#general

understandable, have a good day

Try verify if your vm is on same network as your host, ping the host machine. and make sure nessus is running and listening to the right IP

Oh no I didn’t let me check

Whooaaa I’m actually so jealous

W tattoo Bella

it in the same network and i can ping

Check what port/ip it's listening too (Try disable kali firewall temporarily and try again)

thanku thanku, the 30th it's getting "linked" up with my medusa tattoo so it fits better on my arm

pogggggg. so pretty

@tender tide i would appreciate a thumbs up or acknowledgment 🙂

in the kali ?
if yes how ?

@chilly veldt genuine question about tattoos, aren't you scared/worried you won't like them latter in life when you get older?

I read it thanks 🙂

Gave +1 Rep to @mossy river (current: #6 - 1577)

f no, I'll still look hot af 😎

Thank you

Gave +1 Rep to @tender tide (current: #2812 - 1)

That looks cooool

I’m gonna get a full back piece of your face and update you in 17 years

This is some of the parts I'm missing

sudo ufw status check it otherwise ufw disable

Otherwise clear the raw iptables

Hello guys

Alright, time to commit to the THM grind for another few days

And the tree is also wrapping around

Mostly sounds like a firewall issue or nessus is not listening to the correct IP/port.

how i clear it ?

When I let nessus run in my company overnight (life) I mostly manually set up the ports / IP's it needs to listen to.

Sometimes it requires some Firewall changes on fortinet to get it through. Or whitelist nessus.

Try this? sudo iptables -F

I worked for a corp where we were limited to 4-ish hours a week that we could run those scans, had to be very specific on what we were going to scan, the time allotment we’d give the scan, etc etc

Idc im my own manager, I just tell my company I do this this day. They just have to accept my time and schedule hahaha

But I work their internal with 2 people 36 hour

Mainly just Sysadmin / network engineer.. but I do spend my time sometimes on cyber related things.

very nice, what's missing? looks done

Wasn’t trying to force that on you, obviously different business needs which is the beauty of cyber

(And the hell of it lol)

still the same problem ):

Hahah I know, sorry probably my reply was a bit messed up on my phone so i try type short and quick

the second picture is showing what it's missing and also a small part at my hand

Oh, yeah

didnt notice that

Do you guys use custom webshells or just the classic ones?

Alg

I am a webshell

I personally have a few I like to use just from experience but they’re open source, which works just fine for my use case

Ehh hard to tell from here try to check open ports currently: nmap -Pn -sS (Kali VM IP)

if nmap can't detect neither will nessus

no worries, so far this has taken 6 hours to ink in, missing 2 hours to finish the rest

8hrs seems like a lot, guess is because all the colors needed?

@sour osprey Otherwise another thing u can check is, Network > Adapter > bridges > check (Replicate physical state) try a specific adapter like WIFI / ethernet

colors and all the details

and also size

my shoulder took 10 hours

can you call me and see the config ?

@sour osprey No im at work on my phone bro sorry

Just try what I wrote above, otherwise perhaps enable webserver on Kali and scan port 22 on both Nessus and Nmap do > sudo apt update
sudo apt install openssh-server
sudo systemctl enable ssh
sudo systemctl start ssh

namp on my windows cant find the kali too

I have a dragon on my back which took like 3, but it was one ink only and not a lot of details tho. Should give it more details now

what is it?

Yeh if Nmap can't Nessus is not going to either so try enable webserv on kali

and scan port 22 with nmap and nessus

medusa's face with snakes, one going down on my shoulder blade and one on my collar bone

Cool

i will try it now

What free C2 frameworks do you guys use? (Planning to setup a C2 server to see how it would work)

the one I have on my leg took 21 hours

hi

I wanna try armitage but not sure how much I would like it

If that doesn't work it might be an issue with Firewall, or bridged config with Host > VM

Since Nmap can't find ur VM

Armitage is no longer supported

That's why I think I won't like it

Which hypervisor?

It works but it's not supported

but my windows can ping the kali

oracle VM Virtualbox

Windows can't be pinged by default...

What?

Enable the webserv and nmap -p 22 (kali IP)

You won't ping or nmap windows by default

What on earth should I do

honestly there's all sorts that do the same but different. I'd search up "c2" in github and see what's going in various languages, all different features.

I'm quite a big fan of Sliver

Yeh but Windows pinging ur kali just says your bridged connection worked by using the same adapter from ur host

But ur kali is probably blocking something from Nessus to scan not sure 100%

nmap -Pn -sS -p- <Kali-VM-IP> yeh that one more advanced scan kind of u can see it that way

nmap cant see it

did u try enable webserv?

and there is no UFW in my kali

Woah.

For the third, and last time.

WINDOWS CAN'T BE NMAPPED OR PINGED BY DEFAULT.

Thanks for coming to my Ted talk.

i run this
install openssh-server
sudo systemctl enable ssh
sudo systemctl start ssh

oh another user that don't read all the notes/warnings/error messages commands provide on linux

Yeh but u forgot sudo apt update at start I think?

Or listen to users who are wrong.

man i can use linux but i have an issues and try to ask

What's the issue?

Im just out of my thumb guessing bro Im on work doing other things, not seeing anything of his screen and settings.

No need to instantly comment that XD

i install nessus in my windows ok ?
and my kali is bridge but nessus and scan it

So kali is in bridge with ur host and nessus is running on ur host (windows) is that what u mean?

i dont know their problem

I guess they just comment but don't help either, perhaps narrowing more down what ur setup config is in text form for everyone. Might ring bells for people 😉 ?

Are you trying to scan your windows from Kali?

I've said three times that Windows won't be scanned by Kali by default.

duhh that I know, but I do not know his entire config 😉

You don't need to know.

It doesn't matter what connection is connected,.it won't do it by default regardless

yes i have windows in my pc and i use virtual box in my windows and i install kali on it

And I don't know that he doesn't know and didn't already changed default config.

I know exactly what they haven't changed.

Than help him instead of just commenting on other people doing their best mate

i try to scan my vm kali using my windows

^

makes no sence to talk other people down

I would but they've been ignoring what I said buly listening to your wrong advice.

You might know more then him or me, yeh good job no need to talk others down.

no not ignoring you

Im on my phone, I was purely looking his chats bro, not everyones.

nmap -Pn iphere -otherflags here

but you dont understand that i try to scan form my windows to kali

Are you using the correct IP address?
You can try double checking by running this command in your Kali VM:

ip --color a

You want the IP address connected to the third (NAT) interface.

Can you ping the kali machine from your windows host?

XD

yes i can ping

yes i check it

I think everyone is just gonna continue saying same stuff I said but w/e @sour osprey Perhaps ask the Mod scrubs he knows

You can check whether there are any open ports you even can scan by running ss -tulpn in the Kali VM as well.

If there is nothing, the scan will likely not succeed, even if you use nmap -Pn.

Excuse me if I repeat stuff, I just came into the chat. ^_^

finally

Is that the entire output?

yes

Hmm. Give me one moment.

and new rank

Aaah, now that makes more sense.

._.

woah woah woah

The tcp ports 22 and 8834 are open, try running this command on your Windows:

nmap -Pn -p 22,8834 -T 5 <kali IP>
```If you want me to verify your IP address, you can also send me the output of `ip --color a`.

I would not suggest hacking your os.

At all.

?

They're trying to target their OS with Nessus

What does --color do? i just tested on mine and its the same output as ip a

They are trying to target a Kali VM with Nessus.

That's worse.

a VM with Nessus?

It won't pick anything up and they will think it's broken/not working l.

Some terminals print the ip a output with colors, which makes it slightly less nice to read.

Idk that feels unnecessary

I'd assume that's for practice.

But I am not them.

Yeah, probably

Not good practice.

yes

I think he just wants to test / practise scrubz.. I just use it on life environment on test dummies / vcentre servers.

Kali ships with nothing open by default

Use it ok vulnerable vm's

ah ok, thank you

Gave +1 Rep to @lament tendon (current: #36 - 259)

Metasploitable 2 would be a good choice in that regard

Just keep it isolated, of course

@sour osprey you can DM me if you want.
Imma go drop out of this chat.

i have it

and it has the same probelm

Metaspl2?

yes

Ideally, you'd want to use a VM with Nessus installed.

However did Nessus download all the web plugins?

yes

nessus can see all device in my network

my phone

and router

I just studied 8 hoirs but still have an additional 2hours which isn’t needed (like you can choose to either go or not)

Should I go chat?

I would end, at some point your brain isn't capeable to save everything u study with such long session 😛

I study 8hourd everyday except for sunday and saturday bruh

I take breaks, I Study 4 hours a day but 1 hour a session.

And Wednesday it is 4

And it's easier to save everything u studied. Because brain will be overloaded. Won't remember details of what u read or studied in the first hours.

Wym take a brake? I’m talking about school

Ohhhhhh I thought you at home hardcore studie 8 hours in a row hahaha because that's different man

No, talking about school

Can't answer that one, I always went and left whenever in my school times.

Duh 10 hours is a lot

I’ll just go

I guess it's do-able probably just like working 8 - 10 hour shift 😛

@fair linden

hey , is the THM AI chat bot gone? or is it just for specific Rooms

well atleast slow mode is gone

Just some rooms.

Madness is gone too.

ah ok thanks

Gave +1 Rep to @sick lance (current: #2 - 3647)

since when was VMware bought by broadcom

a minimum of 5 ish month

yea it sucks, they broke the vnc console and you cant even get the client anymore

@sand trench gib mead. I need more drinks. This Maltego AI is annoying me right now lol

anytime you try to get their workstation, it justs leads to their dogshit broadcom registration

disgusting

that part, i use virtual box and proxmox for esxi

eh for a virtual machine manager having regristration requirement does not feel pointless for shadow

but for a meeping programming language like oracle does??? meep no

https://tenor.com/view/vikings-history-gif-17983846

Skål!

CHEERS

now go listen to some brothers of metal

would recommend the mead song

Hey everyone!

My name is Svfear, and I'm currently diving deep into the world of cybersecurity. I’ve built a solid foundation over the past few years — working on platforms like Hack The Box, TryHackMe, and doing some bug bounty hunting on HackerOne and Integriti. I’m comfortable with tools like Burp Suite, Nmap, and Kali Linux, and I’ve participated in CTFs and solved a variety of challenges.

Right now, I’m looking to level up and would truly appreciate the guidance of a mentor — someone who can help me sharpen my skills, stay focused, and offer advice on progressing in the field, whether that’s preparing for certifications like OSCP or CPENT, or growing as a professional penetration tester.

If anyone is open to mentoring or pointing me in the right direction, I’d be incredibly grateful. Thanks in advance — and I’m always down to connect, share knowledge, or collaborate with others here too!

Stay safe and hack the planet!

Are we allowed to essentially cold ping individuals in this channel or is that against the rules?

Welcome to the community, you are off to a good start joining this community and reaching out to a community in general. Alot of knowledgable people here across a wide range of topics and skills. If you have questions feel free to ask but make sure you read the rules and stuff. Otherwise were glad to have you

hi crackers hru doing?

no rules against it as long as it's not spam/harassment 🙂

sick cheers

wait am I not verified

no i just ment my role I realize I cant see the verified role

you can do verify your account via /verify

Their authentication system is broken

Couldn't download anything

Yea I’ll do it when I get home must have been my old account I got locked out of

I integrated local AI with Maltego! 😄

https://tenor.com/view/wolf-of-wall-street-lets-goo-gif-1888331416015157494

I got this badge

How do i get this one ?

How

I think i made too many points on bronze league

oh

So only Top 1 players get badegs?

Rest all get nothing

Even if they reach last league

Idk, i got the bronze badge , idk if u get the other ones

Is anyone doing the new mayhem room that came out? I cannot for the life of me figure it out

Are ipv4 and ipv6 treated the same in most applications ?

Yes.

What is that button??

Like cmd button

Develop rooms

U develop rooms ?

Forensics room?

no

@mossy river Can I dm you ?

I was just checking it

Go for it

Anyone can develop rooms

What can u do with that ?

Oh ok

Its the one with the pcap file it came out like an hour ago I think, I mean im new to wireshark but Im so lost

Upload configuration files

Oh

@fervent ruin you from india?

I sent you a dm @mossy river 🙂

No?

Why u think im from india ?

Your profile

It has an Indian symbol

Emoji

Im not from india

This is om symbol, and Trance symbol

Oh

Anyway here's how 4chan got hacked

https://youtu.be/dHL5XLYTADg?si=jSA4qXmYjkfFQM0r

Malicious file upload ?

Yea

Not SQL

They should know more

About security

I find it interesting that this happened so soon after people were doing all kinds of experiements with what they could cram inside a PDF

Does anyone know how to get an account in Any.run without a corporate mail?

like the people putting Linux in a PDF or (of course) Doom

Only with a corporate email I'm afraid

Is it only specific corporations?

Because I have an LLC

Idk if they verify it but they won't accept Gmail etc

I call it my startup because it "starts up" any time I need to fill an employment gap

afternoon everyone

I'll try it with my LLC's email. Although currently it's just an alias for a yandex email inbox lol. I was hosting my own mail server for a while but that's a nightmare

Thanks

Gave +1 Rep to @silver sky (current: #38 - 249)

FYI it worked with my .biz domain

any.run?

yep

How can I create one

Do you own a domain?

no

Ah well it might not be worth the hassle, but see if you can find some promo offer that lets you lease a domain at <$1 USD/year. Then you can use that domain to create aliased addresses to whatever inbox you want

every email provider is going to have slightly different instructions on how to do it

It just worked with my university mail lol

oh lol that works too

So they accept any email under a private domain?

It seems like it

Basically

Zoho Mail is good

I use Yandex just because it's what I'm used to. It's a little awkward tho with them being a Russian company and all but I'm lazy and don't want to migrate

Yandex might get you flagged by a few email security systems

Yeah but not as many as when my email server was hosted out of my coat closet lol

I don't use that email address for very much these days, just keeping in touch with old clients when they need support on systems I built for them ages ago

Ah fair enough

and when I need to pretend to be 'HR' for my 'company"

Good way to get an amazing reference

Bingo

I just don't abuse it. I never claim to have done jobs that I'm not qualified for and I only really ever use it to fill gaps in employment

Sometimes I 'hire' my friends who also need gaps filled

When my website was up though you would have thought I ran the premier MSP in my city I had AI generated portraits of all kinds of executives that didn't exist

This was early on so AI wasn't that good so what I did was took images of friends and family and used the genderswap filter (with their permission)

Depending on where you are just beautiful careful as that might be considered fraud/theft

Lmao I'd fly shy of the fake execs, but the rest of that sounds like a decent way to help when you know someone is qualified and is struggling for a job

Well I did run an actual business that provided actual services to people so I have some proof of income and all that. I just wanted clients to not feel as though they were taking a chance on just some line cook who like playing with Linux in his free time. Even though that's exactly what they were doing

I had the right permits and insurance and all that though

I was using and configuring OSPOS before it was the fleshed out software suite it is today with all kinds of handy guides and documentation. I actually wrote the bulk of some of their official documentation because I figured out all kinds of stuff through trial and error on the job

whats that

I just finished it, it was a good idea we did an important lesson

This is fraud, which is illegal.

I am HR for my company

I run an actual business

That is Maltego, but I integrated my local AI into it, and now I have my AI telling me information about what Maltego found.

Hell yeh brothaa

I'm in the process of putting it on Github.

ahh

Hey guys I had a couple of questions

griding picoCTF is "fun"

smart man/woman (im not sure)

Is KVM/QEMU technically faster than virtualbox and VMware?

Does KVM/QEMU only work if your host OS is Linux?

Man

😄

I'll delete those messages if it's still a bannable offense even with the context provided. Not trying to get yeeted here I'm in the process of transitioning to enterprise IT.

It might work on anything Unix-based but I'm not sure

Just don't promote illegal activity

is this week's league ending today 11.59?

Tomorrow

GMT iirc

Ay my room writeup got accepted 🥳

nice

@sick lance

Phishing link

Account got hacked ig

Done!

Prob, thats sad.

his messages didn't get deleted tho

Oop

Just did

yep

Which room

One of the new Azure ones 😶‍🌫️

what llm are ye using for that?

I'm trying to report the domain hosting steam phishing link web pages, it is hosted under cloudflare , so cloudflare is sending all my personal data to scammer/hacker?

Why would you send data to website owner , when he is hosting phishing links

Can you just not tick that? CloudFlare aren't very good at taking sites down imo

I can't

Cloudflare abuse reporting it trash

It'll just be your report, so ig its intended for sites that were hacked and used for malicious activities

@sick lance

@sick lance

speaking of one

Done!

It was not hacked , it is hosting intentionally

Yeah I'm saying maybe they had it for that case

Like I reported 6 domains to publicdomainregistry

Well, I am officially finished with my little project 😄

They banned all of those

nice

That guy actually fell for the previous link ig

Thanks 😄

Gave +1 Rep to @blissful snow (current: #359 - 18)

What guy?

ohh now I get it

lol

What did u make ?

Someone sent a same link 10 mins ago

Yes

I was trying to report the same link

I saw it lol

what did I miss?

Everything

It was crazy

Keep repeating myself lol.

It's a program to integrate your local AI into Maltego to give you information about, anything.

I wonder how much it costs to create a new domain

I want to know how much damage I did to em

2$, or an appeal

I reported these when they ran Mass phishing links in my university

For this example, the AI is telling me about the IP, I can then go onto add a new phrase entity, point an arrow from the AI's response to my phrase, and have the phrase say whatever I want, then right click, transform LocalAI and boom, wait for my AI to respond to me

They used telegram

My cybersec lectures fell for it

Telegram bad

Got hacked

Who has PhD in cyber

Embarrassing

you should rethink your enrollment there

Never heard of maltego

Woof

It's meant for OSINT investigations

Bark

lol

I'm graduating in 1 month

Where?

I'm done with this shitty university

Did you graduate

I fucking love maltego

for OSiNT

So it had a chain reaction, they hacked students accounts and sent links using the compromised accounts , they suspended a student because my university had no idea about phishing campaign and they thought the student sent the links

https://tenor.com/view/excited-to-see-you-gif-20871206

I wanna say its the student's mistake but given they were taught by someone who fell for it as well, it makes absolute sense

So cheap

that's the lowest, there's probably lower given they'll buy it only once so you can get an offer somewhere

I tried to report another domain , I went to the domain registrar website , the registrar itself is a scam

It was hosting Hackers , scammers

I've seen lot of reviews

They all said their doamin got stolen

is it really a surprise that teachers don't know what they teach?

wtf

wdym

The website which gives and creates domains is a scam

Hosting scammers , Hackers intentionally

But that's not a teacher tho, that's a professor in a uni

so kinda like malware as a service but domains

I forgot which website it was

Yes

It is verified

To issue domains

Report their domain

It is a big company which hosts domains

We can do nothing

meh, if they're big they must be registered somewhere

u can see in which country they're registered and report them to the authorities

Yes it is verified by ICANN

Which gives permission for domain registrars

yeah well

I mean the company must be registered somewhere

Yeah

I guess it's Russian or something

I don't remember

when all the channels
light up like a tree
you know you got that
hacked user spree

Nice

Put a beat behind that and you've got a certified banger

roses are red
Violets are blue
this makes no sense
what think you?

Gottem

funily enough shadow basically came up with that on a whim

guess shadows creative juices are flowing somewhere in the brain department after all

Nothing wrong with a sudden flash of creativity

Bars

hi everybody

Support

def not in general

#site-support ?

anyone learning C programming ?!

Seems like the wrong discord server?

yeah it might not flow perfectly or anything... still shadow is plenty happy with the outcome

oh.... I didn't notice

thanks

Haha you're all good

Good luck

Nah, it's fire

I am just curious why do u guys park ur accounts on discord at some locations in this server sometimes

honestly i can imagine eminem just rapping that next to a boom bap beat

yeah talk about creativity 😂

Why c bro?

cuz its low level lang?!

and i love it secondly

you tried assembly 👉 👈

So the scammers steal legit domains to scam the buisness's costumers?

after C i will do sure

Too scared for Assembly

Low level is needed for what bro?

if i got anything from my uni classes, its kinda like high-level programming, but you just gotta specify eeverything exactly like memory locations and sheningans

bro i chose to dont learn anything outside the programming

Why u need that for cybersecurity bro?

oh 100 percent need that for cybersecurity dude

how u gonna make kernal-level exploits if you cant even touch the kernal

sometimes

for soooo many thinks ,,,,,,,, like build operetting systems and its lang that you can control the memory and etc ..

yea

yeah its unnecessary for the basic shiz, but to get good at truly powerful things, id suggest assembly

%100000

Also I am trying to make some pen testing tools in python will try next week, idk if they are any good to make, ppl prefer making them instead of being script kiddies

Oh that is better then BEC Probably

In terms of profit for them

bro just dont copy any tool try to write it all youself and you are good

U mean to control ur rams?

this programming lang have so many negative thinx bro

not only controlling the memory bla bla

Ya bro I will try that, to add to my portfolio, but I am curious why ppl develop them instead of being a script kiddie

its POWER i could't explain really

actully idk

um so a book that teaches python for pentesting says its bc in more cases than not tools arent available where you work, so we may need to create them off the bat bc python generally is. plus, learning how to make one of these tools will allow you to go deep in the understanding of that tool and maybe manipualte it. plus, if you learn python (or any other coding language really), you got yourself the ability to find the best exploits

there is soo many script kiddie that what i seen in some of groups such those in telegram lol

script kiddies cant do enough shiz on their own, if you ruly want to be acknowledged as a pentester, youll have to craft exploits. script kiddies have severely limited knowledge in all of these shenanigans

Gatekeeping a bit there

and they dont love to learn 😄

You can get a job as a pentester without making any tools

when i try to advice someone he say ohh i dont have time : shitt bro do you manage a company to say that xd

Ah I see thanx bro, I will try to develop some tools in python and add them to my portfolio, what is the best way to showcase them after bro?

https://youtu.be/iFGve5MUUnE?si=HK7xXbeF2cFYug3K

make srue you look at what silas says, this was based on a book right, i dont have the experience yet, just learning. plus, coding is kinda fun

watch that guys really that awsom

you dont need to code the tools, but idk, sometimes companies may not have these tools developed and if my internship taught me anything, very difficult ot get these tools without perm or whatever circumstances the company throws at you 🤷‍♂️

again not the man to hit for knowledge here just yet 😂

bro it depends on each person's goal may

Don't get me wrong, it's good to know how to make a tool

Hhh it's ok bro u seem knowledgeable honestly, but ya I will try to develop some mostly for fun and bragging rights

But if a tool is available and you know how to use it, don't try re-invent the wheel

i love you maaaan

exactly

@cunning zenith did u make ur own tools bro?

nmap is a great tool. If you're working as a pentester they'll definitely approve you to use it lol. Rewriting nmap will look cool on your portfolio but it shouldn't replace nmap

so i have a book im following that helps me make tools. my goal there is to just learn python really well and it just so happens that im learning python by learning how to make the tools

Else you'll go to a new job, say "I have my own version of nmap", and they won't let you install it because... Nmap is right there.

well sometimes its not wasnt in my workplace

https://media0.giphy.com/media/Jzm8HIdBCuhvFcEV1E/giphy.gif?cid=6c09b9521p7zd29qoqhx9lntdmx5y7bownz25sj6lams06lu&ep=v1_internal_gif_by_id&rid=giphy.gif&ct=g

had to be a lil creative

what book are you using? You've made me curious

Lol

black hat python 2nd edition i believe

Is it black hat python?

oh okay I think I have that one

Oh nice

Yeah same

really good book, lots of good knoweldge. but not the best for beginners

ayyeeee

whatd u think of the book?

im still at the start kinda sorta

but you can write a tool that compile nmap like after scannig the network exploit specific valne

I think I tried following but had the bright idea to use Nim instead because I'm obsessed with Nim

Haven't read it yet lol. I know it mentions an network scanning tool

Well I was thinking of developing most of it with chatgbt lol

That's hyper specific though

I should probably do the book with its intended language first lol

Lol, I think a lot of the python exclusive books just use the REPL

What is the book name bro?

Or IDLE

IDLE yeah

yeah thats good dude but honestly man just make sure you understand what youre doing. i dont think employers want chatgpt code, not to mention, putting company data into chatgpt is like a big nono

Probably won't read it but will get some projects ideas

Hhh how about fraudgbt?

Lol

we have to still learning look at kevin mitnick he says i learn untill now !!! and he compromise 40 company ?

Black Hat Python 2nd Ed. I think that Humble Bundle is still selling it as part of a cybersec collection

Is the bundle still online?

How would they know their data is on chatgbt?

When it gets leaked by chatgpt to someone else

company policies dude, they may not know entirely right away, but you dont want to risk it. especially if you work with coworkers and shiz

i bought a book guys

dude trust me, dont put your company's data online 😂

Hhh the title is illigal

plus 60 million times better if u just learn

makes you more competent as an employer

It's just the name of the book lol

I find developing with chatgpt is incredibly frustrating. Deepseek is a little better but not by much. Also it feels like ChatGPT is getting worse with each release despite their silly little press demos they do showing off "how much better" its gotten

it isnt an illegal book, just an interesting name. Its specifically for pentesters and shiz

literally has the subtitle for ethical hackers and pentesters underneath it 😂

Ofc you can use it illegally but i do not recommend that or condone it whatsoever

xd

Yeah I already got in trouble earlier for talking about doing something that could be perceived as illegal so I will not even bring that up

Using an LLM for coding isn't going to work out well for you in the longrun. If you don't understand the code you're pushing then bugfixing will be a pain, and if someone asks you what a certain function does then you'll be as confused as they are.

that line is you did that ?!

yeyeye

ure new to discord huh

Bingo. It's great for syntax checks tho

ye i am

and parsing error messages

let them do it so we have a better chance to get hired 😂

I think their was another gbt but specialized and optimized for pen testers

i was use xmpp servers :}

Sometimes, if Python4 comes out then I'm willing to bet the LLMs will go back to Python3 code

(Hopefully the syntax isn't as bad as Python2)

I tried self hosting a model that was designed for pentesters and code cracking but I don't have the hardware to support it

I'm poor I've been living off of 3 or 4 generation old i7 thinkpads for most of my career

I'm on a thinkpad right now 😦

Which gen & which processor?

No clue lol

What OS are you running?

Linux

Really gonna make me get my neofetch output?

So can I try it bro?

same, great for simple scripts to save you the time but beyond that idk if my prompts are just bad or what

the best solution for weak cpu

Lol, i5 baby

6th gen

oo im downloading arch rn wish me luck lol

wooo buddy that's a oldie but a goodie

I just like linux 🤷‍♂️

The problem mostlikely is that you just don't understand what's wrong with the code and you're not able to point out the obvious dumb mistakes it does

I got this laptop for under 100 dollars lol

i am too

Needed it for quick on the fly writing/CTFs that don't need many resources

Only LLM I think is valid is a personal one to auto complete repetitive stuff

If you know linux then it's fine

It's got some of the best documentation

You're using Arch tho so you're more advanced then me

That's not it, the problem is when you point out the mistake it says oh you're right and then spits out the exact same mistakes

I'm a square I use Manjaro

oh huge

Oh even if you do that it will say shi like
"Okay, I will redo it"
mf goes on and writes the exact same code

EXACTLY

Create your own personal LLM

My palms are sweating from reading that. This happens everytime I try and use it

and if you add enough qualifiers to your prompt to keep it from doing that it slows to a crawl and usually error sout

do you mean LLMS ?

Large language model

Aka AI

At that point may as well do it yourself

Large Language Model

kayyyy..

"Hey that class doesn't exist in this library, I've attached the documentatin for the library please reference it and rewrite that block of code"

Oh you're right, I'm sorry

prints identical code block in response

with rules like Yara rules and that things

time for shadow to go sleep as they gotta attend dinner with extended family later

its seems interesting i look at that

bro if AI cant tell the difference between even and odd why do we still trust it 😭

Sleep to the meep moop

It's gotten to the point that I'm actually ready to start joining groups and utilizing technology specifically designed to make AI worse

the Tar Pit article I read the other day is hilarious

meep moops to beep boops for better sleep sloops :D

If that's the case your model is just dumb

thats chatgpt

for you

Xd

https://huggingface.co/models

Thank me later

AI saved my asses through CTFs multiple times, I don't trust it tho, it just helps me do stuff sometimes

❤️

🦹‍♂️

guys is it just me but every time when I start a CTF, it takes me around 2 hours to complete it... I just finished my 10th CTF and my mind is firing right now

Yooo, wassup?

actully i use it its helpfull sometimes ?! idk

If you are just staring out, then yes

But it depends on the difficulty

nm , about to sleep been grinding in a CTF competition since last 7-8 hrs

Welcome to my life

nice

These dudes in my league are just way too crazy to keep up with

bruhhh, easy mode

I gotta get back into CTFs, last one I did was Huntress's halloween CTF

The dude in top 1 has 4k points

priv esc is making me crazy

LinPEAS

You’re kinda outgunned if u can’t solo medium n hards

I am waiting a few weeks to actually start focusing on leagues

I mean I can obv, it's more like they just take a bunch of time

Most of them are copy paste kids

And I'm a student in a school system

where we get a shit ton of assignments and exams

Can you start a team with classmates?

Yeah

Oh u can solve hards without help, ah nvm

That could be a cool idea

That way you're all under the same workload and you'll know how to balance responsibilities better

The ones I'm familiar with obv

Why do u say obv after everything

Cuz I feel like it

You’re using it wrong

I gotta run, I'll be on later I'll probably sign back up for premium and start grinding out the new Azure lessons

How?

It's slang

I need to explain it’s obv

?

No it isn’t

It’s common English

guys, are u really remembering all the commands and stuffs for every each tool,explot,etc... or writing on a paper is a good idea, because to be honest its not possible to remember everything

keep making notes ..digital/hand written (upto u) and keep going thru them

Nope , cant remember everything ofc

Okay, so either you're rage baiting and I'm boutta get fished or you’re just slow asf. It’s 100% internet/texting slang, and it stands for obviously.

but yeah basic processes and Knowing what has to be done should be learnt

I have a .txt file of 5 MB called "syntax"

lol it’s not internet slang

Ask your mom what obv means

I bet she knows

Notes, but mostly it will just come with experience and practice, each time you use a command the already existing schema gets stronger and it's easier to remember

Yeah rage baiting I knew it

thank very much guys I will start taking some notes

Do u really speak like that irl?

Use this software for it is, EXTREMELY useful. I've all my notes from general life, gym, school etc in this and it's just such a life saver
https://obsidian.md/

Has a built-in calendar and a bunch of community made plugins and cool stuff

personally i also use AI to organize syntaxes , Making it look Neat n Clean and easy to understand too
helps in managing notes and organized properly annd not be clustered

do use Digital Note taking apps like Obsidian , Trillium , etc

saves time

i second this, obsidian is so good

Get that out of my face.

I recommend obsidian a lot, it has so many features and you can keep it minimalistic as well. Linked mine with git & github so everytime I write all my devices, which have obsidian get the same notes as well.

I can’t even exit out of vim

:q! ?

my only downside with obsidian was one time i copy and pasted an exploit into it from tryhackme and windows defender deleted my note for "being a backdoor" 😦

Yeah that’s why u don’t use anti virus obv

lol

Ik it's such a life saver

Reading for exams is so easy with all the notes being organized as well

and also the summarizer AI that can summarize notes

and its so colorful

😊

I forgot to use that in the start

and now I have a bunch of files

so coloring all of them

I need to start using obsidian

would be very slow

Helped me to get better grades

It has everything

i just threw them into folders and then colored the folder

Every time I try to switch I always go back to notion

much faster

Might wanna do that at some point

Lemme take a pic of mine 😭

but notion costs 😦

I don't pay for notion

wtf they tried to scam me then

👀

yeaaaa nvm thats so many

Is this obsidian?

yes

Yeah

That's awesome

Visual graph of my notes on pc

This is yer brain on drugs

^ this is the not jumbled obisidan lol

Gotta commit and make the switch

I have everything in their own folder

just don't have colors on them

ohh

How do I color the graph?

click the setting wheel in the graph view

Yeah

then group

Alr ye I made one

now how do I connect it to a folder

set the path to the folder

Mermaid on obsidian is lovely

how are yours so fancy

Sup everyone 👋

Oh alr

that's easy

Unhealthy obsession

👋

Yeah I'll make this more detailed later on but now I made it so all the notes related to school are green

...

just make a new vault

I've

Oh whats that? Looks cool

Obsidian

Graph view

obsidian notes

Oh cool

yeah

Might check it out

its free so why not

lol

def give it a try, helped me to improve my grades

and overall more organized

Its supposed to mimic neural linking but he has no links

I was using word as my note taking app 💀

😂 yep

I had 50k chars in one word doc. Shi was NOT OKAY

lmao

I just need to connect them '

w the folder thingy

giving them lines is a lot harder then coloring sadly 😦

especially if you haven't started lol

dammit i was just learning neovim and now yall are gonna make me download obsidian

Do you know a good plugin for code blocks on obsidian?

The one I got doesn't have colors on the syntax at all

It's

shit

you have to name the block to get colors

look at the pretty

You can suffer in neovim later, now enjoy obsidian.

alright im sold

https://tenor.com/view/rick-and-morty-morty-you-son-of-a-bitch-im-in-animated-series-gif-17733141

Obsidian is fun when you've mapped out a 3 year long DnD campaign

That's not normal

it's a comm plugin

what's the name

its not a pluggin

just name it

lol

How do you guys sync obsidian to all your devices? Do you pay for sync or is there a better 3rd party way?

i dont use pluggins

Oh shi ik what it might be

My theme doesn't support code blocks

ohhh

😭

yea that might be why 😦

I'll test rn

What theme u got

hmmm i'm not sure about that one

dark

Ive been meaning to learn neovim but then see VS code in action with copilot and I forget.

Just pay it

5$ or sum

It's telling me $96 for the year or something

huhhhh

thats not right

i am trying to steer away from MS ecosystem so that i can do shit as bare bones as possible. i didnt want to go the plain ol vim route cuz functionality is still nice so nvim it is

5$ a month

I think

lads lads lads

but also tried emacs and like that, obsidian seems to be kinda like org-mode

Mines synced from https://syncthing.net/

jr pen testing all done

Thats a great reason to learn it then. VIM is complicated as hell to me

Paying is the easier path

W mans

oh really? i always thought it was 5 one and done

Verify tho

All I know how to do in VIM is insert lines and save and quit 🤣

prove it

gratz fam

real

will it show my thm name when verifying on display?

nbo

yes

no

thats about where im at and ive been using it for about a week straight now

Congrats 🎉

no

I mean it will show that you have x rank and we can compare it on the website

thanks

Gave +1 Rep to @stiff elm (current: #1847 - 2)

1 blocked message 🗿

👀