#general

Thanks!

Gave +1 Rep to @sharp citrus (current: #124 - 56)

#771818902342074388

@chilly veldt thanks

Where’s the advanced channel

@loud marlin so far so good

Thanks

you're welcome

+rep @chilly veldt

Gave +1 Rep to @chilly veldt (current: #7 - 864)

First layer is sticking. Printer settings look optimal

Why are u not getting the rep 😭

cause of timeout

Just some filament stuck on the nozzle

there's a timer on how fast you can rep people, to not abuse it

Nooo man no advanced channel

For next

Me

Could I like tag u in like a min so u get ur rep? (Not an abuse because she helped me)

yeah, sure

@chilly veldt thanks for the help

Bruh

so my phone now has a permanent apple logo imprint on its screen

takes like 5 minutes

yay me

Aight I gotchu

@loud marlin

whats that

A finger!

Or well, the base of it

https://github.com/seeess/AI-6th-Finger-Ring

Not exactly my skin color, bit tanner. But hey, it'll be fun

Of course got Octoprint monitoring it

woah could that really work?

or just for the memes

https://tenor.com/view/the-rock-bring-it-on-come-on-come-come-here-gif-3101494065162717582

@chilly veldt thanks for ur help earlier

Gave +1 Rep to @chilly veldt (current: #7 - 865)

https://tenor.com/view/dbz-gif-10798388165781977248

do u guys recommend to learn the paid rooms although i dont have premium (learn it somewhere else)

hello

did someone took ejpt certificate ?

I have

can i DM u?

Depends, what's it about?

i want to know how to get the course material, or it is only videos and labs, and realted to the educational content

Only the videos and labs

cool
how to get them?

But tbh, it's not worth it

how much time do i need to finish this certificate

eJPT is a shit cert

why!

You got 48 hours, many solves it in 7 cause it's so easy

i want to become a read teamer and the roadmap contain the ejpt at the begining

this is why i want to take it

Take something else instead

moreover i dont know how to use linux

what do u suggest

guide me plz

there is the eccpt but i think, that i should take the ejpt first or what?

do u guys recommend to learn the paid rooms although i dont have premium (learn it somewhere else)

PJPT instead of eJPT

I would not do any elearnsecurity

if u can clarify more plz, what is the elearnsecurity?

Those who make eJPT and eccpt etc.

aha

okay what is the diffrence between both ejpt and pjpt?

can as i am a beginner can i take the pjpt?

Hello TryHackMe

Yeah, you can

i will learn more about it before i decide.
btw, can u tell me who did u get the videos and labs of the ejpt?

I got them when they were free, but they are paid now on their training site

is it possible to send them?

No

(I would avoid INE/ejpt at all costs)

what about pjpt then?

They have course material on their site

same problem? that it is too easy

free?

Not sure, might be part of the whole certificate price

let me check

Doesn't eJPT have more industry value than PJWT and PJPT

this?
https://certifications.tcm-sec.com/pjpt/

just they have gone way downhill in quality

I think either TCM or HTB certs may be a better option. I don't know if HTB had a junior pentest cert tho, I thought it was just junior web

what is your role in cybersecurity?

are u a red teamer?

I'm a cybersecurity architect

do u have a red teaming roadmap?

no. I would say there is not a single way to become part of a red team and a lot of it depends on country as well

hmm

ejpt is terrible

take it from someone who took it

i am dispersed

you have to subscribe like 20 bucks a month to get sub par training

but really if you want to work in cybersecurity in general, having a solid knowledge of various technologies is useful

then its Q&A

60$*

and you can kinda guess what the answers are gonna be or where to find the information based on the questions

id go PJPT

networking, scripting, OS, web applications are all useful to learn

then PNPT

then get into crtp/e/o and cpts

how would you rate THM

ejpt is a waste

10/10

good for beginners. the red team pathway is really good. i hear great things about capstone

look i have a+ in cybersecurity and networks in my uni
and i studied the CC of ISC2, today was my exam and i failed....but i studied it anyway.
i think i need to some practicale stuff

after capstone id transition over to HTB

(I dont want to get banned)

joking

ah I see

the rooms are really good and some of the challenges are great as well

the networks are very good for experience.

id do these then tranisiton to HTB

are u a red teamer?

Hack the box?

but if you want pentest certs that actually teach you start with pjpt/pnpt

yes

THM is great and it has a lot of functionality. HTB is very much more so advanced and can elevate what you learn from THM

So do I go to HTB after completing the Jr Pentesting path?'

thats up to you

the red team path and PT path are both very good

@sonic dust

i thought you said go through to red team

i am not

sup panda

its all based on preference

i said the redteam capstone is great

hey zumi

i went thru the JPT the Pentest past and some of the red team path

then i tranisitoned over to HTB academy

sup

can i dm u if i need to ask u about courses?

i'm good and about to shift my studying into high gear

but its all based on learning preference and such

i have ADHD so i swap around

sure

thank you

Gave +1 Rep to @sonic dust (current: #1087 - 3)

i'm just going to learn all of it even if i need to go back over everything one more time then hit htb

I am studying till I throw up

i took a break yesterday

yeah the information is all good. i will say that HTB is a bit more advanced when it comes to things like the pentester path

HTB academy?

Ill try

yeah the pentester path goes into it pretty decently

plus you can get your certs there which i hear is pretty hard to pass

the cpts is one of the harder certs to pass

harder than ocsp

oscp**

but highly regarded

not yet. oscp is still the gold star

but its coming up

what uh oh

reread

filthy minds

Can we please keep jokes as PG13 and for a professional work environment.

scrubz

did you read it?

You knew fine what you were doing.

The HTB interface looks cool

it said my pen is in your mouth

so scrubz reread it

what else could that refer to lol

a pen

i just wrote it all together

It's the oldest double entendre in the book...

I was going to say that I like chewing on pens but that is not appropriate info to share rn

Is it also something you'd send to your boss?

bad habit

shewing on pens?

yes

that don't hurt your teeth?

I do it unconsciously

oh ok

as long as you weren't on "my strange addiction"

somehow almost at level 5

whats that

that crazy tv show

i saw a few episodes and was just crazy

is that where that one dude married a balloon or smth

i hope not

these people eat like foam on the bed, one was eating pebbles

crazy stuff

nah, maybe youtube it

you'll see what i mean

my girlfriend's mom watched that and i was like this real?

just nutters

i wouldn't even post it in here, i think it's that bad

lol

it'll be ok

It was a question.

ok it was a 3rd grade joke

i know

i just like how the mind tricks you into seeing something that's not there

i didn't mean for anyone to get upset or into an argument

do not ask in chat nor dm people asking to get paid content for free. This is an ethical server, so please review the rules

no no, i didnt mean to get a cracked content, i am asking if there is an available material or someone have a free content on youtube or paid on udemy, anything like that, carck is haram any way dont worry

ok good deal

my god wtf are githubs new captchas

it shouldn't take 10 minutes to sign up for shit

😂

i saw what kamma was talking about on youtube

Well they are meant to keep robots in and humans outside.

"meet the man who is sexually attracted to balloons" 😂

yep

crazy people

thats so damn funny and so sad

i just wanna think that that was all made up and not real

he would make a great cartoon character

i didn't watch it

i don't need that stuck in my head

😂

https://tenor.com/view/it-pennywise-gif-9340974

lol

https://tenor.com/view/psd-pussy-cat-dolls-dont-cha-fun-like-me-girlfriend-gif-4291906

why sometimes hydra doest not give results even if the password is presented in the wordlist ?

Think it might just be more convenient for me to open THM in my VM and use that environment instead with how slow attack box has been lately(shit connection)

If you can dedicate more resources than what the attackbox provides, it will likely be a better experience

The convenience factor of the attackbox is high, but it's provisioned so that I can be deployed at scale without bankrupting the company

It’s normally fine. I’m just traveling and dealing with shitty connections

@shut hawk crazy

8-11 comeback?

AHahahah, no. For the first three rounds 3 people were AFK

But the remake failed smh

how big is your squad

I got another crazy clip hold up

just two?

It's just me and a friend

I would play but I'm knackered

I took a nap 😂

Lmao don't blame you tbh

I don't even think I have val installed

~~ Rule 2 : relevance ~~

also hello

struggling to tell what game that even is, someone help me out here

I can't send the clip 😔

Discord is bugging

it's Fortnite

im sure it was a l33t exxpic clip

did axolotls become popular because of minecraft or were they popular before and hence minecraft added them???

Radiant gameplay?

I'd say popular before

One of my friends has one

It was a 1v4

clutched up?

ofc

after some bugs on networking using WSL to reverse shell, listening ports, all that, I decided to switch to a good old VM, with kali installed.
It works so better..

yeah WSL isn't as reliable as a VM

So sad 😦 ability to use linux tools without have to set a VM is a great possibility, with all the power of the computer, without having to set just a part. But dunno if it's WSL or windows firewall who block these tools

I tried to set up Kali on WSL, and I couldn't even update it because my ISP had like some of the links blocked or something

WSL 2 or 1?

What errors were you getting?

smn knows how to hack snapchat or instagram

That is illegal and agasint our community rules

why?

.... holy meeps

Why what?

why is it illegal

Wsl 2, and I don't have really an error. Just, when I run tcpdump on a shell, injecting the ping command on the other (enumerating telnet room), or nc listening on a side and the revshell payload on the other side, it does absolutely nothing.
Doing the same thing on my vbox Kali VM works immediately

Odd, would assume firewall then yea

If I find something about that Ill let the community know

Computer misuse and unauthorised access

apparently there is 32 leds in the outer rings of the front fans on this pc

did trial and error in openrgb app to find that out

Meep moop time for sleep sloop to the beep boop for shadow

@shut hawk My team don't hold me down, I'm the problem

so close as well 😭

Also how did it end 12-13? No OT?

Unrated

Ahh

@loud marlin that was a fail

When will the monthly leaderboard be reset?

what on earth happened to the z seam

Got very fucked

Now I'm going through all my settings and trying to perfect this.... really should perfect it on cheaper filament

This thing is 500g at $45

I can get 1kg of TPU for $25 at Microcenter... might do that

Looks interesting

Isn't it valorant

Quite confused

a

Yeah, I was messing

Oh k, for a second thought fortnite added a gamemode like valorant

"Meta introduced Prompt-Guard-86M to detect prompt injection attacks in AI models. However, researchers found this guard itself vulnerable to such attacks. It turns out Meta's Prompt-Guard-86M classifier model can be asked to "Ignore previous instructions" if you just add spaces between the letters and omit punctuation."

is there room for new people on programming here lol?

https://tryhackme.com/r/room/pythonbasics

https://tryhackme.com/r/room/scripting

tyy

https://tryhackme.com/module/scripting-for-pentesters

There is also a book called Black Hat Python which I can recommend

bit more intermediate though

Heya @sinful moon you free and wanna send some music my way?

Uh sure, I’ll see you in DMs

dont play valorant, save yourselves, run, dont look back

what he said ^

I saw black hat bash recently?

you know the room is gonna be rough when you see one long ass line and a whole paragraph explaining it below

What do you play

i dont play video games atm

Booo

but i have 2k hours in cs and valorant

i coulda spent that time hacking

All my CS hours are on an account I don’t know the password to ☹️

bro learning to hack to get it back

Doesn’t matter it has a vac on it

lmao

i need to get a good job so i can get the nasa pc and get back to gaming

You don’t need to spend that much tbf

1.3k for a low-mid

i spent 200+ on warframe because i hated grinding, proceeded to forget the email i use for it and the username itself, unfortunately it requires you to login every time you start it

I used to be such a grinder, I would spend hours upon hours grinding games

yea im trying to move out tho too so im priortizing studying rn gotta save my money i just gotta turn all this hackin stuff into a game

the hardest game i ever played

thats pain

and yea me too lol i miss having no responsibilty and just sitting on my ass no lifing every game

valorant was like crack when it came out

I bought a gaming PC last year august because my course is impossible to do on a Mac

thats awesome

It’s not 😂

Lol

too distracting?

I could’ve spent the 1.2k that I spent on the mac on the tower

Every time I hear the word "Grinder" I always think of the quote from Borderlands 2:

Captain Flint: "This ain't over.... griiiinder"

I built everyone in my house a 'gaming' PC. They don't play games with me...

I’ve spent probably 3k on my tower and my macbook alone

Ah that sucks

aw yea that sucks

It's okay, they are all in their late teens / adulthood.

They’re your kids?

Got more important things to do right now that play games with Dad lol.

yeah.

macbook and a pc aint too bad tho they both got their pros and cons

If my father could play video games I’d always play w him

is there a name for using ffuf to build a list of registered users?

I’m 20 and he’s going on 50. He gets dizzy while playing, he prefers the retro games like centipede 😂

Sadly I don't think they realize what they are missing out on lol.

few years older than me lol, I'm in my 40s.

oh its just called username enumeration lmao

Mhm but imagine if I could’ve gotten a 4090 instead of a 3070 🤣

Yup, it’ll hit them when they’re older

I went slightly budget with my card, 4070 ti super.

yea the hindsight

I went super budget because I’m a uni student. Rent is more important 🫡

my laptop rn is razer blade 14 with 3070

For reals.

Chunky?

nope

Damn

My GPU is 2kg 😂

I'm in college in the US and working full time, I don't have time to spend money lol.

its really nice but laptop 3070 obv different from the full gpu

Yeah I know how that feels

I bought a razer blade once, kept overheating and bluescreening, so back it went

I know someone who has a 1080ti laptop and my god is it fat

ive had no issues but yea it gets fkin toasty

Might as well have bought a tower

i went with this one because its form factor lol

I just went back to macs

yea mac is nice and reliable

see the thing is i cant use this thing off the charger pretty much its "portable"

it has like a 3 hour batter life off the charger

mac battery life is hard to beat

Almost 40% done

They used to when they were younger, I had hoped to mold them into WOW goblins for 5 man parties, but they never got into it heh.

fortnite is a great game tho

its like roblox now too

has infinite games within the game

halo 3 the fortnite killer

halo 3 custom games were so good bro

For multiplayer, N64 Mario Kart for me an my friends, many many fights...

Growing up at least.

Fortnite goes crazy

the n64 one is so hilarious

mario party is still great

We tried that, it ended poorly. Oh yeah, goldeneye...

Often led to fisticuffs...

It looks pretty fun

Not really my thing however

I had a valorant phase a while ago

playing as oddjob on golden eye xD

Thankfully I didn’t turn into a valorant edater

nice

That game was ahead of its time

Apart from the bugs and stuff

yea people shit on it because it wasnt the perfect game

Never tried it

Don’t think my laptop can handle it lol

Nice

one of my friends has like 800 hours in persona 4 lmao

fr

Damn

I don’t think I’ve ever played any game for nearly even half that time

did helldivers 2 fall off?

I have a general cyber question- is there a good resource I can read for the correct order to enumerate and recon a target? like when I should run nmap/netcat etc

Yes

I'm working on a tool to wrap a bunch of tools together and generate a quick report for me.

It's less about work and more about proving to potential recruiters I understand some basic principals

and also learning c++

oh I'm mostly replying to the first half "I dont wanna make you sad or anything"

yeah I'm looking over the tool right now and this is exactly what I wanted to reference

Im looking to get into cyber security. I was recommended tryhackme by a friend who suggested I do this and a couple of courses instead of going to a 4 year university. How would I twist "I took a couple courses and studied on tryhackme" to be better than a 4 year degree?

It wont be better.

normal pathways into cybersecurity is like developer, or IT support

Unfortunate

Cost of that degree is 65k

Thanks for the quick reply

Like start at help desk kind of thing?

Okay

I assumed. I wouldve gotten into it a lot younger but I have the same mindset of everyone wants to do it and has wanted to do it since the launch of the computer

Just looking for a career

Any recommendations for which company to start with?

USA

Understandable though

Thanks again for the help

Or should he?

If you have the opportunity to attend a four year degree, do it

I do not have the opportunity unfortunately

THM and a couple of courses is in no way a replacement

Would it be possible to just get certs and work my way up through a company?

I am trying to find the cheapest possible option for entering this field

I'd look for scholarships or consider government service

Fair

You can, people start on Helpdesk typically in that case, but a degree is going to become mandatory eventually. Management pretty much requires it and it's also a contract requirement for a lot of work

Do you have examples?

Oh, yeah, they'll put xyz degree type but realistically it just needs to be STEM

Obviously, STEM degrees closest to the role will be weighted higher

I actually have a slightly different experience

I know what you're talking about, but it's still a bachelor's degree

there's a lot of companies that default to stem, but certain things will elevate you over a stem degree.

Probably a contract requirement

If you're a high enough level on HTB and have a bunch of certs that would reflect that (CISSP/CEH/ + level) they won't care if you have a degree or not. Many if not most jobs I see now are "in lieu of stem degree please have xxxxx"

some companies will lol

now that being said certain jobs are contractually required for you to have certain qualifications

Ford recruiters will straight up hang up on you for instance

ford

FFS.... if you are going to ask for an Info Sec Analyst junior position.... don't ask for bug bounty, or even experience working in info sec...

YOU ARE THE ENTRY LEVEL INTO INFO SEC

https://tenor.com/view/controlmypc-cat-screaming-discord-gif-20582295

Sources? The "in lieu of" is typically actual job experience. Not HTB

we put STEM degrees on our security positions but when we hire people, they come from all walks

if it says in lieu of, and even then, the recruiter can be picky.

I've worked with people who have degrees in...
Biology, Psychology, Russian Literature, English Literature, and a bunch of other stuff

"username=FUZZ&email=x&password=x&cpassword=x"
wtf is cpassword and what is the purpose of the =, x, and & operators here?

a lot of companies have a stick up their ass about degrees meaning best and brightest so they end up getting greenest and dullest

in this case what does the parameter do?

oh i see

would it work if i removed the x?

requiring degrees is one way to cut down on applicants also sometimes contract requirements dictate

and what is the function of & here?

im trying to make sure i understand the command before i move forward

there we go

+rep @fervent meteor

Gave +1 Rep to @fervent meteor (current: #264 - 20)

When I say HTB exp I don't mean "has done half the modules" i mean "first blood caliber" person and you use it as a refernce for skill / personal project. It's kind of like black badges from defcon getting you offers for security no matter what degree/certs you have.

not how employers see it

you'd need to be very good at articulating why not to make it count for anything

I literally know someone who was hired for their job based on CTF ranking + hackathon wins.

i know someone who was hired with no experience and became VP

point?

HTB can be used as a project to show some experience.

that was my entire point

we're talking about norms not exceptions and one offs

you can get a job in c suite at a F500 with no experience

you CAN

odds? low.

yeah in this room its having me use it to build a list of registered users

Sup peeps

One million beers please

mhm "If you try entering the username admin and fill in the other form fields with fake information, you'll see we get the error An account with this username already exists. We can use the existence of this error message to produce a list of valid usernames already signed up on the system by using the ffuf tool below. "

it gave me so many different tools to use but it looks like ffuf is the overall best

Me rn my head hurts

it has so many uses, it is a swiss army knife

lmao

does the -mr argument actually stand for anything?

oh i see

good to know

how can i save my names found from ffuf to a file..?

@buoyant tree @boreal scarab regex mentioned

wait im looking at a walkthrough and his is nice and simple while mine is a absolute mess

wtf

https://tenor.com/view/ive-been-summoned-berry-mint-gif-26570751

regex.
do y'all say reg- like reginald or reg- like egg --ex

thx for that insightful answer

like egg

why in the world is my ffuf all over the place

i've always said reg[istry]ex but it is kinda weird considering it's regular

reg[istry]ular

wrong

like edge

I think I pronounce it like

Reeg-x

used to rejection?

Like vegetable's

regex is love regex is life

https://tenor.com/view/regex-my-beloved-heart-locket-meme-programming-gif-13959497320814324081

https://tenor.com/view/witchcraft-hunchback-of-notre-dame-frollo-animated-gif-19403567

I haven't played this but there are a variety of websites out there to get better at regex
https://www.therobinlord.com/projects/slash-escape

regex gets fun when you have to start escaping your escapes and escaped with more escapes then escape those escapes while also escaping the double escaped again so it doesn't lose the original escape

that sounds like a nightmare

like when people use regex in python without using raw strings for some reason

hopefully syntax highlighting keeps up

backticks are great

don't need em when you're using raw strings but people are dumb and don't

yeah wtf my ffuf is all over the place i cant even see the names sufficently lmao

full screen

| ffuf clan

helps a LOT

i went full screen and it was still absolutely horrendous

what is the command?

Uh before you run it

I somehow broke discord

It then showed my nickname as changed but it didn't

THANK GOODNESS

for christs sake

No problem

Doesn't Fuff update the lines by using a \r so it's gonna make a file with thousands of lines

i tried lmao and as far as i got was just people using nano and typing in the names manually

Yeah I understand piping output

oh there we go

the ">" operator works

But in the case of ffuf I doubt it would work to a file directly in the same layout so some filtering would have to be done to remove teh status logs

yeahhh

imma just delete those rq

https://tenor.com/view/hacker-pc-meme-matrix-codes-gif-16730883

if you are just learning linux, overthewire can get you started

https://overthewire.org/wargames/

there we go, bruteforcing password done, username enumeration done, phew

ffuf is really a fantastic tool, can perform subdomain enumeration, username enumeration, password bruteforcing, directory enumeration

alright, i understand many more things than i did before today

very nice

This, with research.

man pages, -h --help etc.

Great for self learning.

Good Afternoon THM

👋

about to do my first CTF

i dont plan on getting the flag, since i need to escalate my privileges to get the flag, and i dont quite know that yet

but it does have a decent bit of enumeration and fuzzing, which is great to practice what ive learnt so far

sudo pls

which one?

oh nice! GL

appreciate it

yeah i def was able to reinforce my enumeration learning, but not gain any form of access

@fleet turtle try rootme it’s easy

i only know enumeration for the most part

I have a write up in my bio on it if u wanna read it

what are the primary skills for it

im taking a look

You wont get me with that second link!! i know the trick

yep seen that

scrubz did it earlier

What I’m an admin

nuh uh

I know what youre doing

https://tenor.com/view/tkt-smart-gif-20642718

https://tenor.com/view/no-gif-6533142189269812111

https://tenor.com/view/cojestprawda-gif-2084691180186616053

i should be able to do rootme after i finish the network security module

dont know how im gonna go about the reverse shell part though

Do you know how to reverse shell?

File upload

Php reverse shell

https://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet is an amazing resource :)

this is something I wish I had earlier

ill take a look at the reccomendations

is there any modules for it? the only one im seeing is just "basic" reverse shell uploading

woah

Thats cool

oh wow now this is a surprise

Revshells was made by our very own Mod 0day

usr/bin/python -c 'import os; os.execl("/bin/sh", "sh", "-p")'

Is what I used for privilege escalation

For SUID

i imagine after the "what the shell?" room i will be able to use revshells.com effectively?

Is he active

to an extent

Guys click the tryhackme link in my bio I’m a new admin!!!!

idk about active necessarily but ive been able to speak with him

well will that room get me started?

here

I was in vc w him 3 years ago here

uh oh

I did this room 2 rooms ago, its very theory heavy to begin with but at the end it walks you through doing them on a machine for both linux and windows and gave me a better understanding

Thats sick

as long as it gets me a foothold

Who here does bug bounty

Oh i also got to speak with John Hammond here once and that was really really cool, one of my fav moments here. he originally got me into cyber sec so it was amazing to get to talk with him for a few minutes

How

same

He was chilling here in general

wow john hammond

thats wild

Yeah!

https://tenor.com/view/reari-dog-barking-koreaboomina-bblmina-gif-24010279

He was forced to use assembly to write a C compiler

sup prod

Bro got ratted

rule 7

Brooo

I’m talking about

A gif

english pls

I said bro got ratted

What

Coz the dog was mad

"ratted" lol wtf is ratted

😭

Remote access Trojan

oh you mean literally RAT-ed

Yep

i was expecting some new shit that y'all say

Lmao

that was a good watch ngl

Its not that new youre just old prod😂

What age

not even that old just not an infant

somewhere between 12 and 47

Oh god

wow i knew it

Don’t tell me bro is 47

god DAMN

How much did u pay for ur certification

Oscp

nothing yet everything

Was it worth it

What other certifications do u have

fr fr no cap

https://media.discordapp.net/attachments/1051988905320255509/1146537451750432778/ezgif.com-video-to-gif_2.gif

What age is minimum requirement

Is there a req on those certs?

how old are you when you normally learn to read

Not something ive heard of

4

then 4 it is

ISC^2 certs are a defacto minium of 5 years old though

• 4 for reading age

so 9 years old

need 5 yoe

Passport valid?

If I have to show a drivers license I’m cooked

starting my kids out on this

https://tenor.com/view/no-gif-6533142189269812111

why do that when you have discord

Yeah he could just ask and wait for a more vague answer

The infomercial on the magic bullet that used to air on Australian T.V. at like 2am in the early 2000s has a special place in my heart

Oh yeah guys im getting paid to go on a float trip

15 an hour

Not the whole time but ill hopefully make like 90-120$

this might be a dumb question but what's a float trip

what's a float

Float down river

you're getting paid to float down a river?

yes

situational

^

sometimes custom spin as well

I have to check people in and shit but other than that im free

bruh

am confused lmao but being on the water in general is a good time

always

wat m8

If youre doing legal stuff you will not be caught by the feds using anything :)

if you want to stay anon talk to @mossy river or @sick lance for some tips

been around for longer

interesting choices

they run things here 🤷‍♂️ gonna know how it goes right

Literally you take a blown up air raft and just float however far down a river lol

https://tenor.com/view/hacker-pc-meme-matrix-codes-gif-16730883

2 but less this past year

oh no i got that part, just the relevance to your job (or other way of getting paid) part 😂

ive literally never heard of caido

just looked it up and ngl it looks interesting

my mom needed someone to check people in for the company float trip that shes the COO of so she asked me cuz im free those three days

And also i will hopefully be able to talk with some of the tech guys that are coming and maybe land a job

ahh so you've got an in i hear

should hook us up

In what context?

Haha you wish!

whatever context @gritty fern introduced it lol

looks interesting but i like the layout of burp more ngl

float down river

I only saw your message lol

https://tenor.com/view/winnie-the-pooh-i-cannot-read-gif-10549564367608169258

This is true

Brother

What

Anyway theres various modules to start out @rapid merlin

Like intoduction to cybersecurity

Ok??

@rapid merlin you had god's visions yesterday then why are you asking to them

he got bored of making temple OS

the second release?

finally

one day you will see

yessir its getting modernized

normally takes a few thousand years

Huh?

that were your words yesterday

you

yeah

yeah he was prototyping on stone tablets and cave walls now he is upgrading

dementia

you said one day yall will see

anyways how are you @molten sky

who?

dementia

eh still alive right so that's somethin

fr tho null

whats the best vpn and antivirus?

In the upload vulnerabilities room, task4 and question 2nd
it gives me this error

best antivirus is your finger

nerd vpn

best vpn is subjective and situational

whats that mean

what's your nation?

it means don't click on dumb shit

imagi

well what if i accidentaly clicked on something that was really well disguised?

huh?

#room-help

already

why and what do you know about me

i'm just a 11th grade student

then you need a second best antivirus --- if you're on windows, defender actually aint that bad nowadays, but bitdefender is often lauded around here

you asked what nation he's in

what about vpn?

Already what?

depends what your goal is, really

already posted it on #room-help

Oh yeah yall i have the dumbest story for yall, i have old laptop, HDD broke so after a while i buy SD card to boot from cuz SSD expensive and HDD slow, but laptop doesnt support booting from the sd card slot, i dont want to return it because too long of a drive so instead i install linux on SD anyway and i chroot into it while also binding any important folders to the mounted SD card but now graphic dont work. I couldn’t figure this out but eventually i realized that i just had to run “xhost +local:” so that the graphics drivers could run from anywhere on the system so now i have a linux SD card (i also wrote bash scripts to automate setup and takedown

wtf kinda life are you living where that's a thing that happens
unless you just give off a certain kinda vibe to people

Anyway i need to sleep cuz ima be driving tmrw

Good night everyone

OK, posting to multiple channels isn't going to get you help faster. It shows impatience. Everyone here is a volunteer. Someone will assist you when they are able.

nn

ay ty for the reminder, gonna put that on my 2nd monitor

Gave +1 Rep to @fervent meteor (current: #253 - 21)

idk, what i could really say is just some good protection while browsing and i dont want to be too vunerable to penetrators

weird that it didn't come up..hold on

OKKKKKKKKKKKKKKKKKKKKK

🧌

@rapid merlin bro first of all connect you discord to THM

dudes just here to troll

ohh

@molten sky so any good suggestions?

idk works for me

the key is stop caring what people think (to the degree that doesn't get you fired)

it sounds like you wanna just use one at home? unless you have a particular reason, that just sounds like a waste of money tbh, and quite unnecessary (if anything, hightened exposure)

emm you have to go to id:guide

my guy

imagination

gn Zumi

Morning

m

so just dont worry about vpn?

Gm Bella

hyd

np

for normal at home use i wouldn't
i only use a vpn from home when doing certain specific things, like if i'm working on a bounty program and might piss off a WAF somewhere by accident

ok

Tired, need to get up

getup and do some yoga'

Narhhh, just need to have my brain wrap around what had happened all night

https://youtu.be/7vObEK3Lbp4

when will 0day be online?

idk whenever he feels like it i guess

It's late for him, so he's probably sleeping

my discord just shit the bed with commands

those were supposed to be messages

Oop

i had to change channels and come back to get out of locked-in-command-for-no-reason mode

well

folks

i have to go

have a great day

✌️

Got 3 minutes till my bus

is it just me or are the web applications in OWASP's top 10 room very slow and don't work in general

For the tasks

you will probably get a better answer in #site-support / #room-help

thanks

Are you?

Which account was yours?

@sick lance :)

Oh sorry

You were aware

Even the wrong tag😂😭

Sorry 0xR1sh0x

gm

How are you 💝

doing very well, how are you?

Fit n fine

such ease of access to information on sites such as HTB and THM is a blessing and nothing less

holy shit man

why is mr robot throwing curveballs at me

s1 ep8, 39 minutes in

im not gonna spoil

htb ❌
thm

as much as i love thm, htb is still a helpful resource for many that shouldnt be taken for granted

HTB is a bit better when you get the fundamentals down from THM. They do have a HTB Academy feature, but its much less accessible than THM’s platform for learning

just good for going in on more challenge/CTF focused stuff once you get stuff down

but yeah THM has those as well

i completed hackthebox's penetration learning path and bug bounty learning path, they were bad af

lol totally fair, I only sampled a bit of it and wasn’t all that taken with it

htb academy is great

but if you have the linux fundementals down it makes it better

but ye htb machines >>>>

I will say they have some very interesting paths that are not in THM in any form

start off with thm to get some Idea of linux and cli and then from then go towards htb

the htb machines are genrally better imo but

thm is a wonderful place for beginners

mhmm, that is kinda more what I mean though, I do think THM is a better intro

thm also holds your hand more then htb

and HTB to try later

thm is a great accessible resource for learning and reinforcement
htb is more for reinforcement and consistency, both of them are helpful once you have a foothold, and without them cybersecurity wouldnt be as easy to learn, both different categories, but they are both helpful in the industry

htb will not tell you everything you need for a box / path

it will teach you to do your own research

which is an invalueble skill tbh

Mhmm lovely for that

it teaches you to find your own way, to troubleshoot, and gives you something to test on, THM gives you what you need to know, makes sure you understand it, builds on it, and gives you something to test on

yesnt?

You’ll breeze through the easy ones but it’ll get interesting and tricky before long

I would say that's almost 100% right from dagger

whoa whoa whoa

no need to say that

tryhackme is sufficent for many many types of people and levels of experience

They do have some rooms which introduce more advanced subjects. Also good for people like me who was into this stuff in the 00s and suddenly needed to catch up for my job in the 2020s

yeah that's fair

sometimes I wish thm would dive deeper on a few topics

or give you a rougher around the edge room a few times

by that I mean it's trickier

or like an indepth grep room

most people I've talked to only have a shallow use of grep when it's easily one of the most important tools

well you know i take that as an opportunity to do my own research and make sure im not entirely dependent on it walking me through

imho thats just why you supplement it with external learning but yea, that’s a self motivated goal

go right ahead man

be sure to be taking notes and building a knowledge base

Agreed

feel free to talk to the dumbass strangers when you get stuck sometimes

sometimes they might know how to help :)

Kinda addicted to my Markdown notes

https://tenor.com/view/spongebob-krusty-krab-crawling-crawl-fish-gif-12745135769617083309

Nice, keep it up c:

remember though

dont just do rooms for the xp

do it for the knowledge

Yeah that bit I said above about expanding your research beyond THM is good

mhmm, that too

yea

im sure you can atest that in the field you cant possibly know everything due to the nature of the field

yeah ofc, the xp is just a good motivator

so having good notes / having methods to finding out new exploits and fixes is important

one of many motivators

the mitre room is great

lol I know I cheezed a few THM rooms with newer exploits than they were designed for, but yeah that was cheating myself out of the lesson effectively

less than ideal even if it was neat lol

yeah fair

if anything I wish thm would have a few good "testing" options

it could help them branch out to schools more

like instead of a set room and answer set you would have something like how cisco tests are done where the information changes

or well is "randomly generated"

like when setting up routers etc in networking

it would also help users get a sense of "wow I can't believe I knew how to do that"

Probably very difficult to administrate, officiate, and especially interact with local goverments depending on the scope of your plan. On a larger scope, it’s very hard to compete the the professional certs that we have, and they can be aggressive in protecting their lead

That can be true

In your opinion...

when I was in highschool though through "PLTW" or "Project Lead the Way" they offered a cybersec course and a networking course