#general
blissful current
cerulean star
I am currently going with the web application hacker hand book and tbh i have no one to ask my Silly question or important ones to
Sorry idk πΆβπ«οΈ
blissful current
π
sick lance
I am currently going with the web application hacker hand book and tbh i have no...
Why don't you learn from the interactive labs on THM?
blissful current
its a tool to analyze web traffic , and find vulns , ...nothing script kiddy in that lol
π
cerulean star
Why don't you learn from the interactive labs on THM?
Ok but tbh i dont know how i can lean from lab
cerulean star
its a tool to analyze web traffic , and find vulns , ...nothing script kiddy in ...
Sorry i am with less knowledge
Just started
sick lance
Ok but tbh i dont know how i can lean from lab
The lab shows you the material and then lets you practice what you're reading.
blissful current
Sorry i am with less knowledge
no issues i was just explaining
cerulean star
Hmm Understandable
cerulean star
Also, that book is more than likely out of date with burp.
Ya its kind a bit old but it will Clear my basic knowledge
fair linden
Also, that book is more than likely out of date with burp.
why? no one uses burp anymore?
cerulean star
why? no one uses burp anymore?
Huh meen like now day what do people use ?
sick lance
why? no one uses burp anymore?
No, as I'm the version of burp will be out of date.
cerulean star
What*
blissful current
why? no one uses burp anymore?
there r some new alternatives but ..ig people been used to burp so thats their go-to mostly
naive violet
why? no one uses burp anymore?
Burp gets good updates often
fair linden
ahh got it
cerulean star
Why don't you learn from the interactive labs on THM?
Thx for information can you plz tell me whats that thm ?
naive violet
Tryhackme
cerulean star
Ok thx ninja and the mod good night
shy fjord
Can I have the role to access creators-lounge channel please?
twin ridgeBOT
β Gave the role Creators-Lounge to heliman.
blazing granite
@naive violet weird seeing you without the shield π
sick lance
/giverole user:<@814024685389217792> role:@Admin
Womp womp.
mellow narwhal
For now.
devout palm
I'm sure no services will be interrupted. They'll find a way eventually.
light glen
hey is anyone havng problem when connecting on machines??
devout palm
Because CVE is a significant part of the cyber security world.
dark mason
CVE back!
Ngl, if they can't maintain CVE I am 99% sure that offsec will take that over
light glen
it is just loading
devout palm
Ngl, if they can't maintain CVE I am 99% sure that offsec will take that over
That sounds horrible.
fleet pivot
i like chicken
naive violet
<@252418040388517888> weird seeing you without the shield π
...I uh
No comment?
fair linden
i like chicken
Can I add you?
devout palm
James, thanks for the support you have given for years. I think you deserve an appreciation.
cosmic pendant
James, thanks for the support you have given for years. I think you deserve an a...
I agree, let's give him a Community Legend role π
fleet pivot
Can I add you?
yea
shut hawk
Ngl, if they can't maintain CVE I am 99% sure that offsec will take that over
Nah, imo most likely the cvefoundation
devout palm
I agree, let's give him a Community Legend role π
He already has
leaden marsh
is nessary to learn Ai in cybersecurity how to create it?
daring gazelle
How in the world do people memorize the OSI model?
devout palm
How in the world do people memorize the OSI model?
Please Do Not Throw Sausage Pizza Away
Physical, Data Link, Network, Transport, Session, Presentation, Application.
leaden marsh
is nessary to learn Ai in cybersecurity how to create it?
.
I hate Ai to create it because all math
blissful current
How in the world do people memorize the OSI model?
i just know the Layers names memorized sequentially and some basics what each layer does, since i had this in my college a lot
but for revision i would require to go thru notes since cant memorize everything
polar spoke
i like chicken
good π
leaden marsh
i just know the Layers names memorized sequentially and some basics what each la...
This the right question
leaden marsh
I hate Ai to create it because all math
Its nessacry for Ai ?
untold osprey
Please Do Not Touch Steveβs Pet Alligator
blissful current
Its nessacry for Ai ?
for what thing??
daring gazelle
I suppose locating the information you need when you need it is equally as important as memorizing stuff.
desert dirge
Please Do Not Touch Steveβs Pet Alligator
Whoever touched steve's alligator:
https://tenor.com/view/combat-initiation-gif-8808243547049710258
leaden marsh
for what thing??
I dont for Cybersecurity
daring gazelle
There is a lot of information Iβm trying to absorb from Cybersecurity 101.
leaden marsh
There is a lot of information Iβm trying to absorb from Cybersecurity 101.
Thats great
loud marlin
... let's upload 12 gb of books =/
leaden marsh
I dont for Cybersecurity
So that why I learn Ai
untold osprey
Whoever touched steve's alligator:
https://tenor.com/view/combat-initiation-gif...
my bad, didnβt know steveβs alligator was top secret info
blissful current
make notes , there will be much more stuff ahead , u wont be able to memorize each n everything , nor can i or most people here
just focus on the important stuff about it to be memorized, that should be enough
wooden quiver
My first contribution to this server: Ai hasn't a hope of breaking cryptography. Mathematicians appreciate this. What then is its use, er social engineering maybe?
blissful current
and scripting ...but still not too much but helps a lot
wooden quiver
actually yes, it is great for putting together scripts to do stuff
daring gazelle
make notes , there will be much more stuff ahead , u wont be able to memorize ea...
Great advice I appreciate it! Iβve gotten a little overwhelmed so this is helpful.
desert dirge
My first contribution to this server: Ai hasn't a hope of breaking cryptography...
With the right proompting, AI can be used to proompt yourself in the right direction, getting immediate answers to questions that would annoy #521382216304033796 lmao
Of course that you would follow up on with real research
blissful current
Great advice I appreciate it! Iβve gotten a little overwhelmed so this is helpfu...
yup , coz i tried that too , after learning new stuff the old learnt stuff gets rusted off the mind after few weeks if not practiced on that same type of attack/topics ,yk ..atleast for me , so i always try to make n keep make notes
wooden quiver
With the right proompting, AI can be used to proompt yourself in the right direc...
I also agree with this, I think my point was about actually breaking the math used in encryption -> no chance
oak marsh
oh ye currently AI sucks are cryptography, kinda interesting
untold osprey
me waiting for my brute force thingie to complete
more like brute patience
oak marsh
daring gazelle
yup , coz i tried that too , after learning new stuff the old learnt stuff gets ...
Totally understand that. I was trying to use Linux commands in windows command line π€¦ I got so confused.
blissful current
Totally understand that. I was trying to use Linux commands in windows command l...
happened with me too , totally understandable π
blissful current
anyone knows how to get rid of this? i get this error even with venv
u need to make an env first
fervent ruin
and im trying to install a exploit from github, i need to install the requirements
i have created it
bro, i fixed, nvm
stupid things
fervent ruin
now i get other erros, but now is about the exploit itself
daring gazelle
I did find Linux Shells to be pretty fun though.
vocal geyser
in some cases might need to use apt instead of pip too
Yes
blissful current
now i get other erros, but now is about the exploit itself
make sure if the code is of Python 2 or 3
so use python2 or Python3 accordingly
vocal geyser
Running a script = hacker π
blissful current
some github codes are older and they were written using python2 , and running it with py3 causes error too
blissful current
Running a script = hacker π
desert dirge
Running a script = hacker π
Guys, I found the arson!
boreal scarab
I see the WatchDogs logo in the background. You can't hide it from me!
blissful current
I see the WatchDogs logo in the background. You can't hide it from me!
i didnt notice it lol
agile bane
I love you guys So much
oak marsh
aww love you too
agile bane
oak marsh
modest thicket
Whoever hackin my f***ing work STOP NOW!!!!
boreal scarab
I love you guys So much
I love my beer too!
loud marlin
some smartass in my town decide to put full UV led lights to make things looks cool, and ppl end up in hospital with eye issues =/
blissful current
eh?
boreal scarab
modest thicket
AND WHOEVER PHISHED ME WITH THAT FAKE XFINITY EMAIL F*** OFF
oak marsh
you giving out your email online?
fervent ruin
its not this one
blissful current
<a:beer_pepe:1250514875269124097>
ya , i did that on my birthday and did THM rooms till 4AM
fervent ruin
blissful current
oak marsh
ya , i did that on my birthday and did THM rooms till 4AM
dedication
boreal scarab
its not this one
It's not EXACTLY that one, but it is a Watchdogs logo
fervent ruin
yea
modest thicket
you giving out your email online?
How they got my email is obviously because theyβre in a federal agency
loud marlin
you must be super ultra cool if feds get you email lol
blissful current
blissful current
anyone having problem with accessing web machines
tell?
oak marsh
Im using the resources to brute force in gobuster
you remembered to add the site to /etc/hosts ?
daring gazelle
some smartass in my town decide to put full UV led lights to make things looks c...
Thereβs a guy in my town who installed headlights in place of break lights on the back of his pickup truck π€¦
blissful current
ya put host in /etc/hosts
blissful current
Thereβs a guy in my town who installed headlights in place of break lights on th...
lol
boreal scarab
Thereβs a guy in my town who installed headlights in place of break lights on th...
MURICA1
blissful current
i still have to do Advent of Cyber , i'll start them next week
oak marsh
I havent even considered doing em but keep getting suggested to try
blissful current
looks fun , with stories like scenerios
oak marsh
christmas be coming early this year 
gotta give em a look
blissful current
sick lance
i am doing Metasploit-a-ho-ho-ho
blissful current
50 days streak 
untold osprey
Thereβs a guy in my town who installed headlights in place of break lights on th...
lol welcome to engineering with vibes only
peak hare
Yooo
blissful current
Yo
peak hare
How's it going?
blissful current
fine , wby?
boreal scarab
GREATEST COUNTRY IN THE WORLDDπ¦
π₯ πΊπΈ
peak hare
fine , wby?
chillin fr
blissful current
boreal scarab
GREATEST COUNTRY IN THE WORLDDπ¦
π₯ πΊπΈ
Reads bio
PLEASE don't tell me you're CA.
fleet pivot
*Reads bio*
PLEASE don't tell me you're CA.
that's private info
π oops Hope no one saw that, didn't mean to like myself like that
desert dirge
π oops Hope no one saw that, didn't mean to like myself like that
good job, now everyone DOES know xD
leaden marsh
https://cymulate.com/blog/task-scheduler-new-vulnerabilities-for-schtasks-exe/
What is talking about?
outer fjord
What is talking about?
New UAC Bypass
New task metadata poisoning
New event log buffer overflow allowing to overwrite log content and evade detection
New unprivileged security logs saturation
light glen
<#521771811768107008>
no answer
rapid merlin
https://cymulate.com/blog/task-scheduler-new-vulnerabilities-for-schtasks-exe/
great
daring gazelle
Honest thoughts?
Is AI becoming more prevalent in business, healthcare etc. Going to skyrocket the need for cybersecurity professionals?
inner tendon
Hello Chat
fair linden
Anyone here who wants to play capture the flag on thm tomorrow?
rapid merlin
Anyone here who wants to play capture the flag on thm tomorrow?
me
fair linden
Whats your name on thm
rapid merlin
dm me
knotty pendant
boreal scarab
that's private info
dark mason
Honest thoughts?
Is AI becoming more prevalent in business, healthcare etc. Go...
Not exactly skyrocket
But surely will increase it
As AI is known for writing vulnerable code
rapid merlin
hey guys a little question
i just downloaded mint linux on my virtualbox to learn linux (first time using linux) but idk what to learn or where to start can anyone give me a checklist of some sort or a yt video i can use
going to be switching to kali linux once im more comfortable with the linux environment
cosmic minnow
You guys like my sign? I thought it was witty...
fair linden
hey guys a little question
i just downloaded mint linux on my virtualbox to lea...
I'm new too I just do onethewire bandit atm
rapid merlin
I'm new too I just do onethewire bandit atm
okay and what is that
i have no idea really
fair linden
There you can learn the basic linux commands
fair linden
such as cd mkdir cat etc
rapid merlin
There you can learn the basic linux commands
ohokay for the terminal ig
fair linden
yes
rapid merlin
such as cd mkdir cat etc
does sudo also come in that category
fair linden
idk tbh i'm just at lvl 6
dark mason
@rapid merlin @fair linden
https://linuxjourney.com/
fair linden
<@456226577798135808> <@146006799131082753>
https://linuxjourney.com/
Thank you π
twin ridgeBOT
Gave +1 Rep to @dark mason (current: #299 - 23)
rapid merlin
<@456226577798135808> <@146006799131082753>
https://linuxjourney.com/
thanks man
twin ridgeBOT
Gave +1 Rep to @dark mason (current: #293 - 24)
sharp citrusBOT
TryHackMe Socials
hearty dove
Hello guys
I'm new here
I've always wanted to hack
And understand programs from a deeper more, newer perspective
I just wanna also gain power
And realm the cyber security world
So abuser and malicious criminals can be put in their places
Off and on discord.
loud marlin
@sand trench got bunch of new wallpapers
wraith raptor
<@228199546050707456> got bunch of new wallpapers
Looks good
Have you noticed battery drain from Hyprland ?
naive violet
So abuser and malicious criminals can be put in their places
You know that's vigilantism right?
The police don't tend to appreciate it
naive violet
Someone else doing something bad doesn't mean you get to do something bad to them
hearty dove
Someone else doing something bad doesn't mean you get to do something bad to the...
Nono I'm trying to be hero here
And self defense
By put in their place meaning legal action.
naive violet
Nono I'm trying to be hero here
Hacking back is still illegal tho
whole yew
You should consult a cybersecurity specialized lawyer before you put that idea into production.
hearty dove
Hacking back is still illegal tho
Ah
hearty dove
You should consult a cybersecurity specialized lawyer before you put that idea i...
No one will know who I am isn't that the purpose
Tech is the new and next power
naive violet
This ain't Hollywood
whole yew
So anonymous vigilanteism that will likely cause any evidence gathered to be fruit of the poisonous tree and be inadmissable? Sounds like a terrible idea.
wheat flint
No one will know who I am isn't that the purpose
I dont know man I think the tism creates these nice fantasies in our heads
But then you have to ask yourself why you want to be a hero
And its for "other people"
Its really for yourself
daring gazelle
Let him cook. Iβm sick of getting texts about unpaid toll tickets.
wheat flint
Let him cook. Iβm sick of getting texts about unpaid toll tickets.
π€£
ionic pagoda
hi
does thm have a bbounty prog? if i was able to see paid content would thag be reportable ?
spice otter
does thm have a bbounty prog? if i was able to see paid content would thag be re...
you can see paid content but you cant actually use it if that makes sense
ionic pagoda
i can see and use the creds there and interact with the labs
like if the lab is URL based uw/pw
spice otter
And realm the cyber security world
what kind of hero complex..
hearty dove
Its really for yourself
Self defense
spice otter
2 wrongs dont make a right in the legal world
hearty dove
To better understand how people could use me
hearty dove
2 wrongs dont make a right in the legal world
Wait till I run the law
wheat flint
Self defense
You might have the tism
hearty dove
You might have the tism
Autism, nice try.
spice otter
Wait till I run the law
just to like clear this up you know movie hacking and real hacking is NOT the same thing
hearty dove
just to like clear this up you know movie hacking and real hacking is NOT the sa...
Yeah it takes steps
Movie hacking is literally typing random notesπ€£
It's outright impossible sometimes.
round orbit
Anyone got an example of a domain that doesn't have WHOIS protection?
daring gazelle
Even the baby steps about real-life ethical hacking has made me feel like an absolute caveman with technology π
silent nova
Anyone got an example of a domain that doesn't have WHOIS protection?
Protection, as in not having its data redacted from general public records?
pulsar cosmos
Sorry for the late reply,
I don't remember where but I saw a post on Twitter from the user "Dark Web Informer - Cyber Threat Intelligence" that the user message database was leaked and that it was for sale
silent nova
what is better vmware or virtualbox??
I wouldn't say better, it's more depending on your intent of use and such.
Sadly I don't have a solid answer for you at the time, but I usually use VirtualBox more than VMWare. Personal preference though.
round orbit
Protection, as in not having its data redacted from general public records?
Exactly
civic reef
I wouldn't say better, it's more depending on your intent of use and such.
@light glen Also what is the OS of your host machine
light glen
<@551105045354119193> Also what is the OS of your host machine
windows
silent nova
<@551105045354119193> Also what is the OS of your host machine
I primarily use Windows.
light glen
I wouldn't say better, it's more depending on your intent of use and such.
thanks
twin ridgeBOT
Gave +1 Rep to @silent nova (current: #547 - 11)
round orbit
I do have to ask, is this for an assignment of some sort?
Research, but it's alright. I remembered there's TLD's that don't support WHOIS privacy, and there's a bunch of them.
silent nova
Research, but it's alright. I remembered there's TLD's that don't support WHOIS ...
Ah, okay. Technically speaking, ICANN's own website has no "official" WHOIS privacy.
silent nova
<@270975958511517697> Hey i'm new here
Welcome!
mossy river
What exactly do you need? π
rapid merlin
What exactly do you need? π
You'll see, can't talk really about it here
mossy river
Sure :) added
round orbit
Ah, okay. Technically speaking, ICANN's own website has no "official" WHOIS priv...
It doesn't return much info though
silent nova
It doesn't return much info though
I'm not sure exactly what information you are looking for though, sorry.
Best of luck with your research!
leaden marsh
Sadly I don't have a solid answer for you at the time, but I usually use Virtual...
Vmare better
unique valley
can someone help me with a question from the MITRE room?
chilly veldt
grim sparrowBOT
:hammer: johnnyangelojr._89816#0 has been banned.
silent nova
:hammer: johnnyangelojr._89816#0 has been banned.
R.I.P.
sturdy thicket
hi
silent nova
π Welcome to TryHackMe!
oblique escarp
Hello
somber verge
just found this absolute gem
silent nova
Photoπ€π€
It's definitely a cool photo.
leaden marsh
It's definitely a cool photo.
π€π€π€
silent nova
... oh.
cosmic minnow
Does anyone know instagram
The lead singer of Meta?
desert dirge
I think they're muted
desert dirge
Does that name read what I think it does?
sand trench
<@228199546050707456> got bunch of new wallpapers
nice
desert dirge
<@228199546050707456> got bunch of new wallpapers
Nice Rice!
winged summit
hello π
silent nova
π Welcome to TryHackMe!
winged summit
thanks π
mossy river
Just a reminder to everyone to use the report command in the channel that the problem is happening and not #bot-commands π
winged summit
how's everyone doing?
gusty inlet
Just a reminder to everyone to use the report command in the channel that the pr...
Oops I plead guilty.
crystal mauve
Dogs > Cats
civic reef
Dogs > Cats
Dogs = Cats
grim sparrowBOT
Done!
wooden echo
I picked a GREAT time to get into cyber
spice otter
https://youtu.be/Rwkq1KwVdBY
yeaa i seen john hammands thing yesterday lol
gusty inlet
I picked a GREAT time to get into cyber
Pretty much lol.
But I think it's all fixed now
wooden echo
But I think it's all fixed now
Damn, hadn't checked the news since I got off of work. I can't deal with this roller coaster for four years.
gusty inlet
wooden echo
New Ubuntu comes out tomorrow and I can finally say it's idiot-proof. This is probably the 6th time I'
spice otter
Damn, hadn't checked the news since I got off of work. I can't deal with this ro...
the job market already shaky lol just gotta power through it
twin ridgeBOT
Gave +1 Rep to @gusty inlet (current: #229 - 35)
wooden echo
ve tried to switch but I'm finally gonna stay this time, (I switched to arch, but Ubuntu 25 is pretty dope, still)
modern fox
But I think it's all fixed now
what fixed
gusty inlet
modern fox
It was cut, but now it's back. Just more of the same nonsense XD
i see
wooden echo
Common Vulnerabilities and Exposures
I was like, just my luck. I literally JUST learned eternalblue.
cosmic pendant
Hi
gusty inlet
Hi toaster! How are you doing?
gusty inlet
Doing great thanks
gusty inlet
Currently just doing some THM rooms to get ready for CRTO
cosmic pendant
oh CRTO is really fun
gusty inlet
Yup! You got the cert?
cosmic pendant
I don't, but it did it
I don't need anymore certs
but CRTO was the last thing I did to stay sharp π
gusty inlet
Expired/Failed/No attempt?
cosmic pendant
Didn't attempt it
gusty inlet
Does the voucher expire
gusty inlet
Oh darn it
cosmic pendant
Get started on CRTO π
gusty inlet
The badge is cool, the cert design is ugly.
gusty inlet
Yeah it does
You have betrayed me.
gusty inlet
Here's you chance to also go for it : p
cosmic pendant
it was like 2 years ago
gusty inlet
If you thought it was gone and it isn't, just go for it anyways since you weren't planning on having it
If you fail you fail whatever
I think lab time is costly
sand trench
and another good day of playing control and now it is time to go sleep sloop to beep boop for meep moop
sand trench
Whatβs control ?
game about paranatural stuffs in a setting similar to the SCP foundation but in a shared universe with the alan wake games
crystal mauve
I couldnβt get into it
Last puzzle like game I got into was warframe
So good for a free game
sand trench
It is more of a story driven action game then a puzzle game though
crystal mauve
Oh I thought u had to use your powers dependent on the atmosphere sorta
Bring down chandelier to kill x guys
spice otter
Last puzzle like game I got into was warframe
warframe is not a puzzle game lol
wooden echo
I played control for a few hours, then stopped abruptly, but I can't remember why. Hitman is my jam (or WAS before THM, lol)
subtle pawn
are AV's today fully equipped against obfuscated codes? keeping in mind that some do sandboxing and heuristics?
orchid tusk
is there a way to hide the new echo bot lol, its taking up my screenspace π
boreal scarab
are AV's today fully equipped against obfuscated codes? keeping in mind that som...
@cosmic pendant Your expertise is needed my good sir! 
cosmic pendant
are AV's today fully equipped against obfuscated codes? keeping in mind that som...
Does fully equipped mean 100%? then no
subtle pawn
let's say windows defender
subtle pawn
Does fully equipped mean 100%? then no
silly question but ... why not ?
subtle pawn
is most malware today encoded with metasploit (meaning like , is it that easy?) or is manually obfuscated
subtle pawn
https://arxiv.org/abs/2503.19058
ty
twin ridgeBOT
Gave +1 Rep to @cosmic pendant (current: #44 - 217)
gusty inlet
I can't wait to get into advanced evasion and maldev after CRTO.
I'll probably go for the CETP or some Sektor 7 courses.
orchid tusk
is most malware today encoded with metasploit (meaning like , is it that easy?) ...
me on my way to learn malware scripting in assembly:
cosmic pendant
I can't wait to get into advanced evasion and maldev after CRTO.
CRTO2
cosmic pendant
section .data
hello db 'Hello, world!', 0xA ; string + newline
hello_len equ $ - hello ; length of the string
section .text
global _start
_start:
; syscall: write(int fd, const void *buf, size_t count)
mov eax, 4 ; syscall number for sys_write (4)
mov ebx, 1 ; file descriptor 1 = stdout
mov ecx, hello ; pointer to message to write
mov edx, hello_len ; message length
int 0x80 ; make syscall
; syscall: exit(int status)
mov eax, 1 ; syscall number for sys_exit (1)
xor ebx, ebx ; return code 0
int 0x80 ; make syscall
NASM
gusty inlet
CRTO2
Saw the syllabus, but what if I tell you to take a look at these:
- https://www.alteredsecurity.com/evasionlab (Check the what will you learn section)
- https://training.whiteknightlabs.com/certifications/offensive-development-practitioner-certification/ (Evasion for CrowdStrike, Elastic, Carbon Black etc... scroll down to see)
These go WAY beyond what CRTOII offers.
subtle pawn
me on my way to learn malware scripting in assembly:
i mean there is a basic piece of code consisting of 2 lines which is practically malware lol but i won't say it here ofc
cosmic pendant
Saw the syllabus, but what if I tell you to take a look at these:
- https://www....
Cool, but one step at a time π
CRTO > CRTO 2 > More whatever
orchid tusk
i mean there is a basic piece of code consisting of 2 lines which is practically...
im gonna hit an uno reverse with a minecraft java exloit while watching the minecraft movie
we are not the same 
subtle pawn
funny thing i caught some minecraft kids selling some bs which was actually a RAT lmfao
i still have the obfuscated java code in .txt file here
orchid tusk
funny thing i caught some minecraft kids selling some bs which was actually a RA...
wait wtf lmao
stoic quarry
Wahoo
gusty inlet
CRTO > CRTO 2 > More whatever
But you didn't really argument on why you are recommending RTO II before more of whatever?
CETP starts advanced evasion from scratch, so even someone who knows nothing to evasion can go from beginner to advanced (Covers a lot)
I'd like to know why you think RTO II would be a better fit
subtle pawn
wait wtf lmao
i'm trying to analyze the obfuscated code but it's making no sense
crazy sh
cosmic pendant
But you didn't really argument on why you are recommending RTO II before more of...
Well i'm a big fan, and you have to learn it anyway
Writing the best 'malware' aka tooling doesn't matter if you can't operate
gusty inlet
Hmmm I kind of see where you're coming from
orchid tusk
i'm trying to analyze the obfuscated code but it's making no sense
were they trying to sell it off as some cheats or was it embedded in something dumb like a mod or skin file?
subtle pawn
were they trying to sell it off as some cheats or was it embedded in something d...
it was a minecaft mod lol i reverse engineered it and found out it was a fucking RAT
with their shitty code
gusty inlet
Don't wanna be that guy but this is a huge wall of text lol
spice otter
rip the big wall of text
gusty inlet
full jungle
Any competitions happening soon?
crystal mauve
warframe is not a puzzle game lol
U must have not done the puzzle rooms
spice otter
ok ok, 1 for every 100 π
crystal mauve
bitter latch
Can I have the role to access creators-lounge channel please?
spice otter
isn't that just the 4 keys that give you a debuff in lua?
crystal mauve
Drift mods were the shiet n so hard to get
spice otter
or am i thinking of something else
spice otter
Can I have the role to access creators-lounge channel please?
are you a creator
bitter latch
yes
spice otter
maybe try dming jaba
crystal mauve
Itβs been so long I donβt even remember which 1 I used in my build
proper sable
bros casually asking someone to commit a felony
desert dirge
what the hell
desert dirge
mabois discord name is emoji bob
It puts the lotion on the skin or it gets the π again
proper sable
report it to the police
south egret
crystal mauve
Nope
south egret
Melon didnt know u grinded the shit out of thm what the skibidi
sharp sail
Melon didnt know u grinded the shit out of thm what the skibidi
I did before i went over to htb
boreal scarab
- We are not hackers for hire.
- This discord is for https://www.tryhackme.com , an ETHICAL hacking teaching site.
- We do NOT condone, nor do we even break laws here.
boreal scarab
Melon didnt know u grinded the shit out of thm what the skibidi
Fuck that Gen Alpha slang
sharp sail
Don't forget to take SAL1 and advance to your PEN15 cert later
cosmic pendant
party time
boreal scarab
i got phished today
I get phished everyday on steam. Their attempts are SOOOOO pitiful.
"Here's a free giftcard, can you like my skin I totally made?"
I like accepting random people, seeing their attempts lol
jade orchid
Im about to complete my 32nd education room and im working on my net+ but I still feel dumber than a rock. Anyone else feel this way?
boreal scarab
ima send a screenshot
As long as there's no PII of yours like your name or email, all good to send π
modest thicket
yea ima edit that out
boreal scarab
yea ima edit that out
If ya wanna DM me you can π
cosmic pendant
Get attribution π
modest thicket
im about to post it here for the lolz. hopefully someone catches the bastards. got my password and CC info.. autofilled it with apple pay lmao
cosmic pendant
"forthcoming"
modest thicket
yea, im a dumbass, i get it
spice otter
thats insane
modest thicket
π
cosmic pendant
Troy Hunt Got phished
jade orchid
It happens @modest thicket. Just gotta take a lesson from it and try to fight the complacency that we all get sometimes.
modest thicket
well.. maybe im not too much of a dumbass after all 
I was just in a rush tbh.. was in the middle of working and thought i legit didnt pay my bill lmao
cosmic pendant
that's all it takes
jade orchid
did your email filter not pick it up? I cant imagine it being a warmed up domain.
modest thicket
did your email filter not pick it up? I cant imagine it being a warmed up domain...
i guess not
quiet roost
looool hopefully your bank can decline the transaction or you can let them know just in case or pause your card
modest thicket
looool hopefully your bank can decline the transaction or you can let them know ...
thankfully nothing was charged, i canceled my card immediately
cosmic pendant
wait
quiet roost
nice tbh they getting smarter with it not yoyr fault you not stupid at all
cosmic pendant
did you say it autofilled?
modest thicket
yes
sturdy thicket
Helloo
modest thicket
if you have a sandbox you'd like to play with it in, ill DM it to you
quiet roost
yh cant lie that is a problem
modest thicket
ok, what is VT? im quite new to this honestly
cosmic pendant
virustotal
boreal scarab
if you have a sandbox you'd like to play with it in, ill DM it to you
Browserling is the best, easy sandbox IMO
I like to mess with phishers sites by spamming em with bogus creds π
modest thicket
boreal scarab
Time to have some fun on Browserling!
I get brought to a QR code generator....
confused noises
boreal scarab
Mind DMing me the link?
modest thicket
Mind DMing me the link?
sure thing
jade orchid
im really not interested in going there myself but would love to see a screenshot
boreal scarab
Just random redirects
modest thicket
im really not interested in going there myself but would love to see a screensho...
in my ios it redirected me to like 5 different websites before i got to the payment page, which looked exactly like xfinitys
modest thicket
also, i replied to the email for shids and giggles with a congratulatory message, commending the bastards, and this was what i got in response.. not sure if this is normal or not.
cosmic pendant
lol, you may get a disclsoure
you should delete that
they may have an open mail relay
modest thicket
delete it from my mailbox?
cosmic pendant
from teh chat
modest thicket
or like my sent mail?
cosmic pendant
reach out to @boreal scarab he'll help you research that domain
you may want to reach out to an admin in that district
boreal scarab
modest thicket
reach out to <@214547132231843840> he'll help you research that domain
ok thank you!
twin ridgeBOT
Gave +1 Rep to @cosmic pendant (current: #44 - 218)
modest thicket
https://tenor.com/view/cat-cat-meme-research-research-time-computer-gif-13025313...
hope some good comes from it
modest thicket
https://tenor.com/view/cat-cat-meme-research-research-time-computer-gif-13025313...
thank you!
broken comm system i try to do good things
boreal scarab
What is a top tier consumer printer?
Top, my two cents is still anything Creality, but a lot of people think Bambu... but screw those guys
cosmic pendant
creality is top tier consumer?
boreal scarab
creality is top tier consumer?
IMO
cosmic pendant
I don't have any problems so far (it's my dads)
I'm looking at one
if I wanted to spend more money
what would you get?
let's say 3k
clear jackal
You're probably in semi-commercial at that price
boreal scarab
3k? Ultimaker is reputable, been around for a VERY long time
boreal scarab
I want to able to print in TPU
My Ender 3 V3 Plus can do that 
cosmic pendant
is that good or bad?
boreal scarab
even though it's giving me issues right now
cosmic pendant
what's the issue right now?
boreal scarab
Wont feed through. When I first bought it I could print in TPU very easily, when I feed it through now, it doesn't like it
Even dried it twice for about 10 hours, and it still didn't like it
cosmic pendant
darn
boreal scarab
Lemme try now, see if it likes it at all now
knotty pendant
cosmic pendant
yay
summer orbit
what do yall listen to while studying?
https://www.youtube.com/watch?v=O9Y1sEmyymw
cosmic pendant
what do yall listen to while studying?
https://www.youtube.com/watch?v=O9Y1sEmyy...
depends what and how hard
if it's really hard, nothing
otherwise, give me some radio hits (i'm old okay)
boreal scarab
https://open.spotify.com/playlist/6nIqtkcH3A5T2TlKLeklU0
I usually listen to this playlist. Gets me in the mood
summer orbit
https://open.spotify.com/playlist/6nIqtkcH3A5T2TlKLeklU0
I usually listen to th...
oshi i see daft punk, crystal method, the prodigy... some OG stuff
summer orbit
depends what and how hard
tru tru sometimes material requires complete focus
boreal scarab
oshi i see daft punk, crystal method, the prodigy... some OG stuff
If you REALLY want to get in the mood, https://open.spotify.com/artist/7tiEDqYPwBHFd5LBWRFK4U
Can never go wrong with Dual Core
summer orbit
love me some nerdcore
cosmic pendant
I was jamming out to Sisqo this morning π
twin ridgeBOT
Gave +1 Rep to @boreal scarab (current: #28 - 354)
cosmic pendant
Prusa XL ?
boreal scarab
thanks <@214547132231843840>
Welcome!
boreal scarab
Prusa XL ?
Never had a Prusa, so can't speak on it
sturdy raptor
ionic stone
hi
ionic stone
crystal mauve
Whatβs the meaning of the word suite in computer context ?
summer orbit
Whatβs the meaning of the word suite in computer context ?
a suite is a collection of resources or related programs needed to create a comprehensive solution for a task i.e. the microsoft 365 or microsoft office suite
desert shuttle
tomato tomato
crystal mauve
Ahh makes sense thank you @summer orbit
twin ridgeBOT
Gave +1 Rep to @summer orbit (current: #1842 - 2)
boreal scarab
@cosmic pendant Squishy dice!
Yes, I know it's low photo quality, best I can do.
And yes, it did fuck up down at the bottom, it was building on itself and it kept moving around
umbral bay
π
umbral bay
whoa its the tool man
The One and Only. π
summer orbit
The One and Only. π
from the back yard to backdoors huh?
umbral bay
from the back yard to backdoors huh?
Frontdoors too. π
summer orbit
Frontdoors too. π
F no gif perms
can i have admin rights for like 2 seconds so i can post the gif
deft quarry
The One and Only. π
I don't want to level up and lose my role color save me π
celest dirge
https://tenor.com/view/high-five-gif-15990802388247598953
So basically, all you have to do is like, verify, then BAM, Giga Chad gif perms.
storm smelt
Not sure if @ripe cedar is zieglers who made all the XDR and Sentinel rooms, but thank you and thank you THM! Fun stuff
twin ridgeBOT
Gave +1 Rep to @ripe cedar (current: #2807 - 1)
twin ridgeBOT
Gave +1 Rep to @celest dirge (current: #593 - 10)
celest dirge
thanks <@601312347063058433>
You are welcome.
spice otter
does anyone have a nice checklist for bug bounties
summer orbit
does anyone have a nice checklist for bug bounties
spice otter
https://github.com/sehno/Bug-bounty/blob/master/bugbounty_checklist.md
thank you π
twin ridgeBOT
Gave +1 Rep to @summer orbit (current: #1398 - 3)
summer orbit
portswigger logo is a side profile of a smiling person cant convince me otherwise
spice otter
oh 100%
deft quarry
For people who had pretty much no experience before THM, how long did it take you to feel confident doing the easy challenges without much googling
cloud quiver
For people who had pretty much no experience before THM, how long did it take yo...
2 years maybe π
spice otter
2 years π
deft quarry
I feel like after 3 months I'm on the right track for the challenges, but I'll always get stuck and in the walkthrough they'll use a tool I haven't learned about yet
But I also only just finished the Intro to Web Hacking topic\
spice otter
But I also only just finished the Intro to Web Hacking topic\
are you doing jr pen test pathway?
deft quarry
yeah
I have a lot of time to devote to THM since Iβm just working part time and then going to college in Fall
So Iβve been moving up pretty quickly, but once I got into jr pen tester I started watching videos to better understand the info
Cause thereβs so much
spice otter
yea im a little over a month in THM and im like 95% done with cyber 101, this has taken over my college work i always wait till the last minute to do that now...
deft quarry
lmaoo I was debating not even doing college and just trying to get by with certs and whatnot but
In the end I think I still wanna do college
spice otter
from what i was seeing most jobs will take off how ever many years of experience that ask for depending on if you have a degree or not
so it seems kinda worth it
deft quarry
Yeah and it seems almost necessary for the more senior roles so yeah I agree
spice otter
and then just try to get a few interns going will in college
deft quarry
and the uni I plan on transferring to after getting my Associates has an amazing work-study program
So I'll be able to get some experience too
rich zenith
I am 100 days in but I work 2 weeks out of the month so I can do 2 hours a day on the days I work, but when I am off, I sometimes go 12 to 18 hours a day on thm! I feel like by the end of the year I might have somewhat of an idea on what to do.
spice otter
12 to 18 hours π
deft quarry
I think the most I'll do is 3-5 hours in one day
rich zenith
The pain for a dead end job is so real real, I force myself to work harder here than I do at my job!!! I figured I should work harder for something that will pay off based on something that can lead to growth...
spice otter
π yeaaaa work just sucks
rich zenith
LOL Yep!!! In my line of work, the harder you work, the more work you get to do..
deft quarry
dang im rocking 7-8
I find it easier to retain information if I sit on only 1/2 topics a day
Any more feels inefficient for me
modern fox
brazen coral
Hello everyone, I have been coding for about a year now and can no longer ignore my passions for IT and Cyber Security, wish me luck on my journey π
Think im going to get my A+ cert and try to find a help desk job...
The road will be tough, but im READY yo. Interest rates can't stop me
spice otter
I find it easier to retain information if I sit on only 1/2 topics a day
really? to me its more like if the rooms match up and all are kinda related then it just clicks
crystal mauve
Interest rates?
spice otter
The road will be tough, but im READY yo. Interest rates can't stop me
thats called debt
celest dirge
thats called debt
Something I haven't run into yet while in college
rich zenith
As a matter of fact, while I am at work, I will replay Professor Messers video over and over again on my ear buds just to soak up more info on Security plus and network plus, whick are 12 hour shifts. I almost got fired for it.
crystal mauve
A+ isnβt that much is it
brazen coral
Well interest rates historically directly relate companies and their highering. Companies higher/pay on debt
deft quarry
really? to me its more like if the rooms match up and all are kinda related then...
I mean I could do more and retain the info still but I'm just starting college so I'm not really in a rush anyways
brazen coral
A+ isnβt that much is it
nope not at all! But gotta start somewhere
spice otter
I mean I could do more and retain the info still but I'm just starting college s...
truye true cant tire yourself just yet
spice otter
Something I haven't run into yet while in college
niceeee
brazen coral
A+ isnβt that much is it
yeah about $500. Plus i think i will pay around $100 for other resources/practice exams
deft quarry
I've heard Professor Messer's practice exams are good
spice otter
As a matter of fact, while I am at work, I will replay Professor Messers video o...
thought about doing that while i sleep but ehhh
deft quarry
That's about the only thing worth paying for
brazen coral
sounds like most of you guys are in college, are you guys cybersec undergrad?
spice otter
im a computer science undergrad
modern fox
It's like $500 for both exams I think
there is like comptia premium partners and so they selling discounted vouchers like u can buy 2 exams for 400
deft quarry
I'm just starting in cybersec for college yeah, but I've been doing THM for about 3 months
brazen coral
im a computer science undergrad
awesome yo. I graduted college about 1.5years ago
unrelated field!
spice otter
π
brazen coral
π
dark mason
Helllooooooo
celest dirge
Helllooooooo
Hello
brazen coral
I went to U of M and graduated with a business degree. I am in sales rn, looking to move
spice otter
ohhh
dark mason
How is everyone?
spice otter
tired, you?
deft quarry
I wish part time tech jobs were more common for college students lmao
rich zenith
Retirement isn't too far off if you think about it. Compound interest is the 8th wonder of the world. Just think, that $300,000 @ 10% return is $30,000/year. I could retire off that. Especially, if you know how to reduce your exspenses.
spice otter
I wish part time tech jobs were more common for college students lmao
yessss it would be so nice
brazen coral
Retirement isn't too far off if you think about it. Compound interest is the 8th...
Depends too much. You have to adjust for iinflation. This is what I do for a living rn.
dark mason
tired, you?
Just woke up, rn I am in class
deft quarry
I plan on working part time during college but there aren't really part time tech jobs
just retail
brazen coral
30k now is not 30k in 10-15 years
spice otter
Just woke up, rn I am in class
shouldn't you be paying attnetion π
spice otter
I plan on working part time during college but there aren't really part time tec...
help desk
rich zenith
Depends too much. You have to adjust for iinflation. This is what I do for a liv...
Some cash flowing assets adjust to inflation!!!!
dark mason
shouldn't you be paying attnetion π
It hasn't started yet
dark mason
I am here one hour early
brazen coral
I plan on working part time during college but there aren't really part time tec...
best buy has some good oppertunities. You can see if u can help at geek squad or something. If all you want is expirence in anything
celest dirge
I plan on working part time during college but there aren't really part time tec...
Literally my plan for the summer. I plan on applying to some IT support and Information Security internships/part-time.
spice otter
part time help desk jobs seem hella rare
honestly as long as you let them know your in school they should be lenient and acomadating
especially if you can prove you know everything
brazen coral
for you guys in college. Just make sure you guys are nice to everyone and connect with people on linked in and be the guy everyone likes
spice otter
100%
deft quarry
I hate LinkedIn but I was able to connect with a pen tester at Comcast who gave me a lot of advice and said he'd refer me to one of their internship managers
So it's definitely worth it
spice otter
woahhh
brazen coral
exactly dude. you would be surprised how many people are willing to talk to you and help you. Especially if they are alumni at ur school.
spice otter
well good night yall π΄
rich zenith
The million dollar question!!!! Guy one goes to college for 4 years vs Guy number 2 who gets Security plus and network plus on first year and last three 3 years matches college student by hour of study does nothing but labs, who would get hired first??
deft quarry
Good night!
spice otter
The million dollar question!!!! Guy one goes to college for 4 years vs Guy numbe...
thats assuming the guy in college just wasted all his time though, if they were smart they would try to get certs and labs done along with there college
deft quarry
^
The important point for the guy not in college is job experience
which is also very nice
rich zenith
thats assuming the guy in college just wasted all his time though, if they were ...
And how much in student loan debt would one be in???
deft quarry
well depends on scholarships and college
brazen coral
i aint in debt
deft quarry
And I also just think college is a very nice life experience
So for me it's worth it completely
brazen coral
college is what u make of it, rlly is tht simple
spice otter
yea
rich zenith
I was just wondering cause when I went for auto-collision, About only 15% of my classes was pertained to auto-collision. Then I couldn't ever get hired for everyone was wanting more experience. One guy wanted 7 years experience. I often wondered if I only eliminated all other classes and just went for more experience if i would have not been better off.
Let me ask you this (anyone), if I go to college, and I spent 30 hours a week in college, will I learn more in college on those 30 hours a week or will I learn more if I spent 30 hours a week on labs from tryhackme, hackthebox, ITProTv ect.... I am an older guy and time is not on my side!!!
leaden marsh
Auto collision what is
rich zenith
Fixing wrecked cars
leaden marsh
Let me ask you this (anyone), if I go to college, and I spent 30 hours a week in...
Great
craggy wadi
Let me ask you this (anyone), if I go to college, and I spent 30 hours a week in...
Sounds like you know the answer already haha. If you have general education requirements then that makes it even worse. You'll hear a lot of conflicting opinions about higher ed here. My opinion is that you can learn everything for near free online that a university will teach you (about cyber). Networking with people on servers like this is a huge benefit too. People are usually more than happy to pass on info and give valuable advice in my experience.
The benefit of university is the diploma and perhaps social/collaborative aspect.
Universities sometimes offer internship and job placement too which of course is a huge benefit. Not sure if that justifies the time and money needed to attend though.
desert dirge
Let me ask you this (anyone), if I go to college, and I spent 30 hours a week in...
College is definitely a big boon. I would put it to your circumstances and your learning style, and how well you know yourself.
Some people NEED that push, knowing that there are external forces (deadlines and exams) that they need to be prepared for to be successful
Other people can't afford the strict and often random scheduling of college courses, and need to study on their own due to work schedule, family, etc
rich zenith
College is definitely a big boon. I would put it to your circumstances and your ...
Very great points!!! Perhaps a man can get into IT with some certs, start off as help desk, then use platforms such as this to build skill, maybe one could do an online college, while jugging all of the other task!!!!
I am trying to see all aspects for I hear the pro and cons of all. I once heard a man say that he learned more here in 3 months then he did for his entire 4 years of college.
pliant bronze
I have a doubt.. Is it possible for someone to gain 45k points in 2 days via THM rooms.?
rich zenith
I have a doubt.. Is it possible for someone to gain 45k points in 2 days via THM...
They are 100000000% cheating
Might as well not compete!!! Better off to dissect the rooms and strive to be the better hacker!!
pliant bronze
They are 100000000% cheating
Even If we take a single person cheating the rooms via walkthrough, it still can't be possible. As we have to take the Rest/Sleep/Food/Eye Strain..
summer orbit
I am trying to see all aspects for I hear the pro and cons of all. I once heard ...
i am currently fresh in IT professionally and i can tell you that the only reason that i got a job was because i found a startup that would take anybody with a pulse. I have learned a ton in a matter of like a year and im super grateful for that but i had no experience and no certs. I have a vendor-specific cert for networking hardware now and unfortunately the particular vendor isnt cisco so it has been considerably difficult to find another, more ideal position. If you are going to do this then i would really suggest buckling down and getting DoD8570 certs like CompTIA A+, Net+, then Sec+. There is also a program that i am starting soon with Western Governors University for Cybersecurity and Information Assurance that is A) online, B) self-paced, C) less expensive the less time you take on courses, and D) provides not only a degree but also 14 industry-relevant certs by the end including the aforementioned 3.
It is going to take a lot of work and dedication but it can be done the right way
deft quarry
I was thinking of doing WGU, but ultimately I think I value the social aspect of conventional college more
But WGU seems like a very good option still
And it can be relatively cheap
summer orbit
I was thinking of doing WGU, but ultimately I think I value the social aspect of...
thats what i have you guys for
desert dirge
I am trying to see all aspects for I hear the pro and cons of all. I once heard ...
Just start somewhere tbh.
-
Download a notetaking program, I use obsidian, some people use cherrytree.
-
Download Virtualbox and start labbing with Ubuntu or RHEL because of the amount of documentation that's available out there for each one. OR do THM / HTB for your labs. It really depends what you're going for first.
-
Study Linux and Networking through community documentation and certification prep books like net+ CCNA/CCNP, etc.
-
Network Labbing for CCNP / CCIE can be complex, and require a lot of system resources, so I'd follow the A+ > Net+ > Sec+ path that @summer orbit mentioned above.
I still have no certs after drooling over them for a couple years, (I think I'm scared of the exams, which is dumb lol) but I still fool around labbing and reading
deft quarry
Just start somewhere tbh.
- Download a notetaking program, I use obsidian, some...
I love Obsidian
Only issue is needing to use a 3rd party sync service
Which isn't too big of a deal
desert dirge
No it's not a super big deal, syncthing or cloud storage both work
heady wave
Should I go for the CCNA or Network + ?
desert dirge
Obsidians native sync service works too
rich zenith
i am currently fresh in IT professionally and i can tell you that the only reaso...
I have SYO-701 Security+ and a very good work ethic!!!! I am working on Network+ and the hours on labs are crazy amounts of hours I am doing. For instance, I read the CompTIA Security plus cover-to-cover twice. Listened to Professor Messers 121 videos 10 times while at work. I am 100 days in with almost 200 rooms completed!!!! Surly that is enough to get my foot in the door somewhere!!!
deft quarry
Obsidians native sync service works too
Yeah that one is paid though I think
I just use OneDrive
summer orbit
I have SYO-701 Security+ and a very good work ethic!!!! I am working on Network+...
cheers sounds like youre doin the thing. Keep rockin then and get your resume/cv together and start shooting it off
desert dirge
I can afford to pay obsidian to support their good work but I haven't pulled the trigger on a sub because I wanna be sure who is reading my junk
dont need my files appearing somewhere in the mysterious ether that is the cloud
summer orbit
Should I go for the CCNA or Network + ?
depends on what jobs youre lookin at. if you find that CCNA is a requirement for positions you're interested in then grab it, but not every employer is going to use cisco
deft quarry
Yeah the only thing I didn't like about Obsidian is for some reason not being able to manually sort your notes/folders
Had to download a plugin for it
desert dirge
Yeah the only thing I didn't like about Obsidian is for some reason not being ab...
whatttttt! I can do this right out of the box on ubuntu
deft quarry
Hmm, did you get it more recently? I had downloaded it in like January I think and had the issue, googled it and apparently it was normal
Notes are tiny enough to wear I don't even have to do the $1.99 OneDrive subscription
I've used 0.1 out of the 5gb you get for free
I use SyncThing to sync my vm now though
rich zenith
I know that A+ should have been first!!! However, I watched an entire YouTube course on A+ and understood about 90% of it. I have started Network plus and Listened to Professor Messers 87 videos at least 5 times and started the book. Should I get A+ first before Network+ or go for Network+ first since I already have Security+ first?
deft quarry
A+ seems nice to get the extremely entry level jobs but it's so very boring
desert dirge
If you're confident enough in your knowledge, just take the exam, it will be nice to get an easy win and put your resume out there
summer orbit
I know that A+ should have been first!!! However, I watched an entire YouTube co...
A lot of jobs that i've seen only require one of the DoD 8570 certs to be considered but given the competitive nature of the market always and particularly now I would definitely recommend getting more certs under your belt
finite basalt
There's a good roadmap hang on
deft quarry
If you're confident enough in your knowledge, just take the exam, it will be nic...
Eh, considering I'm going to college and not actively job searching I don't think the $500 is worth it
devout palm
Morning
deft quarry
I think it's good for the entry level help desk jobs though
finite basalt
depending on what you're doing, this may help give you an idea of what certs you want to bother persuing
rich zenith
https://pauljerimy.com/security-certification-roadmap/
Thanks!!
twin ridgeBOT
Gave +1 Rep to @finite basalt (current: #94 - 83)
desert dirge
i think we may have crashed the server
finite basalt
At the moment, I only have the AWS CP but I'll be looking to persue more security oriented certs once I've some more money coming in
deft quarry
i think we may have crashed the server
Yeah lmfao
finite basalt
currently working part time so don't want to be spending my money on certs haha
yep π
Work offered to pay for it so I said fuck it why not
rich zenith
Pentesting is what I was think but also I hear there's more blue team jobs out there.
deft quarry
Work offered to pay for it so I said fuck it why not
Best cert is a free one
finite basalt
absolutely haha, I'm actually going to be working in dev ops for the next year or two rather than security but once I've a bit more experience I'll be transitioning
rich zenith
Is linux+ a great cert?
finite basalt
Comptia is generally pretty respected but yeah it depends what line of work you're wanting to head to
rich zenith
Whick cert first for pentesting?
finite basalt
Like the AWS CP one is under security architecture and engineering, specifically cloud/sysops but I want to head more towards sec ops and either pentesting or exploitation (if we're referring to that roadmap)
devout palm
absolutely haha, I'm actually going to be working in dev ops for the next year o...
Why not directly cyber like SOC Analyst or sum?
deft quarry
Fighting the urge to try to break into the field faster instead of going to college is so hard tbh
finite basalt
If you're looking at an entry level cert for cyber sec then I'd probably recommend pentest+
finite basalt
Why not directly cyber like SOC Analyst or sum?
I did an internship with my current job and am technically going to be working under another region associated with them
mellow narwhal
If you're looking at an entry level cert for cyber sec then I'd probably recomme...
sec+ is more entry level I think
rapid merlin
does pentesting involve hardware and software?
finite basalt
so work wise it'll be an easy transition and it will pay me very nicely as a graduate haha
mellow narwhal
does pentesting involve hardware and software?
software most of the time
devout palm
I did an internship with my current job and am technically going to be working u...
Oh good luck.
finite basalt
sec+ is more entry level I think
depends what you're after, security+ is more about security and risk management, it's more general purpose, pentest+ is obviously more specialised around pentesting, so depends massively
mellow narwhal
yeah that's true
deft quarry
Does anti-cheat development for games fall under the same umbrella of cybersecurity?
mellow narwhal
Does anti-cheat development for games fall under the same umbrella of cybersecur...
yeah, game developers do this
by anti-cheat, I mean secure coding practices, packing binaries, etc
devout palm
Does anti-cheat development for games fall under the same umbrella of cybersecur...
Yeah but It mostly requires demonstration of skills via blogs, tools, foundings etc.
mellow narwhal
never heard of that
finite basalt
Oh good luck.
thank you π I'll be starting around june I reckon, although I've a flexible start date, because my current workplace work closely with my new job I won't need to worry about notice, they'll just sort of say "cool, can move whenever you're ready" (main condition being that my handover's mostly complete and that my contract at my current place won't have expired by then haha)
twin ridgeBOT
Gave +1 Rep to @devout palm (current: #26 - 380)
rich zenith
OSCP hard to get?
mellow narwhal
Same for any CompTIA cert
mellow narwhal
OSCP hard to get?
Depends on your skill level
finite basalt
depends as well what you focus on
like from what I've heard OSCP is very very heavy on the AD side of things
so if you're an AD wizard you'll probably find it easier than someone who isn't
mellow narwhal
OSCP also costs a fortune
Which is why I'm leaning towards CPTS for my first cert
deft quarry
I hope to have all these certs by the time I'm done college in 4 years π
finite basalt
I'm looking at eventually doing PNPT for my first security focused cert
devout palm
I heard CRTO is harder than OSCP AD-wise
finite basalt
just because it's not too expensive and is still decent
mellow narwhal
I heard CRTO is harder than OSCP AD-wise
Probably would be. You don't need evasion/persistence/whatnot in OSCP
finite basalt
anyway, I'm not sleeping tonight, I'm off for a shower and maybe a light nap on the settee
mellow narwhal
afaik OSCP has one AD set and three standalones
rich zenith
CPTS might be a great start!!??
finite basalt
I'm supposed to be up in 3 hours and I got up 12 hours ago so it's time to fix the sleep pattern 
mellow narwhal
CPTS might be a great start!!??
people say its harder than the OSCP, but the time constraint is much better
plus its an eighth of the cost
devout palm
My crush texted me to study together
mellow narwhal
those three unrelateds scare me
deft quarry
My crush texted me to study together
W
finite basalt
My crush texted me to study together
hell yeah man π enjoy!!
devout palm
Time to explain reverse engineering with IDA
devout palm
Time to explain reverse engineering with IDA
Ahahahha jk
mellow narwhal
I thought one of those three standalones would be buffer overflow
so I assumed that's in a more pwn setting
finite basalt
I was in the uni library and it was empty other than my mate because it was 3am, it was fucking hilarious
in between working we were blowing rasperries on our arms and making fart sounds
devout palm
Lmfao
finite basalt
Very productive, mind you I got a shedload of work done yesterday
and drank 5 redbulls
mellow narwhal
Oh good to know lol
devout palm
and drank 5 redbulls
Ooh I can't be caffeinated. It goes crazy with meds.
mellow narwhal
but existing exploits are.. easy
devout palm
What a bummer.
I want cofffffffe
mellow narwhal
I thought it'd be more like craft your own POC or something
rich zenith
On CPTS, I heard one guy compromised all 6 machines and fail because he didn't do the report correctly.
finite basalt
Walked out of the shop last week when I was working on my dissertation, I walked out of that shop with 8 redbulls and a pack of jaffacakes
mellow narwhal
Dude, the way people talk about it...
finite basalt
Ooh I can't be caffeinated. It goes crazy with meds.
ahh that's fair man, I think caffeine is the only thing keeping me sane rn
I was burnt out from uni a month in and am still chugging on. I looked in the bathroom mirror the other day and literally thought to myself because I couldn't remember where I'd been for a good week
mellow narwhal
On CPTS, I heard one guy compromised all 6 machines and fail because he didn't d...
Report needs to be professional
yeah that makes sense
if you were comparing it to an HTB box, where would the actual technical difficulty of the machines lie?
devout palm
I was burnt out from uni a month in and am still chugging on. I looked in the ba...
Oh man, you are worth more than everything else. Hope you get better soon.
finite basalt
I've gone through the 5 stages of grief with this university, I actually am slightly happier now though
mellow narwhal
yeah I've read reviews where people say time was the most difficult thing
finite basalt
I complained to the head of the school about my dissertation supervisor in particular and every other little thing wrong with the course
mellow narwhal
checks out
rugged kayak
finite basalt
and then yesterday I emailed him to say that one of our modules should be seriously reconsidered grade wise as it wasn't fair to the majority of students
mind you I think that'll be an after easter response
The stink I have kicked up about problems this year has been beautiful
rugged kayak
finite basalt
Dropped some lore on the head of the school and mentioned when my dissertation supervisor turned round to a lad in a class and said "you wanna take this outside?"
his jaw dropped and I said that he needed a serious attitude adjustment, he was remarkably friendly after that
devout palm
I have to find an internship. Uni requires on-site. Pffs.
naive violet
and then yesterday I emailed him to say that one of our modules should be seriou...
Ngl that's how I got put in touch with my pentest job
finite basalt
Ngl that's how I got put in touch with my pentest job
seriously? do unis just have a thing for making shite modules π
rugged kayak
do u think i could get oscp with 3 months plan
cerulean aurora
is theri any tool or site wher i can get the site map of a website
finite basalt
We have an active directory assignment where half of the things you get marks for won't work whether you do it right or not because the configuration was a case of throwing shit at a wall and seeing how it stuck
4000 words worth 60% of the module, meanwhile last semester (the same module leader) 9000 words worth 20% of the module, meanwhile dissertation (two modules) 9500 words 40%
finite basalt
I said the weighting for the assignments was completely random and made no sense and pointed out that other lecturers has said verbatim "the assignment should not have been given out in its current state"
gritty mural
rugged kayak
oh so its not 15 machines on exam
finite basalt
but if I pass these final modules I'm guaranteed a 2:1 and if I average 51% I get a first
so I want 20% minimum on this final report and I'll be fine
finite basalt
Active directory makes me irrationally angry at the minute, it's worse than DNS and it's always DNS
rugged kayak
@mellow narwhal have you found anyone willing to buy our souls for oscp money
finite basalt
Setting up active directory for network auth on debian using realm and sssd is evil..
this is a sample of the specification we're given @naive violet they said "we don't expect you to finish it all" and I'm not surprised, there's loads of stuff that's worth basically nothing π
at one point they were asking for a samba share to be setup on linux and linked to windows active directory, ended up being changed so the smb share can be on the windows machine instead thank god
slate linden
good afternoon guys
finite basalt
morning π
fair linden
good morning
crimson phoenix
Hi - noob here - are they any free rooms that recommend which tools to use for bug bounty hunting like XSS and SQL injection? And if there are what are the names of the rooms?
chilly veldt
Time to lay in "pain" for 8 hours today
fair linden
good morning @jagged yarrow
sick lance
Hi - noob here - are they any free rooms that recommend which tools to use for b...
Burp is an industry standard.
crimson phoenix
Burp is an industry standard.
Ok thank you!
twin ridgeBOT
Gave +1 Rep to @sick lance (current: #2 - 3640)
mellow narwhal
<@814024685389217792> have you found anyone willing to buy our souls for oscp mo...
maybe
rugged kayak
maybe <:psyDuck:861274247438532639>
does his name starts with d and ends with evil
mellow narwhal
does his name starts with d and ends with evil
maybe it starts with o and ends with ffsec
or maybe it starts with h and ends with tb
rugged kayak
maybe it starts with o and ends with ffsec
fr they should accept payment in kidneys or something like that
i will devote my life to them just lemme get the cert
near sapphire
fr they should accept payment in kidneys or something like that
Just get a job
near sapphire
no ping very busy
Ping
sick lance
shut up nerd
Let's not be rude and disrespectful please.
rugged kayak
Let's not be rude and disrespectful please.
bit of banter with good friend cant hurt no one, context matters
sick lance
bit of banter with good friend cant hurt no one, context matters
New members might not see it that way.
Please keep it civil, or not in this server.
There are more members than just you two in here.
shell nova
bit of banter with good friend cant hurt no one, context matters
The double negation does make this statement true π
rugged kayak
sick lance
https://tenor.com/view/disintegrate-gif-22469816
This is pointless.
You agreed to adhere to the rules whilst you're here.
rugged kayak
its jover
shell nova
Oh dear, is it now?
rugged kayak
Oh dear, is it now?
yep π
sick lance
It's a mute, if choose to ignore a moderators request and don't adhere to the rules.
shell nova
It's a mute, if choose to ignore a moderators request and don't adhere to the ru...
Wrong window?
rugged kayak
It's a mute, if choose to ignore a moderators request and don't adhere to the ru...
lmao what
sick lance
Wrong window?
Nope, correct window.
Just pointing it out since my last message was disregarded.
shell nova
Ah was missing context it seems
shell nova
Β―_(γ)_/Β―
chilly veldt
Tattoo time!
shell nova
Amazing how don't be an idiot is such a hard rule to follow, eh?
rugged kayak
god forbid man makes joke
languid galleon
Hi everyone, is anyone here familar with getting a reverse shell by contaminating logs? Specifically the access.log, it's for my assignment and it's driving me crazy
shell nova
Tattoo time!
Glhfdd
shell nova
Hi everyone, is anyone here familar with getting a reverse shell by contaminatin...
It's a pretty classic case, I'm assuming PHP?
sick lance
We can't assist you with any work or student assignments
languid galleon
Yes PHP
shell nova
Well that too, but should be easily researchable
hollow ledge
hi guys i have completed 70% of complete beginner path in thm they removed it should i do cyber security 101? why did they remove it
languid galleon
I done LFI and RFI but LFI with contaminated logs just seems impossible to do
sick lance
hi guys i have completed 70% of complete beginner path in thm they removed it sh...
Old content.
shell nova
hi guys i have completed 70% of complete beginner path in thm they removed it sh...
Obsolete
shell nova
I done LFI and RFI but LFI with contaminated logs just seems impossible to do
Keep trying
sick lance
Didn't you read the rules when you joined the server?
shell nova
You'll need to figure this one out on your own, but you're on the right path
Can't help with homework
sick lance
Because your profile tells me you did agree to them.
Here is a refresh #rules
Pay attention to number 5.
languid galleon
Okay if you can't help do you know a room on THM that can help
shell nova
You're just missing one small part, I assume you know what the logs look like
shell nova
Okay if you can't help do you know a room on THM that can help
Should be rooms on lfi
Don't have the exact name
rugged kayak
passive aggression is off the charts today
chilly veldt
Did everyone get a good breakfast?
sick lance
passive aggression is off the charts today
Like this comment?
shell nova
Did everyone get a good breakfast?
Sadly no π¦
chilly veldt
Awwweee
languid galleon
You're just missing one small part, I assume you know what the logs look like
when i do nc with the target ip and port 80 (OWASP DVWA) i get a http 400 bad request I was told that is okay but getting a reverse shell using burpsuite / php payload wasn't working
chilly veldt
Then it's good there's a lot of time to get breakfast still
languid galleon
passive aggression is off the charts today
Ikr
shell nova
when i do nc with the target ip and port 80 (OWASP DVWA) i get a http 400 bad re...
Try a simpler payload
sick lance
Try a simpler payload
Please stop assisting them. π
rugged kayak
Like this comment?
dont you have anything else better to do than bully me over one message π
shell nova
Please stop assisting them. π
I'm not giving answers
fringe nacelle
languid galleon
Try a simpler payload
Okay thank you I'll try that
twin ridgeBOT
Gave +1 Rep to @shell nova (current: #13 - 625)
sick lance
Overthinking will be the death of me I guess
Not after today it won't
languid galleon
Please stop assisting them. π
Bro chill
shell nova
Not after today it won't
Is the deadline looming?