#general

i only do a lil traffic via cf

same

if i start pushing my entire web traffic load via CF - they get angry

it's so small my blog is like 10x the traffic of my home server network combined

anybody would get angry

My ISP doesnt lol

....aren't you your own ISP 😂

upstream wtver

https://youtube.com/shorts/TNjFsNGKhqI?si=9a6MW55hJKdHb5f1

Teaching them life skills at a very young age, I love it.

Teaching em how to fix their own stuff, not be afraid to learn, love it.

we do that here also but without the machines

I remember controlling a machine once when I was a child with my father.

Think it was a backhoe too

Use either Cloudflare Tunnels with the Zero Trust client (free) or Tailscale. The latter is a bit quicker to setup. Both are excellent for getting into your network resources without the need to setup a public facing VPN or port forwards. Also doesn’t have the same restrictions as Cloudflare tunnels doing public hostname proxying (which you were mentioning).

https://youtube.com/shorts/3aGUwvfjogY?si=c2I1PExhXt8bcsaY

Does anyone know where I can find the recording of the event that took place yesterday?

why is this popping up

im just trying to scan thm challenge

Hi all, is someone able to help me with a Curl query? I want to include a variable in the URL but am not sure how to format it correctly

Were you trying to do -p- for all ports?

Yes

You're missing a - after the p

oh yeah

ty

Welcome

but why is -p illegal

#room-help is a better channel. 😄

:)

Cause you're specifying a port

You never specified a port after -p

OHHH

ty

Actually

No problem

:)

It was taking the op as the port range.

https://tenor.com/view/nerd-ackchyually-actually-gif-11156171

Ip*

:)

-p 10.10.xxx.xxx would be the port range

No?

Can someone who knows bash and curl help clarify why the following doesnt work?

for date in $(cat 2023Dates.csv); do
curl "https://website.com/generation/$date/data.csv?overlay=none&access_token=XXXXXX"
sleep 2
done

That's the IP range

Yeah, but they didn't specify anything after -p

You wanna specify a port, you do something like -p22 or if you want a range do -p2000-6000 or osmething, and if you want all ports just do a dash to make it simple -p-

So nmap would assume it was the ip

Ah, in that way yeah

all ports is -p- if you do -p nmap expect port number or range

hi everyone

has anyone else had their network vpn files download with nothing in it?

im re doing wreath and ive had issues with it all day

This is safe, right?

Just wait a solid 2 mins if you reg-gen it

@glass nest got a bottle you can put on your pizza

does that stuff even go bad

or does it just get weaker

idek

It 'matures' 😄

never had a bottle expire lol

Dunno, don't feel like testing a 15 year old thing

still nothing

@blazing granite You know everything about aged liquids. Whaddya reckon? 15yr old sauce that has Anchovies as a main ingredient?

Exec - Tried a different server?

regular thm vpn is fine

i just switched from .85 to .57

should i try ice cooling a cpu

I mean when you re-gen the ovpn file?

so leave switch ips then regen?

i could not connect today beats me why...

to wreath?

no in general its not conecting from my machine

interesting

Hmm.

Maybe drop a note in #site-support

No, not without proper protection

got a new config but that one is totaly dead the old one is worky but at the end its a fatal error

ill be damned

there we go, might be something dodgy happening in the background.

It's a shame, cos the wreath network is 'lit' (as the kids say)

so it might not be me having the stupid this time

i did enjoy it the first time i did it

that was 2 years ago of sorts

Has a staff member replied in site-support?

gona try with a plastic wrapper

CPU's at 60 C atm

lets see how low it goes

You're going to kill it

Subambient cooling is not suggested without taking care of condensation risks

dry ice 🙂

Personally I don't know any sauce that old. Beverages are different, because chemical processes, alcohol, acidity, etc help to keep the beverage fit for human consumption

dry ice moist board

nop. dry ice is co2

Dry ice is subambient

So… you’ll get condensation

In more places than you might think

Including inside the socket

hmm

whats a fun way to cool a cpu

dry ice

I wanna use the word 'subambient' in everyday conversation

hmm... that didn't know. since we make dry ice from co2 only...

Right but the ice isn’t the source of the moisture

The water in the air will condense onto a surface with a temperature lower than the ambient air temperature

cold air holds less moisture than hot air, air cools, moisture leaves air (and goes onto component)

Like on the outside of a cold drink

that might be the case yea

This is a serious problem when using LN2 or other very cold coolants for CPUs

Anything with any access to air that will get cold, will get wet

Normally you would fill air pockets and voids like the socket with dielectric grease or rubber clay/eraser

And then plaster the rest of the area around it in similar

how do you even know all this

Part chicken, part man. no-one can know what he truly knows.

well... he develop hashcat... or so

I don't think hashcat had cooling in mind

gpu cooling 🙂

I'm sure it did after a few GPUs burnt out 😄

yea but not thinking of ways to hypercool something

i asked the opposite, lol

that's why it's relative humidity after all

hotter air holds more water than colder air

that's why your weather app has a dew point

hmm

also Verum did u write Windex ur self

or with AI

also why people get dried tf out in the winter

the error handling doesn't seem a lot human for a single person making it

is i

used gpt as a reference for a niche problem here and there but nothing monolithic

oh k

I thought Windex was a glass cleaning product

I have approximate knowledge of many things 🙂

the error handling just seems AI type

pretty nice

Also quite a lot of hardware work haha

Heya folks

@polar spoke So tell us.. Whats so interesting on the other side of the road?

u ever tried cooling a CPU with a frozen egg

what file you looking at? curious what you're saying looks like it

https://github.com/ppfeister/Windex/blob/master/modules/Debloat AppInst.ps1

cook a tiny pancake on your CPU

ahh the winget module

yea

why did the

chicken

ok ok sorry

it doesn't seem like a normal human would think of that

I’ll let you know when I get there

Food tends not to work well 😛

AIO - makes me smile that you think anyone on here or that develops tools like that are 'normal humans'

eh I know they are beings at a higher plane of existence

yeah there's a lot of trying to account for weird edge cases and such. the AppX module has a similar thing going on where a specific error message will cause it to recurse a few times before failure

and have master privilege escalation to get there

far from perfect tho. still a WIP

yea, thought so also fun fact, never read powershell code in detail before

but its easy to understand

i've had a painful week

my condolences, although i wouldn't recommend going to Microsoft HQ to burn it down

https://tenor.com/view/reading-sign-cant-stop-me-no-one-can-stop-me-gif-13921932

still gotta add a bunch of stuff to rip out telemetry

the door can't stop me because I can't see

technically still is

( they both clean windows )

good idea

considering a simple gui. but that's later. not before the services are all pruned and telemetry razed

haven't decided what to create it with though if i do

Well I am stuck in the city, apparently my car got locked in🤣

you mean your keys got locked in your car? or is that a typo of blocked in?

or like locked in the lot

Locked in the lot

ouch

I parked in a parking basement, and the basement got locked

is it one where you can just drive over the sidewalk or

ope

Tell the CISO you'll be performing an unscheduled security test of the lot's lock up mechanisms?

So now I either take the train home, and back again, find someone I can sleep at in the city or pull an all nighter

Fun thing is

I have to be in school at 8 am

Guess when the store opens

wya again? you're not with us around ny/nj are ya?

i kinda just thought you graduated already too

Denmark

Lom

hi all

Lol

yeah that's not very close

And no, I still have till December 2025

hola

my condolences

But tomorrow is picture day for the class I just graduated

Cause we just finished that final exam and finished half of my education

grumbles at spotify api dashboard

ya know what sucks

Edge

Yes

ASLR/NX bit.

ROP!

Good old SEHOP.

Microsoft Windows Defender Exploit Guard is a masterpiece in its own right.

yep

I think that's the only thing i like about microsoft

I like many things from Microsoft, including Windows and Microsoft Learn (with its very extensive documentation).

microsoft documentation is the worst thing i've ever experienced

idk is Learn is different

but my god is their normal stuff bad

Literally anyone will tell you that Microsoft documentation related to their Windows stuff is the best. It's among the most extensive resources you can find (and also in general how it's formatted). There's also Sysinternals and their Windows Internals books.

I literally have no issues at all finding information on their website.

lmao, no

It's very smooth and extremely well organized.

just finding wtf you're paying for is near impossible

Then you are bad at retrieving information.

It's worded clearly and visualized properly

if you actually work with it it's the most difficult thing to navigate ever. just trying to find the difference between DFE P1 and DFE P2 is difficult, if you're trying to get actual info and not marketing stuff

if you're trying to find things like "what's this powershell command?" it's fine, but there are signifcant areas where they are lacking

https://m365maps.com/matrix.htm

i use this all the time lol

great alternative tool

Haha it’s great.

It's the same with all the AWS machines and their prices

There's a website for that

I do wish they'd add one for individual tools though instead of just user licenses

like the aforementioned DFE license tiers

Agreed

honestly though, AWS is fine. It's cluttered, but it's navigable. MS is just a mess

(i still like the third party tool for them tho)

Tbf AWS isn’t also trying to be an entire core productivity and business services suite like MS is

And I think MS is great for what it is.

https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/api/exposed-apis-list?view=o365-worldwide

And you go from there, literally every link is interconnected.

on the other hand, AWS builds out whole unrelated product lines and still makes the documentation somewhat useable

It's quite nice when people know what they are doing. However, it's also very easy to mess things up due to the sheer complexity involved.

still trying to find a grid of features to compare each tier

Are we talking EC2 instances?

nah, X509 is trying to demonstrate how microsoft's documentation isn't horrid and i'm disagreeing

still can't find that grid

uhhh not what I was on about

Defender for Endpoint Plan 1 capabilities
Defender for Endpoint Plan 1 includes the following capabilities:

Next-generation protection that includes industry-leading, robust antimalware and antivirus protection
Manual response actions, such as sending a file to quarantine, that your security team can take on devices or files when threats are detected
Attack surface reduction capabilities that harden devices, prevent zero-day attacks, and offer granular control over endpoint access and behaviors
Centralized configuration and management with the Microsoft Defender portal and integration with Microsoft Intune
Protection for a variety of platforms, including Windows, macOS, iOS, and Android devices
The following sections provide more details about these capabilities.

Defender for Endpoint Plan 2 capabilities
Defender for Endpoint uses the following combination of technology built into Windows 10 and Microsoft's robust cloud service:

Endpoint behavioral sensors: Embedded in Windows 10, these sensors collect and process behavioral signals from the operating system and send this sensor data to your private, isolated, cloud instance of Microsoft Defender for Endpoint.

Cloud security analytics: Leveraging big-data, device learning, and unique Microsoft optics across the Windows ecosystem, enterprise cloud products (such as Office 365), and online assets, behavioral signals are translated into insights, detections, and recommended responses to advanced threats.

Threat intelligence: Generated by Microsoft hunters, security teams, and augmented by threat intelligence provided by partners, threat intelligence enables Defender for Endpoint to identify attacker tools, techniques, and procedures, and generate alerts when they are observed in collected sensor data.

And from that same website, you can either click on the videos or follow the sublinks.

(@rapid merlin btw hope you're not taking this as hostile)

I don't perceive any hostility. It seems like a normal conversation. It's a product after all.

If they ever mess things up, I will change my stance and find something else.

Just making sure. Text can be difficult to judge sometimes.

Of course, I mean it's very hard for me to get mad or feel affected by insults or anything else. I consider myself extremely open-minded and good at compartimentalization (I also don't care so that helps).

which tab was this?

https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/defender-endpoint-plan-1?view=o365-

(I also don't care so that helps)
100% this

https://go.microsoft.com/fwlink/p/?linkid=2154037

Right under the video.

On a side note, it makes me much happier in general.

i still see literally no matrix anywhere

i see disassociated lists

but no matrix

I just read the texts and visualized it from first glance.

every product ever that has multiple tiers of licensing has a feature matrix to compare licenses

https://m365maps.com/files/Microsoft-Defender-for-Endpoint.htm

oh my god they made one

M365 Maps has a bunch of different products in there.

m365maps is one of my most used ms bookmarks and i didn't have that one saved

You also have this : https://learn.microsoft.com/en-us/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance

Which licenses provide the rights for users to benefit from the service?

You should perhaps bookmark the main page. :p

but yeah Microsoft not having a matrix to compare makes them the black sheep here, and is pretty poor

being used to the lack of documentation doesn't make it good documentation

my god that's a long page lol

it's like stackoverflow -- homepage doesn't exist

interesting that they have a specific link for Australia

Yes quite extensive.

Broccoli Beer Cheese Soup

I actually agree with this

@sand trench @mossy river

I also dabble with exploit development, so I'm familiar with documents like that for the most part. I read a lot of whitepapers and can read quickly so it's fine.

I usually enjoy the microsoft products we use and manage

yuck

They are very professional and generally very robust.

the beer is questionable.... the cheese is good

Wym yuck?

O365 management is also very easy, and customizable

There's white wine in it too!

why must we taint everyting with ww2 era missile fuel????

Broccoli beer???

I don't have much experience in Office 365, but I agree based on what I've encountered so far.

It sounds sooo good! We haven't tried it yet, but it smells amazing

Broccoli beer

anyways back to watching a kids show shadow did not get the chance to see as a kid.... avatar the last airbender

Looks dope, I’m jealous.

how was the wine?

Beer cheese is soo banger.

I'll let ya know how it tastes, along with letting Rex know too lol

Bubbly

Like, very bubbly lol

Good, but I'm still a sucker for Pinot Noir. We put that wine in the broccoli beer cheese soup. Along with Shiner Bock beer. Still have yet to taste it lol

It's sitting on the stove on low

It's in my "Try it before you die list"

I want to try it so badly

Did you buy a sparkling instead of the gruner veltliner one?

hello chat

I bought that same one I showed you, 1 sec

If only there was a shorter, more well established term for such a list.

because you said bubbly 😂

@blazing granite

TIBUD list

did you tasted it or just put it all in the soup?

Of course he tasted it

I tasted it, poured 1 cup in the soup lol

I love gruner veltliner

I’m now imagining a soup made with 750ml of wine in it

Had a glass, that's how I knew it was bubbly, like the finish was bubbly

That's a mandatory thing while cooking :p

I wouldn't complain

I was so confused what it was, and I just realized you meant bucket list lol

how do i add my ejpt cert

That's not a soup anymore

i would

There's beer in it. Would you still complain?

Broccoli flavored wine

yes

Broccoli CHEESE flavored wine

We got the feedback! Time to move

Ask a mod

i aint no froo froo cowboy, i like me some whsikey

It's whisky, duh.

MODDDSSSS i have my cert i can shoe proof

Shoe proof

yus

https://tenor.com/view/shoe-nike-design-shoe-spin-gif-17074872

There's my shoe proof.

depends on the dish and the quantity you're making

Yo

Don't post your personal info here, mate

Prob not wanna show publicly

Self doxxing

lol

its the internet if my name isnt on there then ive lived under a rock

@boreal scarab you like PN so much you should try Coq au vin

im 99% sure all of our info liek names and such is on the internet

That's a weird approach

https://tenor.com/view/spongebob-patrick-star-notes-noted-gif-26232003

but its true

Don't play that game.

what do you think fb netflix instagram etc is doing with the sign up info

The premise and statement are flawed though.

didnt apple just get sued for selling data?

Just because it's on the internet doesn't imply you should reduce the time attackers spend

also your birth certs are public knowledge too...

It's all about time

it's chicken braised with wine, it's a traditional dish from France and the wine is PN 🙂

With that kind of thinking, why bother protecting yourself?

exactly

And you're making your data more accessible

So, you're either simplifying the attacker's job tremendously or acting carelessly by throwing your information around like an idiot.

You are not targetted remember.

Okay, don't eat. You will starve eventually

@boreal scarab the dish is made usually with PN from bourgogne, but you can use a local PN if you like

newbie made it 😎

@devout palm On a side note, do you think you will pass (or at least try it) the OSED?

With a proper study schedule, why not?

I can't get a voucher (they are always sold out).

It's 100% doable.

I don't know its value in the job market though

I'm considering pursuing it in college, but honestly, it's quite expensive at this stage. Plus, the programs are sold out, and the field itself has limited marketability. It's very niche.

It's nice to have though, really makes you stand out.

Get your company to pay it... Simple

Pretty much.

It seems like everyone has the OSCP certification.

Time to get something harder (mid to expert level).

When you say college, is that UK or US college?

US university.

Cool

You got this

I appreciate that. I never back down, but I also tend to avoid taking certifications that most people pursue. Even though I'm still in college, I always opt for the hardest challenges because not only is it elite, but it's also more tightly knit and prestigious.

And of course, goal is to stand out.

You?

Well, yeah it is. I like complex and hard stuff

That's the true hacker spirit.

Just be careful about going for advanced certs without getting the industry experience

UK

Revised my blog.. Now going to set up a sinkhole DNS

And prepare a CV

Nice!

I understand. I plan to pursue it to distinguish myself and to have a certification that demonstrates I've achieved certain skills or accomplishments, even though I haven't attempted the OSCP yet. I've been extensively researching it since high school (like the beginning of high school).

@blazing granite @torpid ether it's quite good, not creamy, more.. soupy. But 100% would have it again. Prob tweak the recipe a bit to make it more creamy

I will probably be extremely overqualified for entry-level cybersecurity jobs though (which is not an issue).

Yup, exactly

Remember this. Sometimes they don't care about certifications

I also do it out of pure passion.

I only pursue the knowledge at the end of the day.

Well you say that, but it might be a lot harder

Definitely will be harder... But no worries at all

did you paring with the gruner or drink PN? 😂

if you have no experience, you won't be

Perhaps, I am actually sure. It's just that I feel like what I'm doing at the moment might be a bit excessive and next level considering where I'm currently at in my journey. I do have confidence in my cybersecurity skills though, especially since I started delving into it when I was just 10 years old.

companies value experience over certs

Knowledge is knowledge.

Experience beats theory

But practice > theory

Because you are actually applying that knowledge

Cyber security can't be only done with theory, IMO

I need osed too

Oh, gruner. Good choice BTW, it pairs VERY nicely with the soup

Go for it

Either way, good luck with your journey X5 - sounds like you got the passion for it so I'm sure you'll go far

Right after this one, probably

Nice, you got OSEP and OSCP already

and you're preparing for..?

#general message @jagged moon

Having hands-on experience is definitely important, but companies also appreciate newcomers who can adapt, learn, and grow swiftly. I actively participate in HackTheBox challenges and have attracted the attention of recruiters who reached out to inquire about my interest.

Gaining professional experience requires prerequisite knowledge.

OSWE*

Like I know something 😉 😂

Haha, I hope so, thanks you too.

I don't disagree, I'm just saying that a lot of cyber roles will be looking for people with work experience already - which is why it's quite difficult to break into the sector

Sure, which is why I do my best to stand out.

epistemic humility is a virtue..

https://tenor.com/view/a-little-bit-michael-che-saturday-night-live-lil-bit-a-bit-gif-15024532712384690663

I wish i could land my first cyber related job

In high school, I began coding with C and Assembly languages. I primarily focus on exploit development whenever I get the chance. Recently, I spent an entire month fully immersed in hackthebox finishing most of the challenges and machines up to the hard level. Once I finish what I am doing right now, I'll likely move on to the insane ones.

I have like a whole backlog of 6 years of writeups.

Nice 🙂

I think I am reasonably competent.

You should also network a lot, really important in this field

Yes definitely, that's right.

I still need to work harder though.

Don't burn yourself out

Still trash where I am at right now.

I also started when i was young. Mine begins with C++ then cyber security stuff

Then you are already ahead.

It's definitely not enough. I won't be satisfied

Yes, certainly. But considering I've been working for about 12 hours a day, most of the time, I believe I'm alright.

Same thing for me, I am not even close to be called a hacker.

You alright, mate?

:p

Famous last words

I live and breathe information security haha.

I can observe that

I just really like this thing.

I don't play video games or anything like that, this is my entertainment haha.

Which is odd for most.

Being odd sucks

You are unique when you are odd.

I can't even

I don't pay much attention to most people's opinions. What matters to me is that what I'm doing right now brings me immense happiness and productivity, which will ultimately lead to even greater happiness in the future. Many people can't understand that.

pls get at least 8 hours of sleep

I do around 7-8 in general.

What video are you watching while having your favorite breakfast?

Nyan cat 20hrs usually

Generally, the news or I read articles.

Sometimes I like watching liveoverflow and things like that.

Long brekfast

As i assumed

Boo. Old

Reading the news depresses me

I am legit very old school despite my age.

Odd or not, just be yourself, everybody else is already taken 😉

If you were to see my Linux/Windows setup, you'd probably wonder, "What on earth is this?"

It's the most basic thing on earth.

basically

whos good at hacking

Not me, not yet.

i need a hacker

Fluff

sup

@jagged moon

fluff is the elite haxxor

Seems like someone is going to get banned.

true

shit

Check deleted messages

so

idc

U know it's illegal, right?

@devout palm Linux or Windows?

Seriously?

Yes.

didnt clock

Of course templeos

k bye

Ciao

kinda uselss to my prblem

The best sound design and graphic design ever.

Sorry but that is obviously Biber OS

I am not at that level yet.

none of us are

I hate the people who just search for "hack" and like "Yah this one, let me ask for illegal shit"

wreath access file still broken

4 hours and still empty vpn file

Pretty sure most of them get scammed out of money eventually when they find something

Not to be the one to say it, but I will.

Karma's a bitch.

flufff can you put certs in my channel profile?

Dm

IM GETTING DOXED RN FOR NOTHING I NEED HELP PLEASE SOMEONE

@boreal scarab 👀

^^^^^^^^

PLEASE IM BEGGING

Just be careful of what you share on the internet tbh

👀

I've seen multiple people use their irl legal names as unchangeable nicknames in mmorpgs

some people could really teach a class on how to have the worst opsec possible

I couldn't put that much pii on the internet if I tried

Whatcha up to?

Workin, u?

Gotta try and finish up some homelab stuff too

Stupid monitoring and observability being a PITA

SNMP is cursed

wowww yall jus gon lemme get doxxed,

Just finished dinner, so chilling right now. Just had the Broccoli beer cheese soup

Nothing we can do 🤷‍♂️

Thats a weird ass combo

This is a discord for https://www.tryhackme.com , not an unethical retaliation discord.

It’s not like we can erase the information you posted

i didnt post it tho

@hot cairn @boreal scarab ping a moderator please

Neither did we

they got my shi bc the com my discord acc

they*

Com?

i mean ur name is nolan

so

Script kiddies

Quite excellent. Wine, beer, cheese, broccoli

Wb

bread + cheese + water in microwave

Hear me out, change that water to beer

brute

Homie you’re not making sense

And if they brute forced your account

Research how to make a secure password

2fa ^^

Download a 2fa app on your phone and secure accounts with that

woaa

Nice

PiHole is amazing

😂

and don't use a microwave 😂

I've been asked to remove that post. Still in my accomplishment.

Microwave best for cooking though

steak even

microwave is not for cooking any kind of good meal

Microwaved Wagyu ❤️

I love Wagyu, but not way I would cook a prime piece of Wagyu on the microwave that's a crime. Fire a grill. I don't like microwaves, but I was born in Argentina so BBQ is in my blood 🙂

Building home lab can be considered as a project, right?

I mean yes

until it turns into a 2nd job and home-prod

Yes.

It's actually recommended.

But only decent ones.

i mean its hard to not learn from setting up a lab

Yes, only boast about it if it's genuinely something significant that you're proud of and, most importantly, something from which you've learned a great deal.

All home labs are projects (an you can learn from them), but ultimately, it's the complexity that truly defines them.

arghh

pihole stopped showing up in gui

depends on where you are honestly

if you dont know much , learning out how to setup and configure a hypervisor/linux system can be valueable

i wouldnt pitch that as "homelab" more so sysadmin/systems skills, but still

Emma can boast about it all it want's, it's setup is probably one of the most advanced homelab's in the world

not most advanced, but i am insane

BGP at home is fun

I have to admit, my perspective is quite different from most people. As a true perfectionist, if I boast about a home lab project or something similar, it absolutely has to be the most incredible thing I've ever created and even then it depends.

Literally, my CV is full of void

I want to fill

yeah fair

I don't have any prior experience

I could rant about my homelab for hours kekw

Design exceptionally impressive projects that are truly mind boggling.

like a rick roll entirely in the cli in rust

I'm not suggesting that you shouldn't pursue it. I simply shared my perspective and how I perceive such a thing.

For a SOC Analyst role, what can i do?

setup security tools at home

get your own logs and look at them

yea

ELK stack, etc

How am i going to document this?

Generally, your direction matters, but think about delving into malware reverse engineering, even though it's considered tier 3. It's vital to tell apart between harmless and genuinely harmful elements. Explore MITRE attack techniques linked to APTs and expand your understanding from there. Also, get to know how Sysinternals tools, especially those for Windows, work well. While learning the software might be simple, distinguishing between malicious and legitimate aspects is the real challenge (most people fail there).

Mastering the fundamentals is essential because you don't want to simply be a script kiddie in the truest sense of the word.

You'll also become more valuable overall because people will appreciate your expertise when you can analyze why a particular process behaves in a certain way and correlate it to attacks that occurred some time ago. Being able to delve into these details enhances your credibility and worth.

Yes i want to do that

But i suck at describing myself

Do you mean reports and similar documents?

yes

like CV stuff

If your a soc analyst and they need a written report. How detail should they usually be?

ah fixed pihole's dashboard

is it a good sign when your boss says “do you have any clones of you that we can hire?”?

I guess so

as detailed as you can be

You can practice this quite easily; it's primarily about your mindset. You aim to be clear while also conveying precisely what you intend to accomplish. For example, with a pentest report, you strive to be thorough yet coherent and easily understandable. It's not solely about overwhelming others with technical details (X, Y, Z), but rather ensuring that someone without an IT background can still follow along, although they might encounter problems while understanding the technical sections obviously.

It's all about being clear and very direct.

in any report in this field, give enough detail where it makes sense to anyone, tech savvy or not. Also make sure every detail is there, so there is nothing they need to find for themselves

You designate your objective and consistently ask yourself, "Does this report effectively fulfill its purpose?"

Yes.

Very detailed.

I want to be a pentester, but first i need experience

I'm currently aiming for SOC Analyst, system admin jobs

For example, when I’ve done pentests, I like to be detailed enough where the client could replicate the exact attack, with no experience

As well as I give them fixes, and how to implement the fixes

Makes sense. Especially if you’re sharing your findings to the public to educate them

Also explaining the dangers of what is found, what harm could come of it, and why it is rated as critical as it is

If your aloud of course

Practice capture the flag challenges alongside studying real-world penetration testing techniques like XSS, XXE, SSRF, XSRF, etc. Keep the focus on learning rather than overly gamifying the process.

I engage in HackTheBox frequently, but I find that it's heavily gamified.

Do portswigger, and practice writing reports as if they are pentests

It's good to learn but it's very much a puzzle game.

Definitely portswigger, it's good.

and even your CTFs, practice report writing

I think I'll just post this pi-hole thing on my linkedin. I won't put it in my resume as i haven't done anything hard. Disabled DHCP and set a static IP then ran auto installer

Yes, I agree.

now that’s more for web usually, your best bet for network would be focusing in AD, and general pivoting within a network

But otherwise, CV is empty

Active Directory (AD) is a valuable skill to learn. I always recommend to those genuinely interested to begin with the hard-medium machines on HackTheBox or dive directly into Active Directory challenges on platforms like TryHackMe or do it yourself (vm's).

create a homelab, and practice attacking the infrastructure. Try bypassing firewalls, antiviruses, etc

Totally agree.

And how do I go about making a homelab

The best part of practicing on home projects, is you can then try and implement the fix, and understand how everything works

Exact, people should really strive for that.

If it's too complicate, then figure it out and try again.

yeah, fixing the issue is a valuable skill for a pentester as well

That's why most people hate the AD part in OSCP.

1000%.

I don't think my 8 GB mac can run more than 2 VMs 😂

pentesters are usually consultants. Our jobs are to test for vulnerabilities, and educate the client on our findings, and best practices to improve

I worked on 4-6 gb for ram for years before I got my new computer (didn't care to change until now).

Anyone?

just add ur thm pathway certs, seen people gloating a lot with them

there's a good number of sites out there that give tips and walkthroughs for this, varying between getting your hands on some gear to setting up virtual networks. It really depends what you can afford.

and of course compliance

Find a project and try to replicate or desing something new yourself.

about to shower, if you DM me I’ll circle back and send you a video for Active Directory

I see

But most of the time, the equipment is rarely the issue.

Ight

If you really want to make it work, you can easily do so.

How am i supposed to run a home lab then?

I have no devices

You said you have a computer

For a web server, you can run very little

for an AD, you’ll struggle a bit

For simple things ok. But AD

Windows eats at least 4 GB of ram

virtualizin' baby!

Here's a good overview that might get you thinking in the right direction about what you want to do. @crude stump you might be interested as well

https://resources.infosecinstitute.com/topics/penetration-testing/how-to-make-your-own-penetration-testing-lab/

BUT THM has some AD stuff that’s good

You can achieve it on the cloud, simulate it logically, and then replicate it using frameworks that provide direct output. While you may not be able to run 1000 machines simultaneously, you can simulate such behavior by carefully laying them out if you understand precisely how they work. Most people with crazy homelabs have dedicated hardware so don't compare yourself to them.

I literally learned everything so far on 4-6 gb of ram.

Especially these days with TryHackMe and so on.

I was doing rooms on tryhackme with my old ass phone

Using nethunter

There you go.

I also used GNS3 to simulate routers and so on.

https://tenor.com/view/hi-chat-gif-20883935

Oo thanks

Gave +1 Rep to @mint pier (current: #1993 - 1)

Ok. I'll just go for a detailed research and try the most efficient way

I really want to do it

Before, I used to personally examine each machine, monitor its performance, and analyze its output for a certain period. Then, I would duplicate the process for numerous other machines using a Python script. This allowed me to generate synthetic logs for around 1000 hypothetical machines. Although this approach has its limitations, I never had the chance to test it in a real-world scenario (that was the only way for me).

I can actually make something like that. A server that monitors all of the machines that are connected to it

Hi.

Yes that's good.

I'll make a server and client in python

Read about NOC's.

send help

I can actually use my phone

as a test device

termux

You can look into different frameworks that relate to these ideas and see how they understand them. If you're interested in going deeper, you can also explore how these concepts are used in data centers.

and create a VM on my mac

Yes or you can use TryHackMe machines indirectly to apply that knowledge.

3 Devices, enough

Yes.

Thank yall for the support

You're really pushing me to it

I did that for a while on HackTheBox and even TryHackMe when I get domain admin.

I would stay there and just check how everything is setup.

I would take notes and modify this and that.

I would mentally map out the entire network and ask myself how I would navigate to locate X APT if they were present in the system.

Ok, so while setting up the pi-hole. I thought of /etc/hosts . Can't we do the small part of pi-hole with that?

Even my approach to crack these machines, is full stealth. Since I would always go back and check the logs at the end once I get domain admin.

I wrote my blog about this:

Why don't we just use /etc/hosts ? Well, we can also point known malicious/ad domains to 127.0.0.1 (localhost) so that we don't connect to the real server. But our list is huge. And this method is limited to only one device. If you want to block a few sites, then you can go for it.

No clue what that is but you can easily play with that I am sure.

a hacking tool im pretty sure

No

i’ve heard pi-hole a lot recently, no clue what it is

It's a file to point domains to IP addresses locally

comes up a lot out of nowhere

Same I am rather clueless.

Oh pi-hole

yeah

derogatory ah name

lol

Basically, it is configured to intentionally return incorrect or non-routable IP addresses for specific domain names. The purpose of it is to redirect or block access to certain websites or services by preventing the resolution of their domain names to valid IP addresses.

Just like a black hole

except its a pi hole

him, is it for security purposes? or for attacker purposes?

i can’t really tell lol

You can block ads

@devout palm Just remember a skilled hacker isn't held back by hardware limitations. They find clever ways to make the most of what they have, maximizing their learning potential.

if its blocks certain ips wouldnt it be security?

Even with a basic setup, I can still do what I need to do without any problems because I can adapt. I'm not a hacker yet, but I'm working towards it.

It doesn't block certain IPs

websites

It points domain to the void

oh

So that you can't access that domain

It's a DNS sinkhole seems like.

yeah, but could also be used for attacking availability possibly? Unless its just a weird firewall

ohhhhh

Also used to log DNS requests

And monitor

It's actually interesting it blocks unwanted content without installing any additional software on the client side.

thats cool

That's really cool

Should i put it in my resume? 😂

I'm so clueless

If you truly get how it works and have genuinely learned from it, try presenting it in a different format.

I can speak about it

I can talk about DNS, networking and stuff

Based on my brief understanding and a 2 minutes read on the topic, it seems one can can talk about network defense, traffic monitoring, tracking prevention and so on.

definitly

put anything you know on your resume. the more stuff on there the more the recruiter will see you are passionate

I understand/see how you can connect and relate it to SOC. You can also nuke it and then observe its behavior.

There is a 1000 different ways.

Just be careful though with nuking.

It's running in a VM

Make sure it's airgapped.

I can spam with DNS requests, i guess? But that's useless

Malware based attacks.

Like, you need to find a unique domain

That's all

Pi-hole can't block it

I mean try to have it stored locally and have the malware interact with it.

Something that can adapts dynamically to counter its defenses.

It's in the line of polymorphism but still.

It's very advanced but very impressive if you pull it off.

You will be 99% overqualified.

The idea is to just learn make the most out of it.

Can i PM?

Sure no need to ask.

kinda a rule here

But for me that doesn't apply.

Anyone can message me.

ight

Big brain move. Use BlackArch in a VM on a Arch Laptop

https://tenor.com/view/linux-chad-arch-arch-linux-chad-user-gif-21904978

I still remember backtrack linux.

when did backtrack end anyways

13?

damn. that would make it a decade

Yes good old days.

I was so young back then.

BackTrack was really cool.

It's pretty much Kali Linux now.

The design was better though.

the good old day were the one of Slackware and XFree86 🙂

shit

i just deleted a snapshot instead of restoring it

it happens even in the best families 😂

aye

Notice anything new

Congratz

Yes sirr

Also heap did you complete the soc path

lechaim 😂

Nope not yet

I’m doing it right now. It’s really informative

Dannng that background is fire

I don't get all this hype for arch

Default BlackArch

Better then kalis lame default background

people using black arch on here???

Right terminal is my Arch laptop

That's old, I think 1991.

anyways it is meepity moopity meep moop to the beepity boopity beep boop sleep sloops times for shadows

I'm making the big chad moe to run BlackArch for HTB stuff on my Arch Linux Laptop 😄

I tried it once, and it was not convenient at all when something broke.

That's arch in general though.

it is actually rare that arch breaks

and generally the things that can cause breakages is in the news section of archlinux.org

No clue, I don't use Arch. I use Ubuntu.

I have to read more about Arch to be honest, so I don't know.

ah yes ubuntu... the distro that breaks every 4 years when you need to upgrade from one lts to another

Xfree86 1991, Slackware 1993, the good old days 🙂

It's actually good and works very well.

I like it because the design is nice, it's fast and very smooth.

I don't bother with customization, I don't like that too much work for too little reward.

that is how it starts

I have been using Linux for ages though.

I thought shadow was going to sleep

same here ace

I will check them out, looks interesting.

but x509 threw a curveball

It's very OG.

😂

I had never had a break update with ubuntu

shadow used ubuntu until around fall/autumn 2023

That's interesting I haven't had any issues on my end. If I encounter any, it's likely my fault. Last time I had a kernel panic was in November 2015.

from 2016

Is it possible for ssh to disable its self and disable its port if no network is available for some time on ubuntu

Can you download a bare metal Linux os on a crome book?

technically started first using linux in 2014 but switched to it as main in 2016

used ubuntu for a long time

Never had that happen to me.

My dad turned on hidden network accidently on the router and now my RPI isn't letting me ssh in but other ports are working like plex, jellyfin

then got into problems when the tools and stuffs shadow needed more then 3 ppas causing heavy breakage at lts updates

My first distro was Gentoo.

Which I worked with for 3 years.

that is not the brightest idea

update times on gentoo is pain

It was fine and cool but I got bored.

So I switched to Ubuntu.

Since then never switched.

still use what works for you

Anybody got a idea, port 22 got closed now

just for shadow ubuntu is nightmare

Hey X509, can you give me the range of your age? ~ Just curious

I don't touch anything else after I install the OS. I don't even change the wallpaper.

16-22

maybe it is not closed but just not open on the current subnet/ip range

waddya mean

you don't install a ton of hacking software????

I do when I need to.

Nah, he codes them all

:p

I hope haha.

then you could also run into the ppa nightmare zone

I don't use kali linux for that specific reason.

Too many packages.

It's filled with junk.

I only install what I need.

if you got more then around 3 ppas on ubuntu and update from 22.04 to 24-04 your chance of breakage is not insignificant

24.04

No clue, I always clean my setup here and there.

Xfree86 there is no update since 2008, I think is finished, Slackware the last update was 2022 I used Slackware from 1993 to 1995 or 6 then move to Debian

happened the first time from 16.04 to 18.04 for shadow.... happened again between 18.04 to 22.04

I like checking old software.

and then shadow called it quits

How are the tryhackme homies doing

procrastinating sleep

I started with Gentoo then I dual booted Windows XP on the side.

Then moved to Windows 7 with Gentoo on the side.

I would expect nothing less from you

Until I switched to Ubuntu.

I tried Vista once, not that bad.

But the design is horrible.

and this is not complaining about the crazies that ubuntus parrent company canonical are doing

Doesn't affect me so I don't care about it.

Hi bee