I don't really watch anymore so much of youtubers, mainly just if there is need I would go for something practical like guides and so on.
#general
wild rose
Don't forget product placement
halcyon dune
I'm skid, so I'm more like - You see what I can do with burpsuite when capturing packets 
fair lava
That's your opinion, don't know who would watch grown ass man pushing 50 who is oversimplifying network concepts to those people who aren't prepared for real world applications
I'm talking about Bombal
halcyon dune
I'm skid, so I'm more like - You see what I can do with burpsuite when capturing...
I mean, I don't really understand so deeply to be confident to say that I'm good at anything.
halcyon dune
I mean, I don't really understand so deeply to be confident to say that I'm good...
But I'm not so terrible that I wouldn't understand the whole fundamentals
fair lava
Sure a guy that's focusing on promoting his own products that he overshadows on his "educational" content he provides is much more better, you know what's his priority then
Let's be real
exotic vector
good morning
fair lava
You're funny
fair lava
Alright go watch a grown man in his 50's now, that can't focus on anything else besides his Cisco certifications, you think people won't look for more diverse or vendor neutral knowledge besides that, maybe when he starts reflecting to on job challenges maybe I even peek at his channel sometime
wild rose
my gf is really into K-drams too. Some are pretty good.
solemn blade
Yet here I am still watching them
exotic vector
not bad, just having a mental off day. How are you?
exotic vector
my gf is really into K-drams too. Some are pretty good.
I watched one that gave me whiplash.
It was a horror, police detective, and romance show all in one
wild rose
trying to work with 1.5 hands sucks. work is 10 times slower.
sudden pond
I watched one that gave me whiplash.
It was a horror, police detective, and rom...
exclude the horror then its good
shut hawk
oh same here
wild rose
She's really into comedies and romance dramas.
exotic vector
oh owie thats not fun, glad you're starting to feel better, at least a little.
rapid merlin
https://tenor.com/view/sus-bird-meme-wuewuewue-bird-gif-22093146
Can’t stop won’t stop
exotic vector
yeah I bet
wild rose
lol my gf says the same thing that she's going to leave me for some k-pop artist or actor. lol ;_;
rapid merlin
Everything seems to be so pretty from the humans to the landscape.
And I loveeee the food
acoustic geode
Is the result announced?
exotic vector
I did 1 room today.
last night I was helping a friend remotely with a home server so I was up quite late. I'm currently on cryptography
pearl raven
Is the result announced?
No, they haven't told me I've won yet.
rapid merlin
Ergh that’s how I feel about London !!
How can anyone can like it
I don’t even know
acoustic geode
No, they haven't told me I've won yet.
Did you get defcon33
pearl raven
Did you get defcon33
No, only 2/3.
rapid merlin
Most of London is pretty
I have lived here my entire life
sand trench
Most of London is pretty
think you mean foggy and rainy
wild rose
Trying to have a outlook that everything has it's own beauty is challenging sometimes.
rapid merlin
I like the rain, it’s the bricks I don’t like
shut hawk
I have lived here my entire life
maybe you've gotten fed up of the same environment then 😂
rapid merlin
It’s the grey and no plants
Not enough green
More green in my flat then there is on my entire road
sand trench
come and see all the green of the northern parts of sweden
exotic vector
first time playing tech support as well lol
yeah im doing the new path rooms, I did the basics this morning but was feeling too bleh to do the next but I'll probably get to it some point this evening.
rapid merlin
I know 🥺I wanna go there
thorny shale
yooo sup
rapid merlin
I would be zero depressy if I lived in Iceland
wild rose
it's funny how iceland is more green than greenland.
sand trench
it is called seasonal depression or vitamine D defiency
rapid merlin
Ofc you could
exotic vector
yeah was kinda blindsided with the maths of cryptography basics, I couldnt find my scientific calculator so I had to do the questions on my phones calculator lol
chilly veldt
I take vitamin d because I have a big vitamin d deficiency
wild rose
working nightshift can do that to you.
pearl raven
Shadow, do you have periods without sun? Or just really short days?
sand trench
Shadow, do you have periods without sun? Or just really short days?
depends on when you ask
sand trench
and also if shadow wanna answer how north or south shadow is in sweden
pearl raven
I'm not probing, no need to answer 🙂
rapid merlin
Sometimes I though about running away to the top of Norway where’s it’s cold and no humans
wild rose
IKEA is the land of mazes and make-believe words.
quasi verge
Anyone have any updates about defcon33 tickets?
I've sent mail and there isn't any response from them yet
sand trench
correct as we account for less then 1% of the world population so we are inside the margin of error
pearl raven
Never considered that aspect.
acoustic geode
I've sent mail and there isn't any response from them yet
I don't think we get it
quasi verge
So many people won that chance I don't know what they will do about it
wintry sluice
too many people matched 3 deathcon33 tickets?
quasi verge
too many people matched 3 deathcon33 tickets?
Yes
pearl raven
We have no data on that, only speculation.
acoustic geode
More then 10 people got it
wintry sluice
what is this based on?
pearl raven
Unless I've missed an announcement.
quasi verge
On reddit I've seen almost 10 have matched
acoustic geode
On reddit I've seen almost 10 have matched
wintry sluice
dunno if I would trust random postings on reddit
pearl raven
I don't believe reddit, or anything else on the internet.
boreal scarab
All rise for President @silver sky !
pearl raven
But I do not work for tryhackme, nor do I have any evidence to suggest you are wrong.
quasi verge
We've all done the same
wintry sluice
I thought it was automatic. ie once you redeemed the tickets on your profile, THM was notified
silver sky
I've sent mail and there isn't any response from them yet
They will be investigating all winners to make sure they haven't cheated
quasi verge
What cheating can we do on tickets bro
hushed vector
Hey guys
wintry sluice
I could understand if it was emailing to arrange delivery, get more info. but the basics of informing them that someone (and who that was) redeemed 3 should be auto.
silver sky
What cheating can we do on tickets bro
Copy and pasting answers
wraith fjord
hello folks
wintry sluice
for reference, this is why I wouldn't trust anything posted on reddit. this took a couple of minutes messing around with "inspect"
could probably figure out the redeemed banner given another 5
exotic vector
I am on linux
chilly veldt
Just copy paste from a different place
wild rose
I speedrun through most of the 101 content, since it was easy cuz I thought the event ended Friday night.
rapid merlin
evening thm
chilly veldt
Pure html
wintry sluice
Just copy paste from a different place
yh, just delete/duplicate elements
rapid merlin
for reference, this is why I wouldn't trust anything posted on reddit. this took...
I don't trust anything on reddit regardless
pearl raven
I don't trust anything on reddit regardless
It's my number one source of news! /s
wild rose
Reddit was a rabbit hole for me to waste days searching.
quasi verge
I don't trust anything on reddit regardless
So the reddit page I've seen is fake then
maiden monolith
Hey I just wanted to add something. I am a little nervous about the stuff I read on reddit too. I have also won the defcon ticket, you can see it on my tryhackme profile for proof. Not sure how valid the other people are but I've found another that looks legit (on their tryhackme) profile.
¯_(ツ)_/¯
wintry sluice
So the reddit page I've seen is fake then
I could be. I could be real. the problem is we have no way to tell
quasi verge
Hey I just wanted to add something. I am a little nervous about the stuff I read...
Same I've also won that bro
exotic vector
not only that you also put "reddit" when you know the results you're getting are not what you're looking for lol
wild rose
Stackoverflow is my google for scripting.
chilly veldt
Me after reading 5 stack overflow pages
quasi verge
Lowkey reddit is usefull in some situations
rapid merlin
So the reddit page I've seen is fake then
probably
chilly veldt
I should actually update stack overflow questions, I have found some solutions to things that aren't documented
Oh well, you live long enough to become the villain
I have found solutions to deprecated stuff in android
Which is so niche that only some people use it or hasn't documented it
wooden totem
Oh well, you live long enough to become the villain
there are no villains in a world full of monsters
chilly veldt
That's why I drink monster
wintry sluice
there we go. one FAKE redemption screenshot.
chilly veldt
All of them
quasi verge
Another problem I've seen is that I can't be able to redeem the swags in the swags store the codes they've given are invalid
chilly veldt
As long as there's caffeine
sharp citrusBOT
TryHackMe Socials
jaunty shell
i completed rooms with full dedication even 2 days before event got over but i got only 7 days streak
wooden totem
I managed to perfectly balance my pillow on it's thin edge on top of my toes just now
exotic vector
or "edit: I solved it" and thats it lol
quasi verge
I managed to perfectly balance my pillow on it's thin edge on top of my toes jus...
Cool!
wintry sluice
i completed rooms with full dedication even 2 days before event got over but i g...
some of the prizes were limited in number. just the luck of the draw (I only got cyber crusader, 1 day and 7 day freezes)
still, was fun and learned some new stuff, reinforced existing knowledge
jaunty shell
some of the prizes were limited in number. just the luck of the draw (I only got...
people reseted rooms for multiple times and copy paste answers from medium and they got prizes
quasi verge
Should I post my achievement (defcon33 and path completion) on LinkedIn?
cerulean gate
some of the prizes were limited in number. just the luck of the draw (I only got...
i got a baseball cap and 1 premium month 🙌
jaunty shell
bad luck 🥲
open monolith
I got a mcdonald combo
wintry sluice
Should I post my achievement (defcon33 and path completion) on LinkedIn?
path completion mayb.
defcon not so much (just luck of the draw)
noble orchid
It’s a sad day to see the “Go Premium”
wooden totem
I got a mcdonald combo
there are a lot of mcdonald's
quasi verge
path completion mayb.
defcon not so much (just luck of the draw)
Then I'll just wait for the official confirmation
rapid merlin
Just came across this
Not quite
LOL
In Japan koi can live in the drainage canals
Apparently
wooden totem
Apparently
you can be more confident, it is true
wintry sluice
Then I'll just wait for the official confirmation
I mean I just wouldn't consider linkedin to be the place for the defcon prize. completing the path shows skills, and thats the whole point of linkedin, showcasing skills.
winning the grand prize in a raffle isn't the same kind of achievement.
rapid merlin
you can be more confident, it is true
In England we don’t have a lot of rat but we have Mickey Mouse’s
Mickey Mouse’s everywhere
wooden totem
Mickey Mice
rapid merlin
In every block of flat
wintry sluice
there's loads of rats around in England.
rapid merlin
Whenever I see one I shout Mickey Mouse
wild rose
I remember my cat caught a mouse and my niece picked it up and said look mama Mickey Mouse.
wintry sluice
I shout "oh boy, dinner"
rapid merlin
I shout "oh boy, dinner"
Wut 😂
wooden totem
I remember my cat caught a mouse and my niece picked it up and said look mama Mi...
real life mice look nothing like the friendly well known cartoon drawing by the name of Mickey Mouse by Disney
rapid merlin
I’ve seen two mice having a fight in front of me. It went on for so long I started throwing down bets
They didn’t even care I was there
wild rose
My cousin screamed so loud that the cops where called to my apt.
wooden totem
I’ve seen two mice having a fight in front of me. It went on for so long I start...
stuart little vs ratatouille
wintry sluice
love ratatouille. such a wholesome film
primal kestrel
My cousin screamed so loud that the cops where called to my apt.
i worry about this whenever i watch a movie on the surround speakers
rapid merlin
I really like Stuart little when I was a kid
wild rose
we're gotten into trouble a few times cuz Ashton brought live birds and mice into the building.
rapid merlin
we're gotten into trouble a few times cuz Ashton brought live birds and mice int...
I love birds
wild rose
He goes nuts over birds for some reason than mice. He'll chase birds all day, but will kill mice like they were nothing.
wild rose
It's hard to type and not fat finger with a cast on, plus not double check your work.
boreal scarab
Why is brisket so fucking expensive?
@silver sky over here... 2 lbs for 10 pounds. 1 lb here, for $60 from a bbq place...
wintry sluice
fancy cut of mea
chilly veldt
Hmmm, should I
A. Just write more shitty code on top of the current codebase, make everything work and get tested to publish
B. Refactor the entire codebase and then get it tested after I write the last things
C. Do A and then refactor the code after release
rapid merlin
<@106802244329955328> over here... 2 lbs for 10 pounds. 1 lb here, for $60 from ...
Are you over here ?
A lot of meats are expensive here
rapid merlin
Very cute
exotic vector
@iron grove its gonna take me awhile to get through cryptography it seems T_T lol
boreal scarab
Are you over here ?
Still in USA
wild rose
Should I go vote early today or go out and get a haircut?
boreal scarab
@sick lance Found my new fort!
wild rose
I'm allotted a 2hr break from work to vote.
wintry sluice
argh, so much blue light
wintry sluice
Should I go vote early today or go out and get a haircut?
wild rose
but notice they don't say. Matt broke it again
solemn blade
<@958383130102870026> Found my new fort!
solemn blade
latent trail
Is the site working for you now? I see blank pages no matters what I try to open
spare echo
In try hack does room expires like I have seen few times by now that my number of rooms decreases automatically why ?
wintry sluice
Is the site working for you now? I see blank pages no matters what I try to open
working for me, what rooms are you trying to visit?
sand trench
;M; steam workshop page no worky for shadow
wintry sluice
shadow is making mods?
sand trench
no.... trying to install mods and look at shadows collections and subbed items
the dropdowns don't work by clicking on them and it is a known bug and has been unfixed/problematic for a long time
sick lance
Rooms you're currently in stay in your "My rooms"
sand trench
well last time shadow checked there for rooms made private they were no in the list
oh..... seems like that got changed or reverted
good old the find command room
shadows beloved lost room of the ages
boreal scarab
@pallid lotus If you haven't had fried avocados before, man.... 10/10, it was SOOOOO good!
Now for my burrito with steak and chicken.... after I pinged Muiri lmao
sand trench
beerrise the heretic
boreal scarab
boreal scarab
beerrise the heretic
boreal scarab
With rice, lettuce, steak, and chicken
wintry sluice
perhaps not the lettuce
wintry sluice
blazing granite
I’ve seen two mice having a fight in front of me. It went on for so long I start...
who won? 😂
wintry sluice
the rat
wintry sluice
one was a rat pretending to be a mouse
rapid merlin
who won? 😂
You can’t tell when rodents fight they just turn into a ball of fury
Who’s who I dunno
rapid merlin
one was a rat pretending to be a mouse
That wasn’t a rat that was two mice in a trench coat
boreal scarab
Y'all need to listen to this man's voice https://youtu.be/IN2XA26-ay4?si=b4bnQ9MgTrdSaaW9
blazing granite
That wasn’t a rat that was two mice in a trench coat
two mice in a trench coat, sound like the title of a children's book 😂
exotic vector
im now getting frustrated with my self over this, gonna take a break then ask for help lol
blazing granite
im now getting frustrated with my self over this, gonna take a break then ask fo...
Take a break, have a coffee, or a drink and come back refresh 🙂
rapid merlin
two mice in a trench coat, sound like the title of a children's book 😂
Totally a real life story
blazing granite
Totally a real life story
tonight two mice in a trench coat, you can't miss it, fun for the whole family 😂 😛
sand trench
two mice in a trench coat, sound like the title of a children's book 😂
One’s on the bottom, strong is he
Two’s in the middle, carrying Three
Three’s pretending not to be
THREE KOBOLDS IN A TRENCH COAT
One’s on the bottom, fiddling free
Two’s in the middle keeping the beat
I’m pretending not to be
THREE KOBOLDS IN A TRENCH COAT
wintry sluice
😭
go to play satisfactory
oh, a patch
oh no, a patch
yh, mods broken
now not playing satisfactory
sand trench
exotic vector
omg the situation I just had 
high mulch
exotic vector
hiya
high mulch
how is everyone doing?
exotic vector
how is everyone doing?
well just figured out the part I was stuck on, so pretty good xD
@iron grove figured out the part I was stuck on lol
chilly veldt
high mulch
well just figured out the part I was stuck on, so pretty good xD
noice! noice!
lone palm
uhh guys do u have any 1 to change 20 swag code with a basebal cap code
white swan
Can anyone help me, I'm having trouble finding the answer to this question. What is the range of a section (octet) of a subnet mask?
clear jackal
Can anyone help me, I'm having trouble finding the answer to this question. What...
Is this THM content? If so, #room-help is the best place to receive assistance
wintry sluice
uhh guys do u have any 1 to change 20 swag code with a basebal cap code
pretty sure tickets are non-transferable/tradable.
exotic vector
I didnt, decided to do the calculations on paper lmao
devout palm
Again?
wintry sluice
why today? tomorrow is the big gunpowder day
exotic vector
why today? tomorrow is the big gunpowder day
here its because of particular groups of chavs
wintry sluice
my sympathies
primal kestrel
my friend claims to have just gotten an xss attack through steam dms 😬
urban pelican
Hi , new here, probably this is not the right channel to post this but as newbie i don't have a clue so i misuse this channel, excuse me : following the cyber security 101 , you could win prizes by gaining tickets which i did; received mail for a 20 pound discount on any order. So i immediately tried to order a nice T shirt ! on checkout however i receive illegal discount code !!!!!! ???????? did i do something wrong ? who can help me ? thx !
exotic vector
Hi , new here, probably this is not the right channel to post this but as newbie...
did you copy the discount code from the email without spaces?
sharp citrusBOT
@urban pelican
TryHackMe Socials
urban pelican
ok thx, i'll send a email
weak root
i know the answers is Ctrl+Alt+Delete Task manager but how do they want the answer
wintry sluice
||that is not the answer||
silver sky
i know the answers is Ctrl+Alt+Delete Task manager but how do they want the answ...
Thats not the answer and #room-help not general for room help
wintry sluice
the format is right though (key+key+key)
silver sky
Well I linked it for you
exotic vector
hi thms official w i d e boi
primal kestrel
https://tenor.com/view/doubt-press-x-la-noire-meme-x-button-gif-19259237
i have another friend who also claims it happened to him
silver sky
i have another friend who also claims it happened to him
I'm also calling doubt until I see a working POC
or evidence
wintry sluice
doesn't really seem like you can do anything about it anyway, other than report to steam.
as I recall from the screenshots, you just get a DM and at that point, you are boned; they are already in and have your account.
wintry sluice
Account takeover with XSS?
mossy river
as I recall from the screenshots, you just get a DM and at that point, you are b...
Nah
It's a standard phishing attack
steep mountain
Anybody know reverse engineering, im trying to learn that along with I.T/Cybersecurity?
devout palm
Anybody know reverse engineering, im trying to learn that along with I.T/Cyberse...
https://dontasktoask.com/
Thanks
woeful rock
😄
mossy river
You can actually get your account back by providing receipts to steam support.
If you activated CD keys, you can also provide the keys as proof
devout palm
It might be one of the fake steam link that looks like a window on your PC
mossy river
Potentially, just clearing any zero-click or XSS account takeover concerns.
woeful rock
the poc in that hackerone report requires a click
primal kestrel
i don’t think it’s the same attack it is just reminiscent to me
i have two friends claiming to have been hit by steam dms that close their game and make account changes but it’s hard to prove because they’re not tech savvy
might be lying about being phished to save face
sand trench
might be lying about being phished to save face
or not realising they have been phished until bad things start happening
primal kestrel
or not realising they have been phished until bad things start happening
i think that is the most likely, but what's with the DM?
it might've been a "you've been hacked give us 200" dm lol
sand trench
hacker adding their own friend and sending dm back and forth for confirmation ¯_(ツ)_/¯
primal kestrel
good point
wispy anvil
Good afternoon my fellow script kiddies 
fair lava
pearl kindle
Good afternoon my fellow script kiddies <a:lightsaberpepe:662730883245277231>
hello hello
shrewd trellis
Is this a good server to help a friend get their instagram account back with?
shrewd trellis
ok
silver sky
anything else is illegal
swift ice
CompTIA is being acquired by private equity/investment firms 
https://www.prnewswire.com/news-releases/hig-capital-and-thoma-bravo-to-acquire-comptia-brand-and-products-302294943.html
exotic vector
CompTIA is being acquired by private equity/investment firms <:NotLikeThis:68984...
Oh no
Prices are gonna go brrr
swift ice
my certs 
exotic vector
I didn't do much today but I did get myself through the cryptographic maths and I feel proud about that xD
arctic cradle
@rapid merlin is that you?
dull river
Y'all send a box
wild rose
CompTIA is being acquired by private equity/investment firms <:NotLikeThis:68984...
Uhhh and I was thinking of getting my CASP+ just to renew my certs, but never mind then.
rapid merlin
<@456226577798135808> is that you?
shrewd dune
hey who would like to practice nc?
I'll just send messages don't worry
I just have nothing to practice with
rapid merlin
I’m out of the house, my neighbour took me 😂
wild rose
I’m out of the house, my neighbour took me 😂
Took you as in kidnapped?
rapid merlin
Took you as in kidnapped?
I agreed to tea but I never know how to leave. It’s been four hours
shut hawk
I just have nothing to practice with
You can use your own machine!
just have two terminals up, one as the listener and the other as the client
exotic vector
I agreed to tea but I never know how to leave. It’s been four hours
Oh no
shrewd dune
just have two terminals up, one as the listener and the other as the client
I just wanna talk with real person. :(
wild rose
I agreed to tea but I never know how to leave. It’s been four hours
You say "oh look at the time." or whatever you say in British.
Like the South say "Bless your heart", but what they really mean is something else.
keen light
Top of the morning to you my fellow lads and lasses
Would you like a cup tea dear Benjamin
🇬🇧🇬🇧🇬🇧🇬🇧🇬🇧
shrewd dune
You can use your own machine!
btw r u from San Francisco?
shut hawk
naw im briish
shut hawk
I just wanna talk with real person. :(
You've got plenty here (...mostly)
shrewd dune
You've got plenty here (...mostly)
but here government can read our messages.
teal wharf
but here government can read our messages.
how did u know
shrewd dune
how did u know
bird said.
teal wharf
this one ?
misty zealot
I agreed to tea but I never know how to leave. It’s been four hours
Make an excuse like say welp this was fun but I need to deal with my child’s _insert excuse
sand trench
welp time to hit the head on the pillow and go honk mi mi mi
primal kestrel
just saw a video about how youtube bots will post random names and words in comments to try and mine data. so crazy. scammers, spammers, and lowlifes will really think of every way under the sun to ruin the internet
primal kestrel
just saw a video about how youtube bots will post random names and words in comm...
link but i’d be very surprised this didn’t show up on everyone’s algo https://youtu.be/IDAWbzQFqqk?si=M1ZBqB2p2qUKguCa
undone dune
Anyone handy with converting a reverse shell into a fully interactive shell? I can't work out how it's supposed to work
I've got a dumb shell on a box I'm attacking by uploading and running a .php file for a shell. But I want to ideally run Linpeas on the server so I need a full shell
exotic vector
link but i’d be very surprised this didn’t show up on everyone’s algo https://yo...
that sounds wild.
shrewd dune
this one ?
I'm not sure but probably yes and it bits hurt.
clear jackal
I've got a dumb shell on a box I'm attacking by uploading and running a .php fil...
Is it TryHackMe content? If so, #room-help is the best place to receive assistance
exotic vector
I watched the video and its an....inventive way of using bots
I would assume the bots are doing that to gather information to either scam or to get credentials to get into the account. Theres probably other uses but those are from the top of my tired head lol
wheat basin
Hi...
exotic vector
Hi...
hiya
in the video they said that there was 2 bots they found in their comments where they commented with 2 sets of names to match them up.
Ah yeah I saw that being mentioned. Another one to my list to do research on
blazing granite
an oracle attack sounds mythical 😂
exotic vector
an oracle attack sounds mythical 😂
Yeah makes me think of a wizard with an orb
fair lava
just saw a video about how youtube bots will post random names and words in comm...
Quite sophisticated with employing strange phrases to seem genuine, it's a bit more extensive than people really think
Too bad youtube isn't doing any combat
exotic vector
Quite sophisticated with employing strange phrases to seem genuine, it's a bit m...
I see it from time to time but never thought much of it because you know YouTube comments but learning about it made me think "oh wait that's actually a good cover"
fair lava
I see it from time to time but never thought much of it because you know YouTube...
The trust exploit technique isn't that hard to learn, i'm actually more worried about Tiktok and Instagram
primal kestrel
Too bad youtube isn't doing any combat
how do you even begin to count something like this?
fair lava
The trust exploit technique isn't that hard to learn, i'm actually more worried ...
I know for sure that Tiktok's algorithm amplifies fradulent content, especially considering the age, it's rare to discern trustworthy accounts
Disappointing but couple of flashy visuals and catchy phrases can mislead people very easily, and their thirst and potential for quick wealth won't help
exotic vector
Yeah for sure
finite agate
Hey all, I'm slar how's it going?
teal wharf
howdy slar
exotic vector
Hey all, I'm slar how's it going?
It's going alright, you?
finite agate
it's going, just hanging out trying to figure out what to eat tonight haha
teal wharf
I know for sure that Tiktok's algorithm amplifies fradulent content, especially ...
i dont think only tiktok does this , youtube ig they all on the same set
exotic vector
it's going, just hanging out trying to figure out what to eat tonight haha
Fair, I had leftovers for dinner
finite agate
So what is up with this tiktok thing? I watched the video. Is it bad actors trying to find the name of the person of the channel or something more?
err youtube* sorry
fair lava
i dont think only tiktok does this , youtube ig they all on the same set
It's incredibly easy on Tiktok, trust me, Youtube combines those automated systems with human moderators so they can work swiftly
finite agate
That's really interesting/pretty concerning
fair lava
It's incredibly easy on Tiktok, trust me, Youtube combines those automated syste...
Just that robust moderation allows quicker identification, and with some extensive privacy settings and with less e commerce integrated into someone's experience is proof that Youtube is a lot more defensive
Unlike Tiktok's scrutiny over practices
teal wharf
Just that robust moderation allows quicker identification, and with some extensi...
i dont see what u tryna say , but i guess u are claiming tiktok authentification is less secure ?
fair lava
Yes
teal wharf
how do u know , any Poc ?
fair lava
I just told you above
misty zealot
Yall I just got told about a project at 7am, got the details at 1pm, worked on a proposal until 11pm, the guy i was supposed to sent it to is asleep and two other people are telling me it’s great but also it’s mid but also great and now Im going insane
finite agate
I feel like tiktok was built for the sole purpose of knowing who is behind the account
misty zealot
Send*
teal wharf
authetification vulnerabilities are critical
finite agate
what auth vulns does tiktok have over youtube?
teal wharf
if u are sure about what u claiming then u can contact their company , that is if they offer any bounty programs
fair lava
what auth vulns does tiktok have over youtube?
Javascript interfaces
polar spoke
authetification vulnerabilities are critical
man, if only a ton of major companies running bug bounty programs agreed with that
finite agate
lol
teal wharf
man, if only a ton of major companies running bug bounty programs agreed with th...
they do, and they pay welll also
facebook , instagram especially
polar spoke
lol
finite agate
Are we talking about auth or exposing accounts?
Because I bet both companies have strong auth but one may be lax on the exposure
polar spoke
as far as i can tell, no one has mentioned any exploits at all, especially not auth related
the original topic was about bots datamining by posting comments to see which words get blocked
fair lava
what auth vulns does tiktok have over youtube?
They're handling authentication tokens insecurely and potential exploitations through JS interfaces let's just say, the app's design emphasizes the engagement where they can overshare their information, of course they are more vulnerable then
vapid elm
finite agate
JS is client side and auth tokens are server side so what's the exploit?
polar spoke
They're handling authentication tokens insecurely and potential exploitations th...
i dont see how the handling of tokens and the app's design around engagement emphasis have anything to do with eachother
finite agate
I'm curious what you mean by them handling auth tokens insecurely
polar spoke
all media apps are designed to drive engagement, that's kinda the whole point....
fair lava
JS is client side and auth tokens are server side so what's the exploit?
They can bypass deeplink verification XDD, only by loading untrusted content in this webview they can exploit interfaces to execute Java methods within app, essentially gaining their access
polar spoke
😐
teal wharf
They can bypass deeplink verification XDD, only by loading untrusted content in ...
did u actually try this or u are telling a tale
fair lava
did u actually try this or u are telling a tale
I can go try it if you want, I actually need to waste my time better
teal wharf
I can go try it if you want, I actually need to waste my time better
oh hell na homie i dont want , YOU want 💀
pearl raven
idk why america looves to make their adversaries look as much evil as possible
I don't really want to get into politics, but when you vilify another nation, state, or race. It's easier for the people to keep you in power when you make shit choices.
That's all I'm willing to discuss on that topic as I'm sure it would be heavily moderated.
fair lava
oh hell na homie i dont want , YOU want 💀
I was about to go rest actually, but whatever suits you
teal wharf
I don't really want to get into politics, but when you vilify another nation, st...
true dat
teal wharf
That's all I'm willing to discuss on that topic as I'm sure it would be heavily ...
there are a lot of political things people to need to be aware of , but u cant cover all , we would literally fill a bible
speaking of politics and nations , pray for spain they are drowning ...
pearl raven
Very true, and there are too many opinions, many of which people hold tightly. So it's best to not discuss it on a platform like this.
pearl raven
speaking of politics and nations , pray for spain they are drowning ...
I saw some footage from the main cities it looked awful
teal wharf
Very true, and there are too many opinions, many of which people hold tightly. S...
ye better keep it cyber , every thing has its own place
finite agate
@fair lava very interesting I guess if you pushed code through push or deep links you could execute it. Never thought of that before
push notifications*
rapid merlin
Yo yo yo it’s ya BOI pigeon
crude stump
Any raspberry pi owner, how much gb should a sd card be being a raspberry pi zero
rapid merlin
I mean stealth ehem
I have no idea
The only raspberry pie I get is in my belleh
south sonnet
Any raspberry pi owner, how much gb should a sd card be being a raspberry pi zer...
pretty much anything should work fine. If you're planning on storing large files then get the appropriate sized one.
crude stump
pretty much anything should work fine. If you're planning on storing large files...
Yeah I’m not. I’m thinking of doing projects like pi hole, a ids/ips etc
south sonnet
just get that has class 10 rated card . The cheaper ones might hurt IOPS a lot more
crude stump
just get that has class 10 rated card . The cheaper ones might hurt IOPS a lot m...
Thanks Volta
twin ridgeBOT
Gave +1 Rep to @south sonnet (current: #339 - 16)
south sonnet
I haven't looked at SD cards in a long time. The Last I remember getting it was for my camera and it still works great.
south sonnet
Thanks Volta
apparently there is a new standard which is faster (SDXC UHS-I) So I would get those now. 32 and 64GB cards from sandisk seem to be very close in price too.
crude stump
In your opinion is a card preloaded with noobs better then just installing noobs on a blank sd card
south sonnet
blank + rpi imager
halcyon dune
gonna do my best to finish this week cyber 101 
was so busy, that I couldn't really do it
might boost me to top 5-6%
pearl raven
might boost me to top 5-6%
Nice, let's hope so!
halcyon dune
Nice, let's hope so!
if not, gonna do soc :3
kinda what I did
and 101 is at like 58%
crude stump
You did all that and you are still not in the 5%? Weird
halcyon dune
You did all that and you are still not in the 5%? Weird
top 7%
pearl raven
I lost track of where I'm at, been 1% for a while now.
halcyon dune
I think probably because of influx of new people and more activity overall, it's much different than from years back what I think.
crude stump
I think probably because of influx of new people and more activity overall, it's...
Yeah
halcyon dune
Getting to higher top gonna be harder after like 1-2 years
crude stump
Honestly I stop caring about rank
halcyon dune
Yeah, it's all about skill. I feel, like I would need to redo tons of stuff
crude stump
Well not even that
Some people just try to get to the top without actually learning in depth
halcyon dune
Some people just try to get to the top without actually learning in depth
I kinda try to do that, but I realize I spend like 3 hours on a room that was supposed to be 60mins 😄
crude stump
There’s nothing bad about that
Taking your time and actually getting good at something is way more valuable then someone who speed runs stuff
pearl raven
Taking your time and actually getting good at something is way more valuable the...
This.
crude stump
Give a quiz to a speed runner and a slow learner see who does better
pearl raven
Though I should level up my note taking skills, as I forget to always take notes...
It's important, you can't remember everything.
Something will only make sense when you look back over your notes.
crude stump
Plus idk about you but when I make notes it helps me because I’m actually typing out the stuff. Sort of like how when you write in your notes you remember better
molten sky
i guess comptia just got bought out
~ and nothing of value was lost ~ /s
halcyon dune
I think for me kinda habit probably wanting to know everything by memory
which is quite insane
but also my downfall
I kinda need to learn properly, even when I have understanding kinda
ebon quartz
any advice on best rooms to prepare for security+ certificate?
clear jackal
any advice on best rooms to prepare for security+ certificate?
Recommend you use the Security+ syllabus and Professor Messer's YouTube videos
ebon quartz
Recommend you use the Security+ syllabus and Professor Messer's YouTube videos
Thanks!
twin ridgeBOT
Gave +1 Rep to @clear jackal (current: #17 - 470)
verbal berry
hey im new here
Just finieshed vyber 101 really good room is it worth it to post the certificate on my lnked in
versed hinge
i asked that, i was told no
verbal berry
whats the reason if u dont mind
also can someone tell me if the security engineer path is a good path to go on
any insight
clear jackal
Just finieshed vyber 101 really good room is it worth it to post the certificate...
You can if you want as a post. It's not a certification, so it wouldn't go in that section. It's also not experience.
verbal berry
okay noted i ask bcuz ive seen ppl do it b4
im just tryna figure stuff out for a solid career path b4 i graduate
halcyon dune
Looks a lot better in person to be fair
it's always like this
😔 🤌
like I can make tasty food, but it never looks good in photos
because my presentation skills are zero
halcyon dune
🤌
boreal scarab
<@214547132231843840> brisket finished and resting
Also.... TIL there's a town in the UK called "Wetwang"
pearl raven
Looks a lot better in person to be fair
Lighting is a huge factor in the presentation of meat...
I'm leaving that one open ended as it's PG13...
silver sky
All I know it tastes good
molten sky
@boreal scarab go to bed already
boreal scarab
<@214547132231843840> go to bed already
Gotta eat lettuce
crude stump
Lighting is a huge factor in the presentation of meat...
You are not slick 🤣
crude stump
I like my meat red
sudden bridge
I like my meat red
pearl kindle
zumiii zumiiiiii
brazen oyster
any fix in AD Enumeration room cant finish redteaming path because of that broken network lol
pearl kindle
killua pfp based
brazen oyster
i sent in red-teaming-path room
screenshots looks like im not the one who have same probs
pearl kindle
zumi how many accounts do you have
brazen oyster
no its not a part of the challenge i already watched yt videos of some guys that's what they did before going to the whole walkthrough
verbal berry
How to remove cyber crusader
pearl kindle
u need to decrease me there
molten sky
How to remove cyber crusader
you have to advance to cyber pope
molten sky
stuff and things
verbal berry
So rank up
versed veldt
For some reason, my Python script isn't correctly reading the data file. Any ideas?
simple valve
For some reason, my Python script isn't correctly reading the data file. Any ide...
and post the code too
versed veldt
sorry
simple valve
all good mate
versed veldt
Code is over 800 lines, i doubt anyone wants to read over that much
cloud quiver
USB-C ?
simple valve
Code is over 800 lines, i doubt anyone wants to read over that much
Post the relevant code or a link to its Github repository
The issue you’re encountering should narrow it down for you.
versed veldt
ok
cloud quiver
Try to search for "reversible USB-A"
twin ridgeBOT
Gave +1 Rep to @cloud quiver (current: #45 - 191)
viral crest
Remember, Remember, the 5th of November
cloud quiver
Remember, Remember, the 5th of November
Election day 🙂 ?
viral crest
? An England holiday
Idk, they dislike that guy fox
In merca, we see him as a hero
Sort of,
This is beyond 2024 USA elections
simple valve
Election day 🙂 ?
Can be related to Guy Fawkes or V for Vendetta
cloud quiver
Can be related to Guy Fawkes or V for Vendetta
Thanks for the info guys, didn't know that 🙂
twin ridgeBOT
Gave +1 Rep to @simple valve (current: #19 - 431)
viral crest
Need I say no more.
cloud quiver
Need I say no more.
Thank you too bro 😄
twin ridgeBOT
Gave +1 Rep to @viral crest (current: #1550 - 2)
amber quarry
@rapid merlin Hello why DM ?
stoic quarry
Called out
queen flare
do you guys take notes while going through thm walkthroughs?
or do you just visit the room itself and give it another read if you ever need to revise something
amber quarry
do you guys take notes while going through thm walkthroughs?
Take notes
By all means
I have a bunch of notes from when I was doing TryHackMe stuff. They're not useful to me anymore but it really helped the learning process
queen flare
I have a bunch of notes from when I was doing TryHackMe stuff. They're not usefu...
how do you take notes
what do you write in them?
devout palm
Alek!
amber quarry
I use Trilium
I write them generally with ASCII characters using different keys on my keyboard
devout palm
What's up bruv
amber quarry
Hoy bruv
knotty loom
Hiii, to sync our account with discord, we can do a /verify true ?
amber quarry
!docs verify
sharp citrusBOT
devout palm
!docs verify
Too old.
knotty loom
https://help.tryhackme.com/en/articles/6495858-discord-how-do-i-verify-my-tryhac...
Yeah i've being dm the bot but nothing happen 🥲
devout palm
Did you see the website design?
amber quarry
But really @queen flare just start taking notes. My first notes were terrible. You'll learn along the way
devout palm
And they are finally adding dark mode xd
cloud quiver
Yeah i've being dm the bot but nothing happen 🥲
Type || /verify || and then enter your token
queen flare
I use Trilium
I write them generally with ASCII characters using different keys ...
lets say i am doing a walkthrough room (not a challange room)
how do i take notes that helps me with revision any more than just revisiting the room again?
amber quarry
lets say i am doing a walkthrough room (not a challange room)
how do i take note...
well the point of taking notes is having a centralized place with all the stuff you need to know
knotty loom
Type || /verify || and then enter your token
Oh it's worked rn thx a lot
amber quarry
you may be in a situation where you can't go on a certain website to check the info
amber quarry
lets say i am doing a walkthrough room (not a challange room)
how do i take note...
looks this is from a THM room on XXE. Walkthrough room.
These notes are not that good but it worked for me at the beginning
it's a mix of copy/paste the most important stuff from the room and adding other stuff like command results etc
queen flare
yeah this makes sense
amber quarry
Did you see the website design?
not sure, maybe I'll check during advent of cyber 😂
I'm prepping for the BSCP currently
queen flare
i haven't really taken notes so far because i have been thinking i could just revisit the room
but seems like taking notes like this is a better idea
marsh atlas
Remember, Remember, the 5th of November
The Gunpowder treason and plot;
amber quarry
Yeah just take notes , when you will be doing a video course you won't be able to so easily check an info
For BSCP this is how I'm taking notes btw, it takes a long time to do it but it's worth IMO:
this is the easiest mindmap I did so far. The one on authentication is big
queen flare
Yeah just take notes , when you will be doing a video course you won't be able t...
i do take notes for video courses and almost everything else other than thm rooms
i haven't taken notes on thm walkthroughts yet
i mostly used to just revisit the rooms when i wanted to revise
amber quarry
look at this
took me like 2 days to do the labs and render it properly in a mindmap
even if it's basic stuff
queen flare
Thanks @amber quarry
the pictures are giving me a decent idea on how i might arrange notes
twin ridgeBOT
Gave +1 Rep to @amber quarry (current: #65 - 122)
amber quarry
this is more of a process on how to tackle a vuln on portswigger
but definitely your notes should be a mix of text, diagrams, screenshots etc
with backlinking
wicked juniper
hii everyone, i am unable to use my discount voucher on swag code. it say enter a vaild code. I got voucher code on mail. its me or anyone else facing this issue
amber quarry
this is like 4 years of notetaking
stoic quarry
Nice
stoic quarry
hii everyone, i am unable to use my discount voucher on swag code. it say enter ...
Post in #site-support maybe
marsh atlas
this is like 4 years of notetaking
Nice! Looks like a snowflake
stoic quarry
Is that obsidian?
amber quarry
Trilium Notes
stoic quarry
Ah
amber quarry
TriliumNext version
stoic quarry
Obsidian has nice graphs for notes
amber quarry
I don't really like Obsidian but it works too yeah
stoic quarry
Not really useful, but nice when you want to show off how many notes you have
amber quarry
Yup lol
queen flare
but definitely your notes should be a mix of text, diagrams, screenshots etc
that does take a lot of time as well though
exotic vector
I take a combination of hand written and digital notes
rapid merlin
look at this
That’s very organised
stoic quarry
I take a combination of hand written and digital notes
You might like the reMarkable 2
PineNote is also shaping up to be a good alternative (that doesn't cost an arm and a leg)
exotic vector
You might like the reMarkable 2
I have a little notebook on my desk, the hand written notes I usually take are for commands and general flow of what I should be doing so when I do a longer task I can quickly refer back to it.
amber quarry
That’s very organised
this one took a while but it's needed if I want to have a chance at the BSCP exam
pallid lotus
this is like 4 years of notetaking
That's an interesting structure. How have you managed to keep the branches so distinct?
For comparison
amber quarry
That's an interesting structure. How have you managed to keep the branches so di...
What I don't show is that I have one of those folder named "to sort" 🤣
YOOOOOOOOOOOOOO
LMAO
rapid merlin
this one took a while but it's needed if I want to have a chance at the BSCP exa...
So I’m guessing it’s a hard exam to pass then
cloud quiver
this one took a while but it's needed if I want to have a chance at the BSCP exa...
I should also take BSCP soon 😄 . Doesn't seem that hard 🙂
amber quarry
That's an interesting structure. How have you managed to keep the branches so di...
looks like this at the folder level
stoic quarry
Gimme a room and I'll ace that exam fr
amber quarry
So I’m guessing it’s a hard exam to pass then
I've heard mixed reviews to I'm preparing for the worst 🙂
pallid lotus
looks like this at the folder level
I'm guessing you're not using clones?
pallid lotus
Ah, that explains it
My structure is similar
But I have notes which need to be in two places at once.
Clones let you take a tree and basically put it into a second location
amber quarry
ahhh I see
pallid lotus
Which is why there are nodes in my graph which have more than one parent
And why it looks like a freakin' neural network rather than a snowflake lmao
exotic vector
I dont use what you two use, but my notes are currently organised by path and section within that path for now.
amber quarry
Yeah I try to avoid this and organize them by theme and keep it in one place
amber quarry
I dont use what you two use, but my notes are currently organised by path and se...
Yeah that works for the beginning but then you'll end up like me with web stuff next to AD stuff
that's why I'm reorganizing everything by theme
and that's why I have a big folder "to sort"
exotic vector
Yeah that works for the beginning but then you'll end up like me with web stuff ...
yeah thats what I'll end up doing at somepoint.
pallid lotus
Oh, they're organised by theme.
For example, networking theory. I could need that in two contexts:
- I'm attacking something and want to understand the background
- I'm building something and need to know how to implement it.
It makes sense to have the underlying knowledge in both locations (Infosec, and Development)
amber quarry
that would be more like an organization by tasks no ?
pallid lotus
So those sections will have their own dedicated notes on network attacks and systems administration respectively, but also both have access to the foundational stuff
Eh, depends on your definition. I keep my "attack" stuff separated out from my "build" stuff
amber quarry
did you switch to TriliumNext already ?
pallid lotus
Mhm
amber quarry
pallid lotus
You tried the new mindmaps yet?
amber quarry
yeah it's bugged af
pallid lotus
Doesn't surprise me 😆
pallid lotus
I upgraded a while back but haven't really had time to mess with the new stuff yet.
New installer is nice though
amber quarry
when I deleted the value
I'm kind of waiting on a UI improvement or I need to find a decent theme
sudden bridge
i turned on wireshark on my home network and saw this.
the 3c: :78 mac is of my laptop and the 80: 60 is of my router.
this seems kinda weird to me as why the router is sending ARP repeatedly. any suggestion or am i paranoid
amber quarry
that's how ARP works
I suggest reading on the protocol
you can see the ff:ff... is broadcast on the layer 2
just asking for IP address so it can map them to MAC addresses in the local ARP table
sudden bridge
but the repeatedly asking for ip-mac relation?
amber quarry
idk, who has 192.168.1.5 in your network ? does it respond ?
sudden bridge
one of the androids. they dont respond to ping by default.
sudden bridge
idk, who has 192.168.1.5 in your network ? does it respond ?
i checked, its a oneplus. but im confused why only my device (a macbook) is responding to the router while all the other ones (which are mobile phones) arent responding
mental rune
have anyone want to build a team to play CTF every week ?
south egret
amber quarry
amber quarry
i checked, its a oneplus. but im confused why only my device (a macbook) is resp...
I'm not sure but it's probably something in the config
Try googling it i guess
limber current
Hi, I need your guys’ help. I'm looking to find a project idea for my final year, and I want to focus on cybersecurity. I think of choosing web security. Given my limited knowledge in cybersecurity (I know some Linux, Python, basic Linux commands) and the deadline in 4 months, would you recommend web security? If so, with which specific part should I delve? And what other projects can I work on besides web security?
cloud quiver
Hi, I need your guys’ help. I'm looking to find a project idea for my final year...
Why not ? Which field of cysec you are most interested in ?
rapid merlin
https://tenor.com/view/xqc-xqcow-gif-24897197
Me after a coffee
limber current
Why not ? Which field of cysec you are most interested in ?
I working toward pentest. but nothing specific yet. I am taking a program about cybersecurity and they offer three routes for final course: SOC analyst, Windows Forensic, and Pentest.
About the web project, do you have any guidance or recommendation?
cloud quiver
I working toward pentest. but nothing specific yet. I am taking a program about ...
If you're interested in pentest check out this resource 🙂
Don't know , maybe I could help 🙂
Should be if it's from a trusted source
limber current
If you're interested in pentest check out this resource 🙂
I have taken this before and i'm 24% complete. I want to get back to THM and this time i'm think of fpursuing web fundamental fisrt.
cloud quiver
I have taken this before and i'm 24% complete. I want to get back to THM and thi...
You can check out new cyber101 path then
limber current
You can check out new cyber101 path then
thank you. haven't look into that yet
twin ridgeBOT
Gave +1 Rep to @cloud quiver (current: #44 - 196)
wraith fjord
stoic quarry
CS101 is great
cloud quiver
If you can find refurbished one in the official store it shouldn't be a problem . Refurbished electronics are a normal business practice for years now 🙂 .
stoic quarry
FInished it last night, big ups team
rapid merlin
Today I am doing some of the penetrating rooms. I figured to be able to defend I really need to see how these attacks work for myself
stoic quarry
It's a good idea
rapid merlin
Is the most common attack on networks MITM
undone dune
I made the jump to the challenges yesterday. Did Cheese and Mushroom Kingdom. Learnt a lot about how an attack actually works
stoic quarry
Wouldn't say so, got nothing to back that up but I've never seen one
stoic quarry
Is the most common attack on networks MITM
In regards to this lol
amber quarry
Is the most common attack on networks MITM
It's a common attack in pentesting if you only have an access in the network but don't have an initial foothold on the AD
If you really want to learn about techniques real attacker use I suggest looking into MITRE ATT&CK
mitm includes a wide range of attacks. you have llmnr/nbt-ns/mdns poisoning, SMB/LDAP (NTLM) relaying, DHCP spoofing, ARP poisoning etc etc
most of the work in an internal network needs to be done on the Active Directory so I would recommend learning a lot about this
while not forgetting that some orgs now use Cloud or hybrid infrastructures so you need to look into Entra ID and cloud platforms in general
rapid merlin
most of the work in an internal network needs to be done on the Active Directory...
Thank you but I’m more learning about defending myself. I don’t think people use AD for just one person
twin ridgeBOT
Gave +1 Rep to @amber quarry (current: #65 - 123)
amber quarry
Ha ok well that's a whole other topic then
stoic quarry
Setting up a domain for my house
Me and myself gonna be the best domain users around
exotic vector
im addicted to watching videos of people messing with scammers again
errant fossil
Good Morning All
cloud quiver
Good Morning All
Good morning sir 🙂
sudden bridge
Try googling it i guess
asked GPT. phones dont reply as frequently to save power. and learnt something new that routers send out arp so much frequently.
rapid merlin
Good Morning All
Morning
I’m looking for something like Google that’s more honest
That will give me the answer to anything
errant fossil
How are yall doing?
cloud quiver
How are yall doing?
Good, how are you 🙂 ?
sudden bridge
use gemini
errant fossil
Good, how are you 🙂 ?
Great, Thanks for asking
twin ridgeBOT
Gave +1 Rep to @cloud quiver (current: #44 - 197)
errant fossil
Studying and want tea
That sounds nice except the tea part. Coffee always
rapid merlin
That sounds nice except the tea part. Coffee always
😩I can’t
My wee heart can’t deal with it anymore
sudden bridge
Studying and want tea
you're brit?
rapid merlin
you're brit?
I might be 👀
errant fossil
My wee heart can’t deal with it anymore
Yeah can understand, used to hate coffee a long time ago
Just drank tea
then switched
sudden bridge
Yeah can understand, used to hate coffee a long time ago
i used to love coffee. it doesnt hit now like before tho.
so i stopped
rapid merlin
Yeah can understand, used to hate coffee a long time ago
I just can’t drink it because my heart rate is always fluctuating anyways
I like the taste though
sudden bridge
hot or cold
rapid merlin
Both
sudden bridge
nice
rapid merlin
Why are we all green
sudden bridge
maybe cuz we're all crusaders
sudden bridge
i have a green leaf tho :3
errant fossil
I just can’t drink it because my heart rate is always fluctuating anyways
Ohhh, yeah then it can be a problem
exotic vector
a sea of green
errant fossil
i used to love coffee. it doesnt hit now like before tho.
sometimes it is like that
sudden bridge
sometimes it is like that
im listening to like that rn 😭
i thought how could u tell
errant fossil
im listening to like that rn 😭
rapid merlin
I’m getting closer and closer to OMNI
exotic vector
im at hacker level
rapid merlin
im at hacker level
Nice good job
cloud quiver
im at hacker level
Congrats 🥳
rapid merlin
I can’t believe I’ve almost done two rooms already
The event make me go up an entire level which is how I ended up green
errant fossil
I’m getting closer and closer to OMNI
Good luck to it
pallid lotus
Me and myself gonna be the best domain users around
Don't laugh -- it's legitimately a decent way to run a home network
Overkill? Yes. Powerful? Also yes
exotic vector
Don't laugh -- it's legitimately a decent way to run a home network
I know a few people that have something like that set up
rapid merlin
Good luck to it
Thank you
twin ridgeBOT
Gave +1 Rep to @errant fossil (current: #468 - 11)
wicked juniper
I’m getting closer and closer to OMNI
good luck !
rapid merlin
good luck !
Thank you
Might pop to the shop and get a drink since I’m gonna be in here all day
whole gazelle
enjoy ur drink
slim vale
I do not want to bother anyone, but dose someone know if there will be another Advent of Cyber this year?
I really liked the last one. ☺️
And I cant find any Information about another one.
whole gazelle
there should be one imo
slim vale
I hope so 🙂
acoustic stag
I don't know where to post this, but it just gives me the answer X)
errant fossil
I do not want to bother anyone, but dose someone know if there will be another A...
Hope they do another one, The feedback on this one was great
pallid lotus
I know a few people that have something like that set up
Yep. I've got full SSO running lmao
verbal berry
Which ctf is the best to start with on thm
pallid lotus
Year of the Jellyfish
cloud quiver
Which ctf is the best to start with on thm
Try with Rick and Morthy and Basic Pentesting CTF
Vulnversity also
verbal berry
Ty
pallid lotus
Gotta love the smell of spam in the morning.
exotic vector
exotic vector
Gotta love the smell of spam in the morning.
remember, dont just learn, get hired
pallid lotus
remember, dont just learn, get hired
Nah, I quite like my job
errant fossil
OhSINT was nice
My most favourite one tbh
exotic vector
im doing some more learning before I start with the beginner ctfs
wooden totem
OhShit, the prequel to Osint
verbal berry
Im processing what I’ve learned so far b4 I continue thm
cloud quiver
OhShit, the prequel to Osint
It's discontinued sadly 😢
verbal berry
But I want to apply what I’ve learned
pallid lotus
Back in my day:TM: we didn't have the learning. The only option was to dive into challenges.
whole gazelle
setting up ur own vuln os
pallid lotus
The learning material is good, but it's not nearly as helpful practically as you might think
verbal berry
I figure
pallid lotus
Just dive into some challenges and see where you end up. You'll learn a lot more that way, and it will feel a lot more natural if you develop the skills yourself.
wooden totem
why does this link communicate with snapchat lol
wraith fjord
wooden totem
I'm more than 50% sure that it was written by AI too
exotic vector
Just dive into some challenges and see where you end up. You'll learn a lot more...
I always do some extra research when im learning something on thm
wraith fjord
exotic vector
more knowledge = more fun
its how I deal with tasks that im stuck on as well. Like when I was doing the metasploit rooms I was also reading through the documentation of metasploit
midnight bough
Any beginners here that wanna add each other? Im literally a NOOB NOOB lmao
whole gazelle
i also sent u request :3
floral hawk
Q - why does THM seem to prefer Burp over ZAProxy? Basics (ticket evnet) and pentesting both have only Burp. I am doing all of the modules with ZAP instead.
midnight bough
i also sent u request :3
😁
whole gazelle
Q - why does THM seem to prefer Burp over ZAProxy? Basics (ticket evnet) and pen...
i guess that burp is more popular? dunno can't tell
cloud quiver
Q - why does THM seem to prefer Burp over ZAProxy? Basics (ticket evnet) and pen...
Burp is WAY more advanced than ZAP
dry dome
Same
I think Burp it’s more used and recognized in the industry
cloud quiver
Community edition maybe not , BURP PRO is a whole another level compared to ZAP
exotic vector
from what I have seen burp seems to be an industry standard software as well, so it makes sense there are rooms on burp.
midnight bough
i guess that burp is more popular? dunno can't tell
Daaamn i thought you were a beginner but 128 rooms is good work ^^
whole gazelle
Daaamn i thought you were a beginner but 128 rooms is good work ^^
i'm speedruning this thing 128 rooms in 19 days
midnight bough
i'm speedruning this thing 128 rooms in 19 days
lmao you dont write down any notes?
whole gazelle
i do!
midnight bough
oooh nice i also have a really nice notion but its in german
love notion for notes
exotic vector
128 rooms in 19 days? is your brain ok? does your brain need extra cooling xD
midnight bough
hahahahah
whole gazelle
i just got crazy amounts of spare time to learn
midnight bough
thats so nice
floral hawk
Burp is WAY more advanced than ZAP
But those advanced features are in paid version, are they not?
exotic vector
i just got crazy amounts of spare time to learn
I have too, but ive only done 48 rooms lol
whole gazelle
love notion for notes
notion is fine, but has too mcuh features imo, i like my notes in plain ol txt and vim
wraith fjord
Q - why does THM seem to prefer Burp over ZAProxy? Basics (ticket evnet) and pen...
More industry recognized, it is paid (Enterprise Edition or whatever its called) and organisations doesnt want their things done via opensource tools. Simpler interface.
midnight bough
i learn when i dont have a support case to take care of
cloud quiver
But those advanced features are in paid version, are they not?
You have more advanced featueres than ZAP even in community version especially if you use Extensions from BApp store
wraith fjord
More industry recognized, it is paid (Enterprise Edition or whatever its called)...
I use ZAP because i am too lazy to write hydra command for web bruteforce
midnight bough
notion is fine, but has too mcuh features imo, i like my notes in plain ol txt a...
i see an oldschool guy but
whole gazelle
I have too, but ive only done 48 rooms lol
that's nice tho, everyone learns at thier own pace
amber quarry
Burp is WAY more advanced than ZAP
you can do almost all the same things in ZAP. It's just that Burp is more user-friendly in their way of presenting the features
wraith fjord
notion is fine, but has too mcuh features imo, i like my notes in plain ol txt a...
Would love to see glimpse of your vim notes
exotic vector
that's nice tho, everyone learns at thier own pace
yeah I take notes, and redo rooms or sometimes sit in a task in a room and play around with it.
floral hawk
You have more advanced featueres than ZAP even in community version especially i...
I see. At what level will I be able to spot thedifference? Some advanced webapps, or the whole system/applications? In other words, should I invest in learning Burp now, when I only plan to do websites if anything at the moment?
whole gazelle
Would love to see glimpse of your vim notes
i just use it like notepad but in vim
whole gazelle
yeah I take notes, and redo rooms or sometimes sit in a task in a room and play ...
i found out that doing rooms over and over helped me actually understand topic way better
it's soo cool to do
amber quarry
More industry recognized, it is paid (Enterprise Edition or whatever its called)...
and organisations doesnt want their things done via opensource tools
Huh ?
exotic vector
I have vim but havent used it, for notes I use joplin
midnight bough
i found out that doing rooms over and over helped me actually understand topic w...
damn u even redid rooms?
whole gazelle
hell yeah brotha
midnight bough
you are a full time THM addict lol
exotic vector
it's soo cool to do
you should of seen me last night, when I was doing the cryptography rooms it gets you to do maths right? I was doing them by hand on paper lol
midnight bough
i just hope im gonna make it out of it support by learning with THM and taking the pentest+ exam.... The people in my office cant even turn on their monitor and its driving me crazy lol
whole gazelle
you are a full time THM addict lol
i guess u can call it addiction 💀
whole gazelle
you should of seen me last night, when I was doing the cryptography rooms it get...
YOOO
thsts crazy
fr
midnight bough
you should of seen me last night, when I was doing the cryptography rooms it get...
LMAO
whole gazelle
i just hope im gonna make it out of it support by learning with THM and taking t...
you will make it bro!!
i believe in u
midnight bough
❤️ 🥹
exotic vector
i just hope im gonna make it out of it support by learning with THM and taking t...
Im unemployed and it annoys me that I cant get into IT, because I do have computer skills and when I did work in an office and most people had no computer skills so I ended up being the office tech support unofficially meanwhile the actual tech support guys rocks up in a sports car at midday.
wraith fjord
> and organisations doesnt want their things done via opensource tools
Huh ?
From your reaction, guess that exp is just from my work place lmfao.
exotic vector
fr
it was the questions "if q = 29, g = 5, a = 12" etc I did all 3 of those by hand on paper
cloud quiver
I see. At what level will I be able to spot thedifference? Some advanced webapps...
Don't get me wrong I don't want to discredit ZAP by any means 😄 . It's a great tool and it's free at the end of the day , in some aspect even better than BURP ( easy brute-forcing for free, Burp requires a license for that,etc. ) . I think that Burp has better community behind it, far more extensibility options ( BApp store ),it's easier to use,faster( also requires a license ). The true power of Burp is in its extensions imo , many of which require a license .
whole gazelle
it was the questions "if q = 29, g = 5, a = 12" etc I did all 3 of those by hand...
much respect
midnight bough
Im unemployed and it annoys me that I cant get into IT, because I do have comput...
Oh its so hard to get into IT i applied to 300+ job just to get a entry level it support position. i recommend the microsoft support certficate on coursera. it has helped to land a job
amber quarry
From your reaction, guess that exp is just from my work place lmfao.
When talking about pentesting because I guess this is the main topic the client does not care if you use open source or paid tools as long as you did the job
exotic vector
Oh its so hard to get into IT i applied to 300+ job just to get a entry level it...
I cant even land a job with my degree, which is why im learning cybersecurity/hacking lol
floral hawk
Don't get me wrong I don't want to discredit ZAP by any means 😄 . It's a great ...
I see. They certainly have a knack for naming things - intruder, repeater... But I'll stick to ZAP for now 🙂
amber quarry
Don't get me wrong I don't want to discredit ZAP by any means 😄 . It's a great ...
This is a good answer
cloud quiver
I see. They certainly have a knack for naming things - intruder, repeater... But...
ZAP also has those featueres
Only the name is not the same
exotic vector
much respect
dont get me wrong, it almost made me cry because I was trying to do it on my scientific calculator. Took a break then broke it down into really simple maths on paper.
amber quarry
For most of my web pentests I use Burp Pro because it's just more convenient.
I find that ZAP does it better when it comes to raw API testing
Maybe I'm just more used to importing OpenAPI docs in ZAP, it works better in my experience
floral hawk
Only the name is not the same
I know. But the names are less poetic.
whole gazelle
dont get me wrong, it almost made me cry because I was trying to do it on my sci...
u know that learing goes hard when u get crazy emotional about problem u encounter
cloud quiver
I know. But the names are less poetic.
Function is what matters 🤣
exotic vector
u know that learing goes hard when u get crazy emotional about problem u encount...
by the end I did understand the section though
whole gazelle
yeah emotions make everything stick way deeper in ur head
floral hawk
Function is what matters 🤣
But seriously, if I say I am fuzzing the website, no one outside of cybsec will even connect the activity to hacking. When I say "intruding", its much clearer what I am doing.
bitter apex
for my next js app which uses SSR CSR and stuff is it best to use a VPS to host or smth like vercel? Vercel does seem quite expensive compared to vps tbf
sudden pond
Anyone made THM theme for obsidian?
amber quarry
But seriously, if I say I am fuzzing the website, no one outside of cybsec will ...
no one actually serious in this field says "intruding". "fuzzing" is the term
proper marten
Hey everyone. I am looking for a great course which help to understands the things in Web 3.0 as well as gives a hands-on in the how cyber security is integrated into it and what needs to be tested, how to be tested and how to resolve those issues. Any help is appreciated.
If you know course, please tag me.
fair lava
Hey everyone. I am looking for a great course which help to understands the thin...
Web3 and smart contracts on coursera, bombay's hands on web security
simple valve
for my next js app which uses SSR CSR and stuff is it best to use a VPS to host ...
Its expensive because you have less overhead to worry about.
If you want to be able to control more aspects of your app (e.g., server it runs on etc.), a VPS would be fair,
If you want to spin up something really quick and don’t wanna worry about other stuff like SSH access to your VPS, OS updates, packaging, versioning, etc., then Vercel would be a better fit
steel aspen
How many days left on the tickets thing?
arctic pebble
Hasn’t it ended?
dry dome
the ticketing event finished yesterday
steel aspen
Ah shoot lol oh well learned lots
dry dome
if you have won Defcon, laptop or amazon voucher you still have time to submit it via email until 7th of november
steel aspen
I wish
dry dome
Ah shoot lol oh well learned lots
the path it’s still open to continue learning
steel aspen
Yeah will keep learning lo
Got another course at the moment so haven't done much THM
I really do not like Word
Wpsoffice is what I use. I wanna try libre though.
undone dune
For notes? Try Obsidian or Joplin
sudden pond
For notes? Try Obsidian or Joplin
Can we make THM theme for obsidian
steel aspen
I should try those tho.
Can create folders in them I'm guessing?
Sometimes my notes gets lost in the wild ahaha
dry dome
yep
I really like obsidian
undone dune
I've only just started using Obsidian as people have been recommending that and Joplin. I haven't played with the functionality beyond folders and some basic markdown
My writeups read like the scribblings of a deranged person at the moment too
dry dome
it also has a plug-in which you can configure to sync with git and that way you can sync notes and have them backed up
undone dune
Really? I thought you had to pay for the syncing. That's perfect! I'm downloading that immediately 😅
dry dome
You can google the obsidian git sync solution
dry dome
Really? I thought you had to pay for the syncing. That's perfect! I'm downloadin...
there is also a paid version of obsidian I think which provides that option
but with the git plug-in you can obtain similar for free
frigid stream
.
dry dome
maybe a little bit harder to configure, but by following a youtube tutorial or google it should be fine
steel aspen
it also has a plug-in which you can configure to sync with git and that way you ...
That'll be helpful as
Just got a scam email 😠
floral hawk
no one actually serious in this field says "intruding". "fuzzing" is the term
Ye, well for now I am in it just for fun and I will coin the term "intruding"!
steel aspen
$1000 cash app gift card is ready
rapid merlin
When I feel like I’m stupid because I’m not doing my work, I just go into the comments of YouTube videos and I feel much better 😂
Someone just asked how an actress changed where her hair was growing from because she changed the parting
The comments are so funny
cloud quiver
But seriously, if I say I am fuzzing the website, no one outside of cybsec will ...
If it's too aggressive it won't go unnoticed
grim sparrowBOT
Done!
exotic vector
Someone just asked how an actress changed where her hair was growing from becaus...
I've seen those comments before I just sigh at them lol
rapid merlin
I've seen those comments before I just sigh at them lol
They make me giggle
I’m gonna get some plant cuttings
gray sonnet
Morning THM
cloud quiver
Morning THM
Good morning to you sir also 😄
exotic vector
Morning THM
Morning
gray sonnet
How is ya'll doing today?
cloud quiver
How is ya'll doing today?
Good , how are you 🙂 ?
whole gazelle
How is ya'll doing today?
doing well, thanks for asking :3
twin ridgeBOT
Gave +1 Rep to @gray sonnet (current: #88 - 82)
exotic vector
ok thats 1 of my tasks done
keen vigil
How is ya'll doing today?
Excited to crush another day
whole gazelle
yessir that's what's up
upper carbon
Hey there y'all 🙂
exotic vector
hiya tim
upper carbon
I got a question: how does changing my computer's DNS server affects my anonymity online?
Isn't DNS server just something to make website URLs look better?
(clearly a noob ik)
cloud quiver
Hey there y'all 🙂
Welcome tim 😉
upper carbon
🙋♂️
exotic vector
Isn't DNS server just something to make website URLs look better?
yeah more or less, it takes queries and translates it to what servers and systems understand. This might help you learn more https://www.cloudflare.com/learning/dns/what-is-dns/
whole gazelle
I got a question: how does changing my computer's DNS server affects my anonymit...
i'm not sure how much it can affect your anonymity online except it will reduce tracking by your isp (?) (not so sure tbh)
cloud quiver
🙋♂️
If you're interested in DNS check out this room
If you're interested in anonymity check out this one
🙂
whole gazelle
https://tryhackme.com/r/room/dnsindetail
this room is soo good
cloud quiver
this room is soo good
It is . Great way to get familiar with DNS 🙂
whole gazelle
for real
hollow wolf
there is any rooms or resources for mobile exploit/analysis ?
hollow wolf
thanks