#general

I’ve been reading about security risk assessment & wanted someone to break down what goes into one.

Since i know this is commonly used a lot in businesses.

It’s for practice, and this is for understanding. If there’s someone here who’s working real time on this, that would be more helpful than asking my supervisor.

So what's this?

All of the reading just got me in confusion , so i was simply asking for help understanding it.

Well of course practice to apply it in real time..?

You have given clear indications that this is a project you're required to do.

Thus you're not being helped. 🙂

Are leagues fixed?

It's not gatekeeping, or "not providing help"

It's following the community rules, that you've accepted to join, and interact with this server.

Wait, I wanna ask too. If its hosted on a local server by xampp can I still hack it legally?

Define local server.

uh..the ones you start on xampp

i dont really know how to say it..

If the website is stored on your hardware.

It's fine.

like you start apache and mysql

Okay, i totally understand the community rules. So i’d like to clarify i’m not doing this for a school assignment or for a job task. I self-study a lot, asking around to understand concepts is a part of my personal research and I understand concepts better that way.

I get the rules though, so I won’t continue if it’s not allowed. Simply wanted to learn responsibly.

If the website is hosted elsewhere, it's not.

running on your own machine?

basically I think its stored on my hardware I think

yeah

I don't believe you.

then that is fine

You think?

look man..Im still new to this..

Welp, that’s on you.

.

do you need internet to run the website

yes

🙏

some algorithms have markers that could tell you what was used. example: morse uses dashes and dots and base 64 every ascii letter upper/lower, digits and + / =

Base64 is not encryption

they talked about encoding before and confused it now with encryption

It's just an ASCII representation of binary data

yeah i know encoding vs encryption

this is how the question looks like

make sure to double click and select/copy whole thing

how am i supposed to know that this has base64, rot47, morse, binary etc inside this

its big
it will be a huge spam here if i paste it

ik

i meant in the CyberChef

i solved it using writeup
but i was wondering how someone would approach it without knowing what algorithms were used

what room was it i forgor

good evening guys

capture the flag

using some py liraries and online encoding identifier tools like dcode etc, there should be more

Correct me if I'm wrong I have a question

i am not that skilled

What do cybersecurity job that an uni student can enroll in?

bug bounties maybe but pay is unreliable

like as a related field job for uni students? ykwis

cuz i'm 15 and idk should I work at McDonald or spend my time learning skills for a related field job when I get into uni so I can make sure I have a high percentage of getting that entry-level job. Thank you

internships/apprenticeships etc in any cyber role , ...just that u will have to look yourself

really appreciate it

maybe someone more experienced should answer , idk what exactly to say..

what r u working on rn

VMware workstation??

new path released?

apprenticeships are a great way to get into both cyber and software dev. Its the route i ended up taking after dropping out of university in my third year.

looking back i 100% wish id gone straight to apprenticeship rather than trying uni first

this defending azure path must be new right?

bruh I wish I know what u guys are talking abt

ye it is

👍

Doing some CTF rooms

is the AWS , Azure paths are real Hands-On or only resading assignments?

I didnt found azure in tryhackme

on the THM site Learn -> Cloud Training , there it is Defending Azure

£329 tho ...OOF

These concepts are hard to me

ya

purchase to access it

it aint free sedly

These concepts are hard

Its normal ?

need atleast basic knowledge of Cloud Computing

yeah (atleast for a Comp Science Engineer)

There is cloud computing in trhackme?

Basics to learn it?

its that paid stuff itself

not sure if there r separate rooms for it

basics were taught to me in college so wouldn't be too difficult for me to do except the Security wise(defending/attacking stuff)

Tbh is aws and azure are diffcult to me

tbh, the azure path isn't hard, it teaches they basics from what I can see and then builds on top of it, it's also meant for companies, not solo people, that's why the price is like that

just pratice and u gonna be very strong 💪

I dont know what is computing computer is I know just the knowledge

guys which university is best in uk

for computer science

like if anyone have personal experience i wanna go imperial college

Have you checked the course content to see if it’s topics you want to learn

From what I gather what uni you attend won’t make a massive difference

Just go somewhere you’re comfortable with

anyone here who does bug bounty programs on hackerone?

I mean some might for certain fields, but CS is an in demand field

Yes sorry! You’re right, my message was only discussing CS

Oxford and Cambridge are pretty well reputed for their respective domains 😉

They are, however if you have those as an option I’m sure you’re already doing much better than most 😆

Yup

Also true

Are you in the UK currently?

oh yea

Have a friend that did his PhD at Oxford

I know people who have attended local Universities and become really successful with high paying jobs that they enjoy

If you want to go for a great University go for it, just don’t lose your head in the process

I mean staying local is usually a good option

yea tbh with u i have high grades

why not go for good places

Most people find themselves more comfortable locally which means they have less stress and better academic performance

tbh there is only open universty in my city

😭

I had high grades but I wanted to attend a University with topics that I found interesting

Local can mean regional too tbf

fairs

i am good at maths and physic

I almost had to go out of province for university because I wanted to go in English

Gosh

i have a dream to go mit

Tbf McGill is well reputed as well

thats why i wanna go to the imperial

maybe i can study in mit for 1 year

i got a* on further maths when i was doing the past papers

I study at Warwick University, I wouldn’t recommend it for Cybersecurity though

oh nice

i heard warwick

Jabbaaaaa

Aberty is going bankrupt, seemignly.

Half a mill loss.

i am not even sure what should i do

That doesn't sound good

gonna get my arm filled on thursday

if i cant be able to get a* on the exam day i will be very disopointed

i come this country like 2 years ago

i come here year 11

now i am year 12

Do you get exams or coursework you're marked on?

but i study basiclly 6 hours a day

Excluding dissertations.

Yup

We have a deadline for when lecturers must return the corsework

What % is your pass rate?

What do you mean?

Like, do you get graded on the coursework with a %?

jabba is it good that i get a* on further maths and a on physics

We get coursework to complete for the end of module, and our lowest % we can get for a pass is 40.

Ah yes, 40% for a pass

Must pass all assignments and exams as they’re worth 50% credits each

i need 3 a* 1 a star for oxford, imperial

Of course!

i currently take maths further maths phyich cs

i have a low grade on gsce english

but i pass

my family is strict about getting good grades so i can go to imperial college

but i am not sure if it good school or not

i search onlien and i see it is good but

i cant see any particularly computer science video on youtube

for imperial college

i started learing sixth form topic when i finish year 11

in the summer

so i am well ahead in classes

but still i am stressing about getting 3 a* and 1 a star

i am planning to get a on computer science

GM THM

just finished the two rooms that released today, and im not in the league yet 🤔

#defending-azure-path 🥳

Thanks 😄

Gave +1 Rep to @umbral bay (current: #17 - 537)

Good morning guys, has anyone attempted Upload Vulnerabilities room? https://tryhackme.com/room/uploadvulns
i'm currently having an issue uploading file within Attack the Box, it said "file not chosen" while I already selected the file.

#room-help

+1

same

@mossy river can i get some help verifying my acc? Following the guide, am dming the bot

hes not responding

Not responding how?

says on the guide "You should see the bot thinking" he's not doing anything.

entering /verify token: token here

Does it look like this

nup, just enters this when i hit token /verify token:

how do i make it show like that

Mobile or Desktop?

the probability of hacking one, OTP code

one guess per 30 seconds

(50% success rate) this is like 241 days

69 nice

can someone recommend me modules for me to do as I wanna compete in a defend type competition?

isnt that ...illegal i guess?

Stalking somone is illegal too

I just need evidence

@sick lance ...

pls//

This would be illegal, and in direct breach of your student code of conduct.

I have a quick question how are scammer payback channel up, their basically telling you how they committed a crime. (for scrubz)

What is up with people wanting to handle things themselves, go to the police

especially if it's at a school.

is "cool"

2 more days of school until Easter break, 4 more tests before Easter break

someone help me pleae

https://dontasktoask.com

we can' help with competitions

he already asked

Yeah i didnt see that 😅

lol

btw this is consider rude that's why i stopped

Huh?

oops

considered *

Just sending that link?

yep

why though? to me its a good reminder

I forgor

Ookee lol

*cries in adhd*
Why they bully me ;-;

how do I connect to openvpn on linux again?

https://tryhackme.com/access

Not what I wanted

I am literally having my finals, I will come back

Anyone learn anything cool recently?

Geographical based osint

is it just me or is linux tweaking rn

I cannot connect to openvpn at all

Show ss

#site-support

I've been relearning the guitar

i made a website login page that doesnt work

:D

then did you make it?

or are you just on the way? 😄

i did its just doesnt have any databases on it yet

ah okay. good deal

so its just a plain login website

ANOTHER UPDATE FOR STALKER 2? Damn, I just wanna go in the zone

Both of those are really cool, actually

I have been learning about managing Windows servers lately

i have lost all my basic linux skills

WAHHHH

I might end up reforming my band ya know

and currently reading a book about social engineering.

Pretty interesting stuff.

I read that as serial engineering and thought of a crazy person like a serial killer but who just engineers stuff instead of killing people

:D

damn

just the interface of the website

what r u working on bud?

school course work

Making a website?

r u planning to be a swe or cybersecurity

yeah I have to make a website for the course work

Looks super slick!

pen tester sir

That’s fun

U should put a secret button in it that Rick rolls you

How was the roller coaster Ferb?

Only if your teacher has a sense of humour lmao

It was okay, it disappeared after we finished building it 🤷‍♂️

A producer of tools of the trade lol

r u in a comp sci major?

like https://admin.tryhackme.com

yo

how do u guys do a link like that

can u teach. me sir

<link>

<link>

Link is the URL

Unless you're referring to the redirect, of which you setup in your hosting service usually

https://admin.tryhackme.com/wp-login.php is the correct link thank you

Gave +1 Rep to @blissful snow (current: #393 - 16)

💀

Oof

The password is Skidy123

Don't tell skidy!

Just waiting for someone to ping skidy lol

there are message logs

https://www.youtube.com/watch?v=m_n2l9VGGlo&ab_channel=loveworm then how do I switch into sth different sir

their gonna know

You have to set it up yourself

One of the founders setup the redirect on the admin subdomain

You can't see me, so they won't

https://tenor.com/view/abell46s-reface-john-cena-gif-18864860

huh

lool

(John Cena waking up in the hospital)
John: Where am I
Hospital staff: ICU
John: No you don't

Classic

you know about the event.preventDefualt()

dang i did it guys

how did you

check this out

Yeah doesn't do the same thing

can someone help me with mysql i trying to create a python script that stores data in my sql database

This back end right

yep

I dont know I'm not developer

Ask gpt

can't code

gpt is bad at coding

Deepseek calude

Gemini grok

give me more details

I'll try it

@blissful snow

https://tenor.com/view/silly-gif-3397568161154480277

want me to dm you or just do it here

just do it here, so others can learn

ok

don't get sensitive info.. but

ik

it's all local so

not really much sensitive info

but i get this error

and his is my script

import sqlite3

def store_data(name, age):
    """
    Stores a person's name and age into an SQLite database table called 'people'.
    """
    # 1. Connect to (or create) a SQLite database file named 'example.db'
    connection = sqlite3.connect('example.db')
    
    # 2. Create a cursor to execute SQL commands
    cursor = connection.cursor()
    
    # 3. Create a table if it doesn't already exist
    create_table_query = """
    CREATE TABLE IF NOT EXISTS people (
        id INTEGER PRIMARY KEY AUTOINCREMENT,
        name TEXT NOT NULL,
        age INTEGER NOT NULL
    );
    """
    cursor.execute(create_table_query)
    
    # 4. Insert a record into the 'people' table
    insert_data_query = """
    INSERT INTO people (name, age)
    VALUES (?, ?);
    """
    cursor.execute(insert_data_query, (name, age))
    
    # 5. Commit changes to the database
    connection.commit()
    
    # 6. Close the connection
    connection.close()


if __name__ == "__main__":
    # Example usage
    store_data("Alice", 30)
    store_data("Bob", 25)
    print("Data successfully stored in the database!")

hold on

There

@blissful snow I can dm u

mysql

just change the connector string

oh no its ok i was just asking which one he wanted to do

the main problem is the access tho

Please accept mt request

Im in high school

check FR

huh

Its jvoer for u

WHAT

Is meow meow???

Physics, ugh

servers down?

https://www.thewebsiteisdown.com/

What’s that website supposed to be used for?

shitposting lol. check the wideos there. sysadmins have some weird interactions

was that website made in like 2010

I fixed it

I am gloroius

bro

why

the fuck is this port down when it should be openn

ttqtqt

@cosmic pendant gloroius

Are you doing thm?

Thank you, thank you

Gave +1 Rep to @cyan parcel (current: #755 - 7)

yeah

someone quote those please

#room-help

how hard do u think is Defending Azure?

is the price with discount 375 dollars per 3 months?

https://tenor.com/view/itch-crackhead-drugs-drugaddict-addict-gif-11128316954240258813

hi guys really random and unrelated, does anyone have any experience with CFD and solving for the navier stokes equations?

Will we have a new room today ?

Hi, you're placed in a Silver league now. 😎

lol this shit is hilarious

hehe

IP telephony... i pee urine

Hey guys

Haven't been here for a while

Is there any good guide on using X64 dbg?

Set stops on GetWindowTextA, lstrcmpA, strncmp

The program doesn't stop on them, or I do something wrong

Trying some challenges from CrackMe

https://help.x64dbg.com/en/latest/

hey , guys what do u think about burp new functionality that included AI ? 🤔

Wow, what book is this, I'm actually quite interested.

please wait, there's a long list of rooms to get tested

1337 day streak :D

that's a good tree

You want your trees to be balanced

1337 day?

yeah

That is the best possible streak you can have

for your created room or what?

no for how many days shadow has solved at least a single question a day on tryhackme

more than 6 month? I think they need to think about this.

woow, good

it's around a year now, cause a lot of users has created rooms

Hay @jolly creek please don't post the link.

The queue is currently a couple of hundred rooms long. 😅

Maybe you should add more room testers

I'm started think to crete like this system 🙂

👋

It's not room testers that judge if a room can be released public or not, it's down to QA, who recently just took on staff member(s).

Ah that makes sense

Room testers get to try out the rooms after QA move them to UAT.

Steps have increased to help get through the rooms.

Do you get room creators to sign an SOP or any other legal document?

Because of IPR etc etc

No, 🙂

I think we're trusted to keep whatever we do a secret.

Wdym?

I mean, I know so much about what THM are doing,. releasing and planning and I've never said nothing to anybody.

SOP? 😭
Standard operating procedure???

Yeah, similar to how HTB gets you to sign one when you're submitting a box

Welcome.

that's an NDA

Unless I've got the wrong abbreviation in mind

NDA?

NDA

Non disclosure agreement

standard operating procedure is a document outlining how a process should run

Do mods sign an NDA?

with theyr own blood

Not sure they're allowed to disclose that information.

on x road's

Lol. NDA!

sorry, I mean an SOW

https://tenor.com/view/ladies-and-gentleman-we-got-him-gif-12313683

statement of work

statement of work is just a piece of paper that says what you're supposed to do and when

NDA are smth that you need to read.every.fracking.page

That's usually only needed when an MSA is already in place, and a specific project/engagement has a clearly defined goal under the MSA.

You should always read 100% of anything you sign.. imo

Accept accept yes yes next next

ah

I really should read up on legal stuff

NDA is what handles the data you see

I'm just starting this today too.

What the prequestis if I'm pentester where I can study the cloud conecpt?

Fun things to do while I'm not working: study, study, hack. 🤣

when i was sign my NDA it was forbiden to sing it first 72h. cos you must read it and talk with legal team all teh things

Juun I actually have a funny story about an NDA 😄

funny or "funny"

well, something alike that

ah. i get that yea

is all fun and games until you sing it 🙂

I didn't sign it

I dont really work and Dont have university

not even for military ctf ?

nope

Thanks You. I'm new to this. I'm studying cybersecurity at Try Hack Me. I'm just starting out as a pre-security student, but I'm really interested in forensic security. Any tips you can give me on studying and how to find a job afterward? Are there any job opportunities? I'm from Chile, by the way.

Gave +1 Rep to @sick lance (current: #2 - 3639)

Apparently no one signed, that's where they went

singed nothing at all or there is some legal paper in work

I'm just doing part time consulting now.. but may be getting into a full time+ job

uh oh

signed nothing

What u mean

strange. but fair yea

Oh. Bummers

bella doing crazy things in military/army

had to help my friend sign one cause he didn't understand it all, so I read it for him and helped him make a signature 😄

I dong like military

Dont

i dont like milk so much. but then again i do not go around and beat the shit out of cows 🙂

TIL Someone got Doom running an on HDMI adapter...

that was months ago

o.O it sounds like your friend shouldn't be signing paperwork they dont' understand. was it in a language he didn't understand?

Sugoma

Azure defending from were study the basics of the cloud

well, he's socially dumb and doesn't understand things outside of his fow, so when his now old employer wanted him to sign an NDA for his employeement, he didn't understand it all and didn't know how to sign it

at least he knew enough to not sign it without understanding it

basically, I am his "social worker" when we are together, so he doesn't end up dead or in jail 😄

because we get a lot of scam attempts here

How no about dna

what?

DNA?

https://tenor.com/view/shroombae-trippy-dna-climbing-psychedelic-gif-4285547139506736620

deoxyribonucleic acid

yummy

rna

ribonucleic acid

crazy how I remember all that shit lmao

I gave up biology an year ago

High school biology

And what's the powerhouse of the cell?

we have bio lab on work. they do crazy shit for sure lol

mitochondria

MITOCHONDRIA 🔥

mitochondrius singular, iirc

maybe not

Viruses are so weird

They are livings and not livings at the same time

Well technically they're not living

How they spread then

genetic mutation

I don't remember exactly

But they don't exhibit any of the signs which are typically used to define a living thing

Couscous

I guess you can compare it to a computer virus. Non-living but it spreads

so like a similar genetic code fucking with your immune system

Nda

:mute: marientje1#0 has been muted.

Is that your shopping list??

do we get notified in our emails or something if they add rooms to paths we already completed? Also how often does that kinda thing happen if anyone has been around for a while

hmm

this no good

Now what is prequesits for defending Azure

I fell myself ie lost

Not sure yet. I haven't gotten far at all. lol

#defending-azure-path prolly best place to ask though

Wallpaper of the day:

Mann.. WTH is wrong with the 1st Rank Guy 💀

what is a silver ligue

13k points in 1 day

WTF 😄

Chester’s gonna cheat

thats crazy

how many silver leagues exists?

IG it's 5

thank you but I can't see the other silver leagues right?

nope

just the one your in

Umm.. IG so

alright

Where do you go to report a typo in a room?

#room-bugs

Ta

Oh I don't have permission to post in #room-bugs

read the post

ye same here but why is it only for subscribers or anything

It has moved - there is post you can see in #room-bugs without posting

oh didnt notice Thz

Me too 😄

#1333993673381253162 😄

someone can help me please

????

This could be super illegal, or super unethical.

@boreal scarab what was the price of that ruby nozzle that you buy ?

a guy is perturbing me i want to scare him

Or, you could just block and move on.

It WAS like $80 or somewhat, but looks like they stopped making them

i know but i want to learn how to do that

can you help me?

No, because that could be either:

a) Illegal.
b) unethical.

Both, which are agasint our community rules, which you've agreed to adhere to, when you joined the server.

i need to sell my soul

i know it could be ilegal but the responsability i can live with that

you now how to do it?

This does not change my answer, or stance,

If you continue, I'll be forced to mute not just you, but also anybody who does.

ok sry

🔥

https://tenor.com/view/grind-grinding-daily-computer-email-gif-873221933340242589

hello

is -sC recommended on a nmap scan?

depends

Also my scan is over 5min , is something wrong? i did a normal scan

wht are you scanning

a ctf machine named blue

on thm

ahh that one

sometimes it takes that long

nmap -sC -sV -v -p- -Pn 10.10.230.173 thats my command

#room-help please.

-p- makes it longer since it's scanning all ports

👍

Please guide how can we put full name instead of username on the certificates. Thanks

After it's been generate,d you can't.

What is azure defending

The new path.

I know how to study for it

I want The aws attack and azure defending

They cost extra.

Azure defending is free

Right?

No. 🙂

And how its free

For me

The first room in each module is.

Unless it's a subscription.

Okay just one module

Great

Right?

Its just one

Okay

using laser to cut rubebr is not so smart idea...

What are you doing, right now?

THM, pentest, school/work project?

2$

heh. i guess brass one heh

Probably not a good idea to reveal stuff in a pentest in a public server full of hackers. 😄

I was really talking about in general.

Something something NDA.

OPSec is important

But hard

Plus, nobody can assist you with this, as it's a work assignment, and would go against our community rules, that you've agreed to adhere to, in order to be in this server. 🙂

thats not the only thing thats private lmao. dont say shit about anything in this server about a work assignment

I mean, for something that isn't private, we know their client is using an ASP.NET for something.

and the error code

I wonder if people were caving before 1800s

exploring caves?

Yes.

yea

why wouldnt they

maybe cus they didn't have a light

...fire?

Sunlight.

fire exists

damn nvm I just remembered cave men existed

LMAO

https://tenor.com/view/facepalm-really-stressed-mad-angry-gif-16109475

Ooo silver is top 15 advance noice

Is gold top 10?

sup guys

Yes.

How do i get vim gui on linux

And top7(?) for platinum.

Have you uh, tried using using sudo *package manager* install vim-gui ?

you sure you don't want neovide???

well, probably getting harder to get CVE's now

https://x.com/vxdb/status/1912116851460518000?s=46&t=nUzvJ_SXQL--HIzI1u7jpw

4chan 👀

Yeah lol, it's quite funny. Just a bunch of internet drama and insecure PHP

Here's vx-underground's tl;dr of what happened lol:

but lol what I actually came here for, where the heck is a link to that 50% Business/Cloud promo for the Azure launch?

I got mead. I'm a happy little Norsk!

https://tenor.com/view/assassins-creed-valhalla-assassin-valhalla-creed-viking-gif-18717641

I'd happily pay for 3 month Business/Cloud access depending on what that deal looks like. Can't find anything related to that beyond the standard non-discounted page

Outdated php

Hey guys, i am new in this and i needed some help if anyone is free here

What do you need help with?

i just had few things to clear out

Don't ask to ask, just ask 🙂

damn. cool

I am from india mumbai, and i am from commerce background. I dont know if i can be able to learn without sience background

anyone can hack. if they put their mind to it.

TryHackMe starts out at the very basics so any skill level can get started

keep it ethical and remember to have vadapav handy when you find a bug to celebrate

Yea i cleared some basics on tryhack me and i just need suggestion who are actual pros in this field

btw are yall aware that there is a new game called marathon launching this year. im a destiny guy and the arg was awesome. incase if anyone lives under a rock

I'm literally at work as an infosec professional right now, lol I just came here to look for that 50% deal. What are you curious about

folks here are great. feel free to ask any questions

No singleplayer == no buy for me sadly. The original Marathon games are great

anyone from non sience bakground?

have anyone heard of Pentera, ridgebot? are these automated penetration testing actually useful?

higly recommend you to watch the trailer. worth it

I've seen it

I have a Sociology major and a business minor. You don't need computer science to get into this

lol , he just asked for a pro, got a pro then asked for a non science background

I don't need another live service game, I need for Bungie to make a singleplayer campagin again after nearly 20 years

*science. there must be. its not much of a big deal THM teaches you everything

Reminds me of myself when I ask the waiter at a restaurant what he recommends

okeee

Thx got it

Yah I’ll have the thing u didn’t mention ! Ty

actually can't deny that. for me the downfall of cycle was heartbreaking. and seeing something aesthetically the same and being from bungie is a win win

Hey guys, does anybody know how to claim the 50% off discount on the new azure path?

That's what I came here trying to figure out, I've heard nothing yet and found nothing

Just the standard non-discounted price

whats the discount on? i was away from thm for a while now

It's in #announcements, a new Azure blue team path

isn't the code AZURE50?

Check out the recent most msg in the announcements

Yeah but where do we apply it

lol where did you get that info, I wouldn't be suprised flarycen

eww azure i would stay away from that. (im guilty of spending way too much for personal projects)

ugh...

Thank you

darn it lol, I meant thank you

Gave +1 Rep to @hallow hazel (current: #592 - 10)

gahhh, i should probably do that... I use azure at work

Yeah that's something I critically need to learn more of. Way more convoluted that AD/GPO and harder to learn on your own for sure

i literally have like 2 servers and storage for my immich app

Yeah I've got a homelab server with little AD domain and etc, and worked with 12 client's domains and securing them but whew did Microsoft decide to reinvent the wheel with Azure

...and spread it over 60 different admin portals lol

fr

and the best part they start renaming existing stuff just for fun

it was ad for azure to azure ad to azure entra and the ms defender naming changes was hilarious

Welp just bought the three months. For the 50% I can easily justify both this and AWS

lol of course half of this isn't applicable to my current job without higher tier Azure/Entra licenses but very valuable skills I want

@pliant cairn Have you done SC-200?

these amd adrenaline drivers are absolute trash

did sc900

didn't bother with any more azure certs tbh XD

Hello, I've been checking out this site for learning some stuff for when I need to go to the military. If I buy the premium do I have the possibity to earn certificates or does that still need to be extra/ earned another way?

There are certificates of completion for each path but those are not something you'd nessessarily put on a resume. However THM launched their own industry certificate and I believe one of the paths can give you a 50% voutcher for PenTest+

@sinful moon you know smth of DNS-rebount attack or sth like that word ?

ChatGPT always glazing me

I'm familiar with some DNS fun but I'm not familiar with a tool with a name like that specifically

a ok

Ah so it likes gives me skills to be able to get the certificates but still needs to be obtained another way

hey lads

whats up

sky

i see

That's correct, but these are also just invaluable skills to learn actually working in infosec which is why I joined.

Learned plenty of tools and concerns that I keep in mind and use on the daily at my job

i swear ive never missed kali this much

like rs lol

Alright thank you I have been debating on actually persuing the courses and buying the premium etc, I guess I'll be doing that now.

Yeah no regrets for me personally getting Premium, basically paid for its self in what I've been able to contribute at work

What is talking about

GUYS

IT FUCKING WORKED

A bit overdone but not bad alex

Nice cava visulizer though, I love that app

AFTER 1 HOUR

fastfets is bit to much yea

Looks hella cool

Contract expiration

MITRE has traditionally worked closely with the CISA and US government but we all know how that's going

Cisa?

Didn’t know it was gov funded tbh

Yeah the CISA a part of Department of Homeland Security and got massively cut

O yeah see that

MITRE are independent but basically a government defense contractor

I am backkk

Hello backkk

bro thm and songs just hit

sister

I feel like doing grindy work is so much better with music but when learning I need the music off

Personally

nah i like with music

Yea I’m the same way lol I can’t have music playing when I’m trying to learn stuff

Depends highly on the grenre at times too, but yeah sometimes it gets down to "serious time" depending on what you're learning

yuh

I feel like I used to be able to do that but lately It feels like too much for me

im just doing nmap part so its easy

Just remember to always nmap every room after this even if they don't ask. Free learning re-enforcement and good habbit for getting into CTFs

thank you i will

Gave +1 Rep to @sinful moon (current: #31 - 304)

I didnt get it

We explained above. MITRE is a US defense contractor and US and governement cybersecurity funding is not doing well

Guys is better to study web fundamentls and webpentesting after offensive security or before it

Because I want to do red teaming the last one

I mean the learning path overview page kinda spells out the "intended" order, but you're free to pick and choose. But yes, do Web Fundimentals and etc before if you don't already have those skills

This, in rosewood filament.

So do it before offensive security

Look I love offensive security

this would be the "intended" learning order so if you mean Red Teaming then yes. The old Offensive Security path was renamed and restructured into what you see above

I will send it you

You don't need to send me anything, the above is the clarification. Thanks though

gad damn

Yes as I said this has been restructured since whereever you got that from

But yeah holy wall of text and links

Okay great

Yeah this my path I love🔥 it

Let's avoid sending great big walls of text please.

I Love adventure

asd

In pentesting

Hi guys a scammer approached a hour ago, where could I report it? She might had multiple victims already.

approached me*

What country are you located in?

You can ask ChatGPT this question tbh.

New mod name: Did you GPT?

But offensive security not in pentesting its fine to study

Yes because those rooms got mixed around into this new structure. There's tons of content on THM that's off the beaten path

And yes that's what I shared above lol

anyone knows why im getting this error when using TAB to autocomplete

I'm no sure you are telling to me.

hes mexican

Sir are you in a python prompt?

Like not in your regular cmd

no its not python prompt

Or is your command line just customised

yes

i use zsh

Don't you need admin privileges to set that up?

Using WSL right?

no its kali linux

dm me

Okay I got it is mixed with red teaming but its optional to not study web fundmeantls and webpentesting after offensive security after it or before

but sure thanks for "help"

Ah my bad, I was assuming you were running Windows because I was considering something similar to my terminal

this is zsh

Maybe not zsh though

Yes I'm aware

zsh with p10k

this error started today

try type bash and then try run same command

yay guys another room finished

this error appears when i try to use tab to autocomplete the command

@fervent ruin

sudo activate-global-python-argcomplete

Try this

ye, its working now, thank you

thanks for answering, I was going to succintly explain that but got distracted by the SO

All good

also tho, I'm more than happy with default zsh autocomplete lol

Sorry

What? I was talking about the tab complete

guys one last room left

Because you say distracted

So that why I say sorry

oh

🤖

For your thing, you're just going off of an outdated guide vs what's actually on the site right now. As I said, the primary learning path has been remade and there's tons of rooms and some paths that are not on that chart

Hi Ellie

So it's fine, some of those rooms from Offensive Security are now in those newer redteam paths. Doing them in Offensive Security will gain progress for these newer restructured paths if they exist on both

Heya!

https://tenor.com/view/hello-hi-hy-hey-gif-8520159980767013609

iirc the Offensive Security capstone challenges just aren't part of the official flow anymore specifically

Okay I got it

So webpentesting and web fundmetnals before offensive security and red teaming after it its okay

Okay got

It

Yeah pretty much lol

Right @sinful moon

omg lol, yes that's pretty much true more or less

Okay

Thank u

No problem

But I feel about the azure defending
Is hard I dont know it

And aws attacking

It's not a part of Premium, it's an extra cost on top because they have to spin up cloud resources. I would not recommend spending that money until you are ready

My subcribe is permium

Yes which does not include Azure or AWS due to cloud resource costs for THM

So I need to pay

Yes, wait until you are ready

When I will get to it

I'm so curios

The first room in each module of Defending Azure is free if you are curious

No I mean I can when study aws attack ?

I study Aws attack

whew, it sounds like you need to cover a ton more basics before then

@sick lance please see above

Where I learn them

Try hackme it offer it?

Let me finish the path then we wil know ☺️

But I feel myself noob

Done!

fantastic

AMD GPU drivers are amazing

Nvidia better :>

it's meant to be sarcasm mate

I stand by my opinion

And honestly even in Linux, yes AMD is infinitely more simple just being in the kernel, but for me getting Nvidia going is literally as simple as sudo pacman -S nvidia

lol times have changed, I remember back in the day when you had to configure your own xorg.conf and there was an Nvidia app just to do that. But even that wasn’t bad.

oh

But I’ve never had any issues with Nvidia under Linux, others I know have horror stories

da,m

damn

yeah lol, once upon a time xorg didn’t just automatically know what was up, you had to tell it what kind of display outputs, display drivers, input devices and more you had

that sucks

heh that’s just using Linux in the 00s vibes

damn

we had sys v init instead of systemd, HAL instead of udev, ALSA instead of PipeWire etc

tf

Yeah Linux is a pretty modular set of a ton of different components and they have improved dramatically over time

wow

impressive

i wasnt there to witness 💔

PipeWire for audio is actually a grand unifier of every audio standard which came before, OSS, ALSA, JACK, and PulseAudio. It does all that with better performance and lower latency than any that came before

and is just a drop in replacement

so yeah we’ve come far

i see

still got one and a half hour of work left for today

Good luck, I just got out and waiting for dinner to arrive