#general

You're old now

As you are

What's wreath? Like the Christmas thingy?

one of the network rooms on tryhackme

It also barely works, although that's on the TryHackMe infrastructure side. Network itself is fine.

Speak for yourself!

https://www.tryhackme.com/r/room/wreath

Right, okay, I am 23 ffs

that's old

Try me. 19

lol

... I hate you all

Well, it worked well enough to teach me how slow proxychains are 😄

fair enough 🤣🤣

We love you too!

Muirr how it feels like to be old

my eyes and brain hurts

I dunno. Give it four years then you tell me

Also, theres not a lot of hands-on labs for practical practise on pivoting

I don't want to be 20 years old

what's 19 like

I don't remember it

Ugggghhhh, I really want that pillar drill

Omg, Fallout 4 collections take forver

You hack stuff and call Muiri old

What's stopping you?

Black Friday isnt for a few days 😄

oh @silver sky When you asked Squad, you mean Squad 44?

https://tenor.com/view/doja-cat-star-wars-gif-25078126

Sounds fun 😭😭 and a lot like 18

No

Squad

Oh, then still no lol

A pillar drill really ups your forstner-bit game

https://store.steampowered.com/app/393380/Squad/

Get it

I also want a new mitre saw... And I want to see if I can get deals on both lmao

I have so many games

Oh, Black Friday soon.

Oh your poor bank acount. RIP.

What's a pillar drill...

Squad my beloved

I can already take £50 off the total bill, but it'll still be £600 odd

Actually I'll search it up

So you can join me and @lone thistle in walking 5 miles, digging a hole and then dying to a person hiding in a bush

Hence waiting a few days for black Friday

OOO COOLLL

Pillar Drill in the US is a Drill Press I think.

I remember these in DT class!

Watch me find a freakin' table saw as well

Not sure what it's called elsewhere.

When we did woodwork

Synapse - It a drill thats basically mounted so its solid. You can then use a lever to push the drill down, so you know it's dead straigh

They were funnn

could be useful

I liked the belt sanders though 🙂

The number of rip cuts I know I need to do is steadily mounting

The ones I have at work... like to walk a little 😦

And my track saw ain't brilliant

why does everyone need a saw just for sawing tables??? sounds like a very weirdly specific saw to need

Ahhh that makes sense unc 🙂

...

can I call you unc

It's a saw mounted into a table

Go search it up

Sounds about Hell Let Loose ish

Course you can Synapse. It's the name I chose 😄

should have marked that with joke probably

I could use some actual tools but I know I'll never use them

😂😂

I use pen to cut wood

Probably

I use my fist to cut wood

Minecraft mentioned

Muiri - have a bit of a google, but theres a guy (I think it's Izzy Swan, Maybe?) who made a jig to make bowls on a table saw. The thing looks mad.

I use your head to cut wood 😁

How the heck does that work?

In layers?

It's an effective tool

Very dangerously 😄

Like rocks it over the blade

That's...

Lemme find it

Well, that sounds like a good way to lose a finger

... Or 10

Cmon 44

What is life if you don't have danger

Folks

https://www.youtube.com/watch?v=3SOWA5Rev6U

Eh, they make blades that sacrifice themselves when in contact with anything conductive.

Shouldn't get anything more than a slight nick 😛

Folks

https://tenor.com/view/sausage-weiner-machine-saw-slow-motion-gif-17810821

that almost hurt

cower before the glizzy

https://tenor.com/view/washing-hands-fire-sparks-grinder-gif-16535412

Must kill all the bacteria

I should clarify, the blades don't sacrifice themselves persay. There is a brake built in that shoots itself into the path of the saw teeth, effectively stopping the blade spinning, and shearing off several of the teeth in the process. It's very quick, and it's a fantastic safety feature.

That's some clever tech

Or the solution is, just don't stick your fingers near sharp spinning blades

Common sense isn't common?

Jowp, yeah, I saw somthing like that, SawStop?

I think that's the name, yes.

Even better though
Do both!
Have a safety mechanism in case. As you wear a seatbelt in a car.

I know they do other stuff like beasty fences and stuff. Looks like they are starting to move towards th UK

It's risk, same as cyber
Reduce the likelihood (keep your fingers away) and the impact (make the blade stop and not take your fingers off)

Right tool for the right job, Zumi 🙂

Nice, James. i like what you did there Keeping it relevant 😄

Same reason I have a silicone Wedding Ring 😛

Cos you can't be trusted with metal?

You build a lot?

Work with lathes, drills and mills often.

Work work or hobby?

Both, the company I work for mainly does electronics/IT, but we do produce some wooden / acrylic products.

Nice

It's fun, I get to mess things up every now and again 🙂

Hai

heyy guys

Do they let you use some of the equipment for your own projects?

I have free reign. I should clarify, on my own time, not the companies 😛

Thats bangin'

Do anyone know de OS footprinting or attempted it?

also fresh here -- hey

Hey bro

what is that?

hey!

It's when you detect the OS of the device connecting to your network via your IDS/IPS

ohhh blue team stuff i think

it's really difficult that's what I heard

but i havent done it

yeah thats blue

nothing is difficult i mean if you are curious about it its gonna be fun learning it so it might be "complex" but not difficult

couldnt agree more

Oh my bad is SOC I Red team?

Amazing!

SOC is blue team

I'm doing de SOC I cert or trying to going slow like I did in Security + I did them both slow

soc is = detecting, monitoring, investigating, and responding to security incidents to defend an organization from cyber attacks

Ok great

so yeah blue team

just got my A+ cert in september. going to start on a network cert next year and started a tryhackme account to have fun in the meantime

I like both red and blue team, since malware analysis can be considered as blue team

compared to malware development and execution 😉

ooo malware analysis is blue team?

sweeett

Mostly SOC level 3 afaik

Red Team = Offensive
Blue Team = Defensive

It depends on the company though

Yeah i did not want to say that xd (Obviously not executing)

Holy shit this guy is a nutcase

That actually worked really nicely though

Who needs a lathe, amiright?

Yay time to read through boat loads of crime statistics

please end my suffering

My laptop speakers just creaped me the hell out. Playing heavily modded Fallout 4. Nora is talking... and I thought it was actually coming from behind me WTF

You shut your filthy mouth

Just use the damn table saw, duh!

Hehe

I acheive

I acheiced conference in kuwait so I want to show you my cerftication

let's see it

Erm

Hello, here the domain and subdomain points to same IP, but how does browser/server know which website the client is requesting

DNS resolution maps all subdomains to same IP, while browser sends HTTP request with the host header specifying subdomains or domains

Just a thought: imagine you are in your room. And everyone is asleep, but you. And you hear your door bell ring after every hour....what will you do?

People say, best is to call the cops when you are 100% sure something is off....

Plot twist is here: the door bell is not located outside the gate but, outside the wooden door that leads to your garden and then comes the gate......

Someone's definitely inside or is the machine malfunctioned?

I would be too lazy to even think about it tbh...

The bell is really loud

Scary

Had to stay up till 6 am

How did others not wake up

I don't know

Maybe they were deep asleep?

The browser doesn't know
The browser asks for the content and the webserver provides it

Sorry, my question was not clear.. i mean, as domain/subdomain all will resolve to same ip, how does server knows which website to serve to the client

Based on host header included in the HTTP request

Then yep that's the Host: header
It's called vhosting if you'd like to look into it more

thank you everyone

Hostnames are only important to your computer.
Either it will be resolved internally (From a local cache or hosts file)
Or via DNS (In that order).

Your web browser then connects to that IP, compares any certificates found to the FQDN you provided, informs you of any matches or mismatches.
It further provides a header full of information including the requested URI/FQDN.
As part of the FQDN above, the web server can provided you the appropriate vhost, or an application router/HTTP Proxy can redirect you to the correct internal system or VM.

Fwiw, vhosting doesn't have to be FQDNs

FQDNs is more of a dns thing, vhosting and dns are related but very much separate

True, I'm just used to seeing vhosting rely on the FQDN, usually if someone wants to do something off the rest of the URL I tend to see HA Proxy or NGinx reverse proxy.

There's a lot of overlap in some of the web technologies with minor nuances.

that's if you're being sensible with it lmao

Also FQDN being fully qualified
VHOSTs don't have to be

That's true.
I've seen vhosting used to backend without an fqdn referenced from a front end public facing server via fqdn.

hostname only routing shudders

Guys, i used to take notes in Notion app because of its cloud sync function in my windows(host) machine.. i dont take notes in virtual machine(kali) as i feel it can crash someday... But Notion is very laggy and slow.. any alternate better note taking app where i can sync to cloud and access from other devices..(free app)

I love notion, so idk

i take a lot of screenshot and i think because of this, its very slow sometime

Everyone's going to tell you Obsidian.
I'm not saying they're right or wrong, I haven't used it, but that's what I hear every time its asked 😄

is it fast compared to Notion, free and can be access from any devices?

ill have a look..

I was looking for a relational notes app recently, and, decided I'm probably going to end up running a wiki and just using git to back it up XD

evernote or obsidian yes

or trillium

if you need cloud sync and need it for free that is a hard thing to come by

technically obsidian can do it over git but then you gotta use git repos and know how protect those

If you have keybase, it supports git protocol and would be automatically encrypted with your PGP key. So I guess that's an option.
I still use it even after the purchase, but I'm going to migrate away from it as I start self-hosting more.

Apparenlty Proton's free tier includes Proton Drive, which would probably be enough for simple notes storage.

well shadow was talking about in client sync methods

but yeah other online storage methods can work for not storage too

anyways shadow has a headache and wanna be up decently early tomorrow so it is now meep moop to the beep boop for the sleep sloops time

Good night

anyone got any good recoomendations for notetaking? currently using a private discord server

💀

@sick lance

Oh god!

:hammer: aron7303#0 has been banned.

[BAN] User left the discord server.

Thanks jabba

I don't know what I missed but it looks like it needed everyone on deck.

lmao

https://tenor.com/view/its-madness-william-frawley-jk-simmons-being-the-ricardos-thats-insane-gif-24212269

are any of those free?

onenote isnt free

neovim

oof @ Affero GPL

VIM ftw

Markdown Preview mode

i thought notepad was enough 😭

neovim looks like mostly for code/i'm taking the majority of screenshots (fornow)

does it have a place for my screenshots?

yes and no

Obsidian is good for pasting screenshots and it appears on the current folder (You can change it)

ohhok

hmm its free, how do they make their money

There are some parts that are not free.

Also some services take donations

download done ty

omy, the logo is so sexy

Thats how you know it's a quality product

hah

I want to do researchhh

need me some intel 👀

Ok. look up how to do a XSS attack

okay!

ive heard of that

And now you'll know what it is and how to do it 😄

i forget what the types are like stored and the other two

which i forgot

hey uncle sqy . how u doing

Zumi - Many peoples are 😄 I think Jameses is aswell

Why you all blue, Hix?

wdym your first CVE though

I evolved it seems

the first CVE you exploited?

https://tenor.com/view/neebs-promoted-yeah-yay-bff-gif-11512732

oh wow fair play

Gratz, hix 🙂

what is a CNA? 🙂

thanks

Gave +1 Rep to @glass nest (current: #18 - 453)

1028 out of 1500 words. ALMOST THERE.

cmon, synapse. stop getting distracted - XSS, Go 😄

i wish to use a static discord token , but it is what it is

oooooooo

i guess this token is tracking me

okay okay XSS

Hey, you asked for something to research :p

It's a good arrow to have in your quiver

the best arrows are explosive

Explosive Cross Site Scripting? Thats gotta be a room idea 😄

All the elements explode

There are no URLs in that message.

ummm

Explosive SQL injection'💣

With explosions?

Yeah, but the X makes it sound cool

true dat

https://tenor.com/view/javascript-undefined-undefined-undefined-my-beloved-undefined-heart-locket-typescript-undefined-gif-7120495185284007187

XPLOSIVE SITE SCRIPTING

ssti 😍

Don't forget about XXXSS

when was the first xss attack discovered

fr ?

well whoever discovered it , for sure was a mastermind

https://www.youtube.com/watch?v=fWk_rMQiDGc

people who actually think out of the box

im going to carry on after i finish my duolingo#

Don't forget the https://en.wikipedia.org/wiki/Samy_(computer_worm) Samy Worm

Samy is my hero

i remember this episode

See Synapse? XSS is cool 🙂

XXL

omg my duolingo i keep failing

And a Square. and a Circle. You... you a squid game?

i will carry on with xss

after this

I have a hammer payload I use sometimes

https://tenor.com/view/hammer-gif-23464742

ogporegjkeopqgjre i got it wrong again

does it draw a triangle

thats jokes

The 'bermuda payload'

I FINISHED MY DUOLINGO

Good. Lets hope your daily sacrifice appeases that evil owl

duolingo knocking on your door 🤜 at 3:00 am . u openning the door ? yes or no (for the streak u abandoned)

yes (i have a baseball bat within arms reach)

https://youtube.com/watch?v=twE-zdUkB_U

for anyone that practice MMA or any MA.
I thought this video was interesting.

Ohhh i remember this!

I remember the guy who did RockYou used to go to websites and just put speech marks in entry fields

I'll watch this later :0

https://tenor.com/view/duolingo-gif-27056073

Totally, this is something I started doing in practice, years ago. And also to select better any sparring partner, since a lot of people tend to have a lot of ego or fragile one when sparring.

I still spar

¯_(ツ)_/¯

can't damage what's not there

TLDR of the video is not to stop sparring, is to do it properly.

Oh good.

Yeah, I found that when I was doing sword-fighting with some other nerds. One in particular offered to 'teach'. but his teaching simply involved showing the 'student' that he could whoop them over and over.

Hi

Annoyingly he was kinda good. Not because of his skill, He was just like 6.5ft tall, so had ridiculous reach. If he was less of a doorknob, he would be a valuable person to learn from

Been a while. How's everyone doing?

not anybody can be called "teacher" really

Don't forget Charlie Zelenoff, what a jackass.

https://www.youtube.com/watch?v=lBQ9nZAsJBw

Yeah, but it was the best way I could say it on here :p

Oh this a hood's classic

Can confirm, Muay Thai and Wrestling made me dumber 😄

Yeah sparring is essential. I only spar with people I know, and I do not bring ego into it ever. I let my partner set the pace usually 🙂

That's just a landmine of a statement...

That's absolutely how it should be. And for the last part of the sentence, that's good. That's why I limit myself nowadays to practice by myself, and concentrate on the Art part of Muay Thai, which I luv.

i need somw help with my facebook account who can do so

Good thing you didn't go to the boxing route.

Facebook support can help you:)

let me guess u want help hacking a fb acc ?

Lemme tell you about my teenage years 😛

Oh no

I was fortunate enough to avoid injury and too much head trauma 🙂

Without getting this to the political arena, which I have no intention to do. I'd say that it's no really jew, but more Israelis. Israel invest in their people and it shows.

no facebook could not i want to get my acc that was hacked back it is part of my career im a musician and cant do my thing without facbook

https://facebook.com/hacked

this game is fun

i am learninggrgega

thanks unc

@pearl raven
In one of my previous jobs, I had this supervisor, a very nice gentleman, what I know of security and helped to get to supervisory positions, was thanks to him.

He used to box, and one of the things that led me to decline his offer to be trained by him, was him himself, the migraines he'd get, oh no... The medicine he had to take, was "oof" and that's an understatement. I would have to cover for the rest of the shift for him, because he'd be dozing off.

He used to train certain police departments from here in regard to self defence.

Gave +1 Rep to @pearl raven (current: #78 - 91)

tried that who ever did it set up two factor against it so i cant get in

¯_(ツ)_/¯

contact facebook

they'll help

if i facebook would have helped i would not be here ive been trying to reach facebook all day they dont have a good way to actually contact them

It's not our service, there's nothing we can do here

Yeah I was concerned for a while, I started getting headaches and learning was getting difficult... turns out I'd never had an Eye Examination... I needed glasses...

I told him 50/50 jokingly, to train me for mma in regard to striking and go from there.
He was like "nah, boxing or nothing". I was like "nah... I'm good"

Dodged a bullet tbh.

Oof, thank goodness nothing heavy/bad...

Yeah, and also because I'd feel limited on boxing. Thing I didn't feel when kickboxing.

More range, less head impacts.

https://tenor.com/view/the-smurfs-azrael-banging-head-cat-frustrated-gif-27368915

Oh... that's not really appropriate...

It was supposed to be head banging... not banging it's head

I have a coworker that was going to (I reckon) BJJ or jujitsu.
Only bad thing is I don't have money to spend on that, but I'd luv to.

i like this cat on cocaine competition

u want to see a cat on cocaine?

https://tenor.com/view/cat-cat-tongue-cat-licking-white-cat-cursed-cat-gif-27575167

@pearl raven
https://www.youtube.com/watch?v=LtJSUmlcCT4

this was my supervisor/mentor, Ed Pollard.

yooooo 💀 this one a lil freaky

i mean he's on cocaine

(and i like that)

evening thm

Very cool, I can't watch the video right now, I'll check it out later.

no probs :D

xss-game.appspot.com

xss practiceeee

sorry if this is annoying

i had no clue you could use html like this

I did Jiu-jitsu for a few years it was great, the life happens and I had to stop

Yeah, hopefully you can get back to it :)

https://tenor.com/view/bjj-jiu-jitsu-takedown-chokehold-martial-arts-gif-26300970

lol why does this work

I just realized that an AWS network would be so much more secure than an AD network.

Because even the host discovery is completely removed by using AWS.

You're not allowed to scan any host or instance that is not a part of the target company.

That means you CANT EVEN PING SWEEP.

https://tenor.com/view/happy-man-cry-crying-redhead-gif-24137125

wow obsidian is incredible

the notes app?

yea

Just remember, threat actors do not care

ping sweep as in testing all the ports right?

(ive only come across that in nmap)

also it wasn't create it by microsoft, that's a huge plus 😂

AD = active directory i presume

yayy

Are you trying to say Azure? Active Directory and AWS are not equivalent technologies

"How unnecessarily large do you want the notification window?" YES

Is trying de 1=1 on username or password fields illegal? I haven’t done it was just wondering if it was ?

It would be an unlawful pentest.
It's more unethical than illegal but depending on your country, if you do end up accessing anything you're not authorised to, it could be considered computer misuse if they decided to report you or take you to court.

General rule of thumb is not to pentest things you don't have a written signed agreement to. If you do pentest something and it crashes, you can get in a lot of trouble. Especially if they pull up the logs following the crash and they can see you're doing something you're not supposed to.

All of this is very situational depdent, but why risk it at all?
Unless you are actively persuing bounties on a programme, you're looking for trouble 😅

Oh ok this is understandable and very concerning because I think too many kids or script kiddies do these things. Glad to know it’s punishable.

Hello all

Hello

Are u a hacker too

Man... not eating basically all day has left me so low on energy

No, im new 😦

i joined cuz im doing tryhackme free stuffs

i got kinda stuck on something

i found the answer but idk why is that the answer

then you are officially a hacker, welcome to the club

How does one add 45 additional words to an essay

Thank you i suppose 🙂

Gave +1 Rep to @silver sky (current: #44 - 204)

According tothe quiz in the website i would like to be a Security analyst

Bullshit it!

Is it that good or bad?

I can't even think right now... was playing fallout 4, then BOOM low on energy

Might have to ya know

Btw can someone help me to explain me some stuff pretty quick?

Is about some simple stuff in the test of tryhackme

I just want to know why is THAT the answer

just shoot

someone will likely answer

Well is from an easy thing "apparently"
question is:
Whats the name of the scheduled task that is malicous.
answer is = Clean file System
then ask me other 2 things which are name of the file task was running and which port with it was
nc.ps1 and 1348

So i be like yaii i foound the answers

but Idk why is that malicious

if i google nc.ps1 i just found some kind of forks for spagetti 😭

Shaking im so low on energy, damn

you shouldn't be shaking

I would seek a medical professional

Because it's abnormal. When you look through the scheduled tasks you'll see normal things that should be labeled correctly, the name is trying to disguise the task as "Clean file System" so when a user looks at it they just think it's something else

ok

I basically haven't eaten all day.

Sounds like your blood sugars are low

why have you not eaten?

I have no idea

Got food in me now. I'm happy. Already feeling better

Oh much better now 😄

That's great general but another settlement needs your help

https://tenor.com/view/fallout4-gif-5924860

H........ HOW THE FUCK DID YOU KNOW I WAS PLAYING FO4?!

you just said

Oh

I'll....

I'll be in this corner over here

https://tenor.com/view/sad-alone-sad-person-alone-cradle-sitting-along-in-corner-gif-11206167521557372047

sorry

couldn't miss this one 🤣

https://tenor.com/view/preston-garvey-fallout-fo4-another-settlement-gif-16895459270352605670

i got word of another settlement asking for help

@boreal scarab I DID IT, IT'S SUBMITTED

i'll mark the location on your map

WOOOOOOOOOOOOOOH

Home-made fried chicken, from the real CyberChef

https://youtube.com/shorts/ZVIDhY-s8Zg?si=NCEPyzhHYMzd48LP

HAHHAHAHA

classic

https://www.youtube.com/watch?v=R-HV6ruNrvk

base64?

Bye

Hey I’m not sure where to ask this. But I wanna get into network security (defending side) but idk where to start. Does anyone have any suggestions on what I should look into first?

If the best hacker knows all the ways in then can’t they tell the best defender or blue team to patch all the point of entries except the user ofc they cause 90% or breaches I think?

I've got my active directory controller all setup and my samba share on proxmox I think, I've not done it in a vm though because I didn't want any bandwidth restrictions etc. for accessing my btrfs array

😎

all set up to use proper active directory groups as well
Only took 506 different webpages to get proxmox and AD working

both subvolumes within the same drive, just need to sort out my backup script at some point, especially as it's raid 0

hi

hi 🙂 how're you?

im good! i just signed up. this site seems pretty cool.

how are you?

I don't think anybody realizes how hard it is for women to work in the postal service. It's such a MAIL dominated industry!

Doing well thanks 😄 keeping myself busy

https://tenor.com/view/seinfeld-patrick-bateman-bateman-sigma-sigma-male-gif-22867718

if your goal is performance rather than data redundancy go for it

So bad 😭

https://tenor.com/view/davie504-epic-davie504epic-epico-epical-gif-18050683

aw i cant link gifs haha

The kind of data I'm storing isn't valuable so I'd rather have the storage capacity and the speed

https://tenor.com/view/ba-dum-tsss-drum-band-gif-7320811

The purpose of the vault is that it's a btrfs subvolume designed for documents that may want backing up and they'll be differentially backed up to my dad's server which has raid 5

great choice then 🙂

And now I have an active directory server to authenticate with and use for any devices on the network

Only thing is I may want to make it externally accessible or setup a VPN because I primarily use laptops at the minute

A few years back I was playing with AD and Linux, I used LDAP with good results

I used samba primarily because it's a mix of devices and I wanted the built in file share functionality

I might even set it up with a print server as I've an old usb Samsung printer I like to use

It's a black and white and only does one side at a time but it costs 10 quid for toner haha

If you want double sided you've got to do the print all odd pages and then flip it and print all even pages haha

samba is for filesystem, with LDAP your Linux server join the AD kind of crazy but kind of fun 😂

Yeah but samba does also have stuff for full fledged domain controllers too

I did samba too, I usually go full Linux but sometimes it's fun to mixed it up 😂

That's fair, I use a mix so samba made sense due to windows devices

Proud Linux user since 1993, it's more like 90% Linux 10% windows

https://youtu.be/knkEzgT_UeE?si=LrRkRr4d1LXMlrkF

I... I love this company

They just go with the memes

I hate using translating to "learn" a language, in order to learn/use a language properly you need to understand the language without translating, it'll be harder but better results at the end

That's my experience, I only speak 5 languages

Oh ONLY 5 languages

I have friends that speak more languages than I do, so there is nothing to brag about. One of them speak 15 languages she's a language monster 😂

I'm trying to learn Norwegian. Could only really say "Thank you for the meal." And "You're welcome"

Melk og kaffe, takk.

some people have a knack for languages, and most Americans don't 😉 😛

I think si spelt that right

😂

Milk and coffee please.

I feel sad for Asians. Most Asians only speak one language, while the situation seems different in Europe

Hey hey hey hey hey. I gotta learn a language that's one of my nationalities!

that's look like a cultural thing.

Aaaand doing duoligno, and already forget crap.. then again, has been many months

because duolingo is crap 😂

I quite like it

Hi, need input pl0x #974406074444685322 message

Duolingo is very useful if you're learning a language from a completely different language family than your native tongue, as it treats you like a complete beginner

if you like it go for it, but just you just said you, that you did it and you don't remember shit so maybe it's not the best system 😂

post there and wait, patience is a virtue. Also posting in different channels only will annoy people

I'm pretty much done this box and have been waiting for a while... :S

It also helps, atleast for the basics, that Norwegian sounds close to it's English counterpart

I haven't been on duolingo, or talked in Norwegian to anyone in months, maybe even a year

people here are all volunteers they will answer when they have time or will, there is no time limit 🙂

revshells is unsafe, I guess people like to mess with others here

yea thing is its a REALLY simple query

and I need to get this box done before midnight :S

that's your need, that have nothing to do with all the other needs of people here in this server 🙂

nvm i got it, was going to hit it eventually

https://tenor.com/view/tumbleweed-silence-gif-19279803

for advent of cyber whats the min qualification of skill you should have to be able to solve

jr pentester work?

beginning friendly I believe

Okay thanks

HI

No skill needed

you dnt need skills, its very beginner friendly

Does anyone have a sort of blueprint for obsidian as to what they did or wish they did for their journey cyber security/programming journey ?

Cool, will try

hlo

advent of cyber seems really fun and it being beginner friendly would most likely help ALOT with gainin skills

i am begineer , is it okay with that

@odd crescent

@odd crescent hi

you are wrong

Need money don’t language

I have a lot of friends who speak 3-6 languages and they are still working for 1500-2000€.

My cousin is 19 years old, speaks only English and earns 5000€ every month.

Lol

It’s the big difference.

Quick question are most of the exploits and stuff learned in these labs still applicable in real world?

same doubt from day one

In general, yes

The exploits just take other forms.

Ello all

How we doing?

Yes, most exploits learned in labs are still applicable in the real world because they teach foundational principles, real-world attack techniques, and skills transferable to modern systems. Many organizations also run outdated software, making older vulnerabilities surprisingly relevant.

this hit hard :x

Does anyone know if there is way to do snapshots using UTM as your virtual machine? I'm using a m3 MacOS, running Kali linux. I've looked through the settings on UTM and tried to find videos on YouTube but nothing is coming up.

i do speak 3 languages :3 and somehow what you say is true for me exept i do 0 €

Methods and techniques like nmap skills, metasploit etc most definitely

but in europe it's very common to have more than 2 languages

in Switzerland everyone speak 3 language normaly if they went to school .

World Metrics
 Additionally, bilingual job seekers experience a 77% increase in opportunities when applying for jobs in the current labor market.```

https://www.worldmetrics.org/bilingual-employment-statistics/

i know in India it's very common to know 4-6 languages , with the many locals dialects

respectfully youre so wrong idek where to begin and it just sounds like you're coping because you have difficulty learning other languages. People dont learn other languages for the money, they learn it to communicate better with others, meet new people, learn different media, etc. learning languages is not an easy feat so it's a direct opposite of laziness. Egotistical is going around asking people if they can speak english when travelling instead of making sure they feel more comfortable by talking to them in their native tongue. Egotistical is going and expecting your friends who have english as a second language to be doing all the language heavy lifting instead of you making a move to do the mental conversion strain instead.

Science confirms he is wrong, keep learning languages people 🙂
Might I recommend C#, beautiful language

completely agree there on both aspects

i suggest golang

Seems everyone is learning go lately, in demand or easy language I wonder?

in demand for the most part

it's also a beautiful language

not the easiest though

Hey guys

Anyone did OSCP and can tell me if there is anything in the Red Team path that is good for preping the OSCP

I suggest checking their curriculum and aligning it with the Red Team Path

Hey I see u have the CRTO, when I checked Indeed there are no jobs that are requiring it.

So can I ask why did u get it and is it still worth looking at ?

It was a requirement for my current job

Wow, do pen test jobs and red team jobs require and know about it ?

I guess it differs between certain areas and countries. I know for sure that CRTO is looked at in Japan iirc

It depends on the employer tbh

There are other certs like GPEN, GRTP, GXPEN, OSEP, etc. which they look at as also desirable

https://tenor.com/view/cat-kitty-cute-kitten-feline-gif-17585598

looking for a job , is a job itself , been pimping my CV , changing it for every jobs offerts

That is correct, job hunting in itself is a full time job

How Bro there are only 45 jobs in the world asking for CRTO, is it really worth it (im looking at indeed)

very niche indeed , but you may get better pay or can be promoted later for having it

Is the Red Team Capstone Challenge the biggest network on THM ?

Yo I’m new too!

Looking to break into the cyber world as a junior pen tester.

I have a friend in IT who said that I won’t be able to do that since there are no entry level roles in cyber.

If so, how should I proceed? I have no certificates or degree but I’m open to gettting whichever certificates that can help me land a job

Don't listen to ur friend and go for ur dream

Yeah fr I’m still completing the courses on THM

I’m only 22 so I figured I got time

But idk what to work towards tbh

I searched and then aren’t lots of pen testing jobs in my areas

I’m based in AUS^

And I will give u my personal moto, don't do boring one-thing modules

Do the big labs with multiple stuff in them and just research whilst you do them.

That is much more exciting and will drive you to learn whilst you are hacking

Which ones are those? Any u recommend?

I’m low key overwhelmed by the amount of rooms there are

So I’m just following the premium pathway 😭

So far it’s been lots of reading and 0 practice

U know how there are rooms, and modules, and paths? There is also a tab called "networks" those ones are filled with multiple computers to hack

So u go to them, and u just keep researching everything whilst u do them

Use chat gpt as ur companion

Alright imma check it out

I’ve only scratched the surface

Is there a certain point I should complete up to before moving to practicals?

Or do “networks” teach me as I go?

Yeah there is one point and 1 prerequisite that you have to have:

YOU HAVE TO GO HARD

U just have to go hard and research hard

I am always hard 😩

Alright imma do that tonight

Thanks for the tips 🙏

So youve just outed yourself as a racist against second generation immigrants from eastern europe 💀

You did not have to stoop this low

On top of that, youre also incredibly incorrect

And how can you call people arrogant for having parents that made sure they’d be as multicultural as possible

check pm?

Says a lot about his intelligence tbh

Or lack thereof

In general, this is what I have seen, I told it as I lived and saw it, my aim is not that way.

What did you see other than far right wing media 😂

God you people are so stereotypical it’s not even funny

Possibly my most unhinged playlist

I've managed to split 20 hours of music into roughly 16 playlists

I dare you to work with these people and then you’ll realise that BECAUSE theyre second gen immigrants they work harder than most and lack arrogance

Calm down, there is no need to prolong it, you can close the subject 😄

Theyve grown up and watched their parents struggle assimilating

Well i think there is no need to be an ignorant racist yet here you were sending tons of paragraphs

Dont like it when your rubbish actually gets analysed and called out?

Why are you so angry?

You expect me not to be after you say something so provocative?

I didn't say anything about racism, I made an observation, I didn't use hate speech or anything else.

Your “observation” was hate speech. Learn what micro aggressions are

I didn't understand what I was saying about your own point of view and how you look at it from that angle and interpret it according to that perspective, so I wanted to close the subject.

Stereotyping second generation immigrants from eastern europe saying theyre lazy classifies as hate speech

You comment according to your own perception.

I'm not taking sides but I think the argument may be scaring others from the chat

Yes

Thanks

https://media.discordapp.net/stickers/1266623412357562390.png?size=160&name=dying

I just hopped on to talk about how bad that one playlist I made is

Hello

Hey, how're you

https://media.tenor.com/4-O1JlNIlpsAAAAj/small-amogus.gif

im fine thank you and your?

Gave +1 Rep to @finite basalt (current: #107 - 69)

https://media.tenor.com/Uzuoa5jweoAAAAAj/among-us.gif

Doing well thanks 😄 just sifting through my one big playlist to make it more manageable

too big, thats already an emoji

https://media.discordapp.net/attachments/465092340097351680/1076244084328497172/files_1.gif

Nice, and have you fun with playlist music?

Yeah it's fun so far but a little stressful

I've never thought about genres before, I just threw em all together

I've not slept but it's now 6am so I think I'm gonna get up, sort a hot water bottle and a blanket and go do some work downstairs

https://tenor.com/view/mods-cat-funny-smite-gif-17567204071102087896

fuck :(

There you go mate, once you're verified you can embed gifs

ooh ok

but you will manage it because I also added all genres

Morning

yay

Morning

https://tenor.com/view/mods-cat-funny-smite-gif-17567204071102087896

So far

nico collin's 👀

I will say other than my sad playlists, kartoffel and lasaga are my favourites, some class music

Also Nico Collins is mint

i need that i'm so edgy fr playlist

It's still a work in progress but I'll send it once it's done

alright

I've also got the playlists: fuckin sexy like, overthinking and overthinking but upbeat playlist which are good so far, pre me rock also bangs

This is some of fuckin sexy like and pre me rock

omg the 1975

They were all in the one playlist, was something for everyone in that haha

I'll have to check those two out

But yeah plenty of good ones

Friday I'm in love is a banger though, one of my favourites in there

https://tenor.com/view/monday-left-me-broken-cat-gif-7061127327620702176

hey

what happen to that group

did you remove me or what

Hey guys

How many hosts do the AD networks have ?

hola

?

I am on the red team capstone right now and I only scanned like 4 hosts

I think the rest of the hosts are on private networks maybe

(hopefully)

oh like thyat. not so much hosts

There was a network map in those rooms right?

Yeah there is, thanks for clarifying that those are real

But btw I just want to say that there is a skill to be learnt by dealing with 1000s of hosts at once

You have to adapt and use organizational tools

I mean real tools that people made

But this is still nice practice that might be easier

would be a bit costly with 1k hosts 🙂

Nope u only need 50 dollars for a permanent lab with thousands of hosts full of vulnerabilities

For example the Sliver Module on HTB

oh?

For a AWS enterprise for 50 dollars as well u can get the PwnLabs Cyber Range

Which has 10s of AWS assets

Or the HTB Pro Labs

50 dollars

But THM is 14 dollars for EVERYTHING, so deal is still very good

I see, PwnLabs Cyber Range sounds interesting have you done it?

Yeah I was invited to do one early to see if it has problems

And let me tell u it was very exciting

Others also shared with me that they too found Pwn Labs very good quality

and thats 50 a month?

bootcamps 400 350 for azure aws

Well if u are me its 50 a month and bootcamp is 175 a month

That's because I started my own company and I can bargain (which is something u should do too)

But if u are just a normal person then u pay 200 for those cyber range and 350 or 400 for the bootcamp

hmhm I do have a company

Use that company to get deals and trials for everything

al right thanks

You know it's a good morning when you have already been reverse engineering for over an hour and it just turned 8

Morning hackers

Morning i want

This is just general reversing so I can take screenshots and explain what's found

That, i don't like

Well I have already reversed it to fully understand the code, I just have to write about my findings, luckily to people who understand code

That’s not a network, right? Its just a bunch of labs per module

If I’m getting the context right, thousands of hosts spinned up does not cost $50

sometimes I just love how Bing is so stupid slow to update

It’s snowing

I love snow

Where 😄 ?

@cloud quiver what is your tryhackme Username? and can I add to you as frnd

Yes buddy , of course 😄 . KGBTHM is the nickname 🙂

England

Lucky you 🙂 , I love snow .

So do I

morning, its a snow day :D

It’s coming down quite thick and fast here 😁

Lovely view to wake up to

I cant take a photo to show because everyone would be able to figure out exactly where I live

The moon-craters would be a dead giveaway

Whoops! Sorry fae!

When I look out my window I see snowy roof tops

Ben - Thats mad. Like.. 2 weeks ago it was shorts n t-shirt weather

Ah. You live in a christmas card. Confirmed

whatya mean, I'll still rock the shorts

gotta be in the minus to consider not

I don't care what anyone says, you are an honorary south-westerner 😄

LMFAO

true

Yeah, it's not that I don't like writing. I just get distracted and finish it in more than it should take.

We generally don't get too much snow in the city. I heard its because it's by the sea and the air is too salty, but I dunno. We snow up on the moors (Countryside) though, which isnt far

I am cold and it seems I have a package delivery anytime between now and 1pm

y'all got your natural grit salt 😄

It's like that in my hometown, it'll need to be very cold for snow

Thats right Ben. that explains my salty and gritty personality

oh yeah the heating had to be whacked on this morning. Sorry Martin Lewis

The heating is on but it's currently being overpowered rn lol

Fae - Even if it gets cold here, it's usually just frost and ice with adamantium-like properties. Usually the snow arrives if the wind is blowins from the north - i.e from where the moors are

hello everyone , I just want to do OSINT challenges can you give me your fav one

you must be near where I live xD

Try this one 🙂

https://tryhackme.com/r/room/ohsint

have a look at Tracelabs, Thats their thing. I don't know if the have challenges as such though

Fae - I'm in Plymouth 🙂

oh....you're nowhere near me

I did it

This one maybe 😄 ?

https://tryhackme.com/r/room/sakura

I love windows

getting a random hardware bluescreen out of nowhere

and now everything works just fine

thanks

Gave +1 Rep to @cloud quiver (current: #22 - 410)

when in doubt take a nap and your technical problems solve themselves

I have so much doubt, that I'd sleep all day...

im on linux so all my technical problems are caused by me

ill probably be in bed later watching shows

What're you currently bingeing?

me and my partner are currently binging big bang theory.

Ooh.. fun fact: Leonards specs have no glass in them 😄

Guy's I'm having issues with finding correct return address I stack can anyone able to help me with that

In exploit development

hey

dheeraj - May be worth waiting till james is back on.. Seems like he kindof understood your whole process. I was lost when you were explaining it 😄

🫠omg

oh I know, and they're all in their late 30s playing mid to late 20s characters

When he will be back ?

Well, he's UK based, so likely he's in work now.. Maybe 9 hours? (5 or 6pm UK time)

There are other people who know this stuff, it's just I know you've already gone through most of it with him, y'know?

May ik how are they

I've no idea, to be honest. We have a whole range of people here

Haven't u done exploit development bro?

Nope.

Never really interested me

I thought u might know I'm new here

Oh Alright

Yah, It's a fair assumption. Also, Well... james is also a Mod, and exploit development is kindof a... gray area.. on here. If your chat is with a mod, it's less likely to cross any lines

in fact, usually it's only really talked about in the #exploit-and-mal-studies room

most of it is to protect the server from getting nuked

Yeah ok

I see let me ask there then

No Access REEEEEEE

I have some reading to do today

Guys does anyone know , how u get a job in physical red teaming or what certs r requireded

Hey, Black friday discount coming?

Ha e a look at jobs around you

Maybe

OSCP or eCPPTv2

I don't see anything in linkedin and don't see anyone talking about how to get in it , mostly its about pentesting

I was talking about physical pentest

You mean IOT hacking

Hardware hacking stuff?

If u want me to be particular, u can say similar to black team

Black team kinda do stuff illegal

North korea is hiring

Most I got was , get in a cyber security firm as a pentester and hope they give u a physical pentest along with an internal pentest

No

Its a contract based

If you are looking for IOT Hacking you check this course https://academy.tcm-sec.com/p/beginner-s-guide-to-iot-and-hardware-hacking

U get a contact to break in a building and try to get as much as information u can , and later u have to report it

Ohh

Yea , that what I am being talking about, it comes in red teaming (physical part)

that sounds really fun

Lockpicking, bypassing alarms, surveillance systems, and understanding physical barriers.

Using tools like lockpicks, RFID cloners, and badge duplicators.?

I mean if u r bored of your pentest job, yea it's fun. But it's alot of work , and it can go for days or weeks

Yea that stuff , but I don't wanna learn it or anything. Its just i wanna know , how to get hired as a physical red teamer , i didn't find any job listings in linkedin

its probably something you get invited to do