#general

Silly 😛

Im in the unknown apparently

Yes

ah, but you're in the known unknown.... careful not to venture into the unknown unknown. that place is scary!

What in the gpt responses

How deep goes the unknown unknown

Endless

the known unknown means you know you don't know a thing... the unknown unknown means you don't know you don't know it yet. how deep does it go? how long is a piece of string??

hey! I do know things

🥲

lol, the more you know! 😛

2,147,483,647 in Java

Lol

perfect example of an unknown unknown for me, let me look that up 😛

ah max value, indeed.

Of string

😂

derp... i really tied myself up in that piece of string.

Don’t do it!

This actually makes sense

aw tanks! Half the battle is turning unknown unknowns into known unknowns. I spend half my life learning what i need to learn, and how to learn it effectively.

I spent half my life playing outside

showoff.

The other half I began learning and now I started my journey into the unknown unknown

greetings

merriest of mornings!! how's all, the like, such, whatnot, and etc.???

https://tenor.com/view/hosico-cat-cat-camera-cute-gif-17129489

Cute cat

I read that as now, spent a solid five minutes confused. Where’s my glasses

you have no idea how much I appreciate glasses for PC

I don't have vision issues (maybe slight one) but coding a year ago, the letters would be slightly blurred

after getting proper glasses (+0.5), I felt like I was reborn

now that's what I call a chonky one

Yeah at first I needed glasses because my pupils would spend days open, they had given up on me but then I got glasses because I can’t see well far away

Fun, I saw on John Hammond the other day an attack vector of tricking people to WinKey+R, Ctrl+V, Enter to run some dropper code that is saved to clipboard by the "prove you're human" prompt on a page.

And tonight, I see someone in Reddit who was hit with this attack vector.

Yeah it's been around for a while now, right clicking also works so they could obfuscate it a bit better

Ultimately it's just getting someone to open a shell or whaever from their side

(LIkely just install redline or something less exciting)

Yeah, I'm just surprised to see someone hit with it. I feel like copy and pasting random things from the Internet is one of the first things I learned to not do 30 years ago ^^;

Grandma going to wordleanswers.co.uk and misspelling it would probably make her follow instructions

But they don't know about Win+R being "run a process", they just want to access the site

Same reason everyone accepts cookies

I get why it works, just the lack of computer literacy makes me sad.

Some vectors just seem too easy 😄

I remember when I copied linpeas from a website cuz I was a noob and couldn't deliver it to the machine. When I ran it it was like "bro did you just copy linpeas from a random source and run it without checking the source code?"

Eh, don't get too upset

Lawyers do more complicated work than I'd ever bother to learn about, if they need my help printing to the right computer then I'll gladly help

Never been ashamed like that

Agreed - to a decent extent, not everyone needs to know depth about everything
It's the whole reason we specialise

I think computer literacy should be increased overall, but that's from a tech guy perspective

I'm sure doctors think first aid should be increased overall too

One message removed from a suspended account.

Everything should be increased. Wait I think there’s a name for that… SCHOOL. Except schools somehow managed to waste 13 years of your life and don’t even teach you valuable things for life as an adult

thank you

Gave +1 Rep to @midnight sentinel (current: #2280 - 1)

atleast you learnt (-b +/- sqrt(b2-4ac))/2a

will give you roots

They wouldn't be wrong. I've seen some really foolish first-aid choices in the field XD

Used to support ~100 lawfirms.
Two of them had wire transfer scams occur at one point 😦
A third one had an end user almost get hit with an Apple gift card scam, but the office admin caught wind, after purchase, but before transfer of the codes.
So they became Christmas party raffle items.

That's a baller move

So did you learn this to the tune of Pop goes the weasel? Or row row row your boat?

Roll with the punches type deal

Yeah, she was a crusty sort, but easy to get along with if you understood her.

I can appreciate someone who's been in it long enough that the weight of the years shows in how little patience they have for puffery 😄

Yeah 100%

As long as they're not stubborn about change

Fortunately she wasn't.
She just knew that technology had sped past her at some point, so she knew enough to know what sounded right, but not to keep up with the current tools and tradecraft. So she was a good office liaison for us at the MSP side.

Love the MSP life

The helpdesk > security path is real

From my (limited) experience with the law profession, they seem to be absolute experts at writing legit emails that look like phishes

Yes

Yes they do

The recent "I'm in a meeting please message me on WhatsApp, I have an important job for you" (gift cards) emails look too similar to legit emails I've seen

How is everyone today

One message removed from a suspended account.

Gave +1 Rep to @brazen vigil (current: #2280 - 1)

Made some chicken soup for my flu thing

Doing well

Took ages to cut everything up but it’s worth it

Fingers crossed it clears up soon!

I just woke up to 38C 😭

To what now

It’s about 14c here

Oh temperature

Lol

38 is crazy

you're all wonderful, enjoy your weekend

Thank you

Toasty

it was 3 degrees Celsius here at 7 AM

it was inside a plastic dome

Too warm for me

helllo, does anyone can help me with python shell please.
im trying to reconnect to the shell but i cant enter export term=xterm 😭

I hope you feel better

Good to hear

the stty and the fg need to be one command separated with a ; when you're using zsh

best to ask in #room-help

Thank you 😎

Gave +1 Rep to @naive violet (current: #2 - 2207)

Thank you

Gave +1 Rep to @brazen vigil (current: #1506 - 2)

👍 noted thanks

Your welcome

One message removed from a suspended account.

One message removed from a suspended account.

Gave +1 Rep to @brazen vigil (current: #1134 - 3)

One message removed from a suspended account.

One message removed from a suspended account.

One message removed from a suspended account.

There's a timer on it yeah

One message removed from a suspended account.

And if you abuse it we'll be disappointed with you

is the top x% ranking system gone?

One message removed from a suspended account.

where can i go to ask for help about a room

i dont understand what im doing wrong

Nope

i can no longer see it

Where are you looking? It's on your profile

You’re welcome

You need to complete more rooms in order to get ranked

it used to show the rank like two days ago though

Ok, but

Things change.

thanks, just dropped the question in there if anyone can help

Gave +1 Rep to @plain grotto (current: #626 - 7)

thanks but any idea how many rooms i need to complete or something like that?

Gave +1 Rep to @naive violet (current: #2 - 2208)

I think you need to get into the top x percent in order to recieve a rank. Maybe 10%? Not sure

I'm not staff

what's CONTRIBUTOR?

¯_(ツ)_/¯

I made a bunch of rooms and stuff

Nope.

#feedback-and-ideas

ah

can we do that too?

or is it something exclusive

Not site staff, I don't work for THM, I have no sway.

You can do it, but only challenge rooms

ah

I had a CVE allocated but they haven't published it

@rapid merlin when did you last complete a room?

It's fixed and then the product went EoL so ehhhh

maybe completing one now will get your rank back

i will make my own vulnerable product

then publish a cve on it

Responsible disclosure wise, I don't think I should publish it
It was a local privesc via an application on Windows, let you pop system from a standard user. Was nice.

Not a clue, if ever

Hence "forever pending"

I find cooler day to day, I just can't publish it because it's all NDA

Yeah I'm a senior pentester, I hack stuff all day almost eevry day

With permission, and I get paid for it.

I work for a company
Freelance pentesting isn't a thing. The huge amounts of legal liability, contracts, and insurance you need mean you absolutely shouldn't freelance

Have a look at job postings in your area

You can't speak globally for something like salary

Hi i need help finding a room. It is about the "find" command in linux terminal. I have looked but not able to see it.

It's retired, you can't access it anymore sadly

😭

all good

thx levi

@gusty thicket Please don't send unsolicited friend requests or direct messages. It's against the tryhackme discord rules.

James, can I be your.. friend..?

hi

What is the best tool currently available for hacking a phone?

https://tenor.com/view/laughing-cat-catlaughing-laughingcat-point-gif-7577620470218150413

I won't harm anyone😂

What are you trying to do?

hack a phone

theres literally just not anything inside of this folder and its saying to look in the folder

lolllll

They can speak for themself

Penetration test on my phone

Just look at the known CVEs for the phone. They get patched.
Unless you're a government, "hacking a phone" isn't really a thing.

Trying to get "go" to work is killing me

“Phone hacking” is not a real thing. What

Like people don't hack phones over the network like they do computers.

Short of literally government agencies

You'll discover your phone has no services listening

They're aggressively sandboxed too

That's a blatant misquote anyway, pay attention to the caveats and full context.

ok pro

wat

what

the question is why you would want to pentest your phone @dusty ice

Pentesting a phone is different from hacking a phone.

If you're going to do a pentest against it as well, you should do some basic threat modelling first. What attacks are likely? What attacks will succeed?

I'll try it out normally, test my abilities, and just be good at testing phones

But James is right, phones are not like computers, you can't just hack it easily, anything that can be exploited will get patched almost immediately.

Classic example is Pegasus, that relied on 0-day exploits with zero clicks to hack phones.

"Testing phones" - again largely this is incredibly high grade nation state stuff.
If you're asking for what tools are used to hack phones, you won't like the answer.
There aren't tools. You have to build the tools. All the vulns and phones will be so different.

This may still be available if the user clicks on the amalgam link

if I were you and had experience with penetration testing, I wouldn't be asking for a tool to "hack a phone", see where I'm coming from

Okay, I will try to look for loopholes

What do you mean?

something tells me that you want an automation tool to help you do all of the job and realistically if you want to do phone hacking, in my honest opinion you would need hardware to play around on a hardware level or even further kernel exploitation

What section of cyber makes the most money? I love the field but want to focus on what i can make good money in lol

CISO

I mean, I will look for any loopholes through which I can hack any phone or build tools myself

How's your binary exploitation?

Unless you want to spy on people, there is no real advantage to hacking a phone,.unless you plan to bug bounty it

By appearing, you are about to perform it and you will be ready for the password

What do you mean?

How are your skills in the cyber security sub field of binary exploitation?

Just for fun😂😂😂

I actively use Nmap and Metasploit for penetration testing and vulnerability assessment. Nmap helps me in network mapping and discovering hosts and services on a network, while Metasploit provides powerful tools for exploiting vulnerabilities and conducting security assessments. Additionally, I am involved in code development to create custom scripts and tools that enhance my penetration testing capabilities. This combination of tools and coding skills enables me to perform thorough and effective security analyses.

One way to let to jail.

Wow, ChatGPT much?

Why did you ask chatgpt?

The answer is also irrelevant

Let's go

Scrubs, I'm writing a con talk

Oh, oh oh.

Where for!?

I asked chatgpt and all the tools are old and their vulnerabilities have been closed

Please help me with the issue , I am not able to connect Bluetooth in my Garuda linux,it is even not listing devices ...

Please help I am stucked here from last night ,🥺

uh

That's... not what I'm talking about

What do you mean

also you should study old vulns to learn how they worked and then you might have an idea about making your own :)

And on what?

If you want to find phone vulnerabilities, typically these involve the field of "binary exploitation".
This includes buffer overflows, heap flaws, use after free, and similar.
If you want to "hack a phone", you will need to discover the vulnerabilities. You will need to learn a significant amount of skills.

okay

it was pretty obvious from the start that you had no experience in the field at all which is what I told you

On what

👀

Okay, I will try to delve deeper into learning and discover and understand old loopholes

Or you could start on TryHackMe

I'm already continuing with try hack me

@sick lance

My malware class was actually on phone malware last Friday, actually...

There is a problem with this willow ctf

#room-help if it's THM

I log in with ssh key and enter the password sign_and_send_pubkey: no mutual signature supported
says

Google the error and you will find a fix. This isn't a problem with the room. This is a problem with your tooling.

I followed all the steps but I couldn't fix it

Please share the details of your issue in #room-help then

Hope everyone is having a good productive day. Stay hydrated!

Morning!

it makes me laugh how when you try to download google chrome edge is lie determine to change your mind

🙂

@naive violet

@tired bear Absolutely not OK

aw man i missed it

Oh it’s a secret

I see

I mean, it will be linked to my name and my work

Alright. Next defcon?

No chance lol

Oh

Lmao

Like a small talk

At least to start

Please keep this to the channel you posted in.

ok sorry

Can I do a practice easy room if I haven't done all the introduction to cyber security and complete beginner part or it is too hard ?

You could certainly try

what type of music do you like

From the screen to the ring to the pen to the king where's my crown that's my blind always drama when I ring

wheres your prime

lunchly enjoyer

no idea how either of these are selling, they are actually terrible like subjectively

Facts

Especially prime

Taste straight nasty

marketing the only thing holding them up

true dat

lol nvm found a send feedback button my slow ah

@sick lance There’s so many tools flarevm has to offer. Is the default tools good enough or should I just install all the available tools I can. Im prolly not gonna use most of em but 🤷‍♂️

Depends on your use case I guess, however I doubt they will install

Ahhh

The basic with suffice ig

Helo

Guys I have a issue

what?

I am getting a link 50 dollar Steam card from everywhere like X discord etc don’t judge me I am just 15 and learning some ethical hacking but I am in learning phase soooo what should I do

Don't click links

sorry i dont know much about this

I did so I blocked ‘em but again and again getting links

block em again

Oh

Which country

Bruhh

u?

India

neighbors

I don’t think so u r from Pakistan

why

I don’t mind knowing ur real location

what do you mean

It’s a common scam link

Hmm

Ye sir

It’s usually spread by hacked discord accounts

Yup

My friend sent me

@crude stump sir r u a experience white hat hacker !?

This is a ethical hacking server

We don’t provide hacking services if that’s what your asking

Ik 🫡

Just sharing my problem Bruhh

Best bet is for them to contact discord if your friend is still hacked

He knows

Ik

To complete the ''Crack the hash'' challenge what prerequisite knowledge do i need or what rooms should i complete in order to crack the codes.

I also want to do from where r u doing all this

next to the dashboard icon there is a learn icon please click it and in that options select search, the search for the particular room you want

it asks you notthing its simple

first hashes can be cracked using crackstation.net

As a complete beginner i dont really know i am just curious to crack it

and others manually by using the rockyou.txt wordlist

ohhh thank you

Gave +1 Rep to @sudden pond (current: #924 - 4)

wlcm!

i hope i helped you !!!

Throwback room already gone?

yeah

are you the who plays KOTH?

sad thats my next road after this red teaming path 😦

yes

you guys are hell too good at KOTH

i just played 5-7 koth till the end

sad that a high ranked than me dmed me yesterday and said i played using autopawns. My 20 + notes and articles about ctfs write ups i read for weeks just to learn playing ctf koth became useless 😅

sad!!

thanks @rapid merlin for a thing

Gave +1 Rep to @dense pagoda (current: #2281 - 1)

Nope

@kindred apex you are annoying

!?

u just dont answer the questions in a right way

what is ur thm usr name

Thm!?

try hack me

which openvpn file do I use for koth games? the "machine" one ?

anyone is fine

I don’t have specific usr name for thm

cheers

just make sure the server is close to your location

THIS CHANNEL IS DESERTED TODAY!!!!!!!!!!

ITS ALL EMPTY HERE

It's a sunday

Not everywhere has to be active all the time

Yeah, server is quiet on a Sunday

Even better - you don't have to be here all the time either!

You can take a break, go outside, learn a skill, all sorts

I, for one, have been designing things and working on a talk

Working on Fortinet equipment, looking for vulns and CVE's well taking notes for my interim report.

Guys I just installed burp professional in my kali machine but it's not showing where it has installed...just the old pre-installed community version.....any suggestions what should I do?

Do you have a pro licence?

Bye!!! Dog probelm

Got a cracked version! 🥹🥹

Enjoy the malware!

Finally I'm here 😁

But my mentor gave it to me😭😭😭 ....others r using it too😭

Was it hard?

What a shit mentor...

The verification part

<Mobile phone?

Yeah had to switch account

Are you aware that's illegal and against the tryhackme discord rules?

Didn't know

What happened to your old one?

weirdly enough crack the hash level 2 teaches you more on what you need to know to crack hashes then crack the hash

I'd ditch the cracked copy and the mentor too.

That is not linked with mobile phone

Poor mentor if they're condoning the use of illegal software.

isnt burp suite community edition enough ?

I see.

If you're not doing things where you're making money (and hence need the logging) then it really is enough

It is..... I got it, so I thought

Yeah, now it's good

👍

as a beginner i'm not aiming to make money , when i get more experience and more deep understanding of bugs and webapps , ill go for the pro one , i already watched many live streams about catching the bugs and i found that many of them are using burp pro

Bug bounty? Don't really need the logging associated with pro

other than bug bounty ? how u can make money ?

An actual, real job?

okay am so far from that , hopefully in the future

Anyone know any practice websites I can practice using ghidra

Can’t find nothing on thm

Search for reverse engineering or crackmes

Oh let me see

where are u from india?

I discovered another solution for the famous openvpn problem

Tamil Nadu for now

Thank you for replying to me

Gave +1 Rep to @sand trench (current: #3 - 1927)

just asked bcz of ur kuch to bata

no problem

but there is a problem with the lvl2

Can you code in C?

no

That's a part of a song and next part is ... LIFE

only intermediate python. sort of intermediate

https://tryhackme.com/r/room/basicmalwarere

https://tryhackme.com/r/room/ret2libc

Two rooms which feature crackme's

oo thank you everyone

yk its good when a russian is writing it

If you do learn to write C, then write you own code, compile it, then chuck it in Ghidra.

i tried learning C but the tutorial i used was so confusing i gave up.

thanks

its crazy how harvard has all this online

can you tell me what it is

Advice n°3 f4476669333651be5b37ec6d81ef526f with this hash

Where did you get this hash?

you cant find the wordlist for this now

crack the hash lvl 2

#room-help then.

i am not helping him just telling

The conversation needs to be in #room-help

ok @sick lance

https://www.youtube.com/watch?v=nODVcuLhe1M

Interesting video they mentioned even 0day with his revshells page at 44 min 😂
Blue Vs Red Team

thank you for helping me

Gave +1 Rep to @sudden pond (current: #789 - 5)

Ghidra looks better in darkmode.

man where do i start RE in THM

There is a few rooms in the Soc 1 & 2 paths.

For free?!

Ghidra is bae.

there computer science lectures

Harvard, Stanford and MIT all have really great compsci youtube channels. They upload the lectures for a lot of their classes, for free.

does malware analysis come under RE? i thought it was vice-versa

https://pll.harvard.edu/catalog/free

CS50 is amazing. took it 3 times never completed however

I'd say it was RE > Malware Analysis.

cant wait for tomorrow

wondering what's the surprise

I have an idea, we were talking about it on Friday and I wrote in the text bar and took a screenshot, I'll post it if I was right.

Urgh, I can't work right now because my kitten is not leaving my laptop alone.

i need to crack a hash for ctf
my laptop started giving burning smell
my student azure vm is running slow
any free and fast way to crack it?
its eta is 5hours
running rules

Kitten dev?

Which CTF is this?

hiring process for a company

Then we're not helping you, good luck 🙂

hehe

i need a free service recommendation

What is the cut off date?

my student azure has limited resources

try some online tools

as in?

i am running rules

When is the end date for the interview?

on its hash

overmorrow
but i have to go clg tmrw

can you share the hash

so 12 hours burned there

i shouldnt ig

Really?

its a zip2john hash

We're not helping, if you continue to discuss this, I'll mute you for 2 day(s).

ah okay

the burning smell from laptop is strong 😂

You could be melting your CPU.

switched to azure

So do you think your computer will stop using resources or something?

its not using my resources

smell was earlier when i was doing it locally

Yeah...

Thank you, I will have a look

Gave +1 Rep to @whole yew (current: #10 - 782)

So you could have done damage then.

Thank you

You’re welcome

I want to use android studio on my VM, however Vmware does not support Nested virtualization or Virtualized Intel VT-x/EPT

Android studio uses virtualisation?

For the phones, yeah.

Is it for the android device?

Ahh thought so

I used an old Samsung, put it into dev mode and tested directly on the phone

I may need to do this with my Uni work.

Right now I'm using a cloud based VM, but the RAM is pathetic.

I moved to flutter and dart

we did it in college and it was quite easy

can u say like if there are alternatives to my problem?
a free one

No, 🙂

Any "free" based cloud VM's will be restricted.

thats the problem

Then it's one you'll need to figure out.

android studio has a plugin hypervisor to emulate physical devices. It's more along the lines of qemu hardware emulation than a 'normal' same architecture VM.

Yeah, I think I used it

iirc VSCode has a plugin to do it?

Huge performance cost, if you have a rooted physical device to test on, it makes android dev/RE way faster.

I have a rooted android handset, old Samsung Note 9.

The only down side to using a physical device with android studio is that you are limited to the version of android on the device

Hmm true

And some of the apps I may need to use will get flagged by my AV, and I don't want to set up exclusions based on them.

Android Studio works great on Fedora and Ubuntu. Just sayin'.

It's the laptop I'm using, I think, or perhaps possibly a VmWare restriction.

😂

if i disconnect ssh
i can still see the result tmrw right?

if it stores it somehwere

Does the VM run 24/7?

yes sir

Then possibly.

😂

Might end the task, try using tmux?

If you are not using screen or tmux to manage sessions, disconnecting the ssh session will terminate the shell process running your command.

funny, I used zip2john today. Although cracking the hash wasn't done on my own PC, I don't think it would require too much out of your PC especially for a CTF. What wordlists were you using?

Throwback room totally out?

i am using rules patterns

great news i am doomed

Yes, discontinued

eta is 12hrs atm

oh so a mutated list?

Sadness

yeah

of rockyou

@jolly forge @rapid merlin Please stop discussing it here

why?

is it against the rules?

See here.

Yes. Cheating.

how is it cheating when you just discussing a technique and not directly giving the solution?

strict rules

Help of any kind.
Now, please stop

🙏 #rules

How would you feel if you cheated out of a position in a workplace because somebody asked a server for of hackers for help?

i know the solution is correct
i just have a potato laptop 😂

That's not the point.

Hello friends

Scrubs was it you to say dye my hair orange, well it’s that colour rn. I’m in the mid transition to blonde

Orange is festive

https://tenor.com/view/merida-brave-redhead-angry-gif-13786031

Since when can we add friends on THM?

It's been there for years.

since ages ago but recently we can add more

It's just more noticeable now.

whaaaat?

Oh well, I can't use Android Studio for what I want right now.

I didn't notice it until the new update

Stupid Vmware and not allowing VT-X

you have no friends on tryhackme

I have two

True

Can I add you? Just to test

I have one...

.Scrubz

Above average 😛

i sent one to my irl friend... he didnt accept.

Just be mindful, it may dox your name.

#announcements message

who's gonna do that?

If your full name is set on your profile, it will come in the E-mail.

oh... maybe not

Unless it's changed 🤔

I am trying to think if it was or not

Only way to test it.

Did anyone have an imposter syndrome while starting studying on THM?

Added ✅

almost everyone

to have imposter syndrome, you must have skills.

🤣

hi scrubz

So it's not been changed 😎

I'm completing a networking module rn, OSI, NMAP. A lot of theory, it gives me an imposter syndrome

bruh, you got imposter syndrome from that?

Take your time with the things that seem overwhelming, take good notes. Revisit things if you forget.

Nice streak 😎

You don't always have to stick to THM content. Find content which fits you best. If THM content doesn't work (which is rarely) do some research.

Thanks. I had a bigger streak earlier 😢

Gave +1 Rep to @sick lance (current: #1 - 2885)

I call free rep

I didn't mean to do this

unthank him.

unthanks @sick lance

I do read, I do complete and research. 18 day streak right now. It's been 18 days and I'm still on the Network basics module. And it feels like I'm doing rooms really slow

Psh if you see me doing rooms

You would die

I am slow af because I try to learn the tools in depth

Slow is subjective everyone learns at their own pace

dont go very deep into OSI model. i've done a bit of socket programming and tcp/ip model helped me, OSI is just theoretical and idek why its focused so much.

Reee my flare vm is done

Take you time. It's just the beginning and the most important part. Take your time and get it right

Take notes, review the materials, explore rabbit holes, and make your own journey

That's what killed me before in Pre-security, OSI was explained a bit too detailed

And in the Complete Beginner path it's kinda shorter, and instantly goes into TCP/IP

Osi can be kinda complicated but if you know the absolute basic on what a level does and some things that do work on that level then that’s all you need to know really.

Yep, that's right. I even found a cheasheet with levels and brief description of actions performed

I really like this model

yeah man personally i was STUCK in this networking theory thing. i'd say get hands-on with wireshark and use RFC at best (would not suggest RFC if you're unfamiliar with docs reading) and get on the track.

Networking can be a rabbit hole section fr

That's what the NMAP room suggested to me, to do Wireshark room before doing one of the tasks

exactly.

Then do it

I want to say. The wireshark room is awesome. It’s lengthy yes but it really puts into perspective what’s happening in a network

the wireshark module in soc1 is just chef's kiss

That’s the one

Since when did THM make Linux Fundamentals part 2/3 for subscribers only? 😠

Was it not always like that?

no it was free 😂

Damn

Ngl that’s crazy

thm really want 💰

even the windows ones are behind paywall now

No other rooms have it?

14$ per month in nothing

have what

Wait are you a subscriber

Wireshark module

easy for you to say

Yes I'm

that translates to a big sum in my country

same

u can just start a module without choosing a path.

thm is a buisness

I’m sure you can look up other rooms that use wireshark but soc 1 path is the main one

Hello where do u recommend to learn cloud pentesting and defending (hands on) affordably?

Just other courses are much more expensive, that's why I say it

THM

Get the annual sub

Few months ago.

check flaws

TryHackMe's cloud path is a separate subscription.

Why?

https://tryhackme.com/r/path/outline/attackinganddefendingaws

What the HAIL?

Could just be to change things around, I'm not sure.

I liked THM when the fundamental rooms were free

Yk what would be a smart idea. Periodically making things that are free paywall and things that were not free, free

what?

What do you not understand

oh, wait. I got it now

Ye

I got confused when you said free paywall

Oh lmao

punctuation, man

Hm your right,

Depends on how often it does switch, if it does.

Every year maybe

Big announcement tomorrow though.

But at the same time paths are super long, so maybe you make a informational room free but the challenge room stays behind the paywall

Oo yay

The best idea was to give a 3 months voucher for a call with THM team and give them a review

Yeahhh you getting me now

It really got me back on the track because I remembered about its expiration and I decided to activate it

People complain about the cost of THM, but since they launched, they have only raised the price once, and the cost pays their employees and other stuff.

People forget that.

Understandable that not everybody may in the position to purchase a subscription, they're exempt from my statement.

14$ is really cheap, seriously. It's one of the most affordable Cyber Sec courses

Offensive security courses which cost in total 140k$...

It’s really cheap for the content supplied.

The same people complaining about the price I bet are the same ones paying £20 for a games skin

And I know that most of these 14$ goes host servers with machines and attack boxes

60% of the content being free is a great balance.

I didn’t know that much was free

guys im getting a new computer

laptop

any recommendations

Use case?

I had a chat with ChatGPT and told it what I wanted to use the computer for and it gave me recommendations

My 1.4k$ Lenovo which died shortly after I bought it😶 it survived only for 2 years

Still no clue what happened to it since April

what 😭

I bought a £150 second hand one three years ago and it's still balling

That sucks

I was playing BeamNG and it just turned off and never turned on. Bios battery is ok, power battery is ok

Yikes, what were you doing with it, gaming?

that explains it

Not really

Yep, BeamNG with 12 traffic

Gaming on a laptop doesn't mean it's going to die.

True

No, but it likely will be overheating for extended periods

cyber

and uh

I may need to upgrade my workstation if I can't get Vt-x to work.

ig hash cracking, and stuff

But it had issues with the CPU getting overheated

rtx 4090 preferrable

with uh

not an ARM cpu

I wonder if my CPU died

Yup, that's standard for laptops

Then go for a tower, not a laptop

Get a tower with a dedicated GPU if you want to do hash cracking

Sometimes they can be salvaged with a good cleaning and a new application of thermal paste.

What’s your view on chromebooks

My one is deadly dead, unfortunately

Even no signals or leds

Ouch

You'd be hard pressed to get an ARM one with a 4090

What could it be? Motherboard? CPU?

Chromebooks are great. Super efficient and high performance.
Chromebooks with the touch screen functionality and stylus are also awesome and useful to those who want a laptop and a tablet.

I wouldn't recommend them for Cyber because it's a custom OS that isn't supported in a lot of software.
Requires you to install other software like Anaconda which can be very temperamental.

If you are in full-time education, looking for something to do your assignments (especially a math based course or one that requires you to create diagrams etc), I couldn't suggest one more.

Get a thinkpad install debian OS, transcend to another universe

https://tenor.com/view/brock-lesnar-thinkpad-destroyed-laptop-ripped-in-half-gif-23291050

I got a thinkpad and installed Ubuntu™️

Hell yeah

That’s good 😊

I use mine for research and stuff

And to study

LemoLenovo Thinkpad 16P, and... It died

Thank you

Gave +1 Rep to @mossy river (current: #6 - 1326)

I got an M2 Macbook Air.
Best and worst decision.

Great for coding, writing assignments and doing work.
Terrible for VMs and Cyber (ARM CPU).

How long will it take to complete all paths on THM?

I tried to install a VM onto a computer the other day and it would just crash everytime I tried to open it

In the end I just walked away 😅

Impossible to say, everyone is different. Depends on your skill level, ability to learn and pick up new concepts and familiarity with TryHackMe:)

Less or more than a year?

I got one to work but the software my university use for a particular module had no ARM support and using emulation was incredibly slow.
Now I just use my Macbook to RDP to my tower 🤣

Less than a year if you are continously learning. If you do a room a week or take extended breaks (i.e. 2-4 weeks), it might take you more.

I try to do it everyday

i want laptop tho

I wouldn't worry about rushing the content though.
Taking proper notes and performing further research of each room you are completing to commit to your notes will leave you much better off 😊

around 2-3k budget

or 4k at max

I could not recommend not to spend more than 1k on a laptop.

wtf? the gpu itself is 1.6k

buy a quantum computer

lmfao

maybe cause im not gonna use the desktop

i want smth portable

but powerful

Gaming laptops are... Still not great

yup

im using the gpu for hash stuff for CTFs

You're going to be wasting your money 🤷‍♂️

i cant carry my tower to places

laptops on top

You can RDP into your Tower from a laptop

Not gaming?

no time for gaming lmao

im using the gpu for compute

ye i like laptops

portable

You can always rent GPU time. Bet it works out better.

Especially on battery life

better to have my own gpu

plus im gonna have my computer plugged in 24/7

idc abt battery life

How important is making notes?

I said the same thing, bought a £1k laptop, then went out and spend £2k on a Tower 🤣

asus rog zephyrus g16 is pretty good

If you're gonna have it plugged in all the time... Just get a desktop

i dont like towers

no but like im gonna have to move places

i cant just pick up my desktop

and go places

laptops on top

Build an SFF. You totally can.

But hey, your money to waste in the end

its not a waste is it?

around $2k for a 1.5k gpu

• other stuff

its good for the price

this

I think notes are very important.
From a scientific POV, notes actually help you turn what you have learned from short term to long term memory.

But, I can't say that notes are for everyone. If find them useful, I really recommend you to take them.
If you find them to be unhelpful, try finding a way of storing the information that is suitable for you! Whether that is recording and walking through the content, saving videos of other people explaining it or other:)

yeah notes are important

my entire notes combined is over 1mb

Hope everyone is having a wonderful day!

So far so good, hope you are having a great day also.

Thank you very much, God bless you.

Stay hydrated!

Gave +1 Rep to @pearl raven (current: #87 - 81)

🌊

Hi guys

Who know about swiftseek

It work my google chrome and i cant delete it

💩

The problem with laptops that have a dedicated GPU is that they are less efficient.

• Laptops have limited airflow and smaller cooling systems due to their compact design. They are prone to thermal throttling.
• Laptops tend to wear out faster because components that are soldered are subjected to constant heat.
• Some laptop manufacturers will lower the performance of the laptop to ensure that laptop isn't overheating.

You can spend your money on whatever device you want, I just want to ensure you have all the facts before you make a decision.
If you are still happy with buying one knowing this then all the more power to you 😄

Cooler hardware = faster hardware

I am

hii guys

I tried to google it and cyberfirst girls competition came up

can someone help me with education advice pleasee

Depends™️

Feel free to ask here, if someone knows the answer they will help you:)

I remember doing CyberFirst about 5 years ago

No, this was a competition for Secondary School students

It's a great idea, want more women in cyber? Aim one for them.

Grandma stealth

On my way!

😊

thank you. so i have a bachelors in international relations and i'm working in an SaaS company, so wildly different career to cybersec. i wanna switch to cyber and i know i can just get the certificates like comptia sec but i'm thinking to do a part time masters in computer science with cyber security. is it valuable or a waste of time? i just wanna open some options up for myself

There were a few stages.
You had to be within x amount of people to complete a certain amount of the stages.
If you passed the stage, you would be invited to the next.

If you won all stages you got an internship and fully funded University scholarship iirc.

Valuable but depends on lots of factors, make sure cybersecurity is really what you want before you really invest too much.

Personally I won't be doing a Masters for Cybersecurity. I haven't heard great things about Masters degrees in Cyber personally

You need to look at the job market for jobs you want to do and see what they requirements are

thanks. the only experience i have is tryhackme and comptia material, which I enjoy so far but there is so much I don't know about this

Gave +1 Rep to @fair jungle (current: #1136 - 3)

thanks. it's computer science with a cyber sec focus, if that changes?

it's honestly mostly computer science