#general

The GPD pocket 3 packs a lot of power for it's size ngl

Expanded phone

I use to have a small laptop, it was fun, not that small

I wouldn't mind having that small of a laptop, would be fun to remote home, and don't need to carry a bulky laptop when travelling

The pkocket 3 can have up to 1TB of storage????

Damnnnn

Aaand it's super damn expensive

nvm

Reading text on that screen would actually make me cry

https://tenor.com/view/magnifying-redd-foxx-fred-sanford-sanford-and-son-looking-for-it-gif-17834149

Would be interesting for a red team

Doesn't seem much worse than a phone tbh

Very interesting, very sneaky infact

Lol, you gotta have it up close

I configured a router with a palm pilot once

Does anyone have any remarks on the book "The linux command line"?

That's a book? I thought that was a terminal

https://tenor.com/view/what-can-i-say-anybody-hello-say-what-gif-21564341

i have child trauma from chickens

looks to be no starch press with very high ratings, I'm not sure what a random discord could tell you beyond that

Could someone give me a help regarding wireguard?

my childhood trauma is geese

😂

same shit different package

cos they are fracking satan pets

Thought people in a hacking server might've known about it since it is based on Linux, but Thanks!

Gave +1 Rep to @tired peak (current: #15 - 504)

this ?

can someone help me with wireguard?

thats a good call, I googled and got this
https://www.amazon.com/Linux-Command-Line-Complete-Introduction/dp/1593273894

eww

fair yea

but I'll say I've never been disappointed by a No Starch Press book

i like oreilly stuff and for dummies sometimes

?

and packt publishing

Actually

what´s up guys

we need need some fake mumbly rambling about THM

Let me delete it

Packt is the worst, most of their books are horrible outside a few gems

It's good now

Hey guys. I am looking for a specific wordlist: Sometimes I have a Local File Inclusion LFI, and I want to fuzz the host for any and all valuable files that provide info such as configs and any private files. Do u know of any wordlist like this? OR should I have to try to generate it myself?

oh really? i was gonna learn .net maui with their book

@gray sonnet hello lurking boy

In the ffuf discovering content room, a valuable word list is linked, let me find it..

you do have to base it on a book by book basis, they seem to really let anyone publish and often books are very superficial

hmmm thats troubling

but like I said, sometimes you will find a good packt book so judge it by the book itself

Have seen you somewhere but nowhere to remember it

probably htb

laughing at network+ in certs channel without providing alternatives

https://github.com/danielmiessler/SecLists

Discovery/Web-Content/common.txt

Oooh, you know me?

yeh i sometimes go yap there when the moderation here feels too strict to breathe

I don't think the moderation here is that bad

Hmm?

Oh no

i dont like it

htb does it better imo

just don't be an idiot? ¯_(ツ)_/¯

im not sure that talking about reversing as a newbie is being an idiot but ok

Hm?

Was good to see Null finally got it 😂

reversing was my first interest in IT and malware analysis was first for me in cyber. hiding it for "advanced" channels seems strange to me

rules generally happen due to the myriads of people that have come before you

Mostly because it's complicated and easy to mess up, and mess others up

and there are lots of other platforms out there that are more geared towards that too

yeah, it would be nice to point ppl towards them rather then saying: lvl up or get oscp

It's bloody dangerous if you don't know what you're doing, and there are people who may blindly do things they'll regret, like copy and paste malicious commands

It’s not a beginner topic and Discord doesn’t take nicely to malware.

It’s a blanket ban because we need to make sure you’re actually here for cyber by either having an advanced certification or the top level on the website

To be fair, the level up isnt too hard

isnt but takes a while

Couple weeks at most

Some tryharders can probably speed run it faster

But yeah a lot of the rules are there to protect the channel from Discord as well

yeah my goal isnt to get access but learn so im not gonna get there too quick

Considering hacking is a pretty hot topic

That's honourable

hi

i am new

hi new, I am chameleon

hi new

how can i interact

with u

verify might be ok start

what start

also #start-here and red #rules is not bad to do

ok

who r u

im ralex

r u new

or old

old. kinda

Old man ralex

Wichh cve is this

https://tenor.com/view/google-exists-google-search-it-geekboy-geekboy-cz-gif-25933207

shhhh...

Image failed it seems

Ahahaha I'm in the middle of a game

u

cve-2024-3400

Unless it's on my end

Ahaha I can read it I mean which one

ha

🤣🤣

Weirdest username I've seen

CVE-2024-3400 PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect

who

what

Fair ahhaa

who

not for you... it was for mad one

hooo ok

how to get access the outer chat

what to do

whats outer chat?

the voice chat

#start-here and #voice-chat ?

Read #start-here , but you'll need to verify with the tryhackme.com site before accessing vox

other than this

ok

hello

hloo

You ok, mate?

"Microsoft admitted its defensive implementation worsened the Azure outage on July 30, which was initially triggered by a DDoS attack. DDOS attacks aim to overwhelm systems with malicious traffic. They are becoming increasingly common, so Microsoft should have been able to prevent the outage."

well...

I mean it basically was

Probably not too far off

when i saw Gojira play... well... it's start

Only difference I see is that the actual flame is electric

last olymp game i wastched was in 2008. think it was hong kong iirc

Beijing iirc

oh yea

well was close 🙂

Tired

Don't say that to Hong Kong

Just had to do a 4 hour round trip to turn on a button

classic

Mail To: @HongKong

❤️

Thanks

Gave +1 Rep to @fleet turtle (current: #474 - 10)

#474 lets go

I agree

Mocking Christians, mocking the French history

mocking anyone, especially at an international event, is absolutely unacceptable

True

im lost, what happened?

The olimpics opening ceremony

Olympics

what about it?

Mmm did you watch it?😅

the thing people thought happened but didn't?

Which thing didn't?

the olympic shooting was crazy though

i didn't, which is why i'm lost

the turkish shooter was cool as hell

raw dogging olympic shooting

they mocked Christians, mocked French history

what?

really? that's daring

I think a lot of people took the homage to a greek god as offense to Christians somehow

or I dunno, its weird, people interpret things from their point of view

The table behind it?

Not the Greek god itself

And what about the Marie-Antoinette thing?

apparently Christians own all tables?

Pfff do I need to send a picture?

Why is budgeting/financing so annoying and tedious

I saw it, like I said people will view things from their perspective

Think they thought it was mocking The Last Supper

The Turkish shooter is all over my feed lmao

I love it

Help meh lol

It's clear the "crown" on the singers (with the blue dress) head means holy.

its not all that serious

he is everywhere

He actually used earplugs

Keep confusing myself

The Olympics even apologized for it

im aware, i still consider it raw dogging

Sure, just give me what you have a month, and what priorities you might have, you can dm

they probably apologized because people keep harping on it.

How do you organise monthly and fortnightly payments and split them into weekly when they come out at different weeks

And keep on top of it lol.

I'm generally good with organising and maths but this is hurting my brain.

Over thinking is great

lame, i'd rather have freedom of expression than trying not to potentially offend anyone

Why lol

As much as I like to respect everyone. I hate having to walk on eggshells around particular parties.

i just saw that, goes hard as hell

Wait are we talking about the shooter guy?

hey friends

still cool af

Everyone is

@fleet turtle

?

007urkey

definitely a spy /j

exactly

probably not too far off lmao

Has someone come up with that?

i dont think so

Could really be some secret service agent or something

I'm stealing it or hopefully making an original meme

Are we doing a Turkish meme showoff?😆😆

dude showed up to the olypmics like it was just another day

I only have monthly, quarterly, and yearly payments, but I do things by year, I see how much it'll cost a year, divide that by 12 and then have that as monthly put aways, when it comes to yearly, for quarterly I do the same cause of course, I then divide by 4 instead of 12, putting away that monthly

I'm terms of weekly, you're meaning you get paid bi-weekly?

idk seems risky to blow cover like that and apparently his socials are full of cat selfies (what a god 🐈 )

Someone Photoshopped a cigarette in his mouth

All he's missing ngl

No I get paid weekly but trying to keep up with fortnightly payments and monthly payments when they all come out at different times and trying to remember which one is coming out when sucks. Particularly making sure the monthly ones get paid when you're trying to make them weekly in a sense.

Ahhh, I'll explain that in a bit, need to wrap my head around that too

Then insurances completely throw me off being fortnightly

Is it recurring payments?

The monthly ones are actually easier than fortnightly ones weirdly enough

Idk why

Yeah recurring ones

That's because you'll know it's happening

Sure, give me a second or 2 hours to get my head around this

Fortnight ones just pop up.

Turkey guy is like "what should I wear to the olympics" "oh just pick any shirt out of your closet"

there is arabian people here ??

turkish shooter is like f2p among whales

I've divided monthly ones by 4 then rounded it to the closest higher whole number. And halved the fortnightly ones but I still can't get my head around totals in the account they come out of.

But I'll start by making an Excel sheet of all your payments, and what pattern they come in

this slippers also looks nice with that t-shirt. might wear them

Yeah, I get that

Oops I forgot to add reply

I like static payments like board, car finance payment (paying off a car), I don't mind insurance but having it fortnightly is so annoying. Throws me off.

I'll just do it again lol

No worries

Old school retired cowboy is back

I've made notes on my phone with a checkbox next to them and all the payments by week

Hmmm

Sounds good

isnt there any freeware that helps with this? id expect something like that to exist already

Istanbullet

this deserves a pin

Yeah I've still kinda confused myself with totals even tho it should be easy lol

I mean I know I can add it together to what week I'm at. But it feels like something isn't adding up right

what is up with these shooter mems?

im out of the loop

Hhha you missing

Turkey guy didn't

Actually his teammate dragged him down

FB scammer rly can be annoy. he rly wish me to send proof that i pay shipping =/

Buying stuff off of Facebook is wild

but the deals!

nah... somehow he found me and offer me free 3d printer if i pay shipment

How much is shipment lol

75e

Bet it’s as much as the printer itself

I can dm?

sry... 95$

lol thanks

Gave +1 Rep to @loud marlin (current: #26 - 332)

95 is pretty crazy for shipping

https://www.instagram.com/reel/C7M6X0lSxzQ/

Guilty

Send them down

Of course

Won’t even let me hear

Apparently you can’t hear if you don’t have instagram

speaking of down...

I think you should seek medical help

😨

You have to click the bottom right corner of the video to enable sound.

W

That's actually an L

the cybersecurity based turkish shooter memes are gold

i am stuck here and i need to ask this question : CPTS by HTB : penetration testing path first or THM penetration path first or PEH first and then what? need help digged google but wanted to know your pov also :))

yo guys , what note app yall using

notion

Notepad and Samsung notes

HTB is typically based more on reinforcement and designed for people with prior experience, the THM Jr penetration tester path would be most likely to fill in any gaps you might have, but it really depends on your preference and experience

most people here use obsidian i think

pretty good looking gui ngl

Did you hear about the big United States/Russia prisoner exchange. 2 of the prisoners released were Russian hackers

No

I don’t follow politics or use social media other than Discord

people use a variety of note taking apps, just try them out to figure out what you like: notion, obsidian, joplin, cherry tree, trilium, etc

Even though you are in charge of the news sector for THM?

Who said that 😆

Until defender starts yelling

Thought you wrote the news stuff

Getting four different phone calls from four different phone numbers at the same exact time is always great to see

Yes sometimes but a lot of it is mainstream news that everyone talks about

Ah I see

wow twitter is absolutely full of bots

twitter might just be the best example of the dead internet theory

Almost every social media has bots.

YouTube is also filled with em

twitter is the monolith

(it isn't a theory if its true)

mhm

i dont know anything now except some basics like networking ,linux ,security+

then THM might be better for you, again its up to your needs really, and both or best complemented with external research

HTB does still have things that you could use those skills on

THM has a lot of good content, HTB has some super beginner content, there are also other things out there like pwn college (which is free and great)

for THM, go to #start-here

also the PEH course from TCM is a pretty solid course, you can even try it out on youtube for free (about half of the course is free on youtube)

so you are saying to go for the THM first then CPTS and PEH by TCM?

no

i have the PEH course with me

CPTS is a cert

well if you have the course, I'd do it, if you know some networking/linux, you should be fine

i know ! but the learning path of it

so it will go like this > PEH > THM > HTB?

or PEH > THM & HTB depending on your needs

for practice / filling in knowledge gaps

is there any way to get anyrun for a personal email without directly emailing them to get your personal email verified

I would do the PEH and THM on the side if you are new

sliver (SILLY_MITTEN) > shell

? This action is bad OPSEC, are you an adult? (y/N) 

lol

and after completing HTB?

what would be your goal?

OSCP by the next mid year

then sign up for OSCP

without any knowledge?

basically between PEH, THM and HTB, that should take you a year if not more

what do you think PEH, THM and HTB are?

then OSCP has its own course

then what should i do ?

after OSCP?

nah for the oscp

well you could practice prior, there are a ton of guides on how to prep for it

i got some reviews who gave exam recently saying its course material is not enough and not so good

again, between PEH, TCM and HTB, you should be prepared for their course but you could practice more on HTB after that

yah they all came here between them saying PEH htb or THM :((( confuseddddd

yoo, whats good

conclusion please 😦

I just told you... look just start

the content will take you a year or so to do so you'll have a better idea once you get further along

Love broken laptop fan noises

i'll start from today ! thanks for helping and explaining everything God bless you! :))

fix fan 👍🏽

Laptop is under warranty, but if it's a simple fix I can try it if my boss approves

damn

guessing that there is a warranty sticker?

what kind of pizza is this?

You mean the "Void if broken" Yah, that's illegal for them to put on in the US, it means nothing to us lol

But no sticker. He wants me to put a claim in

yeah fuck it im buying a panasonic toughbook for mint

it looks more like a foccacia

yeah xd

https://www.ftc.gov/news-events/news/press-releases/2024/07/ftc-warns-companies-stop-warranty-practices-harm-consumers-right-repair

how do i get my roles?

Quick question what happened when I run my vm in hdd what happened slow or what?

@finite crystal

sweet, thx

Another one so i laptop with both ssd and hdd, os in ssd but it almost full, so can i change my hdd to ssd or remove DVD and add ssd

niceee

why not replace your hdd with an ssd?

or sure get rid of DVD

its not cheap to do that

well, not yet

well I didn't say it was cheap but generally not too bad

hello

Okay so it didn't do to my m. 2 ssd

amazon has a 500GB SSD for $55

i can do one better

your hdd isn't a m.2 though?

wish has one for 4 cents

uhh

just kidding

@boreal scarab
=/

dont buy em

No

sorry samsung or bust

samsunG?

ew

(no offense)

Ok last question which ssd brand is best

so you could get rid of your hdd and replace with ssd

samsung ssds are nice

i personally prefer fujitsu ssds

never had an issue with them

Reminds me, I need to retry my finger after my haircut

u saving the planet if u buy em

what filament?

i typically see that stringing with PETG

pla. but i forget to change from hpla. and used way to big speed

Correction... I need to print my human finger with my human flesh

oh the speed makes sense

Heyo anybody up for giving more knowledge and guide about how they study through tryhackme

most everyone here is, just ask what you need to know whenever you stumble upon it

well, i usually have a walkthrough next to me

if i get stuck, i get a few hints from there

to work my way up

Okay Thanks for clarifying

yea... and preassure advance is way to big for normal pla same as volumetric speed

Ohk great so is it enough to get proper knowledge from free rooms?

Oh nice

But learning and applying it basically how do u guys prepare

good question

if i for example find some valuable info to know

i usually note it down

and try to understand it

i did strictly free rooms for up until 0x3, i learnt plenty, you can get a decent bit learnt based on just free stuff, its best complemented by external research, i would suggest getting a subscription

read it, try to recall the fundamentals and how it works, if you cant then go back and look, maybe try getting someone elses input from maybe watching a walkthrough, reinforce it by seeing how you might be able to appl it in specific scenarios

Oh great that helps yeah I do that anything else like trying to look for real world data like for example any person

Oh that’s helpful thank you I will do that , I try getting into the CTF I didn’t get any thing like I tried to ping it with the remote access with their given ip I was not able to solve fking fist task

Gave +1 Rep to @fleet turtle (current: #441 - 11)

thats very good, u are then improving your mentality

I should get ready for tomorrow

Right I will do that

Thank you, I just feel what ever am I learning I am getting anywhere with this stuff that’s why I get more confused

i totally understand u man

its hard at the start

the irony of getting hit with a paywall while reading this

can hackers bypass two-step authentication on instagram or snapchat?

Well if they have access to your phone then why not

physically?

or distantly?

Well if they have physical access to your phone, then you have much more to worry about then breaking 2 factor authentication on your insta

few months ago one of my friend's snapchat account got hacked (as she thought)

but the catch was

that the guy guessed the password

huh?

well most normal users have a pretty simple pattern they follow.

and her dumb boyfriend gave her password in dm

I need help with pentest :<<

drop it here

Why

My company asked me to pentest the web (am student :>)

you better have signed a contract to do that

I applied for an internship

yeah, i think there is, probably not best to discuss though

That’s illegal

pinging?

undestandable

that too ... in many servers

No

BRUH

social engineering?

sus and that is a bad idea

what did he say that was illegal?

@mossy river

that is one long damn link jesus christ

https://tenor.com/view/bh187-spongebob-red-alert-panic-oh-no-gif-19287306

i think vulnerability is sql injection

better not continue discussing about it.

are you trying to hack a genuine website??

you gotta be joking me

The company told me to rate this website

:<<

i dont know

thank you mr scrubz

you 100% need to get it in paper

Why are you posting got here?

sr

sr bro

am really sorry

What are you doing?

I haven't done anything with this website yet :>

What are you going to do?

this apparently.

So I write the report in PDF?

Do you have a legal binding contract?

not sure if that's a thing in all asian countries

this Internship Entrance Exam

to intern for a company

sus

have you taken any pentest course ?

not yet

I self-taught on tryhackme

i heard that there is a 2024 version of rockyou.txt

when obama care breach happened

yo

sup

👋

greetings

ello ello

everyone tries to label breaches as the next rockyou because they don't understand how silly what they're saying is

i am confirming

british websites should reconsider

exactly, an attention grab nothing more hahah

https://cybernews.com/security/rockyou2021-alltime-largest-password-compilation-leaked/

😱 oh noooo

https://cybernews.com/security/rockyou2024-largest-password-compilation-leak/

😱 oh noooo

wow

and it will only take

lets say

5 years

to go through it

🤣

fr

They are saying, get a piece of paper or document from the company/website owner, with their signature, saying yes they won't get in trouble for testing the site, we asked them to

Because if something breaks, you can take the blame and be put in jail or fined. The paper is called a "get out of jail free card"

me after raising rent on single mothers

😅

Not cool

Yo guys, I encountered a problem with the installation of Kali linux during Dual Boot : it doesnt ask me for the installation of grub. When I finish the installation and reboot, (I click on Kali linux to start the OS) and it gives me a black screen. If you want any details, ask me. And btw, sorry If i write so bad, im french 😅😅🥖🥖🍷🍷

Do you have solutions PLS?

dual boot with windows i guess ?

dual boot is not recomendet with kali. for a start. kali is not so stable and it can brake booting. even up to part where loosing data...

Why dual boot Kali? run it in a VM.

if you do not know in-depth of how to dual boot and issues with MBR and GRUB. then it can be extra bad

https://tenor.com/view/oh-no-oh-no-anyway-gif-18887547

So slow in vm

You could use the windows bootloader to boot Linux.. I've done it in the past. It's not super easy though. I'd recommend you not put Kali on hardware though. VM is recommended. Especially if you don't know how to troubleshoot Linux issues.

there is DD command to backup MBR part on hdd/sdd and restore it in case or two. but again dual boot is not so ok to go at first choice

Unless you know exactly what you're doing.. do not use dd.

but VMs don't normally use the GPU so in general demanding tools will take longer to run, although I think it can be configured to use the GPU but I haven't looked into it to be honest

There are ways to use the GPU but not super worth it usually

Also known to some as "disk destroyer" or "data destroyer".. it can kill whatever you point it at.. and not ask questions or apologize.

PCI passthrough is a pain to setup

Ive done many Kali Dual-Boot with Others PCs and it worked fine

I have a Microsoft surface laptop 4 btw

You selected the main disk to install grub on while in the installer, yeah?

Nah it didnt ask me to Install grub

also being able to roll back versions of your OS saves you trouble if you did something wrong especially with such powerful tools

Ruh roh raggy

Can you get a boot menu at all? I believe you can just use windows’ to boot into the other partition but it’s been a while since I just prefer to VMify it all

Backups are importante

Ye I get a boot menu but when I select Kali, it gives me a black screen

You could use a boot disk to boot into a recovery environment.

I wanted to try boot-repair but idk if it'll work

then configure grub.

Could do it from the live install iso 🤷🏼‍♂️

Since you’ve already got it handy I assume

Yes

Or just go through the re-install process through the iso after verifying the hashes, and pray more this time

try that... i all depend of lot's of things

Yea youre right but im afraid my keyboard wont Work because Last time it didnt

A Bluetooth/Wireless keyboard? Or wired

One time I didn’t have a keyboard for my proxmox server so I used a flipper zero 😭😭😭

DAMNNN

OH YEA I HAVE ONE
Let me try that ill be back in few hours, or few days idk

eh I did same for a laptop but with a ducky

My root password was like 32 characters so after a few times timing out I badUSBed my password figuring I’d change it after hahahah

Classic

Thanks guys, appreciate it

Hell yeah

dheck 32 lol

that's crazy... did you buy the badUSB or just make it from some microcontroller ?

KB was broken but needed data recovery without disassembly

I only usually accessed it from the web GUI and therefore used a password manager hahah

Flipper zero has one built in

ahhh ok

if you wish to protect data, just use LUKS or some full disk encryption

But I have made some from Amazon usb modules before, they’re super fun

seems like flipper zero has everything built in

Damn those are some restraints hahahah, ducky works perfect in that scenario, or just a usb keyboard 😭🤣

I've been loosing my brain trying to make a clone for my TV remote using arduino.. guess I should've bought a flipper zero

It’s a fun lil toy for sure

Yeah, but eh I didn't have a usb keyboard near me but had a ducky so why not

Does the ducky have a USB port?

i don't recall

Oh gosh yeah. You can probably rip specs for your TV from flipper zero GitHub stuff tho

Yeah exactly, use what you’ve got 🤷🏼‍♂️

Plus you get to use your ducky hahahah

i think it does

It’s got USB-c

The flipper does

usb duck v1 is just usb v2 have usb and usbc

Yeah ^ that

That’s for the like, hak5 ducky

The classic OG

oh k

I've got the v2

Flipper has a advantage because you can store however many payloads, not just the one or so

And select with the gui

BUT is less discrete

intresting

I envy you

Love to see it

thnaks

THIS DEVICE CONTAINS ATOMS ? 💀

did u have a sdr's

Reminder: Don't make ralex your enemy

sdr is ?

Radio

Software Defined Radio

like rtl sdr or hack rf one

nop...

no radio hack for me

buy them too its kinda cool

only nfc a bit. since i got 2x dangerous things inplant in hand

I worked with a group of people whose job is to go to airports with SDR and respond to rogue devices

is that legal?

Very interesting people

It is when you’re the government 🤣

ohh...... loll

if you not on task as red or any pentest and do not have all legal paperworks. do not go outside house with tools 🙂

heylo

i am doing the complete beginner path way

i love to walk with pwnagotchi

and i now i think i have some progress

Heylo Pravav S V

that is also kinda thin line to walk around

I take my flipper everywhere 🤷🏼‍♂️ just don’t do anything stupid with it

nice. progress is good !

i never use pineapple or OMG cable outside my own devices and room

yes it is

Yeah pineapple is easy to get in trouble hahah

if u do its gonna hurt yourself

and i am doing a 100days of challenge

anyone wish to do it with me

using tryhackme

Especially if you don’t 100% understand everything that you’re doing and every single signal your device is sending

i got some old router, 2-3 old phines and so if i learn things

Hello everyone, I'm eager to understand the specific methods behind targeted attacks on individuals who use platforms like Facebook, Instagram, and others for their everyday activities and internet research. For instance, if someone were to target me, what would be their initial approach? Could someone with expertise in cybersecurity shed light on the methods and vulnerabilities that can make individuals susceptible to targeted hacking?

Sounds like me trying to get ChatGPT to tell me how to do it hahah

in my opinion they'll go with social engineering first

Anyone know about the best location spoofing app for Android.?

I want it for my job

Hey THM 👋

ello ello

sus... Also VPN's work on android just the same way they do on windows

Google, breach data, anything else open source and passive
Then SE
Then other stuff

I mam already using VPN but using it I can't select the specific location

Idk man sounds illegal to me
But I bet there’s good guides online especially since people wanna spoof location for games and such

what location are you trying to pretend to be in ?

aye, but why is work hell though 👀

Specific street or in specific building

ayooo what ?

imagine you are a stalking or mad ex signficant other and looking for dirt and ways to make your life hell... now while in this mindset go looking for things you can do against yourself

tada

you got most of the idea

scared of shadow now...

They give me some specific tasks and for sometime I have to stay there

But I finished my work before time but the problem is if I leave early they are not paying me

Is shadow the mad ex or does shadow have mad ex 🤣🤣

Sorry, but believe me, I didn't understand anything 🙂

nah but have made foes/enemies from school years for various reasons

Fair enough

well most people that would target you are probably not extermely tech savy either... hence a good starting point is checking for what a random person that has something against you would do

Can I submit a report and get people in trouble for grabbing info and spending their money

A report to where?

Police

He got peoples webcams etc

You could report somebody if you think they're breaking the law, yes.

If theyre under 16 can their parents get in trouble

also watch ur back thouugh

Be careful about filing false reports too. You could be the one to get in trouble.

Why

Ik everything about them

they themselves can get into trouble

anyways:
google dorking
pentester.com
haveibeenpwned.com

malware bytes for doing spot checks on your windows machine
virustotal to spot check specific files

somepeople are bad

They’re harmless lol

I’m not opening they’re little info grabber files

then do it

Thanks

Gave +1 Rep to @sand trench (current: #3 - 1851)

Digital-footprint from Malware bytes is good too

those are ways to check what breaches you have been part of and how to do anti malware checks.... google dorking can get you a lot of weird results if you check deep

did not hear about that before

https://www.malwarebytes.com/digital-footprint

Just don’t know how malware bytes didn’t detect an open source grabber

Do you mean the URL?

Sites like these make me so paranoid

Why?

The application

I installed a grabber on a vm

Coz my email's been pwned like 10 times

Do you have Malware-bytes on the VM?

Yeah

And the grabber hid in temp and startup lol

another tip is setting up a password manager and using a 2fa app seperate from the password manager
basically do this for all accounts you use

I did research on it and it’s a discord webhook

Made with python

Compiled into an exe

Using pyinstaller

so many bad stuff from python made into exe files

Hadn’t seen this one before hahah, they got more than I thought they would

Malware scene in a nutshell

Idk how the person that put it on GitHub isn’t in trouble

All the money taken

Using his grabber

I do not feel comfortable using password manager tbh
But 2FA on every account, sure

yeah shadows main email is in tons of breaches

why not???

Keep in mind it may have also not been their stuff, their account might be hijacked hahah

example.com ahh email

test@test.com

So many ways to compile into an exe aswell

Right

I am a fan of golang malware

Big big fan big fan

I mean, what if the password manager database was hacked?
What if my computer was hacked in some way and all my accounts were found together at once?
I don't know, maybe I'm wrong about this

Keepass plus a physical security key sounds like an option for you

do you use a unique password on every site you use???
if not you are already vulnerable to copy and paste of passwords

Let’s say someone grabbed 10+ people’s info using it and spent their money, coz the grabber also has cc info etc, if I found out everything about them can I get in trouble, so it’s useful in a police report as I have full name etc

Malware chat and grabber chat is resevred for our advanced channel

How do I get advanced

Depends, if it involves you hacking, yes, you can get in trouble.

Open source intelligence

Everything on google lol

Not all my accounts have the same password tbh

P@55w0rd gang 4 life

123456seven

if you think using a online password manager paints a target on them and they getting hacked would breach the databases... use an offline one like keepass
if you wanna ensure it is harder to get into you can use a keyfile or a yubikey to lock the keepass database

if you don't use a password manager of any sort you will have to make as good passwords as possible and keep them unique for a ton of sites... which quickly becomes a very hard job to keep up with and have good control of.... and if you reuse the passwords you are screwed again
if you use a predictable pattern in the passwords you are also screwed again

^ offline password manager plus yubikey is safer than your brain

keepass

example password/passphrase for services shadow have to get into at random times but need to memorise:
undying massive slain antiques aptly egotism lukewarm

Keepass

Bitwarden is good tho.

yes but it is online

I use Bitwarden in my threat model 🤷🏼‍♂️

though self hostable

yes

The amount of Keepass I've broken in to is stupid.

but that is outside the scope for most new users

Stupid passes tho yeah?

bad passphrase for the vault???

Half of the, were complex.

or one of the older versions with exploits???

Also leaving the keys around.

when you use Password123 as your db pass for Keepass is when things go wrong. lol

hai im beginner any tips and tricks ?

But sticky noted? Hahahh

P@55w0rd is OP I’m telling you

Uh...

Tips: Take notes.

Tricks? Make a bunny out of ascii

#start-here
note taking note taking note taking
try and help others learn or do rubber duck debugging

Do a backflip

I feel more secure using an offline password manager
But how did you know it is offline? 🙂

Knowing when to research for yourself and when to ask questions will be valuable in your career.

Knowing how to research is better.

Agreed

generally quite clearly states so on the download site for the app

Wireshark

Literally just open wireshark

Or

Unplug Ethernet

Or
Throw computer away

Live in woods

Make friend with bear

Use bear computer no wifi

Bear now have ur password 😦

He is 0x1, I wouldn't assume he knows how to use Wireshark, I would just move into a cave and engrave my passwords on stone tablets

i dont even have basic knowledge in this

Paint it on the cave wall maybe

Yeah fair

Holy guacamole, let's not send very fast multiple messages like that, I'd hate for the bot to auto-mute you.

Google is your friend comrade

Do the absolute beginner path, compliment it with external research, ask questions when you need to

I'll go to take a look
Thank you shadow

Gave +1 Rep to @sand trench (current: #3 - 1852)

Sorry top G

I got so many things to do

Now you have a fancy new watch to tell you how much time you have to do it.

Don’t do any of them, responsibility is for humans, revert to monke

note taking is you write down your thoughts on paper or in an application/app and refer to it now and again when you need to remember how something works
you can update your notes now and again to make them better structured for you

helping others through problems means you have to think deeper about the problem to break it down so others can understand
rubber duck debugging is doing this to a rubber duck to learn more

need to watch a youtube video to get ready for tomorrow, clean my desk at work, get some stuff done for work, and get dinner

https://tenor.com/view/wesker-albert-albert-wesker-resident-evil-resident-evil-4-gif-5143688443782660001

yeah thanks

Gave +1 Rep to @flat roost (current: #238 - 23)

true, already telling me that I am stressed AF

ok thanks

My next room is xss, this will be interesting

Low-key dreading it

now write that down in your own words in a note 😉

<img onload=alert()/> n shi

@sand trench
What about downloading Keepass on a USB flash drive and encrypting the flash drive with Bitlocker 🙂

Fantastic

Why not
But I recommend veracrypt rather than bitlocker tbh

If you are that paranoid then sure

i just completed two rooms in #974406074444685322

bitlocker does not work for flash drives last shadow heard... but yes a portable version of keepass like keepassxc on an usb stick that you only plug in when you need to login somewhere will get you far... veracrypt works if you gonna encrypt the entire usb.... but by default keepassxc is already encrypted and needs a password

hey guys I'm curious does anyone has a pc where kali linux is the main os they are using (not a laptop a pc)

Plenty do I'm sure, it's probably not a great idea though

Probably not, as that's a bad idea.

what linux os you recommend

endeavour os

Anything other than Kali.

any OS will work for you if you just put in the time to make it fit

Not even joking with the stres thing

Alright so parrot, write that down..

I just need something easy to configure my drivers with

Mint cinnamon, pop, or ubuntu

yeah I was thinking maybe parrot, mint or arch