#general

"you cant learn it if you dont have a passion in it"

like for a example there was a task in a grim room that after i finished the qestion

i studied how the perpentrator C2ed there way

wdym

who said that?

cus thats definitely wrong

wait i'll correct

you'll learn it wrong if you have not passion in it

Please do not send shadow friend requests

weeeeellll look you can learn it but you might not be as good as it

It is already pinned in this channel

90% of my coworkers don't know how to set an access list

@sand trench ok...

and they got paid to "secure the server"

so

"Shit's hard to remember if it's boring af"

even better

hi

You will have more wide knowledge then shadow as shadow has not gotten through them all to 100% yet

becouse shadow is lazy but shadow can complete all of that

we are all taught how to write and we all know how to write but someone who hates writing probably isnt as good as someone who loves writing

Anyways back to sleep

I have to do my AP CSP create task and oh dear is it a dumpster fire

sure but if you don't love writing maybe become a writer is not a smart move

i do agree with that

but to each is own

and trust me

most of the people who work as SOC

don't know nothing about cybersec

i mean i feel like thats a far stretch

If at first you don't succeed, try try not again actually you should give up

nah trust me , it's not . When you'll be in contact with this people you'll understand

do you work in soc

?

Yes

thats awsome, i really want to work as a soc analyst

quick question

But trying to become a pentester. Not becouse its "cool" , but becouse im bored to listen " i messed up with spanning tree" " why vlans are not working ?" Etc

im working my way through the soc 1 path and theres so many different tools and i was wondering what type of tools do you guys use>.

As soc analyst you mostly use few tools

good lol

THE MOST USED tool Is wireshark

ah matter a fact im running through wireshark right now

All your work Will be checking packets and networking

Its very very difficult to see an Attack

Soc 1-2 are very valid

But the most you see Is CCNA sheet

is soc 3 the threat hunters right?

im guessing they are the ones that get the anomaly soc 1 and soc 2 send up

Lets Say this way

Soc analyst should be a threat hunter

But in reality its Just a networking engeneer Who do security checks

So if you want AN advice , study very well networking

Most layer 2-3-4

got it data link network and transport

Yeah

Could be just your experience too.. may be different elsewhere.

How to set vlan , spanning tree , etc

About coworkers , yes . About work , not really

You Need to work at very very very High level to be a threat hunter

So you're saying that you're a network engineer that sometimes do security checks.

Im a soc analyst, this Is exactly what you do

Shiii.. I work in the help desk and do more than that.. but we all are kinda security at my co..

but who does splunk and all that

wouldnt that be a soc analyist

analyst

As Soc Analyst your work Is to "solve everything that can be a threat " . Most of the time Is a networking configuration

Yes

cool

Yeah you use splunk , solve networking misconfigurations , and stops Attack when they occur

Most of that are pishing Attack becouse someone in your office Is stupid

😂

This Is how i imagine my office co workers :

"OMG LOOK SOMEONE WANT TO GIFT ME 1 M DOLLAR!!! LET'S OPEN THE MAIL"

It should be like this or i really dont understand

no 2fa?

I know several people that refuse to use 2fa because "I'll never get hacked"

spoiler alert they still get hacked by clicking on links willy nilly

Lol

yk what sucks is i just want to jump right in and i forget about the commands that task gives me and it takes me 45 minutes until i realise theres a command that helps me

can anyone help me using hydra in kali linux

beyond the phishing, how dumb are the people who think that somebody that doesn't even know them would gift them a million dollars 😂

google might 😂

nothing suspicious here

money

Context?

same reason people buy lottery tickets

there is a sliver of chance and that shines brighter than doubt

If you don't play you can't win...

lottery ticket are a different story, that's a business and a game.

I meant in a perception way

I'd like to convince everyone to not play for a couple weeks.. so I can win. 🤣🤣🤣

If you're the only one playing, you have 100% chance of winning

get the time machine 😂

Lol

It's on Mt Todo list

Even typing on my phone is hard with one hand. Lmao

what_tf

Practice... I'll get a few weeks of it..

What yall thinking about this : https://www.kaanbasal.net/posts/a-journey-to-the-firmware-of-zte-h267a-part-iii/

im trying to use burpsuite to find the directory path login of instagram login and i dont know how

im looking at youtube and the guy is using an outdated version of foxy proxy and im not sure how to use it

you're walking on a thin line and the destination doesn't look good

please can someone send me the file of this room cause is not working for me to download

Surely it has to be in a controlled environment with permission on both sides and they just want to learn

What about checking console, network (dev-tools) also ad-blockers ?

if learning it's the endpoint there are a few rooms where burpsuite is used and explain, but it doesn't look that way

Hello there!! I started doing a basic lab in overthewire platform. So If any one willing to learn together let me. we can discuss things after completing 10 levels there are 33 levels in this lab

dont have nitro to put the sarcasm guy emoji at the end

not working even ad block is stopped

I see, then no idea

😞

/s would do 😉 😂

I aint using that

ohh done I've download it as you said in network dev tools

Thanks then

I'm old school, I used to used mode sarcasm [ON] 😂

I miss IRC sometimes

yall use like linux

or whatever

I've never used whatever, but Linux, yes

I like love whatever or Linux

Yes

Well not as a main os

Whatever OS, has a ring to it 😂

Meh.. it's whatever. 🤣

Does have a ring.. actually..

If I had a lot of spare time I might work on it... Lol

That's pretty cool

Nice

To what are you referring?

Hi

@ everyone

Hi

@ you

Whatever OS, when you need to do whatever

instead of incognito, you have whatever mode 😂

instead of applications, you have whatever's

for documents you have wordever 😂

Log in to the target machine via RDP using the following credentials
Is there a way to do this from THM Linux Attackbox to THM Windows server box?

Yes, but generally the Windows machine will just open as a split view.

I am working on room "Windows Privilege Escalation" and there is no side view

Also use the #room-help channel for this

@fading galleon Please don't send unsollicited DM's

oh didnt know my dms were unsolicited

`Rule 8 - No DMs Without Consent

Always ask permission before sending a DM or friend request to another user.`

i've never been more tempted to dm somebody

sends dm

@devout palm you up?

Is there any rule regarding multiple accounts on THM? Couldn't find anything with a quick google search

how do i get another streak freeze (i have a 52 day streak rn)

hi, do you already have a streak freeze?

it looks like you only get a new freeze when you have none

Maybe they have an English version? I don’t remember I haven’t been on it for a while

Hey guys, any SNMP/IMAP/SMB/NFS/MySQL related CTF recommendations?

Id appreciate it

why is burpsuite basics formatted wrong

I spent over 30 minutes on it trying to figure out why it is

Morns

thought its "watching the tryhackme disstrack"

https://tenor.com/view/they-had-us-in-the-first-half-not-gonna-lie-gif-13620240

Hello guys, what's up?

national debt

True...that and the need for cyber security professionals

send help

lol, something has fucked up 😂

Custom error message?

Discord needs to work on their security. I've said that before I even considered joining discord.

@lavish shell u used to be able to just delete certain request

back in 19

delete the request to leave a discord server causing it to lock every1 in

i've been working on an Issue for idk how many hours now and this is where i stand

u just needed high permissions

anyways why this oday guy wear shoulder pads

wdym

ill send u in dms

Here we go again with unsolicited DMs 😂

well I dont got pic perms

https://tenor.com/view/the-office-michael-scott-turntables-gif-12190345

and what am I gonna do grab his ip thru a server that no1 has access too!

I can grab ips thru web hosted servers!

Im so powerful!

because you haven't did the /verify <token> yet

idk where to do that at nor do i care to 💀

he's good lol (but technically yea)

discord message request!

unsolicited tho!

That's not a good attitude to have as a hacker. "I don't know how to secure my account, nor do I care to" next day "help my account has been hacked" 😂

please stick to the #rules

I hope whoever harvested all those discord messages knows I don't have anything anyone would want to buy lol

bro what rules did i break 💀

read them, and then you'll know

legit broke nothing if youre gonna enforce rules u should be able to tell a person what they broke 💀

imagine u put sm1 in jail and us ay "figure it out"

nice 1

? unsollicited dms

he asked wdym

he said its cool too

and guess what

discord has a cool feature

"accept dms"

revolutionary isnt it

it doesn't matter as far as our rules are concerned

It kinda does as I got consent and wow discord has a feature for that

🤯

https://tenor.com/view/maybe-peeping-spongebob-gif-8099590

If discord had a rule to share social security numbers and bank routing numbers, would you do that?

hell yea

you only got 'consent' after the fact. Please read the rules and improve your attitude

lol, you laugh but my wife actually had her bank account hacked. I found the guy in Texas who used her bank info at a convenience store

💀 touch grass he said its cool

oh no sm1 sent me a dm i can choose to deny!!! my life

Im sorry but bro its not that serious

its your attitude that is making it so. If you had just said 'ok', that would be the end of it

Ur yappin to me 💀

tryhackme attack machine mad slow ngl

It's not a "hack gogle then ask for permission after you found a vulnerability" it's always ask first then proceed accordingly. These guys aren't timid, they will slam down a ban hammer when they see fit

yooo 3pac chose violence today

nah google can get it

Google aint safe from me

o7

oh the joys of developing in docker

lol

prune it?

every couple hours lol

calling it now and leaving the issue unresolved

well, it is friday past 5 pm

good time to call it

not even work related lol

👀

i'm trying to fix some shit with selenium so i can fix some shit with flaresolverr so i can fix some shit with sherlock

don't y'all love broken and half baked dependencies

I see, nice troll then, I was sure missing something out

just looked back over and realized you said it's past 5pm
it's 2am friday morning here 😶

😄

just opened my last PR for the week. Ready for the weekend ☀️

Smh, publishing to prod on a Friday?

nope

Good

bitbucket should block merges to master that trigger deployments on friday by default

I opened a PR

x)

opening PRs are fine

I know

fresh and ready to go for monday morning when it'll get knocked back in line by a new monday PR and not get reviewed until thursday

it will be reviewed on Monday

'cause we have a deployment planned on Monday 8)

next business day reviews?

that's not very agile of you

we have a small dev team ( lead and myself ) so we work super fast

we have good synergy

that reminds me of what my PO told me last week. She joined a retro w a client and there were like 15 people and they were reviewing code of the 1 single developer 🥲 🥲

damn

that doesnt sound fun lmao

lmao. Imagine having 12 managers judging your code line by line

hahaha

hope the comments were clean, lol

its so weird they have to do that lol

very strange retro if you ask me. I guess they were trying to check the business logic or something but.. idk

is the code that important or do they have just that much time…

very much like this

yeah idk, haha

Ngl i love being back in my creative phase, currently sitting and drawing a new cosplay i want to do

creative, huh?

can you come up with a creative solution to get this shit functional again

Yes, it's called bonk it with a hammer

Yesssss building things

Yeeeeees, going to ask my grandma if I can borrow her sewing machine and tools

I am going to a cosplay birthday party full of cosplayers, so it kinda got my mood going

remember when 32gb ram used to be alot

It's still a decent chunk

i've been sitting at 29avg/32 for the last 9 hours ,-,

The heck are you running?

hm..

Morning James!

It's lab time this afternoon 😮

a bunch of docker containers doing their things, x2 vms, vscode, firefoxes, small handful of konsoles

and discord

and slack

Problem is clearly discord, and slack

Gm hydra

And vscode. Three electron apps... Ew

Vscode is actually not terrible on ram

guys where can i learn osint ?

surprisingly vscode isn't THAT bad

any resources ?

There's a few rooms on thm

honestly, youtube as well

a few bounty guys on youtube that cover osint a lot

Google!

was gonna suggest a channel but my mind just blanked

Best OSINT tool and teacher there is

You mean osint?

That too

good news

we're down to 24GB

ooo another gig down

okay another 700mb down and that's enough for now

night y'all

gonna go have some bread

then sleep

I found out Firefox takes so much ram in snap

ew

snap

Snap is awful 😦

why

Yeahhh, Ubuntu

why would you do such a thing

I mean the idea is nice

snap is just bad flatpak

The implementation is meh

aka snap is just canonicalized flatpak

google drive just got built in dark mode!

Finally.

Seen it last night.

just logged in

and it popped up

Morning

morning

Throw these in to the THM search page.

yep i did

ty tho

wanted to know yalls recs 🫵

Overpass 3

ah yes i completely forgot ab the overpass series

will try it out ty!!

is the website super slow right now or is it just me ?

oh yeah

me too

me 2

Is it still?

It seems to have been for a brief moment, but looks fine again, at least on my end.

it's fine again

yep

working

hi there

do you guys hack people for fun?

No. 🙂
That would be illegal.

aww

Define fun

illegal (most of the time)

all of the time

Nope. And you shouldn't too

Illegal chat isn't welcome in this server. 🙂

define illigal chat

Pretty much what you just asked.

Well i didn’t mean it in a bad way

I know, but we tend to stay away from anythig illegal/unethical.

i am in a boring lesson and i wanna troll my teacher

When you want to do something illegal (in terms of hacking), always remember that old-school blackhats are hunting today's blackhats

Listen to your lesson lol

Its possible to find a job with thm?

it’s religon

troll your teacher by paying attention

Ofc, that's what I did

helps both parties

the lesson is about religon (he is not talking about religion at all)

THM helped me a lot on landing my first cybersecurity job

It's possible, if you're only using THM, it will be hard, but it won't be impossible, without at least some background knowledge.

there is nothing to pay atention to

he is talking with some student rn

Then do your work.

I suppose, thanks to THM I picked up a little contract work.

Which is 99% complete, I just need to update things.

isn’t this server about trying to hack people?

No, it's about learning ethical hacking.

ethical hacking mate

the name saysit

I don’t have any qualifications I know only how to hack if I paid thm for show how I hack I can find a job ?

And Infosec.

what difference

I think this dude is trying to troll us

You apply.

No

Ethical hacking has contracts etc.

Straight up illegal hacking isn't welcome.

bruh ill be leaving then

Ah, oh well.

Do we have a channel in here to share our recently published open-source security tools?

pfp fits pretty well to that behaviour

#resources I suppose, we like to have members interact with the community more, you've been here long enough and send messages etc.

Just don't over do it 🙂

Thx and yeah no problem, I've recently released a new tool and I want to share it with the community

And make sure they're ethical,

For example, no token grabbers etc.

Ofc, it's a security assessment tool for 802.11

Both for red & blue teamers

Good. What a schmuck

It's done now 🙂

no sense re-hashing it.

I will quickly do one thing though, scrubz

I've been doing the Security Engineering room and find it fun and very interesting. I like it better then SOC Analyst rooms

Not really interested in being a SOC Analyst either

I think I just need someone to tell me I'm not crazy lol....I put something on my desk last night, or so I thought...think I can find the damn thing anywhere this morning...Nope

You will find it randomly in 3 years

It's just the way it is, I'm I'm just a messenger

lol. Im going to go buy one, walk in the house and its going to be on my desk like it never left.

But it won't reappear on the desk because you moved it while not thinking

Now you are a detective, your mission is to retrace steps of your npc self and find that something you lost

haha gameify the hunt for my lighter...I just want to light a candle or burn an incense.

Maybe you already tried, check next to the candles

f'it. its hacking time. I used the toaster to light a tooth pick and the tooth pick to light the candle.

true hacking mindset

also, Happy friyay everyone

Hacking has earned such a bad reputation over the years. It's original meaning is "to modify or make better". Nowadays, everyone is so scared when they hear the word.

@gray sonnet got a choco from my teacher lol for coming 2nd overall coaching in his subject

Idk, subfinder -d vulnweb.com | httpx -title -status-code -tech-detect -follow-redirects. There is no option -t

grats!

can you get a job if you just learn from tryhackme

Check out our success stories 👀
https://tryhackme.com/r/resources/success-story

Long word ones are -- not -

--title etc

Hmm

No

-title display page title

Check help. Maybe you have wrong httpx, the web server one

I use httpx that comes with Kali

I don't think it does

httpx -h

What does it show

Error: Option -h requires 2 arguments

httpx --help

And it's 99.9% web server httpx not projectdiscovery httpx by this point

That's working give all options

Screenshot

Ah, you can't send it. Unverified

Paste first 10 lines or so then

Check dm

Love getting rejected from graduate roles as a graduate 🤣🤣🤣🤣🤣

Resolved

You can do anything you want as long as you put in the time and effort bro.

No you'd either need to do a bootcamp or go to uni

Tryhackme isn't there to get people jobs it's there to teach the basics of both red and blue team

Didn't go to bootcamp. Uni is law degree

Have job

My friend did a bootcamp got the sec+ and got a job. I have a master's degree and experience and no job 🤣🤣🤣

Tbh think companies are wanting certs more than degrees these days

Or experience

you guys from the us?

Tbh I've seen people with tons of experience have to beg for jobs these days the market is horrendous just now

I think were all over the place for the most part

In general, you would wanna do anything in your power to increase your hireability in the job market you are in

If it means bootcamps where you are, do that

I'm going to my first cyber conference next Thursday so will network there

Networking is OP

Yeah

Nearly finished my pen testing internship then tomorrow have a CTF to try and get another pen testing internship ahaha get all that experience

Paid, i hope?

Pen testing is the only internship I'll take unpaid. Plus the company is in India. The money wouldn't be enough got where I live

But I've learnt alot from the first even made legal documents and done full pentests and reports so all good

Good luck in your future man . I Hope you get hired in your dream job

Hello guys please how will I disconnect my token from the other discord server to this one?

you'll have to ask a mod

Where can I ask them please?

here , just ping mod

@sick lance

@sick lance please how will I disconnect my token from the other discord server to this one?

my wife swooped in and found it in like 3 seconds.

Where was it

on the floor beside my desk lol.

ah well , just woman magic tricks

That is 100% it lol

What happened to your other account?

Why does the site have no ddos protection

what site

tryhackme.com

What makes you think it doesn't?

i am pretty sure it does

i downed it easy

it doesnt

Ok buddy

it's up for me

yeah cuz i stopped attacks

You sure?

.

What does that mean

Alright..

https://check-host.net/check-report/18339bcfkf1f

I bet you filled up your own network with pings and your ISP blocked you

Very cool link

yeah its lagging a lot

Cloudflare probably stopped them and assumed they were DOS'd it.

the checkhost

:hammer: romeoja084#0 has been banned.

Pretty sure cloudflare has multiple servers for these cases

the checkhost, I think it could've been stopped by Cloudflare's javascript challenge? not sure

either way, I know cloudflare has DDoS protection

speaking of, I'm bringing home a new server today to load another hypervisor on

Yeah cloudflare has one of the best protections

Hello Guys, am I the only one getting disconnected from RDP since yesterday, when I do a room

Im on the SOC-level 1 DFIR

I had one open earlier without issue

hmmm ok maybe a performance issue with the VM

redline aks a lot of ressources and sometines the connection flap

Someone got my password, someone I know so I want to blocked it

this room is horrible because of performance issue

Custumer support

Yeah, that's recline.

I done that in my host.

How do you spell that

That's not what they're asking...

Which account?

I meant like private room to talk details

Details about what?

They'd like they're old account unlinked.

Don't you have to check if its their account and stuff

base8668

Good job I'm a mod and can do that.

It just seemed weird to me to do that in general, I apologize

It possible to take the files and do it on our PC ?

Dm me your token

My friend passed his driver's test on his birthday, if I had failed on my Birthday I would be so gutted

Congrats!

Our local testing centre is a hit or miss on how strict the examiner might be so it's nice he got a good one

if i just skip all eJPT course and jump directly into CTF exam

is it considered cheating?

no

it's considered having too much knowledge for the cert

THEY ARE SLOW

SLOWWWWWWWWWWWWWWWWWWWWWWW

SLOW

yuuup

if you know what your doing, it beats sitting threw the monotone bs that is the class

yeah im preparing OSCP rn

i don't want to skip something that i don't know , but im starting doubting there is something that i don't know in this course tbh

i mean 40h for msfconsole seems a little bit too much

the UK instructor sounds good being played at 3x IIRC

Hello guys
what is the right way to solve ctf
I am solving ctf from the youtube and other resources

ahahah so true

you are solving ctf from youtube? well that's the worst way

the right way is going into CTF , if you don't know something you study it or research

@hardy mica yeah I am solving ctf vulnhub, picoctf, thm from youtube

i feel this is not a right way to solve ctf

i feel like i am script kiddie

becouse you are copying the path

just jump in CTF

and fail

everytime you fail you go study and research

this is the only way to become good

tbh i started 15 days ago , but for real , im dying inside

fight the urge to watch the video or read the writeup. keep thinking "what else is there"

the urge is born from "my mom gifted it to me " , so i feel moral bad

i think its a good cert for a newbie , but im far away from this

im not good just far away from eJPT

i know what you mean.

I am doing the THM JR. Pentest thing right now, I have eJPT and its like yawn not that the content is bad, its just I have done it.

im doing PT for a few years now . My mom knows nothing about pentesting , but i really appreciated the gift

tbh i think JT Pentest is on the same level of JPT , i think you can easly handle the exam if you complete the THM path

agreed

ill do some THM rooms to have fun meanwhile

https://tenor.com/view/corgi-smirk-dog-gif-6147330867794407822

sPeeed is required !]

I just did that @sick lance

@hardy mica what is the right way of doing CTF?

i said

you jump into it

you fail

everytime you fail

you go back studying or research

this is how you improve

Time management is a good skill to acquire, also for a timed exam. 🙂

Like me that is a newbie explain to me, how will someone jump into it?

yeah i know , but he licterally talk for 40hr about metasploit

go in THM , click on Search

go for easy

and start doing it

if you want build some knowledge first (VERY IMPORTANT) ,
go thm and start doing INFO room , then skip to easy , then medium etc.

Am a newbie, just finished the Networking module maybe i will that in future

you can even follow a path on THM , like JPT

ok , just go forward

more you do , more you learn

Exactly

rooms in THM will explain all you have to know

you do this for a couple of weeks

then you try some THM CTF

Skip the parts you deem less important, write them down, see later if this impacted your ability to handle pentest scenarios.

Wow am loving this already 🙂

if you fail , you go back studying and researching how to do it (NOT COPYING , RESEARCH)

Exactly

i have a long cheat sheet and documentation about it , im in PT for few years now. Im not good but im good enough for eJPT . I just feel bad becouse this certification is a gift

nice , good luck and tryhard

👀

Thank you

Gave +1 Rep to @hardy mica (current: #1029 - 3)

i just feels they are slow

bored at woooork

what kind of work you do?

Internal IT Management

seems boring than mine

big tiiime, just doing number stuff right now

ah as SOC analyst i fix networking issue all day. Most of the time i check Wireshark

fun the first 2 months

then boring

sooooo

rooms on THM

https://tenor.com/view/corgi-smirk-dog-gif-6147330867794407822

@buoyant tree

Ye

SOC analyst fixing Network issues?

I work as a SOC engineer/analyst and IR responder on part time

is that not the for network engineers?

Forgot to charge my macbook and I'm on the bus 😔

Oh no 😦

I considered getting a backup battery or a travel charger or something.

Macbook lasts a really long time so I often forget to charge it.
I leave it plugged in but I've been using it for the past few days because it has my programming env on it

My battery can go some time, but that also depends on how many VM's I have running.

It's more for Uni because in this day and age some of the theatres we're in don't have plugs.

VMs and M1 do not work well 😔
I RDP into my PC at home

guys thm premium is worth it ? for begginers

Try out the service and see if you think it's worth it, 80% of it is free 😎

yeah true

but l wanted it for attackbox

coz kali in vmware isnt working in my laptop

like its lagging so much

What specs have you given it?

And what specs is on your host?

i m srry but what is specs

specifications

is it space ? u mean

oh okkkk

i gave it enough ram like 4 gb nd 2 processors ig

but whenever i type anything it just doesnt show

what specs are your host?

is it the login page?

no login page is working fine

wait a min

host ?

like vmware

Your pc

Laptop

oh ok

OS Name Microsoft Windows 11 Home Single Language

What laptop you have ?

i have lenovo

82l3

x64 based

RAM? CPU?

Processor 11th Gen Intel(R) Core(TM) i5-1135G7 @ 2.40GHz, 2419 Mhz, 4 Core(s), 8 Logical Processor(s)

?

ye

16gb ram

I have to , unfortunally when noc do sheet or SOC modify access list or other things , you Need to fix It

Installed Physical Memory (RAM) 16.0 GB

https://support.hp.com/us-en/document/c06978741

But it has 64GB of RAM.

Looks fine, I don't know why it would be lagging 🤔

only running 4gb ram?

Are you using Kali Linux?

yeah on vmware i want to use

May i ask you how much you.paid It ?

https://www.kali.org/docs/installation/hard-disk-install/

So you know what i feel

https://www.hp.com/gb-en/shop/product.aspx?id=2C9S8EA&opt=ABU&sel=DEF

Here is a better picture

Except mine has 64GB of RAM, and 1TB SSD.

I guess 😄

I paid around £1200 for mine, (with student discount)

Ah , its good tbh

yeah so i can try this on my laptop

its not enough

?

Do you fix networking sheet too becouse your coworkers are dumb?

2GB is the recommended minimum for Kali Linux

You can run It , but should be slow

i gave it 4

It shouldn't be that slow tbh

It is, the only issue is I need to talk to business support, as its their aimed more for that.

What about cores?

I think it might be potentially the cores

see i made only two changes first is ram nd second is processors

idk what cores is

where can i change it

Not that slow , but still slow . I usually run It witj 8gn

What did you change it to?

Gb

2 processors nd 4 gb ram

Not really, I have run with 4GB and it's fine.
I would still recommend Ubuntu for lower spec computers though

mine is lower ?

If you don't have to hard work with It , its fine

Most of pentesting dont requires huge speca

Similar to that?

Specs

yes

exactly

first it wasnt even goin forward after graphical installation but then i change processors then it started running

Yeah , i usually run Ubuntu too with 4gb.
But i trust you anyway

yeah i mean i want to use it to learn ethical hacking

not 8 gb but 4 i chose 4

Its ok so

Until you dont do VERY HUGE sheet , you can run It

run it where ? on my own host

Yeah

You can do most of the stuff with these specs

ohkkkk

yeah

but i wanted to protect my laptop so that i dont harm my os

I used to run Kali on powershell so

oh

Sorry , protect from what ?

like someone told me here we use vmware to protect our os

You usually vmware for 2 reason :

1. most of the people use Windows becouse more user friendly . So you use a vm to run Kali
2. protect your os from hackers ? Yeeeeahhhh . But to learn what you are doing Is running CTF

CTF are not malicious

what if i also want to do bug bounty

When you skip It to work you usually have an office pc

But bug bounty consist in finding a vulnerability in a site Who gives you autorathization

It cant affect your os in everyway

You run vm to have Kali

oh okkkk thnk uuuuuu

We still do not suggest you use your host for any engagement

What dwen was told is correct

Just a Little hint . If you are a newbie , real bug bounty Is far away from you for now

Even for TryHackMe we recommend that you use the AttackBox or a VM for security and safety.

To have extra safety , sure . But its really difficult something Will affect your os

yeah ik so i m learning throught course on youtube , i still have to learn so much nd can u tell me how much time it can take

But it will

Anyway everyone run Kali Linux on vm , using Kali as principal os Is kinda meh

Real.

Depens , everyone Is different. Everyone still learning , even the best

I heavily advise you to treat everything as if it is a real engagement.
It's the same as not running as root on your VM or disabling your firewall. It's all about practice

nd i m trying to learn through ctf is it gonna help me

ik networking java , python , web dev nd linux

I suggested him To run It on vm .
But mostly you run vm for safety in "case of " , its very difficult something Will affect your os . You run vm becouse its difficult but not impossible

So you are a good point , lets continue like this

I mean, some of the expoits we use are very unstable and can affect your OS.
I have destroyed many VMs in my learning journey

yeah

Well true even If this never happened to me

Anyway for real engagement you cant use your os . Its almost a rule

i mean i am someone who can work on erros for hours nd still continue tmrw ,i wanted to do job in cybersecurity but there are no good entry level jobs nd second software engineering pay better

Tbh in my country you can find job in a SOC stage for entry level

But idk about abroad works

yeah so thats what i was saying like its hard to use vm in my laptop 🥲 see i m srry for being annoying if i m not getting ur point

but thats what i mean like i tried to run kali in vmware nd its not working smoothly

1. you are far away from real engagement
2. for tryhackme you can use the attackbox

You can run It with any specs

oh okkkkkk thqqqqqqqqqqqq

No problem man 🙂

but when i try bug bounty thats when i have to use vm right ???????

so its time

I wouldn't say they are far from a real engagement 😄
You don't really know 😎

for me coz there is lot to learn her e

He said he Is a newbie . Then if he Is fast , good for him

Yes , but till that time you 'd have changed your PC

P.s. you can do real engagement with 4gb ram

yeah when i wlll get money from my internship i m planning to do it

Kali runs on a potato

I have an 8 year old laptop with 8gb ram and it can run kali on vmware just fine

I just avoid rooms which uses burpsuite

Just have fun tryharding on tryhackme for now .
Then if you have Money to change your PC : good
If you dont , you can run It with 4gb too

yeahhhhh

hey guys! U need some help! my community fb page has been hacjed by someone I triend to do some mess with it! I tried to chat with them and chat looks suspicious asking me to download a file

These days Is more difficult run warzone on a PC than pt somthing

Don't

how do i recover their account

yeah nd i m ready to give 1yr - 2 yr in learning for bug bounty i wanna feel that satisfaction of finding bugs

Facebook support

Report to fb?

I reported the page as scam and fraud

Nice , wait and email the support with an email

do u know their email?

I think you can find on web

Or a section where you can contact them

dansu U sent you a screenshot of message

Alright I will try

Look at some some videos of ppl doing It. At least they are entertaining

yeah i do actually

do u have any suggestions for resources to leanr faster

in this discord there is one of the most expert one ; 0day

sure , just one . Fail

when you fail you go back studying and doing research

nd what about resources

like youtube channels

sites

ok , send it to facebook support

anything any BOok?

tryhackme is enough trust me

then if you want a piece of paper, certification do their work

like oscp etc

where can i get that

cert

is it gonna cost me money

search oscp on internet

a lot

so , stay on thm

lmao then no

you have everything you want to learn

yeah

thm

ctf

oscp is already advanced

tutorials

thm , you follow paths

do tutorials

rooms

yeah

then skip to some ctf , etc etc etc

yeah nd i will learn after messing around like this

less gooooo

good luck

thnks uuuuuuu

for any problems you will find expert people there

yeahhh i do come here often

surely more expert than a talking mafia cat

hey why i cant see emoji

emojis

my dog just open the oven and ate a piece of meat

can i consider him an hacker?

at least he found a vulnerabilty to access my oven , exploited it and stealt a file

@hot cairn got a new dell pweredge

well, new to me

Good day my favorite server

Which model?

I have two, they're lovely

I got a T320

Not bad not bad

fits well in the area I have

Yeah tower servers are pretty nice if you're stashing them. Not as loud.

I have another newer model that's not T series, just have nowhere to set it up

idr the model

Just don't run anything DDR2

R710 and the rest of the (R/T)x10 generation are a bit old to recommend running too

By the way, what do you think of ASUS

If I should get a new laptop, what brand should it be?

ASUS, Lenovo, Dell?

I've heard that Lenovo are very reliable, as well as Dell

tryhackme crashed?

Seems okay here

my connection , nvm

Lenovo consumer isn't as good

I personally believe second hand business grade laptops are a good choice

Yeeee

Can confirm on business grade being pretty dang good.

Value for money is good, generally reasonable build quality

Not sure on consumer grade. Never used..

My Lattitude 5400 can be disassembled completely with one screwdriver and a pry tool

It feels like it's designed to be worked on, captive screws etc

T14s is also pretty good

My XPS is pretty nice.. but I feel like I lucked out on that one. Seen a lot fail..

I have a Lenovo ideapad pro, it overheats a bit so I have heating marks

not suprised.

and they told me my website (that only has my name and email) is vulnerable to clickjacking 😔

Typical

TGIF

I moved from namecheap to cloudflare. Ask if you have questions

Oh, how in a world did i find a post from 5 days ago

Fluff, I just bought 6kgs of clothes

Why

Winter is over

It's motorcycle clothing

Understandable, then

Hope you have chill summers there

Is good?

Considering i use cloudflare pages

All in one place, price is fair

Good service too

I use netlify for hosting sites, I wanna try some other stuff

Cloudflare didn’t have my domain 😔

Cloudflare Pages are super nice

where's the hide completed button in the search section?!?!?!

I don't like the new search section

Hmmm.. is a Framework laptop worth the cost and the wait... 🤔

It's pretty chill

#feedback-and-ideas 😄

done 🙂

YAWN

yawn

you are my sunshine

it has decent specs, upgradeable and repairable.

Can vouch for anything Cloudflare, absolutely superb

I like the concept. I'm looking at possible alternatives too.

Hey ! Where should I start please

Read over #start-here

#974406074444685322

Ty and then pre-security, I guess ?

Yes

Then #878393611929129000

#general message

I'm on it currently

Pay good attention to #878393611929129000

I'm going to see ty

Uh...

Are you sure?

wget will download a copy of the page

Yeah

Will display raw data

the default behaviour of curl is to send the response to stdout

you can save it using the -o argument

Glorious beverage

where the påskmust???

didn't even cut the Paulaner properly, smh

You would've yelled at me yesterday too

The who?

similar to julmust but made for easter

hence påsk must

Ahhh, didn't even know that was a thing

Morning THM 👋

Hello there Matt, Bella 👋