#general

rce?

what rce?

like i have a website

like a login page with username and password

csrf token

and username and pasword is sending in plane request

plane text

Is this for a THM room?

and i tried sleep for 10 second

it worked

no real bug bounty website

real website

can you help me out brother

@naive violet can help with that

new room already?

i didn't even do the last one yet

We can not help you with something like that, only if you have some THM room related questions.

im sure this gets asked alot but whats your opinions with FREE then PAID vs FREE/PAID from the start?

Holy, a wild @plush needle has appeared! Long time no see.

I'm always just 1 ping away 😄

What

I mean, true, but I've always seen you as one to work in the shadows, in the background.

That’s because Fontaene is secretly Batman

True 🥷

https://tenor.com/view/cat-meme-cat-cats-batman-bruce-wayne-gif-17330080989025218452

BatCat!

@plush needle I sumon thee!

Ayee so proud of you, well deserved 🫡

:hammer: jonathanstone_#0 has been banned.

😂😂😂

I ping James, Fontaene shows up, I ping Fontaene, Scrubz shows up

https://tenor.com/view/madness-this-is-madness-this-is-crazy-will-ferrell-insane-gif-15697806

The command and search term isn't linked.

There was a doc edited for something due to this it links a different document

Gatekeeping ain't so good

but they would still be able to speak, just in another channel

if thats gatekeeping, then having advanced channels also is

Verification is completely optional, and no member should feel forced to verify.

Nor should they be excluded from general chat

We just spin a wheel.

There has been a lot of discussion in the past about this; it was decided that restricting unverified users out of general defeated the point of having a general chat. The compromise was that they are not allowed to post images

And I don't think that should change.

We get members who improve the server without having an account, just dominated by the people who don't

Less dominated, more over shadowed.

It's just 6 easy challs

For now

You have a month to do them

Does this mean you have a place on the team or still another ctf to go?

Still means I have regionals, nationals and bootcamp

Hi, off topic

does anyone here know how 3d printing works and or how i can design a stand with a logo?

You design it in a tool like blender or tinkercad

I'd try joining some 3d printing servers

yeah i have no idea how to use it

okay thx mate

good luck

the same guy was also behind WannaCry and bybit hack . Park Jin Hyok "best hacker in the world"
https://x.com/crptAtlas/status/1893414253509611539

YouTube has good tutorials

You have to design it in something like Tinkercad or onshape then export it to a stl file! I do 3d printing in my free time

I wouldn't call him "best hacker"

there is no way public key cryptography basics is an easy room 💀

i forgot bout tinkercad

it is though, relatively

i think its considered easy cause its literally the basics

am i supposed to google the answers of these equations

which ones

bc this is like advanced algabra i was never good at math

head over to #room-help ill help you there

New task - start doing the most random certifications

starting with CySA+

Why?

New task - apply for server room cleaner

i did the google cybersecurity certification before i learned about THM. that was the biggest waste of time ever, half of the course was testimonials from people how amazing google and cybersecurity is and how important diverse teams are...

I don't remember it being that bad

https://tenor.com/view/shenanigans-bradley-hall-mischief-horseplay-pranks-gif-9695810069875484987

Just get a degree at this point

I did it as well, it can feel quite useless once you start doing more hands-on training from THM or other resources

the one on coursera?

they literally had a whole video explaining the difference between a gui and a command line. ok the parts about all the NIST frameworks and stuff was decent

yeah, 50 bucks or something, better buy thm for that

no i got that free from my institution

i do remember it being terrible and certainly not adequate

Wallpaper of the day:

especially when you consider the cost

I'm at the end of my degree, still on the phreaking fence between Masters and Jobs (I wanna do jobs)

but all these courses of big companies are the same. i did AWS courses before, just talking heads and no hands on

I would forget masters and get some experience some how.

I was going to get my masters also but meh.

Only if I get this job, if not, I'll continue in school.

god I wish I could get a degree

Dropped out of my masters to get a job, learnt a lot from just getting hands on experience. Also client interaction is a huge aspect of cybersec for some roles

Why can't you?

I'm now kinda tired about talking this topic, I'll just do THM to the full extent

There's TONS of scholarship programs out there. A company is paying for my tuition. You just have to reach out.

this will look good on arch

I was stupid when I was a kid, dropped out of highschool like 12 years ago and then moved to a foreign country with different language, no decent paths for me to fix my screw up so I just do online learning

Got all my sophia classes done for the wgu bscsia degree Going to finish off my pnpt then enroll. Who here would like to study for the pnpt with me?

Damn, how did you get a job tho? Did you require any certs or... what was your portfolio like?

@rapid merlin IDK how you're doing it, but congrats on the new color!

By doing the easy-info rooms. 🤣

Oh fuck off! 😂 🍪
Come, let's do some challenges and proper rooms!

Was on a graduate programme for a large MSP then moved internally to info security, after a year got a pentest job

In a different company that is

I am. 😛 Just started on them yesterday.

That's great to hear, congrats haha!
What I'm wondering is how do you make yourself visible with just skills and no certs whatsoever?

That's good, do it the hard way, I'd be 0xB if I was doing just info rooms lmao

so it seems i have attracted my friend to thm

RIP Friend

https://tenor.com/view/dead-man-walking-dead-man-walk-gif-10836495

I got super lucky as the company was taking in actual juniors and putting them on to get their CSTM certs. If I was doing it now I would invest in a recognised cert like OSCP and just focus on THM rooms, other courses, setting up home labs etc. Super cliché stuff. Additionally, trying to get into a helpdesk position and showing interest in security internally to the right team could be an avenue to land a cysec role

If you want to do the no cert route, getting a helpdesk job and potentially getting expensed training for a security cert would be a good way to go

CyberScheme Team Member?

that's the one

we got two jays in chat

aye nice

Jayy and JAY

Where's certs on being a Server Room Janitor?

Anyone can reccomend me a pretty easy challenge room? (i've already done: Lo-Fi, Neighbour, Brick Heist and lookup )

😄

oh-sint

any specific category?

You can set it up to only show easy rooms(and free).

im open to everything

yeah ik but some easy ones are pretty hard

can't wait for the call because they knocked the paired redundant interfaces offline with the vacuum

https://tryhackme.com/room/ohsint
@dawn grove

searchlight is literally just googling although its not as easy as it sounds

imma try this one, i'll then try searchlight

thx

Gave +1 Rep to @queen flare (current: #525 - 11)

I want to get a cert and I'm working towards it along with doing THM, HTB and portswigger (Have yet to start HTB )

searchlight is pretty cool as well

Try doing more info rooms and llearn. And if it's too hard, do more research on the topic of the room you're sturggling with.

Skipping it and going to another room isn't progress.

i think im gonna try out portswingger

It's good that you have an objective, my advice would be to narrow down the resources and stick to 1/2 atm. I was using all sorts of platforms and just got overwhelmed in the end

OSINT?

So just THM and Certs

i have 2 main platform i use rn-thm and cryptohack thinking to add portswingger into the mix

Is that what the stand-by interface is for?

it is an osint based room

Depends what role you want to land, red or blue team focused?

I find challenge rooms which sometimes have the rooms u need to know before doing them, i do those and then i do the challenge and see if i understood sum

Red team

I'm torn between privesc and web exploitation

Good that you're making sure you're understanding the room over completing them. Underrated advice for the new folks.

It's not about completing the rooms, it's about UNDERSTANDING them

About this.. what rooms should i do before doing ohsint? i have no clue on where to start with this image

Web exploitation is huge I would get comfortable with network testing by following the jr. pentest path (it covers some basic web stuff too) then hop into the web pentest path. Ultimately follow the roadmap that is provided on THM.

Usually a room tells you what rooms you should do before starting them at the top.

not this one

get a general idea about what osint is and what metadata / EXIF data is

ight, thx

Gave +1 Rep to @queen flare (current: #490 - 12)

Web exploitation was my first thought aswell, let's set it in stone for now, I'm doing so because I don't want to second guess myself later on haha, thanks for the help!

Gave +1 Rep to @ripe vine (current: #1762 - 2)

also the tools you need on kali linux to be able to view metadata

BLREGHS

notepad

https://tenor.com/view/gojo-satoru-gojo-satoru-satoru-gojo-jjk-gif-11160740313336974756

No problem, feel free to add/dm if you have any questions or need some help!

i was refering to exiftool

If you wanna learn OSINT, I got a huge resource for you

exiv2 is a neat CLI too.

send

I personally like reading raw binary

https://start.me/p/DPYPMz/the-ultimate-osint-collection

Sure, I'll add you, might need help later on, thanks again!

it looks awesome and overwhelming
thanks

Gave +1 Rep to @boreal scarab (current: #29 - 348)

this could definitely be more organized

Holy moley that's a-lot

Is exiftool a web page or a tool in kali>

huh i thought i would be green today but life got in the way.....

tool in kali

well not only kali

most linux distro have them i think

I didn't create it 😄

I just had to mention it, I love my things organized

Oh, If you buy into Kase Scenarios, 10/10 learning

xcuse me guys

can I ask? 💀

https://tenor.com/view/cat-computer-typing-fast-gif-5368357

guys any good websites to learn hacking

https://www.authentic8.com/

They give you access to Authentic8 Silo

https://TryHackMe.com

I'm doing a ctf, I found a git in the web source, what next? 💀

i am just gonna organize this myself as i take notes while reading through this

you're the one doing a ctf 😭

is it a thm room?

no just a ctf training event

exiftool -verbose <image-path> is this good?

OverTheWire?

then sorry we cant help active ctf 🙂

@sick lance Did I ever show you this site before?

you mean ethical hacking right

we don't help with that here

waitt exiftool has verbosee???

bros turning into a mod

Is that a goddamn toaster?

yea i've read it on the manual but ion understand nothing on those manuals

Man this field is getting diverse, now we have kitchen objects doing infosec

usually i just exiftool <image-path>

I bet I've been doing it longer lol

we also have a pokemon doing infosec

on a windows host, for room "blue", how can i access the target machine through cmd, or ps? I'm connected to openvpn.

I’m sure you think that

it's a pretty good website with great ctf challanges
overthewire.org

how does a toaster get a phd??

i've got the coordinates i think but no clue on how to get to his damn socials

try reading the hints

You didn't think that?

You’re hilarious will you be here all day?

which question are you referring to?

running a exiftool command is hilarious?

the hint on the first question is "exiftool is your friend. Who is the author of the image? Do they have any social media accounts?"

#room-help please

It’s hilarious that you would think exiftool works 90% of the time on osint ctfs

oh no i was referring to that i dont run exiftool with -verbose i didnt read the context of his command

I think you're not

How would OSINT even be applied in a professional environment? (cybersecurity environment that is)

Could be worded in a nicer way don't you think?

Which fair enough it could

That’s my fault

Oh trust me it helps, look at job postings and look at certain employees. It could give you hints about their infra

Google dorking can also help identify endpoints that could potentially lead to you finding something that’s been abandoned by the company

On the defensive side, ehhhhhh not much you can really do with osint

Wasn't disputing it, was just asking for examples.

depending on the environment, osint can be quite useful
in pentesting, you could find out more about your target organization through osint, which might help out with the pentesting process
in a military setting, it helps with gathering intelligence on enemies
i heard about a case where a terrorist clicked a selfie near their base of operations and posted it on social media and us military was able to identify their base through that image and then dropped a bomb on top of them
there's even an organization called trace labs who work on finding missing people through osint (https://www.tracelabs.org/)

Thank you Vader.

RIP 😔

Other than make sure that your employees are practicing good opsec

also what oxvader said about google dorking being used to identify endpoints
sometimes you can also find sensitive information and documents through google dorking

Precisely

It’s common in bug bounty and offensive in general

Also regarding exiftool, you won’t find much in 90% of ctfs you do

Often you’ll have hidden info in images or the hex data of the image

skiing looks fun, i wanna try it sometimes

haven't done that many osint based ctfs to know

oh hidden info
yeah i've done steganography stuff

no hex data stuff though

in fact i would say if a ctf could be solved by exiftool only its a bad ctf

it's great fun

In a real life scenario or just CTF games?

OSINT specifally requires the usage of geoguesser like challenges where you’ll have to find landmarks or reverse image search diffrent things

too bad there is no snow here

did you try turning it off and turning it on again?

nowhere near as much snow in places as there used to be 😔

Just Ctf things for the hidden data but sometimes threat actors will use it to hide stuff

I prefer remembering how to find out information over remembering all the information

Besides googling for vulnerabilities and understanding search operators, I cannot see any true practical use for OSINT in a professional cybersecurity enviroment. Very rarely you're allowed to do any social engineering at all so I don't see how mastering OSINT will help me in the future.

But that's just me.

This is important in threat hunting

I hate stego

Also, knowing how to google can help lots in bug bounties

yo @mellow narwhal have u played the new hades update

i love turtles

nah, I don't play it anymore

also i would believe that there are a lot of criminals that got caught through osint

my pc probably couldn't take it anyway

:^0

stego is cheesy

The only valid example I can come up with.

2 questions left on the ohsint room

😂 where is it exactly, how are the prices, they say its expensive there

A lot of things related to digital investigation falls under OSINT. Say you're conducting a red team op, you need to do research on the company and it's employees to see how they operate, any insight you can get is always valuable

Thanks.

osint makes me paranoid to post any pics of myself lol/j

Slovak High Tatras, I'd say slightly more expensive than other places around here

[movd to room-help]

bit is here, hi bit

Not room help, because helping with active CTFs isn't allowed. ;D

Everytime I tag a different channel, it automatically takes me there. Wtf.

Hi Karev. ^_^

I heard of someone hacking assets (I forgot if its accounts, phones, whatever) using your pic to bypass the biometric lock

I forgot where I read it

https://cyberprotection-magazine.com/open-source-intelligence-osint-a-practical-example

biometric lock as in facial recognition?

Yeah

Finally found somewhere about OSINT in realistic scenarios.

i've bypassed biometric locks in the past using photos

(in an ethical setting on my own assets)

Shodan can also be considered an OSINT tool

shodan is considered an osint tool

I think iphones make a 3d scan

I bypassed my mom's biometric lock using my face, although it wasn't set, because I look like her

thats a bad biometric lock lol

I feel like the term OSINT is wayyyy too broad. And needs to be broken down into smaller categories.

Samsung latest version

or second to latest whatever

report the vuln! bug bounty wohoo

actually is that considered a vuln

Read a guide about how this guy who unlocks phones by 3d printing faces and covering it with a photo.

Yep, basically anything related to information that you find online can fall under OSINT

you can (hypothetically speaking) use a few variations of half a thumb to bypass unknown biometrics

It seems such a broad term. I originally assumed it involves finding information on people.. not information on ANYTHING.

So basically anytime someone Googles, they are using OSINT.

Even your grandma looking for recipes.

i actually had a ctf recently where we had to bypass a ai face recognition software

no it actually just tells you in the settings that this is shit

Did you guys succeed?

no

why are you answering for me lol, but yes no

scratches head
hmmmm if shadow could figure out how to add chapter jump links in pdf:s

hmm for social media that'd fall under SOCMINT

hyperlinks are a think in pdfs no?

I thought PDF doesn't truly have "chapters"

It's pages.

https://ohshint.gitbook.io/oh-shint-its-a-blog/osint/osint-wtf
@rapid merlin You should read this

yes for a decent bit of pdf:s sadly not for the ones shadow bought late lastnight

hence wanting to add it to help shadow jump around instead of using ctrl + f search

Cheers man, loving the more indept information.

No

i know it , lmao

practice more (good luck)

Why being rude?

they were being rude?

when ?

i just told him to practice

Feel sarcastic to me.

nothing else

hellnah

Okay.

Fair enough.

(he's under your bed)

he's spying on me when i did the ctf!

Man, no wonder why I haven't slept more than 3 hours. Keep forgetting my meds.

College life is stressful.

hi guys

someone a hacker?

I'm a wanna-be.

my friends roblox acc got hacked

everyone

oh boi

Everyone's Roblox got hacked.

someone needs to hack it back and change the password

We can't help you here, you need to contact support.
Hacking a service without permission is illegal and against our community #rules

not mine

jabba was quick

that's illegal

Imagine sitting in federal prison with a bunch of straight k*llers and they ask why are you here, "I hacked a roblox account".

Hacking generally has small penalties only

^

not if you hack the government

Infact even bigger crimes which are limited to online activities result in 5 years max jail time

Depends on what you are caught doing

Depends on if you got priors for it or not.

no more computer :(

eating candy

Depending on how you hack it, or what you do.

You might get a t shirt.

they take your router, and waterboard it

Yes, I was talking about first time offences only

oof

@remote aspen Please don't share rooms here that haven't been through the QA process 🙂

And a high paying job

shadow could win prioces if shadow solves the FRA christmas hacking challenges

With secured retirement

In order to share a room here, you must make it public in the room settings.

FRA?

but those FRA challenges are stupid hard

Are you the same shadow who talks in third person?

swedish government orginsiation

the one and only

ah

FRA, the National Defence Radio Establishment, is the Swedish national authority for Signals Intelligence. We supply intelligence to the Government, the Government Offices of Sweden and the Swedish Armed Forces and to other concerned authorities. Swedish citizenship are required.

A lot of rooms on THM are made by normal users.

Users can share rooms after QA has checked the room.

took a bit to find an english translated version of that message :P

how does National Defence Radio Establishment become FRA

ohhhh

swedish translation

yeah

how many did shadow solve

You will, if you hack the Dutch government

That's the next on my target list

My point.

Room marked public does this.

"I hacked the Dutch government and all I got was this lousy t-shirt."

This is what it should say 🤣

Jabba only asked you not to share it in.

so far??? 0 of their christmas nuts/cracks challenges

Not true.

They also have out a cup.

or are you asking how many rooms shadow has solved on tryhackme????

no on FRA

its still going?

naaah

2024 one has its solution published already

In this server, we ask you don't share it.

Make it public, then it QA will check, and release it public.

Also a gift card, iirc

is it in english, i wanna check it out

nah it is in swedish

Yes. 🙂

would have shared the link if it was in english

It is to avoid users attempting to bypass the QA process through sharing here, it incentivises users to make it public 🙂

kind of an odd off topic problem, but does anyone know what do when you don't want to listen to music but also not be in silence while working

white noise

or fire crackling or rain/thunderstorm sounds

Does the paid/membs information rooms go into better detail or are they vague also?

Sure the free ones help you answer the questions but not truly fully grasp the room subject.

shadow feels like they do but think shadow might be biased

I mean, it's always good to get information from multiple sources anyhow.

i don't think so

I question the distribution a bit, but the quality would remain the same

Thank you @mellow narwhal

Gave +1 Rep to @mellow narwhal (current: #230 - 33)

hello guys i was wondering how do i get the completion certificates of the pré-security that ive finished ? thanks

nevermind i found it

Congrats @shy finch !

thanks @rapid merlin

Gave +1 Rep to @brave cape (current: #609 - 9)

Would love more information on pivoting and tunneling then maybe a nice ligolo-ng based room.

pivoting, port forwarding, tunneling, etc.

@celest shale dont add random or dm random people please

So many bots these days

Yep bots

And so many scammers too

How do I know you aren't a bot

PROVE YOURSELF

i can count to 3

look

0

1

2

How many fingers am I holding up?

-unmute 436982125867040779 Please don't spam

failed

🔊 Unmuted kouikiaziz

Sorries

3

Now thats a way to get thanks💀

What?

Phreak were you pink all the time

Or did you just change

Were you not expecting him to say “thanks” after your congrats?

No..

I wanted to congratulate him on his progress.

Ahh nvm then, I thought you were collecting “thanks” and this “congrats” was a trick to make him say it

I should stop being so suspicious 💀

Even if it was, they are congratulating someone's achievement at the end of the day

Nothing wrong with being nice, whatever may be the purpose behind it

I don't care about imaginary internet points.

+rep @rapid merlin

Gave +1 Rep to @brave cape (current: #566 - 10)

I know, I was just like “This is guy is smart, no way he played this out”

for being a nice person

Only thing I'm collecting is my college degree then a nice career.

I was JUST bout to do that, Jabba

Which year? CS?

1st year. Yes.

2nd sem?

Yes. We are coming up on the end of my first year.

I will join college this year, couldn’t do it in 2024 because of some issues

Guys just noticed that the License of Aurora is expired. I'm talking about Room Atomic Red Team, Task 5
Learning Path SOC L2

It has been wild year so far for me though lol.

Good luck man, if I can do it, you could also.

I think adjusting to the new environment is the biggest challenge so it must have been quite different than your usual

@mossy river

#1333993673381253162 please, ensure to use the template in #1333994601157103626

Most definitely, I'm from a more rural area so being in a city is exhausting for me. Quite positive that's why I'm having a very hard time getting any sleep.

When I was in my first year, people thought I was in my second or third year

Well something we got in common 😅

For some reason

And I rolled with it

Beard? Mine started growing when I was 16

I guess beard yeah

What a good guess though.

Experience 💀

I just assumed because he's already self-educated and it was easy for him.

I was just starting my highschool and saw two guys discussing if this guy (me) was in junior or senior year

I was like “what do I even say” 🤧

wtf

hmmm seems good

wow that was larger then shadow expected

just gonna remove that

Shadow, maybe send these in some DMs or an inactive group lul

I'm curious about how this works though. Once tried to figure it out and couldn't.

Code blocks? Or what?

there you go

smaller message

chapter links in pdf files @orchid dome

This is better

What chapter links?

Adding links to pdf files that will direct you to a different chapter.

Betta approves

Thanks, done

Gave +1 Rep to @mossy river (current: #6 - 1495)

you go to one of the early pages of the book where it lists the chapters and page numbers
by following the instructions here you can now click said titles of chapters to jump to them in your pdf reader

or at least that is it in theory

Oh, clickable index 🤔

You haven't tried it yet Shadow?

yeah basically

nope... busy with live stream watching

How old is shadow?

I know what you're thinking.

Don't say it lol.

No no no

old enough to have sleep problems

Hey! I’m working on something on the moment and wondered if I could pick your brains on it a bit?

My guess 25

It took me a minute to get used to Shadowspeak also. Now I love it because she's unique.

@rapid merlin how much do you plan on doing before your degree ends? Like the certs and stuff

Good question that I need to figure out myself.

Less boring? Yeah cuz its something fresh

I made a plan for myself this December and I have taken steps towards it

Oh btw, I only started this December so I am pretty new

god why does it always feel like everything i do fails

im doing the exact same thing as the task says too do and it doesnt work for me

Context?

How's that a bad thing

just venting my frustration

Ye, was about to say

Your feelings are valid

It be frustrating as hecc

You just need to do it enough times so that you remember stuff. Next time when there are no steps, you should know what you did back when you were practising.

Tempted to work my way up to OSCP+.

yea but its some basic stuff that doesnt seem to work for no reason

Relatable.

My goals for the end of my degree feel unrealistic now 💀

Depends

Why so? @orchid dome

Ask away

Now you know @rapid merlin 😅

You can do it man. You'v already made it this far in just a few months.

Kind of true, 3 months in and I have sec+ and ccna

CPTS might take half a year though

You got this. Just keep churnin'.

Let me give you your thanks for motivation 😂

Thanks

Gave +1 Rep to @brave cape (current: #526 - 11)

Scrubz is going down. Taking his #1 spot soon.

Hello people

Yo

How you doing ?

OHHH new color!!

Were you writing this for the past 10 mins?

nothing.... im not use to write in a split keyboard

You are the first person I meet that uses a split keyboard

Is it actually more comfortable ?

i was about to say that certs are so expensive to me, idk which one should i pay

She might be on a tablet

Where are you in your journey? And your goals

Well it's still the first person I meet that uses that keyboard

yup, good for the shoulders

and a lot of cool layers shortcuts

Check this out as well

https://pauljerimy.com/security-certification-roadmap/

idk, im in college, i dont have any cert, so maye pjpt or ejpt?

to start

PJPT then PNPT are great for beginners and the course is awesome

yeah i dont have a lot of money and i need to pay college, thats also why

Worth a look, little useful for OSINT, I don't have a use case for it, nice to have access to though. But they talk about Malware, not sure how useful it is for RE

Depends on budget, I would say go for CPTS directly

Having CPTS is equivalent of OSCP, it just doesn’t have that HR hype

cpts looks great, but when i search on linkedin, hr wants things like oscp

ceh, and stuff

1 step ahead 🗿

Hi chat!

Ceh is useless

but thats expensive to me

I am in the best mood that I ever had this week

If you are in college, you can get the course at $8 a month and certification for $220

PNPT and eJPT together will cost you around $500

Choice is yours

thats great! 🎉

You could randomly type 3-4 letters and there's probably a certificate with that acronym.

if you don't have some kind of background in IT or compsci, OSCP is a waste of money to get a job - focus on the first steps of your career path, that is down the road 3-5 years.

CWEE

Is there?

OffSec has a CWE

yes

Yes

HTB CWEE

No fucking way

https://academy.hackthebox.com/news/launching-htb-cwee-htb-certified-web-exploitation-expert

🤣

Wtf

PNPT

yes thats why im looking for "beginner" certs

Then security+ is the best start

look at that list MZZ posted

It basically sums up every theory you need to know

!

Unpleasant truth time: entry level to security usually assumes 1-3 years of IT background, and pentest is not entry level to security

You have got to be shitting me

If you aren't looking for vocational training, college, or university, your best bet is an entry level help or support desk role

Yeah, that's why I decided on college.

I would say CompTIA triad but it will be expensive and she needs to be selective and thus security+ should be good

yeah at least in my country cibersecurity is something "new" last yeah we updated the last law, from 93

CompTIA A+, Net+, Sec+ are affordable for individual contributor - but if you are making entry level salary, you shouldn't be paying out of pocket

Which country?

im from chile

south america

hey guys

Certifications are a business requirement, so the business should pay. The only time I would even suggest you pay out of pocket is if it's a hard requirement for the role and you cannot get a foot in the door with HR or a hiring manager any other way

That’s chill

It’s not affordable in Chilean Peso.
1 USD = 950 🤷🏻‍♂️

Advice for different markets can be completely different

Look at what job postings are asking for in the requirements section

True, demand and what the HR requires is also quite different

Course and exam prices have been known to be localized for local markets. Additionally, local vocational schools might have a discount for the exam if you take the course through them.

Also Juun I made chashu the other day, good stuff

Highly recommend

aww yeah

Checked that out as well, half is most they drop the price, so Security+ for 230 instead of 400 in US

i am putting together my list to make kimchi this week, James

last time i was at the store, the napa cabbage and bok choy was not looking good

I need to find somewhere near where I live to source some

Kimchi is SOOOOOOOO good

Then my advice for true entry level with no experience nor background is this: look at the local market for the actual entry level requirements for those roles, and figure out what you can do without paying out of pocket. Tier 1 support is very commonly no requirement beyond secondary or high school equivalent.

thanks for the advice guys. i really aprepreciate it

you collecting bones and trimming to make the broth too?

Chinese food and ingredients is easy to get, Korean seems less so.
Was easier in my last place

Oh, no. Just making instant stuff better with good meats

A lot of the korean veg is very common in chinese markets too, from what I've seen here. Different names, same produce

Might get some proper broth in this year though

If I can afford it, then I can pay from my own pocket right? Worth it?

Get some premium soy sauce and some of the 'upgray-e-d-d' sauces and broth mixes - if you can find dashi that's an instant win. Chicken stock is a good substitute if you can't find the real deal

Unless you are lookoing for a job with that cert as a hard requirement, I would not recommend it. The biggest factor in getting a certification is your ROI - if you spend money and it doesn't get you a raise or a job, in that persepctive it's wasted money.

You can learn the material without the certification, getting the cert is for business reasons.

i save the carcass when I do roast chicken, when I have a 2L bag full it's time to render in the pressure cooker

@naive violet Alright, it's lunch time. Time for some tonkotsu ramen and fried curry rice balls. https://www.jinyaramenbar.com/

What's with the hate against AI generated images?

Is it because graphic designers aren't getting clients anymore?

They use other people's art without their permission to generate the images

same argument as why meta/facebook gets in trouble for having 80+ TB of pirated books to train their llm called llama

I read about that.

Because they are trained on people’s art

Often without their permission

I had a question and was wondering if anyone could help. I got a small buffer overflow to just test buffer overflows and used the following line to compile it "gcc vuln.c -o vuln -fstack-protector-all" Than I used checksec but it sayed that it did not have a canary wich I thouged it should have when usingfstack-protector-all

Training > Plagaring

You recommend that place? Will recommend it to my other half if so

Yes. It's goood

Did you mean plagiarizing?

If your SO is anywhere near one of those, they should go

I mean, that's like being mad at new band for being inspired by a classic rock band. As long it's not straight up plagarism.

Yes.

scamming term of the day : Love Bombing 💣

I eat at the local Jinya at least every other week. Usually once a week

Humans take inspiration too but the subconscious process isn’t really quantifiable

You should look into Steven Hassan's BITE model.... super interesting psychology stuff

It's a little more complex than that. And honestly I don't 100% agree with musicians suing others for taking chord progressions etc.

Not comparable. Look at current lawsuits for LLMs reproducing copyrighted works as output.

acronym BITE stands for Behavior, Information, Thought, and Emotional control

Any sources? Would love to dive into this topic.

Yeah. Looking at how various groups institute control mechanisms for membership is interesting, revolting, and thought provoking.

that's good to know.

how was your weekend guys?

The closest argument, Phreak, would be saying it's OK for a cover band to pretend they are the original author of a song (lyrics, music, et al.). Like if the Helles Belles went off the rails and said that Thunderstruck was their original song that they came up with, instead of proper attribution to AC/DC.

I think LLMs should be registered then we need a universal useragent name for blocking all of them at once(prevent them from crawling your page).

what's that

it was alright

That was fast.

I wanted to scan it though.

it was just a yt video lmfao

I don’t want this color anymore

stop boosting then

its when a scammer gives the target lots of compliments and boost to confidence, telling them they are loved in attempts to boost trust which will be used for a scam

I was about to

orange kamma | purple Nitro kamma

Hi Sudo

How’s your weekend going

boring

not much on podcasts to listen to

I got accepted into an AI research team

Truly hate when you save an image and it saves as a .webp format.

sounds nice !

Try more plates more dates

hmm sounds like something called robots.txt

Although I listen to him when I want to sleep

Some images are webp...

Yeah but I hate the format.

Which gets mostly ignored anyway, sadly

You know you can see the image format before you download it right

when i get webp , 🖨️ > save as PDF

It’s pretty great

Should be able to have a paper published by late May

then published kamma then

hm

sounds like a normal relationship to me

Or they could respect the licensing of content, by default all rights reserved...

I’ve co published a physics paper with a professor before

Can be a form of emotional abuse

not at all, quickly being flooded with compliments is not normal. young men are really falling for these scams

luckily for me, I ain't pulling girls, so I am immune to the scam

You’re like 13 tho

this is not a joke topic. anyone can be a victim. i hope you would be more mature on this terrible scam

if joking about scams is your thing then i will no longer wish to communicate with you

that's the point

Is it? Thought the point was the fedora

You realise half the AI stuff going on just now is written in Python, right?

💀

no comment

I mainly use Python. I’m just sharing a meme

Ai.doStuff("Magic")

My 14 year old niece got hooked on scammer bot so bad, that she literally "fell in-love" with it and stole CC information from my grandparents for the scammer. She's currently not allowed online at all anymore and I had to set-up strict parental controls on their network.

It's bad, really bad. I have to agree, this is no joke because it's becoming a pandemic almost. We are from a rural area and I know 3 cases like this, if it's happening here, it's happening everywhere.

Apologize if that's a bit non-pg13.

Me after making 50 hidden layers

when you send me your paper 😄

https://tenor.com/view/cat-orange-spin-hat-one-brain-cell-gif-2745719316163357325

She's currently seeing a therapist over a scammer bot.And has been for almost a year now.

Which one

thank you for sharing. this is terrible stuff happening. i really feel bad for your family.
joking is just cruel and immature which i do not tolerate, its a crime

Gave +1 Rep to @brave cape (current: #490 - 12)

That's actually terrible

Omg it’s Mahoraga

It's quite sad really. Very human.

Internet leads to loneliness epidemic.
How do humans respond? With empathy, kindness, and a solution?
Not a chance. They start exploiting it... which no doubt makes things worse.

😂😂

humans exploit humans!

it sucks, but it's the world

dude

That really wasn't the point

Sounds like pig butchering

Are the younger generation chronically online

I know I am

I mean, so are most of the older generations at this point...

similar but slightly different tactic

I’m in a meeting rn but I’m still texting here

Same ends though

I actually wonder what they are going to be like as they grew up on the internet

Speaking of python, new 3.13 SEGFAULT just dropped

def f():
    lambda: k
    k = 1
    print([locals() for k in [0]])

f()

What, Gen Alpha?

Waat

If you run that in python 3.13 it segfaults, lol

which is very sad and terrible

Is that what the new gen’s are called

Everything after 2013 or so

They already are...

2000 -> 2012 (ish) are Gen Z, so apparently whoever named that doesn't know the alphabet

To be technically accurate, cpython 3.13

Or didn't think far enough ahead

My uncle is almost 50 and he practically grew up online.

Socially devastative

I mean, even many of my generation have never worked in-person in an office

But I doubt as much as gen alpha

They moved to a new alphabet

WWW =/= Internet

True true

Love bombing is awful

Welcome to THM though.

Especially when it’s not legit

😂 thanks

really cruel

Been there

They got me

😂

Just trying to become a pentester

I really want to know why more kids are failing school when they have access to more information than ever.

Less requirement for critical thinking

#start-here Feel free to ask for questions here.

Easy dopamine

No goals

Yeah I agree. 🥲

Ditto

that is a huge 🧵 , but i quickly blame tiktok

Don’t have to search as hard for the information so less dopamine when found and then less memorable

Social media just generally has a lot to answer for lmao

I’m craving barbecue

Fairs

I think it depends on the person, I was at my most motivated when I was seeing all these opportunities on TikTok. Also adhd makes long form hard to study. I think I learnt 5 new business skills because of TikTok 😅

While they have access to morr information, most (myself included) instead of using this advantage, we play games, talk with friends and we just don't do work anymore

But all the bs you have watched...

It is no good to the brain

is this spoken from as an adult with a mature brain or as a teenager ?