery knoll
@arctic mist sorry 
dull latch
I'd be glad of any (constructive) feedback on it 🙂
odd quest
@dull latch No answers in writeups
odd quest
@dull latch You literally have answers to the questions in there
Every answer, more or less
odd quest
shut ferry
I can not understand post exploitation. THM has a room with writeup. But it’s seem to quide hard for me. Youtube videos are using metasploit just....... can anyone share some resources to learn very basic of post exploitation? please 🙄
eager imp
shut ferry
thank you @eager imp
tacit tangle
Hi, i'm looking for beginner Python resources ? I finished the Python room and manage to find the flag by doing "puzzle" with info I was finding from here and there but it is still difficult for me to understand exactly what i'm writting. any suggestions?
wet yoke
@tacit tangle Automate The Boring Stuff is a pretty good free resource
wet yoke
Yeah No Starch has tonnes of great Python books. Tonnes of other great cybersec/Linux/BSD/etc books too...
white pivot
No Starch Press have a good amount of books.
wet yoke
yeah and they have regular Humble Bundles as well 🙂 I have most of their cybersec/python/Linux/BSD books thanks to those 🙂
white pivot
+1
lost pelican
guess there really isn't any starch in ebooks
wet yoke
I dunno, my tablet's a bit stiff...
lost pelican
get a better one
wet yoke
That would help...
lost pelican
:p
tacit tangle
@wet yoke thanks
storm ether
I don't suppose anyone has a compiled version of Akagi32.exe or Akagi64.exe
gritty barn
storm ether
The reason it's deemed malicious
storm ether
is because it's a key tool that uses av evasion techniques used in malware
gritty barn
that blur
storm ether
I'm just too lazy to compile it myself 😂
gritty barn
what about this one : https://libraries.io/github/rkmylo/UACME
gritty barn
i'm sorry i can't be of more help :c
safe wedge
https://www.autopsy.com/support/training/covid-19-free-autopsy-training/
Free autopsy training, certificate included.
shut ferry
Thank you!
shut ferry
any resources about bof for beginners ?
odd quest
@worn kelp they said bof, so buffer overflows
worn kelp
ups
lost pelican
what even are words?
worn kelp
mf
tranquil storm
I customized my tmux.conf to be able to store, and show a box IP, and be able to use it as a variable, it also shows your tun0 ip, basically saves me from tabbing around looking for an IP - if you are interested here's the way I did it https://pastebin.com/3nZFGdW7 (it won't look quite as good as mine as I used powerline styling for my version)
white pivot
tribal walrus
Imma drop this here for that last one https://guyinatuxedo.github.io/
tribal walrus
Probably enough for a year 
white pivot
Good luck :), if you'd like when you're not playing with your team, you can play with me.
tribal walrus
Many thanks
white pivot
xD
Your welcome.
Enjoy, as a fellow pwn, if you get stucked somewhere do ping me, I love to help people if it's about binexp.
Ah, right.
@odd quest ^
storm ether
P;OG CHAMP
white pivot
:)
Afterall, I'm that weird guy who loves pwning xD
Oh wait, I forgot something too. The gdb stuff, important as hell.
https://github.com/D4mianWayne/PwnLand/blob/master/Debugging/chapter-1.md
For absolute beginners, will update more sooner.
white pivot
You know basics, so...try hitcon lab.
And, just wait a minute, since you're starting seriously this time, I got a repo that will help you brush up some skills.
That's for asm.
@tribal walrus https://github.com/xairy/easy-linux-pwn
There you go, easy ones + will help you in upcoming CTFs. (not PlaidCTF :p)
Alright, time to take off.
tribal walrus
# Resources
These are the resources I have found while learning about the binary exploitation.
### Blogs:-
* <https://syedfarazabrar.com/>
* <https://kileak.github.io>
* <https://d4mianwayne.github.io/>
* <https://ctf101.org/binary-exploitation/buffer-overflow/>
* <https://blog.skullsecurity.org/category/ctfs>
### Youtube:-
* <https://www.youtube.com/channel/UCi-IXmtQLrJjg5Ji78DqvAg/videos>
* <https://www.youtube.com/playlist?list=PLhixgUqwRTjxglIswKp9mpkfPNfHkzyeN>
### Wargames:-
* <http://pwnable.kr/>
* <http://pwnable.tw/>
* <http://pwn.eonew.cn>
* <https://www.root-me.org/?lang=en>
* <http://smashthestack.org/>
* <https://exploit.education/>
### Pwn Related Stuffs:-
* PwnTips - <https://github.com/Naetw/CTF-pwn-tips>
* Quick guide -<https://trailofbits.github.io/ctf/exploits/binary1.html>
* Pwn Challenge List - <https://pastebin.com/uyifxgPu>
### Stuff Robin gave me:-
* Course materials for Modern Binary Exploitation by RPISEC - <https://github.com/RPISEC/MBE>
* Learn ROP - <https://ropemporium.com/>
* For Linux binary Exploitation - <https://github.com/scwuaptx/HITCON-Training>
* Intro to binary exploitation / reverse engineering course - <https://guyinatuxedo.github.io/>
* A collection of pwn/CTF related utilities for Ghidra - <https://github.com/0xb0bb/pwndra>
* Some pwn challenges selected for training and education. - <https://github.com/BrieflyX/ctf-pwns>
* A set of Linux binary exploitation tasks for beginners on various architectures - <https://github.com/xairy/easy-linux-pwn>
* ASM Basics - <https://asmtutor.com/#lesson1>
Just compiling them for easier use 
white pivot
Good job, though that's not even 40% of total resources :(
I say bored, yet have so much stuff to do.
stray orbit
https://www.autopsy.com/support/training/covid-19-free-autopsy-training/
Promo code: covid19-984730-free
Hurry up, guys and girls, this works only till 15th
~500$ worth now for free
crimson thunder
@stray orbit looks great, thanks! Does anyone here have any experience with Autopsy?
shut ferry
I got some...maybe I can be at any help @crimson thunder ?
crimson thunder
Just wanted to ask if you recommend using it
lost pelican
I've heard good things in the past, and it's supposedly gotten better since
Very popular with lawenforcement
native terrace
Love all those binary exploit resources above! Here's another one to add to the list: https://exploit-exercises.lains.space + https://old.liveoverflow.com/binary_hacking/protostar/index.html when you get stuck
Protostar is a good for those starting out, paired well with the book "Art of Exploitation" - https://nostarch.com/hacking2.htm
For those more advanced, this was a good talk, would love to see a room based on it at some point - https://www.youtube.com/watch?v=6-Et7M7qJJg
shut ferry
@crimson thunder ... Generally a great helper and easy to use. Is it worth trying it? It depends what you are trying to achieve!
native terrace
it's worth learning autopsy if you plan on doing any forensics
crimson thunder
Well, honestly I just had a class about digital forensics and I have no reason to learn other than curiosity right now
I appreciate your feedback all
queen nexus
gritty barn
Where did all of these binary ninjas appeared from @white pivot ? You got competition now
white pivot
@gritty barn Yes captain :)
And no one is going to let Robin down.
gritty barn
i'll follow the binaries stuff after i get a little bit better at privesc s
it seems that even if i get the way in i can't seem to escalate that quickly :c
white pivot
Oh, practice it.
gritty barn
happend to me on both tomghost and tony
white pivot
There's a Vulnhub machine with Linux Privilege Escalation which covers a lot of different techniques.
Have a look at it.
gritty barn
on tomghost i had localuser 1 hour before anyone else
still i messed up getting root
white pivot
Ah, at least knowing your weakness us quite good, you know what to work on.
Try that machine, you'll see changes pretty quickly.
gritty barn
yeah ^^, thanks for your help Robin
light hamlet
for the ones that where wondering about my vim cheatsheet (its my personal one made overtime with help from some other vim users/websites, so I don't think it's complete)
topaz gulch
@light hamlet that's really useful!
gritty barn
you using Joplin @light hamlet ?
light hamlet
yah
gritty barn
i knew it
light hamlet
it's the easiest way to hop between machines and still have my papers nearby 🙂
gritty barn
i know
light hamlet
(and not selling my soul to evernote, or something)
gritty barn
i love it ❤️ especially running as local user
i have it on all my devices
i know muri
don't start
topaz gulch
I mean, I love cherrytree and all, but I gotta admit that Joplin is so much better for the syncing
topaz gulch
Does it do the same kind of node based as cherrytree?
I know it does notebooks
But can notes have subnotes
gritty barn
yes
topaz gulch
And subnotes to those subnotes?
gritty barn
light hamlet
Yes!
gritty barn
yes
topaz gulch
I, uh, might be willing to take another look
gritty barn
everything that cherrynote does plus encryption
topaz gulch
Cherrytree does encryption
light hamlet
@topaz gulch it even has a terminal application
joplin as well
they just updated it as well 😮
topaz gulch
Did you not do Cherryblossom? @gritty barn 😆
gritty barn
not yet
it's on my list
need to polish my skills but let's move #thm-community-media
topaz gulch
Trust me, you are going to get intimately familiar with cherrytree encrypting stuff...
light hamlet
quaint sand
Learning vim feels like learning a new programming language
topaz gulch
It kinda is
But like a programming language
You'll be infinitely better off knowing it
opaque fog
Why did I have to scroll up in here, now I am going to spent the day moving all my cherry tree notes over the Joplin.
to**
gritty barn
bwahahaha, welcome to the cool gang
you might be able to export as html and import again
shut ferry
For those struggling with VIM and it's commands, try this: https://vim-adventures.com/
light hamlet
@shut ferry oh dude.. I didn't even know that was a thing?!
shut ferry
Yeah, I found it when doing the VIM topic and did a google search and it was the first thing to show.
Handy eh.
light hamlet
I'm gonna play that later tonight 😄
shut ferry
Hahah
Perhaps @somber plaza could implement it into their topic. 🙂
It's certainly helping me.
somber plaza
@shut ferry Could very well do! Maybe even a part 2 for more advanced commands if there's demand?
shut ferry
🙂
unborn crest
a nice list of commands to excalate: https://github.com/mubix/post-exploitation/wiki/Linux-Post-Exploitation-Command-List
shut ferry
A cheat sheet list for a lot of different programs all on one website: https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/
thorn thorn
i don't know if it is good channel, i suppose so. i'd like to as about reversing.kr, are challs from there are for real malicious? especially i mean 'easy unpack'?
obsidian oasis
https://github.com/newtonsart/game-of-life
In memory of John H. Conway
I guess this goes here...
white pivot
@thorn thorn Unless they explicitly told you to run binary in VM, otherwise it's just a bunch of crackmes.
white pivot
white pivot
Was it good?
shut ferry
found this to be really helpful if you're just getting into reverse engineering and know some C 🙂
unborn crest
What a great tool !!!
https://gchq.github.io/CyberChef/
lofty flame
@unborn crest Bookmarked instantly ! thx
keen summit
shut ferry
Handy as this covers a bit of every tool somebody might use: https://www.h21lab.com/tools/penetration-testing-cheat-sheet
shut ferry
In the link provided by @worn kelp there's a free course on programing with Python (Certified Associate in Python Programming)
gritty barn
just looked through the conversations on the discord and noticed that you are a fan of pivoting @odd quest , would you mind sharing some of your resources with me if you don't mind?
gritty barn
oh, makes sense. sorry for pinging you then!
white pivot
There's a machine name Wintermute and Tempus Fugit series on Vulnhub that have stack pivoting. @gritty barn
Remember, if you can't find the resources then make one.
arctic mist
very good advice Robin
white pivot
:D
shut ferry
It's probably a well one known one but this has been a fantastic find for me: https://gchq.github.io/CyberChef/
It really is a swiss army knife for everything.
unborn crest
Maybe some of you know about it, but i Found it very cool shell. Maybe you'll like it as i did
https://fishshell.com/
topaz gulch
Wrong channel @coarse helm 🙂
coarse helm
@topaz gulch wich chanel?
fervent summitBOT
TryHackMe
topaz gulch
That will also help
pallid sonnet
@topaz gulch Thank you for the information. I had a question about that box as well. Cheers!
unreal ibex
Hey has anyone done the new lfi box
gritty barn
wrong channel
shut ferry
any new tech course or security course offering for free (bcz of covit) ?
security related course is my first choice
white pivot
late bronze
shut ferry
https://slaeryan.github.io
Creating egg-hunter shellcode, Reverse TCP shellcode, shellcode encoder, crypter etc
solid wadi
pretty good doc about BOFs http://www-inst.eecs.berkeley.edu/~cs161/fa08/papers/stack_smashing.pdf
white pivot
light hamlet
pretty good doc about BOFs http://www-inst.eecs.berkeley.edu/~cs161/fa08/papers/stack_smashing.pdf
@solid wadi They have a few more when you go to the index
(i.e. http://www-inst.eecs.berkeley.edu/~cs161/fa08/papers/ or even at http://www-inst.eecs.berkeley.edu/~cs161/fa08/ you can get a lot more)
sidenote.. the Aleph One paper on stack smashing (released almost 15-20 years ago) is still used today as lecture material on UC Berkeley 🙂
white pivot
shut ferry
just a way of saying baby
shut ferry
def useful
honest dock
https://github.com/D4mianWayne/PwnLand/blob/master/Format String/overwrite-got-system.md
@white pivot the link isn’t working ;(
404
white pivot
Fair enough, I'm just creating the study material for upcoming room.
Really? @honest dock
honest dock
yeah
white pivot
It's working for me?
shy thunder
works for me too
honest dock
strange...
shy thunder
it resolves in discord too
white pivot
honest dock
works now
white pivot
must be a pro 😛
@shy thunder Dedicating this week to full Pwning.
Let me know your thoughts 🙂
shy thunder
the format string one is exactly what i need right now
shy thunder
none
shut ferry
oh lmfao
shy thunder
doing it for a job interview
shut ferry
o
honest dock
BufferOverflows are pain
shut ferry
what's the job
honest dock
shy thunder
pentester
shut ferry
im fine with bufferoverflows and asm
it's just
when I sit down
and look at those memory addresses for the more complex pwns
honest dock
oh \
shut ferry
the amount of bleeps I do not give rises to extrodinary levels
😂
but one day
one day indeed
honest dock
go sleep
shut ferry
will you stop making sense
shy thunder
this could be that day
shut ferry
this is not gonna be that day @shy thunder
shut ferry
is that a challenge, I will force myself to learn nothing all day! 😁
shy thunder
😅
shy thunder
i dont see how those 2 have anythiong to do with eachother
shy thunder
shut ferry
white pivot
the format string one is exactly what i need right now
@shy thunder I'm your angel then.
shut ferry
In the armssss of the Robinnnn
shy thunder
lmao
shut ferry
just dont have a crowbar in your arm and things should go fine @shy thunder
shut ferry
Robin doesn't do well with crowbars
white pivot
Head over to #thm-community-media ?
shut ferry
would be wise
twilit hamlet
white pivot
I'd say yes, it gives you an insight on how python is implemented in information security.
wheat flare
any good resource to master XSS??
gritty barn
wise fern
any idea about black hat python ?
@ruby flint yes. i would snag it if you could.
as for cross site scripting. should be a ton of resources online everywhere
ruby flint
@wise fern thnx for responding i already started it today but it seems i'm just typing what he is showing not deep explanation i want something to make me code things by myself
wise fern
roger.
Have you tried udemy.com
i found alot of very helpful instructor courses on there
you can dig through all the balogna
ruby flint
i will take a look
wise fern
and find teachers you like
youll love it. and SUPER cheap. also sales all the time
once i got hundreds off dollars worth of training for less than 50
just depends when you go on there.
however, watch out for deprecated videos,
some are old...
ruby flint
i will try but i'm also digging by myself for every line he type to understand how it works
i'm starting to understand sockets already
odd quest
Sololearn is quite good for free basic programming stuff
wise fern
ooo, new to me. ill check it out
odd quest
@ruby flint I recommend SQL particularly
ruby flint
thnx i will take a look
white pivot
@ruby flint https://github.com/s0md3v/AwesomeXSS
shell kiln
GHIDRA is A software reverse engineering (SRE) suite of tools developed by NSA's Research Directorate in support of the Cybersecurity mission
Info: https://www.nsa.gov/resources/everyone/ghidra/
Source/DL: https://github.com/NationalSecurityAgency/ghidra
Enjoy!
snow falcon
@ruby flint have you checked freecodecamp ?
wintry kiln
Hey @gritty barn is there a red team cheat sheet?, cheers
wintry kiln
No problem, ill have a hunt around , nice find 👍
odd quest
@fringe spire my recommendation https://www.sololearn.com/Course/SQL/
fringe spire
Thanks.. i was planning to learn from somewhere since this morning this will help alot
wet yoke
any idea about black hat python ?
@ruby flint Black Hat Python, Gray Hat Python and Violent Python are all worth a look.
Black Hat Go is also worth a look
ruby flint
thnx i already started blackhat python i'm in chapter3 it's nice but sometimes it lack explication but i try to understand with googling
wet yoke
If you're new to Python, check out https://automatetheboringstuff.com/
gritty barn
Twitter
devout rose
Is there a Linux Base room similar to the Windows Base? Something I can deploy a simple web server for teaching some concepts.
odd quest
@devout rose probably the kali 2020 VM
devout rose
Ah yes! Thanks. That'll work.
sturdy shell
A hypervisor-level malware analysis sandbox https://github.com/CERT-Polska/drakvuf-sandbox just got released in beta. I haven't tried it yet myself but sounds good!
An upcoming room apart of my malware pathway discusses sandboxing, so I'm gonna look into it to potentially incorporate into that room perhaps
sturdy shell
some make poki-themed rooms
ebon valve
shut ferry
@ebon valve I try to avoid Udemy courses usually. Did you get value from this one?
ebon valve
I haven't checked it out quite yet but John was pretty excited about it
north saffron
I wanted to check out TCM one after hearing good stuff but think discount ended and can't justify near $100 for it. Problem is there are so many out there and never know what's worth considering all the free resources. Would love to do the PWK but budget doesn't allow it at the moment. Have tons of books to read through though
wet yoke
@north saffron TCM has last year's version of his course free on his YouTube
north saffron
@wet yoke is that the 15 hour video? I've been watching his web application video series halfway through episode 2 and finding it to be pretty good
wet yoke
Yep that's the one. The udemy course goes into more detail on a few other things but you can pick those skills up elsewhere
odd quest
subtle dirge
I wanted to check out TCM one after hearing good stuff but think discount ended and can't justify near $100 for it. Problem is there are so many out there and never know what's worth considering all the free resources. Would love to do the PWK but budget doesn't allow it at the moment. Have tons of books to read through though
@north saffron You can find the discount code for his course on his discord or twitter.
tight mulch
purchased the new iphone se (moving from android). Any education infosec apps I should download that are on iOS?
gritty barn
checkra1n
gritty barn
quite comprehensive. i'll take it
topaz gulch
@delicate pelican Would I be correct in thinking that book is not free?
tribal walrus
It is not, I happen to have it on my other desk
delicate pelican
Oh, that's my fault. I just googled for a pdf and grabbed the first thing I saw. Not exactly responsible, I'll admit.
Sorry about that.
sturdy shell
I mean I've got ISBN numbers for both red and blue
odd quest
Yeah the copyright disclaimer in the PDF implies it shouldn't be a PDF
delicate pelican
A better resource: https://github.com/droberson/rtfm
tribal walrus
The PDFs are legit a scan of the book ,you can see the scanning shadows
delicate pelican
gritty barn
this is a pretty cool command:
--exclude 192.168.0.250,10.10.0.3.254 \
| grep "Nmap scan report for" \
| awk {'print $5'}
https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology and Resources/Linux - Privilege Escalation.md Some really cool stuff on here
visual wharf
Hello everyone
In burpsuite grep match option , anyone hv sheetcheat for that
Example, but i cant find this sheetcheat somewhere
raven owl
wet yoke
@raven owl That's last year's version of the course @fringe spire just mentioned before you 🙂
raven owl
@wet yoke ouch sorry didnt notice.
wet yoke
It's ok, there's lots of versions of that course around the place, it's easy to overlook things 🙂 It's also on the TCM youtube channel and elsewhere too I believe
fringe spire
@raven owl YouTube one covers alot of stuff that is not covered in udemy. So both are good. Depends on person's choice.
little sapphire
polar igloo
honest bay
swift harness
this is a pretty cool command:
--exclude 192.168.0.250,10.10.0.3.254 \ | grep "Nmap scan report for" \ | awk {'print $5'}
@gritty barn I don't get it, whom do these IP belong to? I mean aren't they variable everytime? Please elaborate if possible!!!
swift harness
Umm I see like two diff THM ip's, then a personal IP...so still can't make out whats goin on in this command?
gritty barn
if you read the manual you'll see what it does
swift harness
hmm
gritty barn
it's not my own command as i copied it from https://github.com/droberson/rtfm
swift harness
Got the answer, Thanks!
fringe spire
in case if it helps someone Free Autopsy Training Course :
https://www.autopsy.com/support/training/covid-19-free-autopsy-training/
Free before 15th May 2020
storm ether
Can anyone make any recommendation for learning how to make linux kernel modules/rootkits?
And before someone says "this is blackhat", it isn't but hey merry Christmas, bite me
tribal gull
I'm looking into kernel modules on my own right now but not enough knowledge to make rootkits lmao.
I started reading "Designing BSD Rootkits" recently but it's more of a technical guide around the kernel and only applies to BSD sadly
spiral zodiac
tight mulch
has anyone purchased the certmaster for sec+ ?
I'd like to sit for the exam this summer and wanted to know if the extra help is worth it
cloud token
@tight mulch I found the certmaster to be helpful. I enjoyed the extra multiple choice questions that came along with it.
gritty barn
SIEM Fundamentals - Promo Code: SIEM
https://www.elastic.co/training/specializations/security-analytics/elastic-siem-fundamentals
gritty barn
https://register.gotowebinar.com/register/250073331082302477 - Linux Forensics Magical Mystery Tour with Hal Pomeranz (1-Hour)
sturdy shell
You can share your stream in #thm-community-media @wanton olive 🙂
gritty barn
also @wanton olive
wanton olive
Thanks.
gritty barn
No problemo
blazing iron
is there a proper and free alternative to burp suite?
honest dock
ZAP
blazing iron
thanks, i will try that
honest dock
check out a room on THM about it
blazing iron
oh nice, i didnt realize there was already a room for this
white pivot
Masterpiece ^
hazy trench
This publisher made books for download for free, there is some network security and programming books in here. Take a look and download if you want!
gritty barn
odd quest
@mystic trail No discord invites unless approved
mystic trail
@odd quest ok thank you
grim wolf
gritty barn
is there a reason why is this considered a resource @grim wolf? It's a write up of a low hanging fruit in my opinion without presenting any technical aspects to it other than using awscli
sturdy shell
This sounds real neat - could be a little thing for a room at some point O.o
odd quest
@paper cape Only material that you're allowed to distribute please
paper cape
Am I not? I own the license to distribute and own the material
But I'm not going to do something if it's going to get me banned, my apologies
sullen creek
arctic mist
if you want to post that license that allows you to distribute it to the masses for no cost, we can talk lol
sullen creek
sand schooner
shut ferry
honest dock
A-Z Pen Test course with a huge discount
https://www.eduonix.com/ethical-hacking-masterclass?coupon_code=INSTA25
fringe spire
This one looks pretty dope ^^^
But i used all of my money from my bank account so imma go cri 😢
odd quest
@unreal ibex #thm-community-media
unreal ibex
@odd questok
dense musk
@barren vault that's pretty sweet I always think about how useful certain aliases could be to speed things up but always forget to set something up. 👍
barren vault
Thank you @north saffron saves a good 30 seconds
dense musk
haha it can all add up, right now I only have things like pbcopy, a gobuster and nmap one and optional's "up" alias to get tun0,pwd,and start up a http.server connection but now will be on the lookout for more or just think of what may improve my workflow and incorporate it. More tools in the toolkit 👍
barren vault
Have to fix it, messed something up
I made one for the up alias too if you want me to send it to you?
It's the same one Optional uses now.
dense musk
it's probably the same one then, got it from his discord a week or so ago and works fine. only change I made was to drop port 80 on it so I can just run it on port 8000 by default or specify my own port when running it incase 80 doesn't work
odd quest
80 won't work if you're not root or you don't have cap bind set
dense musk
don't know what cap bind is i'll have to google that but I believe that applies to the first 1024 ports, they won't work without root.
odd quest
@dense musk Capabilities are a more granular method of controlling permissions. Suid's grown up brother
Cap bind allows you to bind to low ports without running code as root
barren vault
sturdy shell
https://github.com/sinfulz/JustTryHarder
JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam.
(Inspired by PayloadAllTheThings)
Disclaimer: none of the below includes spoilers for the PWK labs / OSCP Exam.
Some handy-dandy juicy windows priv esc stuff on there
oh hey @winter depot! Nice repo :3
winter depot
Thanks 🙂 @sturdy shell
sturdy shell
You mind find this of interest @shut ferry
https://github.com/jivoi/awesome-osint
idle light
amazing resources
shut ferry
Thank you @sturdy shell
sturdy shell
arctic mist
shut ferry
@arctic mist What can it give you? Interested in it but not sure what it is exactly
gritty barn
if you go on the link it will tell you ^^ @shut ferry
shut ferry
Ty
sturdy shell
^
Source code for the book "Black Hat Python" by Justin Seitz. The code has been fully converted to Python 3, reformatted to comply with PEP8 standards and refactored to eliminate issues of dependency resolution involving deprecated modules. - repo description
honest dock
i just wanted to thank the person sending this 😿
it's a good repo
delicate pelican
Wasn't sure if it was okay to post so I was looking further first
honest dock
it is fine, you can re-post it
delicate pelican
fringe spire
All Binaries:
https://busybox.net/downloads/binaries/
odd quest
Ubuntu 1804 chattr binary for all y'all
barren vault
https://github.com/ryanrohypnol/Reverse-Shell-Bash-Alias/ -- Fixed the Python shell (needed to escape the double quotes) thanks to @topaz gulch ❤️
low ingot
devout abyss
Any framwork for phishing??
gritty barn
google is your friend for that @devout abyss there are like 2 that i know are very popular
devout abyss
Okk
topaz gulch
@devout abyss Also, if that's for anything illegal, please a) don't and b) keep it out of the server.
Phishing frameworks being one of those things with limited uses...
gritty barn
it's a debatable subject
topaz gulch
Highly
gritty barn
we are in the point of implementing phishing campaigns for our end users
storm ether
I mean there’s soon to be a room based on a phishing framework so
Potentially anyway
night holly
There's already a room on phishing
low ermine
found this on a reddit thread:
https://digital-forensics.sans.org/media/DFPS_FOR508_v4.6_4-19.pdf
thought it was quite cool because i'm not familiar enough with Windows process to know when one looks malicious 😄
chrome hawk
https://www.youtube.com/watch?v=vBJj7YMVn6I taking notes with vimiwki. Anyone tried it yet?
wintry comet
Hello, I would like to share with the community my Write-Ups resources of the path of "OSCP Preparation" in Spanish. I hope it works for you, thanks: https://github.com/KAIT07/OSCP-PREPARATION-THM
crimson thunder
what resource do you guys recommend for practising / mastering egrep's regex specifically?
crimson thunder
should I just read up on perl's regex? I have an exam coming up and our material doesn't quite cut it I'm afraid
white pivot
Almost every regex pattern is same, I'd say head over to codewars or leetcode and practice with some of the regex challenge. @crimson thunder
crimson thunder
@white pivot thanks, that helps a lot
white pivot
:)
shut ferry
Not sure where else to ask this: what sites are good for publishing witeups?
shut ferry
Alright. Thanks
peak birch
does anyone have the up script that optional uses
spiral zodiac
@peak birch Create your own, it's not that difficult
peak birch
I know but I don't know how to get the ip address from the script
I used the SimpleHTTPServer but I don't know how to get the ip address
odd quest
@peak birch ip a s or ipconfig and some grep wizardry. Use the python3 http.server, not the SimpleHTTPServer
peak birch
ok thanks
odd quest
@peak birch Python2 is deprecated, try to avoid it
peak birch
I know but I like it
odd quest
There's a reason
peak birch
they only have python3
odd quest
Because it's deprecated
spiral zodiac
@peak birch Python2 has reached it's EOL for quite some time, it's time to move on to Python3.
peak birch
yeah I guess I have to turn every one of my python tools to python3
that's gonna take some time
hearty relic
https://github.com/officialdarksheao/insta-kali Sharing a dockerfile I'm extended from kali's rolling docker image, been adding to it as I complete labs. Free for the taking - I get a lot of use of a command to spawn new hackboxes in seconds
obsidian oasis
https://github.com/newtonsart/visual-studio-assembly
I thought that this would be useful for some of you
azure widget
gritty barn
i saw something online about that
azure widget
Brand new tool similar to bloodhound for azure ad https://github.com/Azure/Stormspotter
arctic mist
@azure widget great share. I'm getting summoned to do some Azure work soon. Will definitely keep that tool in mind
gritty barn
have a look at this one too, it's for 0365 infrastructure @arctic mist https://github.com/nccgroup/ScoutSuite
azure widget
Since I’m dropping all the resources today here’s a great pen testing template for Joplin https://github.com/tjnull/TJ-JPT
upbeat vine
Not completely pentesting related per-se, but a great tool for browsing github repo's quickly:
spiral zodiac
azure widget
crazy framework for Osint if you need to do anything with Osint this framework probably has a tool for it https://osintframework.com/
ebon valve
hard salmon
tacit tangle
Hi there, I recently purchased "automate the boring stuff with python" preparing myself for the pwk material. Reading through so far has been good but I have the feeling sometimes it goes a little bit too fast on the basic ( I come from 0 programming background ). I was wondering should I stick to it or should have bought the python crash course instead ? What are your thoughts guys ?
odd quest
@tacit tangle I really like https://www.sololearn.com/Course/Python for learning languages
tacit tangle
Thanks @odd quest
I'll have a look
Looks great, this alongside with my book and some YouTube corey Schafer
Should be good for now
👍
white pivot