It sucks it's logitech
#general
chilly veldt
no worries
mossy river
Someone said to go for the S version, so I'm going to do it ๐ค
It's ยฃ5 cheaper so
chilly veldt
its bad ๐ฆ
it works on our macs at work?
boreal gull
well "doesnt work" = the camera stutters sometimes
boreal gull
it works on our macs at work?
u mustn't stare at ur own camfeed obessively like i do
mossy river
if you stream, its noticeable compared to others
Time to cancel my streaming arc
boreal gull
Solution is "use the propritary logitech software" but cant always install ๐ฆ
mossy river
my friend uses a 4k go pro
boreal gull
windows and linux its fine for me tho
mossy river
maybe I should've asked my mother for her gopro
chilly veldt
oh well, time to go to work
sick lance
I thought about using my GoPro
fluid ember
oh well, time to go to work
@chilly veldt are you a cybersecurity Engineer?
chilly veldt
<@272707328455999488> are you a cybersecurity Engineer?
I am a security analyst and engineer yes
chilly veldt
It's at least the new role I just got, but I am also a data technician working internal IT
chilly veldt
Which certification do you have?
I got eJPT (which I don't recommend) and BTL1
fluid ember
Wow just want to follow your footsteps ๐. Well am starting with the Tryhackme
To get the skills ๐
chilly veldt
That's a good start!
I too started out with CTFs before starting my education and my first job
fluid ember
I got eJPT (which I don't recommend) and BTL1
Why don't you recommend the eJPT?
chilly veldt
Why don't you recommend the eJPT?
It's too easy to pass for it to give any value, especially with the price tag that it has, the new edition has had a whole revamp so the infra is a little better, but the study material isn't the best and the fact you have to pay $750 to get access to training boxes is absurd
Yes it's entry level, but you can pass it with little to no computer knowledge
fluid ember
Okay
So which cert will you expect me to get in future once I am confident in the skills of getting in Tryhackme?
past sparrow
I got eJPT (which I don't recommend) and BTL1
What does BTL1 cover?
chilly veldt
So which cert will you expect me to get in future once I am confident in the ski...
I would recommend pjpt
past sparrow
Mmm, maybe I misphrased my question
I want to know what it covers that any other blue team cert does not cover
chilly veldt
I want to know what it covers that any other blue team cert does not cover
Hands on usage of Siems and other tools, it's a practical exam
past sparrow
I see, interesting
chilly veldt
Basically OSCP but blue teaming
past sparrow
is BTL1 required for BTL2?
chilly veldt
It's recommended
past sparrow
I might want to jump straight to it, if it teaches a lot
chilly veldt
It teaches you quite a good bit, would recommend taking the SOC paths on tryhackme with it
crude stump
It sucks it's logitech
I use a Logitech wireless mouse
Itโs actually really good lol
I dropped it like 2 times
Still works
past sparrow
only 2k as well, much cheaper than SANS ๐ค
crude stump
I have this https://www.razer.com/gb-en/gaming-mice/razer-basilisk-ultimate
Oo it looks cool
chilly veldt
only 2k as well, much cheaper than SANS ๐ค
Don't take BTL2 without having a company sponsor it
crude stump
I had razer headphones but they broke
past sparrow
Don't take BTL2 without having a company sponsor it
Of course, I would have my company pay for it
chilly veldt
Of course, I would have my company pay for it
Goodie, just didn't know your situation
mossy river
I had razer headphones but they broke
I'm looking to get wireless ones, I currently have razer kraken v2 iirc
past sparrow
Goodie, just didn't know your situation
I propose, explain, defend, they say yes or no
crude stump
I'm looking to get wireless ones, I currently have razer kraken v2 iirc
Yeah the wireless are better then the wires
chilly veldt
I propose, explain, defend, they say yes or no
Yeah, it was more if you were looking for job or already had one
past sparrow
Yeah, it was more if you were looking for job or already had one
Oh I have been in blue team / soc environment quite a while now
crude stump
The reason my old headset broke is because just above the plug, I guess I did somthing idk but now only one headphone plays
past sparrow
So entry level certs I would rather skip and jump to the advanced ones where I can increase my competence
cerulean nest
grr
carmine sedge
This is going to be a question way off topic, but I am pretty sure there are avid star wars fans in this thread. Has anyone been following the new season of the bad batch?
crude stump
This is going to be a question way off topic, but I am pretty sure there are avi...
Ima be totally honest, I never seen a starwars fan here
chilly veldt
Oh I have been in blue team / soc environment quite a while now
Ah, fair fair
chilly veldt
Ima be totally honest, I never seen a starwars fan here
Talk about yourself
carmine sedge
Ah... well then. I guess I misinterpreted Jared | Jabba... lol I thought that was a subtle nod to ezra
carmine sedge
eh hem.... 2 (:
crude stump
Can we get a 3rd
chilly veldt
But no, I haven't followed along, felt they gotten bad since the last couple of movies
carmine sedge
They have :/ ...
crude stump
Since Disney
carmine sedge
Disney kills me... like they start some things off well, except the movies, then just derail themselves but rewriting canon events
outer rivet
Na someone hacked my account
crude stump
Na someone hacked my account
How you speaking then
carmine sedge
is @mossy river not a star wars fan? Is that not the Ezra nod I thought it was????
outer rivet
How you speaking then
Hmm 
because it was my other personality
carmine sedge
you know... I truly learn something new every day
crude stump
https://www.youtube.com/@jabbatherabbit7506
Donโt think that was there question jabba
mossy river
Star Wars is okay
outer rivet
https://www.youtube.com/@jabbatherabbit7506
Wait you from Japan ?
mossy river
I like spending time with my father, we usually watch the movies
near hawk
Star wars was ruined by the new trilogy
carmine sedge
I don't count the new trilogy... @near hawk
near hawk
Valid response
outer rivet
Star wars was ruined by the new trilogy
Is it worth of time watching it ?
hollow pivot
hey @rough gorge can I DM?
outer rivet
I havenโt watch any Star Wars
outer rivet
I give it try
carmine sedge
honestly, the old republic is my favorite era
the fact that keanu reaves hasnt starred in a revan movie makes me sad every day
He literally looks like revan
fluid ember
@chilly veldt which path will someone take in the Tryhackme that alligns with the pjpt?
hollow pivot
<@272707328455999488> which path will someone take in the Tryhackme that alligns...
Once you've done the fundamentals (Pre-security and Web), you can do Jr pentester
fair frigate
Does anyone have a discord token joiner?
crude stump
๐คฎ
outer rivet
Does anyone have a discord token joiner?
What
outer rivet
fair frigate
I need members IN My new server
crude stump
Wouldnโt that be a bot
grim sparrowBOT
:hammer: zendoefe#0 has been banned.
chilly veldt
<@272707328455999488> which path will someone take in the Tryhackme that alligns...
Yeah, as gonzo says, jr pentester aligns pretty well
mossy river
Keep it appropriate please ๐
mossy river
Mhm.
chilly veldt
Gotta love when stuff is free.99
crude stump
Iโm sure heโs joking
rapid merlin
Iโm sure heโs joking
yea he is my frnd
rough gorge
hey <@191831132873031680> can I DM?
hey, of course @hollow pivot
crude stump
๐ฆ
shell nova
sounds like a problem
mighty isle
*my teamviewer doesn't work*
re-install
chilly veldt
sounds like a problem
Yeshhh, especially since I ain't home before 1:30 AM ๐ฅฒ
thick tundra
why do I need to verify my phone to speak on this server ?
is this only for me or everyone ?
some specific thing the mods added particularly for me ?
hollow pivot
thick tundra
sed
candid pagoda
jr, senior?
jr
sick lance
New room Friday!
shell nova
๐ฎ
crude stump
Wooooow
boreal scarab
crude stump
https://tenor.com/view/cat-slap-eyeliner-gif-12924782275824041620
The straight face makes me laugh
outer rivet
The straight face makes me laugh
crude stump
Oh
crude stump
Itโs cool
candid pagoda
any advices for job interviews?
crude stump
Hi click my profile and tell me how you like my background effect
Maybe more color in your banner
outer rivet
Maybe more color in your banner
Need nitro
bitter quiver
https://tenor.com/view/all-might-youre-next-my-hero-academia-gif-20408336
Only anime I've seen in a long time that made me feel like a kid again
outer rivet
crude stump
any advices for job interviews?
I would ask in #cyber-and-careers thereโs some professionals that talk in there and would love to help
candid pagoda
I would ask in <#707992725646999553> thereโs some professionals that talk in the...
great thanks
twin ridgeBOT
Gave +1 Rep to @crude stump (current: #172 - 36)
bitter quiver
THere is a reason I'm rocking Star Saber images on my profile atm. Watching that and Bravestar atm lol
heady nova
Ello
soft orchid
So I have an assignment to emmulate a hack that happend in the last couple of years. (Nothing complex but not too easy either). Anyone know any sites where I am might be able to find these hacks
sick lance
So I have an assignment to emmulate a hack that happend in the last couple of ye...
Google, we don't assist with coursework.
buoyant tree
when new room?
wintry sluice
pattern seems to be (if a room is getting released)
- walkthrough rooms at 1600 UTC
- challenge room at 1900 UTC
buoyant tree
pattern seems to be (if a room is getting released)
- walkthrough rooms at 1600 ...
hmm, then imma be out
near hawk
Yea every friday for challnge and then i think usually tends to be monday and Wednesday for walkthroughs?
boreal scarab
@gray sonnet WAKE UP
kindred pike
sand trench
ello ello
cedar moss
Ello
sage wolf
Aaahhhh
umbral bay
New room, just in time #1223346371550117898 ๐
sick lance
<@976398366823039026> WAKE UP
Grab a brush and put on a little make up?
boreal scarab
Grab a brush and put on a little make up?
System of a Down ๐ซก
chilly veldt
New room, just in time <#1223346371550117898> ๐
Ha, ha, ha
That joke came clocking in
cosmic pendant
Twitter
sharp citrusBOT
clear jackal
There's an open CVE, current instructions from CISA are to downgrade from the affected versions
cosmic pendant
Open Source says hello
They can track the commit of when it done. Whoever did it, it was malcious, we'll see what user it was done under.
Then, likely he was compermised, wouldn't be the first time
shut hawk
Oh dear
cosmic pendant
Yeah, devs get whacked don't know it
people push commits, no one checks from the main guy...
It's happened before, it will happen again, and it will happen more
just got lucky
blazing granite
that's why it's better to run Kali in a VM
shut hawk
yeah where are the branch protection rules?
boreal scarab
I love when mother Russia tries an XXE on my server and failed 
near hawk
Vue need to activate their windows
devout palm
lol
tropic stratus
Is it unreasonable for someone to be strongly opposed to the concept of IoT devices because they seem pointless and a massive security risk?
Like who asked to connect their coffee pot to the internet anyway? Does it need an internet connection?
naive violet
There are some with good security and privacy backing them
And personally, I prefer "home automation" to "iot"
boreal gull
@naive violet can i dm you?
naive violet
Go ahead bee!
tropic stratus
Hrm. Personally I'm against the idea of adding internet connectivity to random appliances like fridges, etc.
chilly veldt
Like who asked to connect their coffee pot to the internet anyway? Does it need ...
as someone who works with creating literal IoT devices, what you find at homes are as James saying more like "home automation" and not IoT
naive violet
Hrm. Personally I'm against the idea of adding internet connectivity to random a...
Lamps, lights, heating etc
tropic stratus
Hrm.
What's the difference between the two? Is home automation on a more systematic level, while IoT is only specific devices?
crude stump
I love when mother Russia tries an XXE on my server and failed <a:lightsaberpepe...
How do people even find your server. Itโs not like itโs a companyโs server
chilly veldt
What's the difference between the two? Is home automation on a more systematic l...
we create devices that help companies and people around the world with a critical infrastructure point, via a device that has been turned "technological" and connected Internet to, helping processes and compliance get done in a proper way, while not just telling you that your coffee has been standing on the burner for 2 hours now
home automation is more of a QoL inpromevment where as IoT actually solves issues, you can still live your life with no issues without having any home automating tools, whereas IoT devices might solve specific issues if not multiple issues at once
boreal scarab
How do people even find your server. Itโs not like itโs a companyโs server
Dunno, but it doesn't have access to my internal network anyways, and ooooh, you're getting access to a VM with randomly long ass generated passwords that's only hosting minecraft
Good job, you wasted your time 
naive violet
What's the difference between the two? Is home automation on a more systematic l...
Home automation is a more descriptive term, rather than internet-of-shit
boreal scarab
For a sec I thought James was going to be the voice of reason behind my thought process
chilly veldt
James, do you know anything about LoRa?
naive violet
How do people even find your server. Itโs not like itโs a companyโs server
Anything internet facing is constantly scanned and attacked.
naive violet
James, do you know anything about LoRa?
A non zero amount
chilly veldt
A non zero amount
fair fair, it's a cool topic
sand trench
shadow is afraid of IoTTPYfP
crude stump
Dunno, but it doesn't have access to my internal network anyways, and ooooh, you...
You must be proud of your ips
naive violet
fair fair, it's a cool topic
I've got a LoRA satellite reception setup going at the moment
crude stump
Anything internet facing is constantly scanned and attacked.
Interesting
chilly veldt
I've got a LoRA satellite reception setup going at the moment
cool
naive violet
I'd show you but it'd doxx me
boreal scarab
You must be proud of your ips
I love talking about my VM.
8 cores, 16 threads, 64 GB Ram,
Fail2Ban, Full disk encryption, clamscan every day with logs, UFW.
Snapshots taken every other day, clone of the VM incase of failure. Dataset on TrueNAS encrypted for that VM.
buoyant tree
I love talking about my VM.
8 cores, 16 threads, 64 GB Ram,
Fail2Ban, Full disk ...
have you ever considered making a flowchart for everything
something like this
boreal scarab
have you ever considered making a flowchart for everything
Uh... I have not lol
crude stump
I love talking about my VM.
8 cores, 16 threads, 64 GB Ram,
Fail2Ban, Full disk ...
Wow nice set up
boreal scarab
Oh, forgot to also state, that VM is also on a separate VLAN with no intranet access
sand trench
....
buoyant tree
Uh... I have not lol
DO IT
blazing granite
I love talking about my VM.
8 cores, 16 threads, 64 GB Ram,
Fail2Ban, Full disk ...
All that for minecraft? ๐
boreal scarab
All that for minecraft? ๐
Yes
chilly veldt
I got 2 VMs running on my home desktop right now that has access to my whole network
sand trench
matt is protecting against log4shell
boreal scarab
Hey, it also has taught me things too. Was like a fun project
buoyant tree
I love talking about my VM.
8 cores, 16 threads, 64 GB Ram,
Fail2Ban, Full disk ...
Why do you need 64 gigs of ram for minecraft
boreal scarab
matt is protecting against log4shell
chilly veldt
Why do you need 64 gigs of ram for minecraft
why not
buoyant tree
Like unless you're planning on creating mob farms with potentially tens of thousands of entities you shouldn't need that much
boreal scarab
Why do you need 64 gigs of ram for minecraft
I got 256 GB of ram I can use. Might as well load that VM with 64
I got 2 MC servers on that VM for my friends
No lag whatsoever, love it
chilly veldt
Like unless you're planning on creating mob farms with potentially tens of thous...
let me introduce you to mods
blazing granite
Why do you need 64 gigs of ram for minecraft
why not? Are you the minecraft police? ๐
boreal scarab
I got 2 VMs running on my home desktop right now that has access to my whole net...
Satan!
buoyant tree
why not? Are you the minecraft police? ๐
buoyant tree
No lag whatsoever, love it
my 2gb minecraft server doesn't lag
boreal scarab
one of them is vulnerable
You're beyond Satan.... you're Satan's Satan.
naive violet
Anything good?
The lines aren't meant to wobble so much
chilly veldt
You're beyond Satan.... you're Satan's Satan.
what?! I am testing a room I made
boreal scarab
*my 2gb minecraft server doesn't lag*
My friend was paying like $20 a month for 4gb ram minecraft server. I told him to hold my beer and I made him that VM for free
wild rose
what?! I am testing a room I made
nice!
buoyant tree
My friend was paying like $20 a month for 4gb ram minecraft server. I told him t...
paying for the server
crude stump
Wait can you use a vm like a whole other operating system.
buoyant tree
ngl thats good maths
pay 400$ for a 20$ problem
I have done that type of maths too manytmes
boreal scarab
pay 400$ for a 20$ problem
And after 20 months, ROI.
Nah but I was getting the server for myself anyways, and since I had the hardware, I built him a VM. I didn't know till after I bought the server that he was paying that much
@teal nexus
teal nexus
Once you finished learning how to use a tool is that considered a skill or do they provide more practice for it down the line?
buoyant tree
although a 20$ for a 4gb server is criminal
rapid merlin
Can I Use TryHackMe Without Knowledge of Networking? I know a little of cyber security and I fully know IT but I don't really know networking can I still use TryToHackMe And Understand everything they teach?
buoyant tree
thats 5$ at most
teal nexus
<@447222276908122112>
? lol
buoyant tree
Can I Use TryHackMe Without Knowledge of Networking? I know a little of cyber se...
Yes you can follow the pathways for it
.
rapid merlin
Yes you can follow the pathways for it
that great to know
buoyant tree
they teach you almost everything you need to know in order, and if you are ever confused feel free to google or ask here
teal nexus
The name of you and I are very similar
AHHHHH lol, you just posted that right at the moment, I posted my question lol made me super confused
boreal scarab
The lines aren't meant to wobble so much
What do you expect though? It's flying through space
teal nexus
Thought it was a bot for a second
boreal scarab
AHHHHH lol, you just posted that right at the moment, I posted my question lol m...
Oooooh lmao
naive violet
What do you expect though? It's flying through space
It's geostationary, the wobble is from my kit
boreal scarab
<@214547132231843840> is a bot
teal nexus
Oooooh lmao
Also reason why I thought it was a bot, is that this is the first time posting in this chat from my recollection lol
normal fable
https://tenor.com/view/i-am-robot-dancing-funny-gif-14355392
See now.. you could have done the robot when we went to the club. ๐
boreal scarab
what?! I am testing a room I made
Yah.... but exposed to your entire network... even if I'm testing my own vulnerable machine, I'm putting that in my lab that cant see my network
boreal scarab
See now.. you could have done the robot when we went to the club. ๐
You mean the club that gave me a double of Jameson for like $37?
Mfer, I can't dance anyways, even the robot
normal fable
Yeah.. that one.. lol
wild rose
yikes you can get a whole bottle for that.
strong flicker
teal nexus
You mean the club that gave me a double of Jameson for like $37?
god, does clubs charge that much for a double?
boreal scarab
yikes you can get a whole bottle for that.
Welcome to Vegas! At THE MOST EXPENSIVE HOTEL ON THE STRIP...... I blame @vocal gale didn't he find that club @normal fable ?
normal fable
Ye
toxic canopy
Now collect 10k bug bounty
boreal scarab
๐
boreal scarab
god, does clubs charge that much for a double?
In vegas it does lol
normal fable
He really wanted to go to a club.. but I also was okay with it.
devout palm
I wanna go Vegas
boreal scarab
He stayed there till like 4 AM, the dumbass tried to bring lockpicks through the bouncers
teal nexus
In vegas it does lol
I went to a restaurant/bar but don't recall shots going that high, guess I was at a low end restaurant
normal fable
I went to a restaurant/bar but don't recall shots going that high, guess I was a...
You just weren't at a club.. club prices are high
sand trench
https://tenor.com/view/i-don%27t-know-what-you-mean-tek-knight-gen-v-i-have-no-i...
log4shell existed in minecraft for a while
boreal scarab
I went to a restaurant/bar but don't recall shots going that high, guess I was a...
Yah... we went to the club at the Wynn
teal nexus
You just weren't at a club.. club prices are high
that type of club? that try to get you to throw more money? lol
boreal scarab
log4shell existed in minecraft for a while
Wasn't that around the time of Log4J?
normal fable
that type of club? that try to get you to throw more money? lol
They had a dress code.. for some reason they let us in. ๐คฃ
My favorite things were meat swords and white castle..
boreal scarab
Wasn't this packed at all, but this was the club
boreal scarab
just it is patched now
Ahhh
teal nexus
Random DJ there or someone in specific? Never been to a club at Vegas so I have no idea
boreal scarab
My favorite things were meat swords and white castle..
Ccg, the meat gobbler of meat swords.
rapid merlin
yo guys did you learned a lot from tryhackme?
normal fable
We had good food. ๐ The meat was tasty. lol
mighty storm
yo guys did you learned a lot from tryhackme?
yh i have
vocal gale
Welcome to Vegas! At THE MOST EXPENSIVE HOTEL ON THE STRIP...... I blame <@30546...
Loved the club
mighty storm
its good for beginners
boreal scarab
Random DJ there or someone in specific? Never been to a club at Vegas so I have ...
Dunno, we just went there just to go there since we went to the Blue Team Village party, but it wasn't popping yet, so we dipped, walked around, had white castle then went to the club
normal fable
AC in the Tesla sucked in the back seat.. ๐
teal nexus
yo guys did you learned a lot from tryhackme?
I'm in the process and its been pretty good. Although I just don't know when it becomes a skill after I learn it or after practicing it for several months.
boreal scarab
AC in the Tesla sucked in the back seat.. ๐
Front seat was perfect
empty atlas
yo guys did you learned a lot from tryhackme?
yeah tho + 2007/3/2 just delete that thing in ur about me to be safe
boreal scarab
I wasn't about to give up that seat
rapid merlin
yeah tho + 2007/3/2 just delete that thing in ur about me to be safe
its for 18+ only?
empty atlas
its for 18+ only?
nope just to be safe
boreal scarab
Then you see CCG,
rapid merlin
nope just to be safe
alrrrrr i guess
crude stump
I think I might have talked about this before but if I download snort on my vm, does it automatically start logging stuff if I use the logging command when using the internet. Or would I have to enable something for that
teal nexus
Dunno, we just went there just to go there since we went to the Blue Team Villag...
Whats this blue team village I see?
rapid merlin
nope just to be safe
done G thx
twin ridgeBOT
Gave +1 Rep to @empty atlas (current: #2040 - 1)
empty atlas
done G thx
uhhhhhhhh man lol
boreal scarab
Whats this blue team village I see?
@edgy ferry can answer that one, he helped with the Blue Team Village for 2023 Defcon
visual pecan
Good morning
boreal scarab
@normal fable Ya know Wynn has their own PGA gold course in the middle of Vegas?
teal nexus
<@944395763969044480> can answer that one, he helped with the Blue Team Village ...
Yea, I looked it up but I assume its a group, just curious.
boreal scarab
Yea, I looked it up but I assume its a group, just curious.
Blue Team Village is a Village hosted at Defcon, I believe either HTB @hot cairn or THM @mossy river (pinged ya just so I'm not mistaken) supported them, then you had Red Team Village as well
teal nexus
Blue Team Village is a Village hosted at Defcon, I believe either HTB <@48404024...
Is there a specific definitition for "Village"?
boreal scarab
There was also crypto village (cryptography, not money) physical security Village, lockpivking Village, hardware hacking Village, and much much more
boreal scarab
Is there a specific definitition for "Village"?
Conference room
teal nexus
There was also crypto village (cryptography, not money) physical security Villag...
Thanks for that clarification
twin ridgeBOT
Gave +1 Rep to @boreal scarab (current: #31 - 234)
teal nexus
Dang, I'm giving rep to the bot berries
crude stump
I think of a village, tight nick community of fellow hackers
teal nexus
I think of a village, tight nick community of fellow hackers
Interesting, are there tryout or something to join? lol
visual pecan
crude stump
Tbh I have no idea lmao, never been to defcon
boreal scarab
Dang, I'm giving rep to the bot berries
karmic furnace
I am having a hard time with my pi and pdo_sqlite.
boreal scarab
This is Hacker Tracker, we had to use it to find where the villages were, what was happening when. This is just an example of BSides Puerto Rico
karmic furnace
PHP Warning: PHP Startup: Unable to load dynamic library 'pdo_sqlite' (tried: /usr/lib/php/20220829/pdo_sqlite (/usr/lib/php/20220829/pdo_sqlite: cannot open shared object file: No such file or directory), /usr/lib/php/20220829/pdo_sqlite.so (/usr/lib/php/20220829/pdo_sqlite.so: undefined symbol: php_pdo_unregister_driver)) in Unknown on line 0
Bro I need to go to defcon atleast once in my life
karmic furnace
this is my downfall at 9:18 on a Saturday morning.
Do I have an Aussie defcon btw?
visual pecan
Basically Bsides
boreal scarab
Bro I need to go to defcon atleast once in my life
Comes this year!
boreal scarab
Do I have an Aussie defcon btw?
Maybe a BSides?
karmic furnace
Basically Bsides
Now, assumptions can be made by your Yeah/nah that you are Aussie.
visual pecan
Yeah nah yeah
karmic furnace
I think we are the only people here that understand that sentence.
boreal scarab
boreal scarab
Upside down joke
I'm an American, do your worst
boreal scarab
Are you calling out Summer schools?
visual pecan
I'm an American, do your worst <:kekw:658061932577816606>
I donโt have to. You and I both know your country is a fucking mess right now. I donโt have to do anything.
karmic furnace
We seem to be following suit tho, so don't worry
boreal scarab
I donโt have to. You and I both know your country is a fucking mess right now. I...
(This is all friendly healthy banter)
normal fable
<@337778696121483292> Ya know Wynn has their own PGA gold course in the middle o...
My dad used to go to Vegas to play tournaments all the time.. ๐
boreal scarab
My dad used to go to Vegas to play tournaments all the time.. ๐
๐๐
crude stump
Criky
normal fable
Yes... I do golf.. no.. I'm not good. lol
karmic furnace
(This is all friendly healthy banter)
Despite the tone it seems like we're being rude, we're actually being friendly.
normal fable
I can lose 12 balls on a par 3 course... i mean.. lol
crude stump
Despite the tone it seems like we're being rude, we're actually being friendly.
RUDE
karmic furnace
You have no idea what rude is.
crude stump
Joke
karmic furnace
๐
crude stump
Rude emoji
normal fable
Time to get outside and do some outside work while it's nice out. ๐
crude stump
Smh
visual pecan
Americans think weโre fighting when you talk to another Australian.
crude stump
Do you guys ride kangaroos speedy
karmic furnace
Americans think weโre fighting when you talk to another Australian.
Could you imagine if this wasn't such a PG-13 channel, the language we would use.
visual pecan
We ride Greyhounds.
karmic furnace
Both.
boreal scarab
Yes... I do golf.. no.. I'm not good. lol
Bet! We're going golfing this year!
crude stump
I know
teal nexus
Comes this year!
How much is this thing and when is it?
crude stump
How much is this thing and when is it?
Kinda expensive lol buuut
You get access to a lot of stuff
boreal scarab
How much is this thing and when is it?
$500 just for a ticket, that's not including hotel, flight, or food
teal nexus
https://defcon.org/
Do you recommend someone who is new to the field or would things go over my head there?
visual pecan
Do you recommend someone who is new to the field or would things go over my head...
Probably spend a bit of time learning first.
Fundamentals
crude stump
Do you recommend someone who is new to the field or would things go over my head...
They have a lot of learning uh what would you call them
Expos maybe?
jaunty prairie
conference usually
teal nexus
Expos maybe?
Yea Expos can be a word used. I have a "cert" so I know some fundamentals but not like actually utilizing that information as it has been using THM
visual pecan
Iโve been using THM to do hands on learning.
jaunty prairie
Yea Expos can be a word used. I have a "cert" so I know some fundamentals but no...
I have a jr pen test from INE. it seems to have done the trick with getting around THM, but im still thinking im going to sub. always have more learning to do ๐
teal nexus
I have a jr pen test from INE. it seems to have done the trick with getting arou...
I just got a SEC+ and know networking. So it hasn't been too bad. Just some stuff here and there is confusing but just look up the answer if I can't find and reverse engineer the answer to understand why.
jaunty prairie
how was sec+? I am going to write it this summer, and then do pentest+ just to get actual certs
actually you prob wrote 601? Im going to be doing 701
teal nexus
I actually did the 701 and took me a month and a half to study and take practice tests.
mossy river
@shut hawk geko
jaunty prairie
what was your experiance before taking sec+? I have 20 years in IT, but now pivoting to cyber
teal nexus
what was your experiance before taking sec+? I have 20 years in IT, but now pivo...
Had about 4 years in networking previously and decide to pivot as I was let go from my job lol
naive violet
@teal nexus have a look at the defcon talks published on YouTube. They're free to watch etc online
jaunty prairie
I found some great mentorship from the Simply Cyber community on youtube. really great folks if your looking to do some more networking
grim sparrowBOT
Done!
wooden totem
Free cash money!! ๐ fr fr I boutta be rich
visual pecan
Fr no cap?
jaunty prairie
LOL
teal nexus
I found some great mentorship from the Simply Cyber community on youtube. really...
I just have problems with networking. Move to a new state and then got let go the following year lol
crude stump
What does the ban spam do
teal nexus
Really never learned to network. but going to that defcon might be good
crude stump
Or is it secret
visual pecan
Really never learned to network. but going to that defcon might be good
Canโt tell if youโre talking about getting to know people or network computers.
naive violet
What does the ban spam do
Bans spammers
jaunty prairie
I think its going both ways @visual pecan
naive violet
Deletes all the messages and has a prefilled ban reason/message
jaunty prairie
they want to get better at people networking, but got let go from a networking job
teal nexus
Canโt tell if youโre talking about getting to know people or network computers.
From the context of his message, I am meaning networking as in getting to know people lol
visual pecan
I think its going both ways <@279234216250834946>
teal nexus
they want to get better at people networking, but got let go from a networking j...
Exactly.....shouldn't have move states even though it was WFH
crude stump
<a:winkwonk:1063303772463448134>
Are you really speedy
visual pecan
Are you really speedy
When it comes to leaving work at 5.
visual pecan
My old manager was mad, because I kept leaving dead on 5. Was getting paid minimum wage. I am not working for free.
You already pay me peanuts.
rapid merlin
it was a pain to spend 14$ but i shouldn't be a Cheapskate its still worth it ๐
at least they have referral for a friend
jaunty prairie
it was a pain to spend 14$ but i shouldn't be a Cheapskate its still worth it ๐
LOL im having that issue...its not that its $14....its do i really need another subscription to something
rapid merlin
LOL im having that issue...its not that its $14....its do i really need another ...
its same with me I have like 4 or 6 subscriptions
teal nexus
LOL im having that issue...its not that its $14....its do i really need another ...
What other subscriptions do you have that helps you with gettting more skills? lol
visual pecan
I just claim THM as a tax deduction.
jaunty prairie
letsdefend.io
ine.com
hackthebox.
and now im tempted to get thm lol
buoyant tree
letsdefend.io
ine.com
hackthebox.
and now im tempted to get thm lol
for me, htb, tcm, thm
jaunty prairie
good idea sp33dy. i guess its education, right?
clear jackal
That's not how that works
jaunty prairie
That's not how that works
shhhh we dont talk about that
visual pecan
good idea sp33dy. i guess its education, right?
Check with an accountant based on your country/state. I am a software developer, so I have to develop and test secure software.
teal nexus
letsdefend.io
ine.com
hackthebox.
and now im tempted to get thm lol
OH man lol. I was between hackthebox and tryhackme but jsut went with tryhackme. I just randomly picked lol
sand trench
meep moop time for sleep sloop to get up early for easter while listening to beep boops
jaunty prairie
I like the boxes at hackthebox, but find the community here alot better. im only 3 days in to here tho
and the boxes here are equally as good
rapid merlin
guys what type of career in cyber security you tryna be soc? pen tester security engineer or etc
visual pecan
In my country, THM can be deductible if it is leading to getting job. (Professional development)
clear jackal
shhhh we dont talk about that
You need a 1098-E or 1098-T to claim education on your taxes (US), iirc. You can't just claim subscriptions you pay for as education.
near hawk
Well kung fu panda 4 was a really short film
jaunty prairie
i currently work in Incident response. I want to get into DFIR
teal nexus
i currently work in Incident response. I want to get into DFIR
Dang you are ahead of most if you already have experience. I'd assume it will be at least easier to get into DFIR
chilly veldt
DFIR can be hard to get into
rapid merlin
I'm just trying to get experience for now my pathway is to SOC I know its common but I have no comment
chilly veldt
I have worked in a SOC for half a year
chilly veldt
It's pretty chill
The job I did was 24/7 eyes on screen
So I worked in the evenings and nights
wild rose
Depends on how outfited it is.
jaunty prairie
depends on the SOC, and the perpson. I worked at one company the SOC guys were leaving all the time...where I am now the SOC guys love it
rapid merlin
be honest did you watch movies and stuff like that while working at soc ?
teal nexus
That's my goal to start off as a SOC guy. Just so damn competitive now...super daunting
chilly veldt
be honest did you watch movies and stuff like that while working at soc ?
I am allowed to watch movies, play video games, do tryhackme and other things while working
wild rose
I tend to do THM rooms during free time.
chilly veldt
The only reason why I am leaving this job is cause I got headhunted for a different job
Which is also a SOC position, but I get to help build it and create processes and engineer
And also do IR work
jaunty prairie
well folks. I have some trees calling my name and maybe a movie. I hope you all have a great night
chilly veldt
You too, I am on my way home from work
rapid merlin
i don't really wanna go to meetings and talk I know that you gonna do sometimes that in soc job but not as much as solutions engineers
wild rose
I would have moved to rapid7, but I'd have to work in the office vs from home.
chilly veldt
i don't really wanna go to meetings and talk I know that you gonna do sometimes ...
I've never been in a meeting as a security analyst in a SOC
modest elk
Hi I need help . ๐Till now I have only done tryhackme linux based machine and i have completed 107 room all linux based .. now the thing is now I don't know how to approach windows based machine and when I see windows based machine i don't approach it is there any path or module or CTF which will help
rapid merlin
I've never been in a meeting as a security analyst in a SOC
so they never did meeting where you speak on how you improved and what you did this year and blah blah?
chilly veldt
so they never did meeting where you speak on how you improved and what you did t...
Nope, that's the higher levels job
chilly veldt
I just sit and analyse
sick lance
Hi I need help . ๐Till now I have only done tryhackme linux based machine and i...
Do a few windows rooms on thm.
teal nexus
You guys know a place other than the commons places to look for a job for SOC specifically?
modest elk
Do a few windows rooms on thm.
Which any suggestions
chilly veldt
You guys know a place other than the commons places to look for a job for SOC sp...
Almost all big companies that work with tech
rapid merlin
You guys know a place other than the commons places to look for a job for SOC sp...
it depends on what country you are on
sick lance
Which any suggestions
Windows privesc
modest elk
Ok
rapid merlin
I know one I'm gonna apply to then ill have certificates and much better knowledge
teal nexus
Almost all big companies that work with tech
Just look at careers for those big companies?
teal nexus
it depends on what country you are on
US
rapid merlin
but def Ill never will want to work for microsoft or google it sounds good but isn't
chilly veldt
Just look at careers for those big companies?
Yeah, just have a look around
rapid merlin
also almost my whole family works at tech and similar ๐
chilly veldt
Only my uncle and grandpa is/has working in tech, I am the only one in cybersec
rapid merlin
my father works only in cybersec and my uncle used to my brother is trying to work for cybersec my sister works at cheese factory my mother is an graphical artist and my grandpa is chief of police retired
crude stump
Kyooty how many does do you gotta actually go into work
chilly veldt
My dad's a wood worker, my mom's a psychologist
chilly veldt
Kyooty how many does do you gotta actually go into work
My new or old job?
crude stump
What ever your soc one is
chilly veldt
Both are SOC
teal nexus
Yeah, just have a look around
I just feel with bigger companies itโs daunting to get picked up
crude stump
Hm then the one you said yo sit and analyze
teal nexus
Require a lot lol
rapid merlin
My dad's a wood worker, my mom's a psychologist
I was interested in psychology once
chilly veldt
Well my old job is onsite only, meaning we have to be at the office at all times, my new job is fully remote with possibilities to go to the office if I want to
rapid merlin
yeah I def don't wanna go to cold a#$ office ill try to be remote
crude stump
Well my old job is onsite only, meaning we have to be at the office at all times...
Thatโs cool
What happens if you find something tho. You said you donโt go to meetings so do you just contact your boss and report to them
chilly veldt
What happens if you find something tho. You said you donโt go to meetings so do ...
We have notes, escalation people and cases that we build, plus reports we write
chilly veldt
yeah I def don't wanna go to cold a#$ office ill try to be remote
It's kinda hot office, free drinks in soda, coffee, tea and water, and free food for lunch
Lunch is no matter what shift you're on, paid and warm
crude stump
Wow
wild rose
Depends on your tooling. You could have EDR and/or SOAR that will take care of somethings, but in difficult cases, you'll have to send out to a field services/sysadmins to reimage the system.
chilly veldt
Depends on your tooling. You could have EDR and/or SOAR that will take care of s...
My new job we have full access to everything and can isolate systems ourself if needed
wild rose
My new job we have full access to everything and can isolate systems ourself if ...
we try to limit what analysts do on certain machines due to their complexity and can't always isolate machines.
crude stump
Any of yโall know any good videos on how to isolate a machine?
Thereโs a dude named hackersploit
On YouTube idk if heโs trusted tho
wild rose
when you mean isolate, do you mean take if off the network for a time or setup a sandbox on system?
chilly veldt
Thereโs a dude named hackersploit
Hackersploit is good
wild rose
depends on your tools and if the network allows for that.
crude stump
when you mean isolate, do you mean take if off the network for a time or setup a...
Yes
chilly veldt
we try to limit what analysts do on certain machines due to their complexity and...
We are also only some analysts that can do it
crude stump
Sandbox
chilly veldt
I need to figure out what we have and if I have to make my own actually
crude stump
check out cuckco or viper sandboxes
Thanks
twin ridgeBOT
Gave +1 Rep to @wild rose (current: #310 - 15)
crude stump
Yk what I very like, itโs not a sandbox but app any run is very helpful at analyzing
chilly veldt
Any run is a sandbox itself
wild rose
It's a cloud sandbox.
chilly veldt
Yup
crude stump
oh really
wild rose
you use their machines to "explore" files
wild rose
well it's all goes to helping out the community, so any new intel on malware is helpful.
chilly veldt
We use private cloud sandboxes
Let's see how long it takes for me to lose access to it when I stop, would be fun
wild rose
lol
crude stump
im interested in what zerosilver has to say
rapid merlin
this community is nice instead calling someone dumb they teach
wild rose
he's getting there don't rush the guy
crude stump
this community is nice instead calling someone dumb they teach
yes
this community is very nice
afterall it is for a learning platform
rapid merlin
yeah
wild rose
we host ours sandboxes internally. If I remember right, when I first joined they had some on bare metal for malware that don't work in VMs.
chilly veldt
we host ours sandboxes internally. If I remember right, when I first joined they...
I have that at home
normal fable
Should I play a game tonight? ๐ค
wild rose
what do you use? I really don't have much use cases for a home lab anymore now that I have access to all I need at work.
chilly veldt
what do you use? I really don't have much use cases for a home lab anymore now t...
I have a full network set of tools, with the really unsafe machine being a bare metal device and rest being VMs
wild rose
Should I play a game tonight? ๐ค
I'm slowly working on finishing ff7 rebirth. hopefully will get on HD2 soon.
sinful moon
I just use isolated ESXi hosted VMs, previously Proxmox (lol may be going back to that). But yeah we did finally get a spare ESXi system at work for testing.
wild rose
I have a full network set of tools, with the really unsafe machine being a bare ...
that's cool.
sinful moon
I'm slowly working on finishing ff7 rebirth. hopefully will get on HD2 soon.
Nice, I beat FF VII Remake in anticipation for the launch of Rebirth on PC after the exclusivity period
chilly veldt
that's cool.
Yeah, following a tutorial with added spice to it
normal fable
I haven't played a FF game since X.
crude stump
I'm slowly working on finishing ff7 rebirth. hopefully will get on HD2 soon.
Canโt wait until they add the apcs
wild rose
Yeah, following a tutorial with added spice to it
I'm working my way through the malware analysis module on THM. Pretty neat stuff.
normal fable
I need to get an Xbox so I can play games I own... Lol
wild rose
I think I've put in like close to 80hrs on rebirth. I'm on the last stretch of the game.
chilly veldt
I'm working my way through the malware analysis module on THM. Pretty neat stuff...
Yup, pretty good, I got my forensics room going soon
sinful moon
I haven't played a FF game since X.
You haven't missed tons beyond some notable exceptions. FF XII is quite nice if you can get adjusted to how MMOish the combat is like. FF XIII is low key underrated, fun battle system.
FF XIV is a good time as an MMO and no real complains beyond having to sub. FF XV I wasn't huge on but want to revisit. FF XVI I'd love to play when it ever comes to PC
normal fable
Now I wonder if I can emulate a 360...
wild rose
Yup, pretty good, I got my forensics room going soon
A THM room, going public? That's super cool.
karmic furnace
I think I might punch php.
chilly veldt
A THM room, going public? That's super cool.
Yuo
sinful moon
Now I wonder if I can emulate a 360...
Yeah Xenia emulator does quite well, but RPCS3 is more robust if the game is multiplatform
chilly veldt
Going home to finish it right now actually
rapid merlin
yoo tryhackme is not only educational but fun I love this little fake virtual machines lmao
wild rose
You haven't missed tons beyond some notable exceptions. FF XII is quite nice if ...
Yeah I've played almost ever FF game, besides 14 cuz I just don't have time to dedicate for it. But I so would.
normal fable
yoo tryhackme is not only educational but fun I love this little fake virtual ma...
What do you mean fake?
sinful moon
Yeah I only put in about 40 hours or so, but 14 is good fun indeed
You can force sync your level by reauthenticating against the bot
rapid merlin
What do you mean fake?
those virtual machines in website are not real right? like VMware or VirtualBox Its just an interface with buttons and blah blah right?
or am I wrong
sinful moon
Bot only updates level once a day otherwise
wild rose
Going home to finish it right now actually
I need to logoff for tonight and make some dinner.
chilly veldt
those virtual machines in website are not real right? like VMware or VirtualBox ...
They are actual machines
normal fable
They're real virtual machines and people work pretty hard setting them up.
rapid merlin
They are actual machines
whoever made thm needs an award
chilly veldt
I need to logoff for tonight and make some dinner.
It's 1am here and I am going home from an evening shift and have to get ready for a night shift tomorrow
wild rose
Every time you click "Start Machine" a real system get's spun up on AWS.
sinful moon
lol Kyooty. But yes they're all VMs but yes they all needed to be setup in a painstaking fashion
normal fable
And tested
sinful moon
You can tell because they're mainly using Spice for the connection to the VMs
wild rose
It's 1am here and I am going home from an evening shift and have to get ready fo...
I've been there done that with changing shifts.
normal fable
Can't forget our lovely testers. ๐
sinful moon
If you use Proxmox or similar, you can see the exact same sorta web UI
rapid merlin
They're real virtual machines and people work pretty hard setting them up.
I thought they were fake I thought its just acting like virtual machine for educational purposes didn't knew they were real
sinful moon
so these are almost certantly kvm based
chilly veldt
I've been there done that with changing shifts.
Yeahh, not fun, especially with Ramadan
chilly veldt
Can't forget our lovely testers. ๐
๐๐
civic oyster
sup
chilly veldt
Sup sup
wild rose
You're a real trooper. Everyone that I know fakes on Ramadan, until their mother reminds them.
rapid merlin
also I heard tryhackme has few ctf games might try few later
rapid merlin
I keep calling tryhackme learnhackme ๐คฆโโ๏ธ
wild rose
(nod) word
prime nacelle
ุงุง
wild rose
later everyone, I best be offline on a Friday night.
blazing granite
@sinful moon Hi!! ๐ How are you??
sinful moon
Pretty well, it's been a minute. You can probably guess which security event made me check in lol
rapid merlin
Pretty well, it's been a minute. You can probably guess which security event mad...
0xD God means you're working for thm?
chilly veldt
It's meaning the highest rank
sinful moon
No that's just the highest rank one can achieve on TryHackMe
crude stump
0xD God means you're working for thm?
the thm workers are named THM STAFF
rapid merlin
oh ok
sinful moon
It's no worries!
rapid merlin
I'm new here like a newborn baby ๐
crude stump
i didnt mean that in a mean way
normal fable
It's just a rank. Mods and staff will have different roles. ๐
rapid merlin
i didnt mean that in a mean way
oh no I understand it no worries
blazing granite
I'm new here like a newborn baby ๐
As we all were at some point, nobody was born knowing all ๐
rapid merlin
As we all were at some point, nobody was born knowing all ๐
true
sinful moon
This is a really friendly community for newcommers, that's kind of what this community and platform is about, just teaching security to all folks
normal fable
As we all were at some point, nobody was born knowing all ๐
Nobody??๐ฟ๐คฃ
past sparrow
Who is this Nobody person and how does he know it all?
rapid merlin
As we all were at some point, nobody was born knowing all ๐
you guys are 0xD Gods you all probably were born knowing all/j
past sparrow
the 0xD god is just a rank on the platform from doing the rooms
normal fable
you guys are 0xD Gods you all probably were born knowing all/j
Nononono.. we're all still learning.
sinful moon
lol indeed a joke, takes effort to learn and advance. You'll be there before you know it
blazing granite
you guys are 0xD Gods you all probably were born knowing all/j
I'm not, I haven't put a loot of effort in THM since a long time, life keep getting in the way ๐ but I like the people here
sinful moon
Nononono.. we're all still learning.
Yeah this, even at this rank infosec basically requires continual learning and education, and staying up to date with news
(whoops didn't mean to ping)
sinful moon
Yes, highly recommended
normal fable
Absolutely
rapid merlin
alr
sinful moon
Obsidian and Logseq are some nice note taking software to consider
crude stump
theres so much stuff its nearly imposible to remember all the commands unless you use it so offten
sinful moon
lol just watch for Windows Defender attempting to eat your notes on reverse shells
past sparrow
eh, commands you can look up, I recommend taking notes on the concepts and nuances
crude stump
i use the good ole composition notbook lol
normal fable
Use a good note taking app. We all have opinions on what is best.. but my opinion is whatever you will use is the best.
rapid merlin
Obsidian and Logseq are some nice note taking software to consider
I normally write notes on WordPad but obsidian sounds interesting might look into it
sinful moon
I'd argue a bit of both, but depends on your note taking style. Just remember not to go all out, your notes are not Wikipedia, just only what you need to remember
normal fable
I like trillium
sinful moon
Yeah Obsidian is lovely, just Markdown based. And yeah Trillium comes highly recommended by many as well
normal fable
I haven't used obsidian.. so I can't say anything about it. ๐
past sparrow
Obsidian can be nice if you start actually connecting the dots
normal fable
I CAN say that there are much smarter people in here than me..
past sparrow
Or you can be like me, vscode and just lots of files in 1 directory
sinful moon
lol fair enough, I'm sure VS Code has a markdown parser
rapid merlin
Obsidian can be nice if you start actually connecting the dots
I like making visual examples and obsidian looks like it can do that (by connecting dots and uploading pictures)
past sparrow
lol fair enough, I'm sure VS Code has a markdown parser
it does put then you need to view it differently from what you use for writing
normal fable
I do like vscode... But I don't use for notes. Lol
past sparrow
I do plaintext notes that I never look again ๐
though paper notes are the best imo
crude stump
i guess im the only one that physically rights down my notes
sinful moon
mhmm, that's kind of why I like Markdown editors that have live WYSIWYG interfaces
past sparrow
I like making visual examples and obsidian looks like it can do that (by connect...
yeah that could work, on paper I like actually drawing the scheme out
sinful moon
current line is markdown until you move out of it and it's rendered
past sparrow
if I draw it then I can sort of go through that path high level
rapid merlin
yeah that could work, on paper I like actually drawing the scheme out
my hand writing is ๐ฉ
past sparrow
my hand writing is ๐ฉ
as long as you can read it, you are not making them for others
normal fable
I like adding screenshots.. too many sometimes.
sinful moon
Yeah Obsidian added visual drawings and graphs via something like iPad Pencil input which can also be linked back to more typical Markdown notes
normal fable
Also.. hey.. @sinful moon ... 
sinful moon
Congrats c:
fathom hull
Congrats c:
thanks
twin ridgeBOT
Gave +1 Rep to @sinful moon (current: #38 - 189)
sinful moon
Also.. hey.. <@203704996976525323> ... <:therea216H:410995232038060032>
lol I've been here a minute but indeed heya c:
fathom hull
i should be lvl 13 now but ye some sort of bug
sinful moon
I mean are you level 13 on the site? If so it's just lag with the Discord bot, it only updates once a day unless you reauthenticate
normal fable
lol I've been here a minute but indeed heya c:
I know. I just got busy talking about note taking and stuff..
fathom hull
I mean are you level 13 on the site? If so it's just lag with the Discord bot, i...
im lvl 12 on the site but i should actually be lvl 13
sinful moon
lol totally fair
crystal kayak
hello everyone
sinful moon
im lvl 12 on the site but i should actually be lvl 13
remember that they count from 0, also this is hex so...
normal fable
I think it took a couple days for me to go green.
crude stump
hello everyone
oi
sinful moon
Oh that is odd
crude stump
i think the staff know about the not leveling up issue unless thats what happens when you hit god
normal fable
If you haven't yet, you could try to verify again
chilly veldt
If you haven't yet, you could try to verify again
It's a site bug, staff knows about it
They are currently working on fixing it
sinful moon
Nah the bot just pulls from site info, so that wouldn't change anything.
normal fable
Ah. Okay.
fathom hull
Nah the bot just pulls from site info, so that wouldn't change anything.
ye i tried this before as well
but they are working on it
not much to do :(
#mesad
normal fable
They'll get it fixed.
normal fable
We'll see you in advanced chat soon.๐
fathom hull
im mostly reviewing stuff again
fathom hull
We'll see you in advanced chat soon.๐
lol does exist or are u kidding me? haha xd
normal fable
Does. #advanced-general
fathom hull
oh nice
normal fable
Not as active as general
fathom hull
im thinking about what i want to practise next mby some AD/ windows env or docker escape stuff
normal fable
Most of us just chat here and room help.
normal fable
AD rooms are good.
fathom hull
ye i should do those
crystal kayak
hh
sinful moon
im thinking about what i want to practise next mby some AD/ windows env or docke...
Alongside rooms, always good experince to spin up your own enviroments. Windows Server Evaluation has 180 day trial period in which you can setup AD and much more. Heck even Remote Desktop Services has an evaluation period on top of that
Docker is great fun to play around with, especially since I've needed to deploy custom Docker Compose configs at work before
fathom hull
Alongside rooms, always good experince to spin up your own enviroments. Windows ...
along side with the ad rooms ill be reading a book inpt and stuff
there is a couple of techniques that i can test out on those rooms as well
have not been to much into docker env before but i should also really do those rooms as well
sinful moon
Mhmm, just when you start to get more mature in your learning it can be quite helpful to spin up your own labs for testing and learning
fathom hull
i have done this before
sinful moon
and honestly part of this is not just about exploiting, but learning how these are configured as a sysadmin and what they have to deal with to protect these resources
fathom hull
i used to setup enviroments for testing like exploit dev or re
but then i stopped learning for a while
sinful moon
fair enough, it's just a never ending learning exercise
fathom hull
ye thats true
sinful moon
mhmm
fathom hull
and we need to practise like everyday
if not u start to forget about techniques and stuff
sinful moon
I am a professional sysadmin and blue team infosec, but yeah offensive has been a minute for me. I do need to drive in again and refresh
fathom hull
thats nice
im just an enthusiast for now
my plan is to work with cyber security
especially pentest/red team
sinful moon
heh ironically I'll say enjoy it while it lasts, working in IT can suck the fun out of some of these hobbies but it for sure depends on the job and your work environment
just MSP things ๐
lol
fathom hull
lol
i think working as a pentester or red teamer should be fun
but ofc depending on the work enviroment etc as well
sinful moon
Yeah it would be, just difficult to land. Also good to keep in mind a lot of redteam/pentesting is just dealing with reporting and coordination with clients vs all pentesting all the time
muted rock
Hi
fathom hull
Yeah it would be, just difficult to land. Also good to keep in mind a lot of red...
yeee u reminded me of something REPORTING
waaaa
reporting is boring
but ye its part of the job
crude stump
i wanna work in the blue team sector and stop bad guys. preferably soc
sinful moon
lol that is a big part of the job indeed. In infosec it helps to be a good communicator or else your work can land on deaf ears
Even just to my senior tech boss, if I get overly verbose it'll go in one ear and out another due to his workload
crude stump
what the name of the blue team job that actively hunts down the hackers
a threat hunter?
crystal kayak
hello, is that lol means laugh happliy?
sinful moon
More or less yes, although threat hunting is often attempting to hunt for threats which were missed by security solutions in your own fleet. But yeah gotta keep up with current threat actor tactics and look for them in your environment.
crude stump
hello, is that lol means laugh happliy?
means laugh out loud
crystal kayak
means laugh out loud
thanks bro
twin ridgeBOT
Gave +1 Rep to @crude stump (current: #168 - 37)
crude stump
More or less yes, although threat hunting is often attempting to hunt for threat...
ah im guessing if they found all the evidence they need they would be the ones who would report it to the authoritys
sinful moon
It's admittedly somewhat vague to me in that I'm really the only infosec person in my org. As a matter of my job yes I do attempt to identify whoever is doing these malacious actions
sinful moon
ah im guessing if they found all the evidence they need they would be the ones w...
Depends on how serious it is, there's many security incidents at organizations that don't result in a actual breach. Just something to block in firewall/email security solution and such
sharp citrusBOT
@coarse heath
crude stump
Depends on how serious it is, there's many security incidents at organizations t...
interesting
i got my mind set on becoming a soc 1 analyst
i love the tryhackme soc 1 rooms
so fun
not only that but actively stopping threats and investigating them are fun too
sinful moon
99% of the time, you and or security solutions will catch the threat before it does real world harm. Even some minor compromises can be resolved easily before more harm is done.
Although it depends on what you're dealing with. As an MSP, we have many clients including individuals, and those individuals don't really have SEC regulations regarding announcing data breaches when they let a threat actor in using remote support tools.
Businesses are another story and depending on serverity, this could mean reporting to the government and customers
crude stump
99% of the time, you and or security solutions will catch the threat before it d...
yeah like cisa
etc
or should i say your local cyber agency
forget not everyone is from america lol
sinful moon
I am from America with my mention of the SEC, but yeah. It would depend on the orginization who they need to report to
anyone handling tax data who are compromised would immediately need to contact the FBI and IRS
crude stump
I am from America with my mention of the SEC, but yeah. It would depend on the o...
oh yeah the echange commission
theres so many agencys its crazy
and they each handle different stuff
sinful moon
That's what your orginization's Incident Response plan is for
it delegates who does what in the event of a breach, who to contact, and etc
coarse heath
elizabethNoir i have a question for you, i'm new to this field and don't have much knowledge, I am a software engineer final year student. and I really want to work in this field, priority would be internship, (I think it will be easier to find), What field do you think I should focus on to work in, such as pentest or the defense... you mentioned and is there a certificate that I can easily get to start?
In summary, I need to know the most basic things I need to learn and what the requirements are in order to work somewhere right now.
Because I think that if I start working somewhere, even at the entry level, I can improve myself step by step.
sinful moon
CompTIA Security+ is a pretty easy to recommend beginner cert. This covers a lot of the fundamentals.
As for what position to shoot for, heck honestly getting into anything in IT will be getting your foot in the door. With your software engineering background I'd potentially recommend looking into DevOps roles and security for such, but that may be a long term goal.
I got my start literally doing IT help desk, so it's not impossible to move throught the ranks after proving your knowlege. In fact a more diverse IT job helps inform a lot about how business IT works and general issues and use cases that arise from such.
coarse heath
Thank you for your advices
sinful moon
yep np
fathom hull
when i download the vpn it shows 0 bytes
i had the same issue some days ago
the support helped me with it
u can try to leave the room and join the room again
rapid merlin
THM said I would fit Incident Responder ๐
fathom hull
regenerate a new certificate wait a couple of minutes and try to download again
rapid merlin
where did u take this test
THM in uhh this course called JOBS
Careers in cyber
thm
fathom hull
maybe it works
fathom hull
is that wat i need to do
because when u join a network room automatically it generates a certificate for u to work on that network and if u leave the room the thing on the access page disappears and ye u got it ...
sinful moon
Incident Response is front line of major beaches, my friend makes good money being an Incident Response Manager. Itโs not a bad gig, but high pressure
fathom hull
i can imagine
sinful moon
Iโll be back, gotta freshen up
chilly veldt
Incident Response is front line of major beaches, my friend makes good money bei...
๐๐๐
Did someone say IR
fathom hull
i dont get it
whats the deal with blue team waaa
i guess i really like red team stuff lol
fathom hull
explain explain
crude stump
The reason is because there are more blue team jobs then red team. As in variety
fathom hull
thats a good explanation miss bella
chilly veldt
The reason is because there are more blue team jobs then red team. As in variety
Not me for
crude stump
Whatโs you for
fathom hull
The reason is because there are more blue team jobs then red team. As in variety
ah makes sense
chilly veldt
thats a good explanation miss bella
I love blue teaming because I like looking directly into what is done, finding those smallest details that determine if we can find out who did it and how to get it back or not
fathom hull
I love blue teaming because I like looking directly into what is done, finding t...
sounds fun
so it would be more into packet analysis and stuff right
chilly veldt
(im still in uni)
I haven't even started uni
fathom hull
i think i could finish sec+ and offsec next month
fathom hull
I haven't even started uni
me neither
chilly veldt
so it would be more into packet analysis and stuff right
Yeah, looking at packets, logs and the systems themselves
fathom hull
Yeah, looking at packets, logs and the systems themselves
so i guess i have done a bit myself xd
chilly veldt
Cool!
crude stump
Wouldnโt setting up firewalls,ips/ids, antivirus etc also be apart of it
chilly veldt
Wouldnโt setting up firewalls,ips/ids, antivirus etc also be apart of it
As a engineering role yes
fathom hull
Wouldnโt setting up firewalls,ips/ids, antivirus etc also be apart of it
cloud based firewall is a nightmare
for a red teamer
no joke haha
eager skiff
guys how do i find a flag from a txt document
chilly veldt
Search
fathom hull
search again
eager skiff
already searched
fathom hull
no u have to search again
crude stump
Double search
fathom hull
just to make sure xd
eager skiff
where should i search then
wooden totem
cloud based firewall is a nightmare
I thought firewalls in general were difficult
eager skiff
found root
fathom hull
where should i search then
crude stump
where should i search then
In the txt file
fathom hull
lol
wooden totem
would the find command work?
crude stump
where should i search then
Wait is this a ctf
fathom hull
I thought firewalls in general were difficult
i mean firewalls in general are kinda of difficult to work with but cloud based firewalls are next gen firewalls
eager skiff
Wait is this a ctf
wym
fathom hull
u get blocked by one host then its done
eager skiff
Capture the flag
nah it was some shi about compromising a system
crude stump
Oh
fathom hull
some of those next gen firewalls are using AI and machine learning
so u do something that triggers and its done xd
wooden totem
It still does the same no? Look for suspicious activity
crude stump
Well some log and you gotta manually look through it
fathom hull
it also depends on how the firewall is configured as well
like u could have a badass firewall in the network but if u forget to configure right than makes no sense
i think one of the most efficient next gen firewalls in the market now days is azure firewall
but the cost its really expensive, a good idea for enterprises
wooden totem
stupid question, can you run python script for web scraping on android phone?
sinful moon
Don't confuse traditional next gen firewalls for web application firewalls and broader concepts. These are separate devices/software for specific purposes. They're not generally one size fits all
sinful moon
stupid question, can you run python script for web scraping on android phone?
Sure, termux will give you more than enough Python in which to do so
sinful moon
Don't confuse traditional next gen firewalls for web application firewalls and b...
Azure Firewall is specifically just protecting Azure resources. It doesn't really cover on-prem unless your org is heavily invested in Azure as your only cloud solution. To say nothing about insane Microsoft licensing requirements
sinful moon
Often for security it's a bit better to go something a bit more vendor netural
sinful moon
Really there is no one silver bullet, you often have to combine security frameworks to get the best coverage. So yes sometimes that means physical or virtual next gen firewalls, WAFs to cover cloud resources and more
Something like Azure Firewall is more about vendor lock in. Great if you're a pretty much exclusively Microsoft org but doesn't cover all use cases or scenerios
fathom hull
those companies or orgs that take security seriouly they would implement all this
but most part of the networks they protect specific servers or resourcers
fathom hull
https://tenor.com/view/fox-hello-hi-greet-greeting-gif-15986778
hello
sinful moon
Heck we're a small managed service provider and even then there's no one easy answer, we've had to build out our security stack as threats evolve
But also good to mention that you can't just purchase your way into security. Gotta configure your foundations and make sure everything works together
fathom hull
true
sinful moon
Could have the most well configured firewall in the world, but it could let something through to your completely unsecured Active Directory setup. So even just that, secure your stuff via Group Policy is a fundimental which can be easily missed
fathom hull
i was just about to mention that
its not usual to meet really good and consistent security solutions on internal networks
they always forget about something
could be an unupdated patch, poor password, backups etc
that could lead to something bigger
eager skiff
how do i see what files are running on the box
sinful moon
Mhmm, or even a single zero day in something you thought was safe can be exploited in hours after PoC is released
fathom hull
Mhmm, or even a single zero day in something you thought was safe can be exploit...
ye but most of the cases the attackers dont even need a 0day could be a poc xd
sinful moon
Totally not thinking of a very specific instance lol
fathom hull
i gotcha
sinful moon
I warned them five times with in three days of the danger ๐
fathom hull
lol
the attackers can take over the network in one day
sometimes even hours it really depends
sinful moon
At least thanks to my reporting, they instantly knew something was wrong and the impacted machine was shut down before it lead to a catastrophic breach
sinful moon
Mhmm, even just reporting on things can be a major live saver
fathom hull
those incidents can be found out fast or usually not?
sinful moon
Not always, sometimes threat actors can lurk in the network for quite some time, exfiltrading data and getting ready before they strike
dire crane
How do i find out what my machine is vournable to?
Learn the fundamentals, then learn more.
fathom hull
Not always, sometimes threat actors can lurk in the network for quite some time,...
have u analysed some APT stuff?
sinful moon
How do i find out what my machine is vournable to?
Realistically, vulnerability scanners like OpenVAS and doing nmap scans. But it does sound like you need more fundimentals
brb
sinful moon
have u analysed some APT stuff?
Realistically not that I know of, but it's hard to attribute given I'm one person with limited time. I have analyzed Lockbit and QBot ransomware samples however and cleaned up after their loaders after our EDR tooling prevented the second stage.
Most attempts don't even get that far, but yeah those are industry known names for a reason
gray sonnet
Morning THM ๐
dire crane
Morning THM ๐
Mornin
sinful moon
G'morning!
gray sonnet
how's everyone doing?
sinful moon
Pretty alright, long day of work today, punctuated with Linux xz backdoor fun
wooden totem
How is Updog a thing
dire crane
haha
sinful moon
Hah, yeah just better alternative to built in Python http server. Specifically named to make people ask that c: