and a remark is that english is not a cool language, like russian, portuguese or german
#general
patent falcon
if a very blank language
nothing to beautiful and complicated like the languages i cited
so i dont give the effort enough
and one of the principal countries that utilizes english is in a phase of atacking even their closests allies
the trump administration almost cancelled the cve program database
how the fuck i am suppossed to give myself time to learn the language of this stupids hahaha
i forgot about a language very good and beautiful
the chinese
of boy
if i was smart enough to learn
pallid lotus
What in God's name are you talking about..?
pallid lotus
A... What?
patent falcon
so i'm not the kid in here
pallid lotus
Percocet?
gusty inlet
Hello Muiri! π
No day passes by without me looking at that insane discord bio.
Wish I could end up in the same position as you, but it's quite impossible in France lol.
OffSec is dead.
pallid lotus
How so?
gusty inlet
Where do I start.
Job Ratio: 50 Blue Team for 1 Red Team.
Oversaturated market, and very little demand.
pallid lotus
Curious. Why the low demand?
gusty inlet
In the span of 6 months, I found only 3 Red Team operator job openings in France.
And I search hard.
pallid lotus
Any hits for pentest?
patent falcon
Curious. Why the low demand?
why your osce is ^3 ?
gusty inlet
Curious. Why the low demand?
According to my colleagues and friends that were here previously, it has always been this way in France. The offensive part of security is practically non existent and pentests are really rare.
Clients just don't like pentests.
pallid lotus
That's interesting. Do they have an alternative?
gusty inlet
Not at all. But they do dump HUGE amounts of money in security.
pallid lotus
So basically they're focused on detection rather than prevention?
gusty inlet
Yes.
pallid lotus
Interesting choice
gusty inlet
Google it, we have data leaks everywhere in France.
Government facilities, phone operators.
pallid lotus
I'll believe ya π
We can't exactly comment considering we've had 3 major retailers down in about a week and a half.
gusty inlet
lol.
patent falcon
https://www.offsec.com/certificates/osce3/
thanks
twin ridgeBOT
Gave +1 Rep to @pallid lotus (current: #10 - 874)
gusty inlet
But yeah. Pentest job exists, just very few. I'd say by searching casually I found 10 openings throughout the year.
For red team around 2 by searching really hard.
But hey, I'm not giving up on that CRTO cert.
pallid lotus
@shell nova remind me, are you in France or Canada these days?
patent falcon
https://www.offsec.com/certificates/osce3/
sorry to enter in your guys convo, but seeing your profile, do you think that binary exploitation is an active field? Or is a little dead? i find it very cool, i'm rereading hacking the art of exploitation and want to get shellcoders handbook, but sometimes i wonder if i'm not entering in a dead field
pallid lotus
It's not dead but you're kinda limited with it as a career path
gusty inlet
Oh right I think Hydra speaks french?
If Hydra was in France before 2023, I'd love to know the state of the market back then.
blazing granite
Google it, we have data leaks everywhere in France.
because everybody is piss from red wine π π
pallid lotus
There are still some private vulnerability research companies, but a lot of the remaining roles are government
patent falcon
There are still some private vulnerability research companies, but a lot of the ...
do you have a like an adjacent field that you can indicate to someone that is interested in this area? What would be an alternative? malware analysis, exists other than that?
pallid lotus
Malware analysis would probably be the closest, yeah
pallid lotus
Yeah, you're in one of the roles that does still need it
patent falcon
pentester like in the bio?
pallid lotus
any other more focused in the exploitation aspect?
Niche hardware testing -- like Zumi does -- and wider SCADA / IOT testing are the places you're most likely to be hunting for low level exploits now.
pallid lotus
That and, again, some governments (probably most of them) like having exploit developers on staff. You can probably guess why.
patent falcon
in the offensive part what is the hot area nowadays muiri?
cuz memory corruption there is a ton of protection is almost like old school hacking
gusty inlet
Yeah, niche jobs like maldev and red team developers are most prominent in gov facilities.
blazing granite
yes, I know somebody who works in Mount Blanc that does that π
pallid lotus
where the fun is at?
Depends what you class as "fun".
A lot of offensive security is reporting. It's not how it looks in the films.
Personally I would say maldev and red team ops. Others might say pentesting, or specific pentesting fields.
There's a lot of cool stuff going on in cloud and AI security research just now.
patent falcon
thanks for the chat guys
but i think my heart is beating too fast
i will laid down now
pallid lotus
That'll be the opioids
patent falcon
bye bye butterflies
pallid lotus
Opiates?
patent falcon
shhh
pallid lotus
Opioids indeed
blazing granite
That'll be the opioids
gusty inlet
@pallid lotus Sorry for the ping - But aside the website in your bio, is anything about your carreer public? A linkedin? Anything else?
bleak quartz
@static acorn check yo dms
pallid lotus
I don't use social media much. My blog is also in dire need of a refurbishment.
I've got LinkedIn and Twitter floating around, but I rarely use them.
gusty inlet
Oh alright. If there's a time where you start sharing something about your work, discoveries etc. do let me know.
pallid lotus
Will do π
static acorn
<@718119308021989448> check yo dms
i responded lol. sorry i must have forgotten
chilly veldt
my arm is itchy
gusty inlet
My entire body is itchy. Not sure what's wrong with my nutrition.
Maybe too much protein.
bleak quartz
i responded lol. sorry i must have forgotten
alr
static acorn
i put itching powder in all your sweaters muahahaha
chilly veldt
my skin is peeling cause of my tattoo π
bleak quartz
my skin is peeling cause of my tattoo π
whatttt
hazy flume
not my best blurr
I did after months of trying. NT authroty from reverse shell only no gui
i have shivering in my body
dark mason
approaching 25 hours of no sleep, crazy
hazy flume
had some days of 25-32 in the past year
i think my computer loves me back
for once
someone loves me back
sturdy river
someone loves me back
no one's more loyal than your own computer
normal fable
no one's more loyal than your own computer
not always true... js
sometimes your own computer is.. not your friend or ally at all..
hard siren
wsp guys I'm selling neymar information data, if you want, dm me, i have all prints with proof
sturdy river
sometimes your own computer is.. not your friend or ally at all..
well all relationships have their ups and downs
nocturne prawn
Sorry if Iβm taking your time or space in this amazing group. Iβm 14 and just got a high-end PC. Iβm not into games like Fortniteβinstead, I want to learn about computer security, programming, and everything related to the world of PCs. Iβve already installed Kali Linux and would love to know how I can start learning and improving. Any advice would mean a lot, Thank you
normal fable
Sorry if Iβm taking your time or space in this amazing group. Iβm 14 and just go...
Did you install Kali as your main OS?
nocturne prawn
Nono , for Made it more simple I install it on a vm
normal fable
well all relationships have their ups and downs
I mean.. when your computer starts doing stuff without you even knowing about it.. is it really your friend anymore?? π€£
normal fable
Nono , for Made it more simple I install it on a vm
cool cool. You found a good server to learn about cybersec. π
nocturne prawn
Good
normal fable
Make sure you read all the #start-here and sign up on the website if you haven't already. You can connect your THM (Try Hack Me) profile from the website to the Discord. π
blazing granite
I mean.. when your computer starts doing stuff without you even knowing about it...
maybe is hunted π
blissful snow
hi
slate wing
like does it direct u to my profile? just to confirm
blazing granite
open in incognito, and check out π you're asking in a sever of cybersec that people click on a link π
slate wing
open in incognito, and check out π you're asking in a sever of cybersec that p...
stop being unrerasnably paranoid, someone using disc for 7 years won't spread illigal malwares here
chilly veldt
stop being unrerasnably paranoid, someone using disc for 7 years won't spread i...
yes, yes they would
slate wing
yes, yes they would
Then u both use a vm for that or a sandbox or not comment at all lol
boreal scarab
stop being unrerasnably paranoid, someone using disc for 7 years won't spread i...
You're in a discord with people you don't know. And someone gives you a link, random link, shady link.
We're not going to go "Oh boy. A link, lemme throw that into my browser on my computer and hope it's not malware"
We work in info sec, it's second nature for us to be suspicious of everything.
Bella, I, Rex, alt, muiri, etc, we've been here for ages now. This ain't our first rodeo, and certainly won't be the last of shady people.
blazing granite
definitely chose the wrong audience for random links clicking π
slate wing
You're in a discord with people you don't know. And someone gives you a link, ra...
sus too u can't read the official domain of discord lol?
and it is ok to be sus but saying i am not clicking links at all is extreame
blazing granite
because nobody can clone a website π
chilly veldt
slate wing
and it is ok to be sus but saying i am not clicking links at all is extreame
there scanner out there, sandboxes ect u can use a true cybersec proffetional will be cautious but not totally avoids links
dark mason
27h of being awake and I feel way less tired than I excepted
slate wing
27h of being awake and I feel way less tired than I excepted
because I am mining bitcooin in ur brain bro π via cryptojacking
chilly veldt
we just rated that the time for us to do analysis on the link was longer than it would take for you to open up an incognito and test it yourself
blazing granite
27h of being awake and I feel way less tired than I excepted
Once I was 43 hours awake it was mental π
chilly veldt
as a true cybersecurity professional, we value our time
boreal scarab
sus too u can't read the official domain of discord lol?
Wanna know a magical thing? www.google.com
keen light
Wanna know a magical thing? [www.google.com](<https://youtu.be/dQw4w9WgXcQ>)
sus link
what is google
probably malware
chilly veldt
try and click on it
blazing granite
we just rated that the time for us to do analysis on the link was longer than it...
that's what I said, ask to click on a link that you can do it without anybody help is not dodgy at all π
slate wing
Wanna know a magical thing? [www.google.com](<https://youtu.be/dQw4w9WgXcQ>)
I am scared of links 
like yall
u guys get nightmares about accidently clicking links
chilly veldt
this is why we don't click on random links, it was a redirect to youtube
slate wing
Wanna know a magical thing? [www.google.com](<https://youtu.be/dQw4w9WgXcQ>)
this dude worest nightmares is links absolutely
he probably things they were the worest investion ever created+ hates the investor of then'
m
blazing granite
u guys get nightmares about accidently clicking links
I don't get nightmares. I'm the nightmare π
whole yew
stop being unrerasnably paranoid, someone using disc for 7 years won't spread i...
You that like it hasn't happened multiple times over the past 3 years alone.
keen light
I fight the links as a matter o fact sometimes i try and find random .su and .ru links to see whats going on
slate wing
I don't get nightmares. I'm the nightmare π
ur lying u get malwares on ur dreams
keen light
just to show the soviets that there ccTLD doesnt scare me
boreal scarab
I fight the links as a matter o fact sometimes i try and find random .su and .r...
I get random phishing links to steal my accounts. One had a socket.io to Moscow
slate wing
I get random phishing links to steal my accounts. One had a socket.io to Moscow ...
it's proabbly normal links and ur just paranoid lol
eat them for breakfast
keen light
in fact i found some random persons old blog from 1997
boreal scarab
it's proabbly normal links and ur just paranoid lol
What part of, we've been here many years, never clicked with ya?
We can spot phishing links from a mile away, I throw it in browserling, urlscan, whois, etc etc.
We're not going to click a link based on "trust me. It's safe"
If @blazing granite gave me a link, I'd still be skeptical if it's a domain I don't recognize, but it's also about merit. Rex has been here for ages, he's trustworthy.
random guy at Defcon
"Here, scan this QR code, trust me, it's safe"
Well, who the fuck are you?
slate wing
What part of, we've been here many years, never clicked with ya?
We can spot ph...
browserling, urlscan?
boreal scarab
slate wing
If <@708804982425780295> gave me a link, I'd still be skeptical if it's a domain...
ok so why u scared of opoening in sanbox?
slate wing
*random guy at Defcon*
"Here, scan this QR code, trust me, it's safe"
Well, who...
swearing is against the rules here
boreal scarab
As Bella said, we value time.
boreal scarab
swearing is against the rules here
And so is mini-modding.
blazing granite
*random guy at Defcon*
"Here, scan this QR code, trust me, it's safe"
Well, who...
trust me it's safe, big alarm in my head, why you need to tell me that is safe, why the reassuring π π
slate wing
As Bella said, we value time.
ok ur steam and netfilix account disagree π
dark mason
because I am mining bitcooin in ur brain bro π via cryptojacking
nah man, I am at a ctf
it's crazy fun here
whole yew
If <@708804982425780295> gave me a link, I'd still be skeptical if it's a domain...
Do you, by chance, mean "merit"?
boreal scarab
Do you, by chance, mean "merit"?
Yah, autocorrect.
slate wing
trust me it is safe, now I challege yall to prove me otherwise
whole yew
That's not how trust works.
blazing granite
Do you, by chance, mean "merit"?
I don't even trust myself π π
whole yew
You are the one making the claim about it, demonstrate it is safe.
slate wing
You are the one making the claim about it, demonstrate it is safe.
nah ur the one suspecting
it is ok tho I figured it
whole yew
I mean, you don't understand burden of proof. So good luck.
chilly veldt
don't use betterhelp, it's a pure scamming service
they don't treat their therapists right
slate wing
don't use betterhelp, it's a pure scamming service
isn't that all therapists tho, it feels that way
chilly veldt
it's the company, not the therapists
blazing granite
don't use betterhelp, it's a pure scamming service
the better help is to run far and fast from there π
slate wing
it's the company, not the therapists
how do u know?
keen light
ive just been vibing to music for ages now
chilly veldt
how do u know?
something called research
slate wing
the better help is to run far and fast from there π
lmao
whole yew
Because there are mountains of documentation of betterhelp acting in bad faith with both therapists and customers? It's the uber/doordash model applied to mental health care.
slate wing
something called research
u talk weirdly but ok
steady pewter
Hello everyone.
slate wing
Because there are mountains of documentation of betterhelp acting in bad faith w...
huh
blazing granite
ive just been vibing to music for ages now
slate wing
steady pewter
Wait..has there been any mod changes since I've been gone?
keen light
o_o
boreal scarab
Hello everyone.
keen light
steady pewter
POV me trying to fix a nonexistent bug and end up bricking a perfectly fine docker image:
steady pewter
https://tenor.com/view/virus-please-wait-downloading-retro-win95-gif-58104537700...
Alright, I'll wait.
boreal scarab
<@214547132231843840> may i dm
Shoot
steady pewter
https://tenor.com/view/nope-computer-crash-meme-help-complamation-gif-20724408
Yay! My computer loves the new update!
boreal scarab
@cloud quiver @sick lance
sullen hearth
Morning π₯±
boreal scarab
pastel plinth
keen light
sway is the way
austere hazel
l@2025
rapid merlin
short raven
hello
iam new to ethical hacking can u help me , how can i learn ethical hacking for free
π₯²
knotty valve
iam new to ethical hacking can u help me , how can i learn ethical hacking for f...
THM rooms
Also has anyone seen the shenanigans going on with Shapes, Inc.?
Very funny
glacial socket
iam new to ethical hacking can u help me , how can i learn ethical hacking for f...
See @intro
knotty valve
glacial socket
iam new to ethical hacking can u help me , how can i learn ethical hacking for f...
Me too
glacial socket
<#806554132117979143>
Yeah start here
knotty valve
The one and only turkey
knotty valve
Use them often when you can
blazing granite
Guys linux commands are hard to remember
use linux daily, you'll remember the commands that you use all the time, nobody remember all linux commands there are too many it's impossible
knotty valve
Also Cheatsheets help
knotty valve
use linux daily, you'll remember the commands that you use all the time, nobody ...
Me when really obscure Linux commands
Isn't that an operator?
For bash
blazing granite
I've been using Linux since 1993 and I even don't remember every command, often I have to man commands that I never used or I used once in a while
not only the commands, every commands has many flags nobody can remember them all so you shouldn't even try π
I remember the commands I used over and over again
fast onyx
weak citrus
Anyone have Ruby on Rails experience? I'm so completely lost on this box
blazing granite
Anyone have Ruby on Rails experience? I'm so completely lost on this box
post in #room-help maybe people can help you there
weak citrus
Thank you!
blazing granite
hello ,anyone know where to download blackeye s orginal virsion
if you're talking about piracy, you're in the wrong sever
high shadow
Hello chat
blissful current
Hello
golden mural
or is there any good phishing tool to learn it
Evilginx
blissful current
phishing is not to be discussed here tho ...as per rules...just saying
golden mural
phishing is not to be discussed here tho ...as per rules...just saying
wait fr?
upbeat valley
or is there any good phishing tool to learn it
what does it have to do with pirating
golden mural
ya
which rule... kindly point it out. We're not discussing about hacking anyone. He just wanted to know about a good phishing tool and I said it
blissful current
idk ask scrubz
golden mural
idk ask scrubz
welp... nah you pointed it out. Since a mod said it, it's now a rule
fleet pivot
You're in a discord with people you don't know. And someone gives you a link, ra...
just open up burp suit, run a proxy like mitmproxy, route ur browser traffic through it, and watch every request that URL triggers. if itβs doing redirects, dropping suspicious JS, or calling out to weird IPs, youβll see it right there. heck, use wireshark, filter by http or even look for DNS queries β sometimes these links call home to C2 servers or leak data via GET params. u can even curl the link with -v or --trace and see the raw HTTP convo
fleet pivot
You're in a discord with people you don't know. And someone gives you a link, ra...
wheres the link?
fleet pivot
definitely chose the wrong audience for random links clicking π
can u send me the link?
blazing granite
can u send me the link?
it wasn't mine, somebody was asking to click on some link π I don't know who wasn't I blocked him after 5 minutes π
fleet pivot
Sorry if Iβm taking your time or space in this amazing group. Iβm 14 and just go...
welcome
fleet pivot
stop being unrerasnably paranoid, someone using disc for 7 years won't spread i...
Send me the website link on my dms
I wanna investigate.
rapid merlin
My Nitro is gone π
blissful current
oak river
Guys linux commands are hard to remember
They are usually shortened versions of longer names sometimes, try to see if they correlate to some complete word, connected with their function
grim elm
Hello, I have a question about what is the purpose of tickets in try hack me?
winged nimbus
Guys linux commands are hard to remember
practice
cloud quiver
Hello, I have a question about what is the purpose of tickets in try hack me?
It was for the event that ended last October
grim elm
okey thanks
rapid merlin
Good morning
grim sparrowBOT
Done!
shell nova
knotty valve
The one thing you never want to see when running automated scans
muted dove
Hi guys and girls, is the Fliper Zero a good toy to play around with?
knotty valve
If you got the money for it, yeah
knotty dune
What does the X denotes in the CSV report of the eyewitness tool (the tool used for screenshotting) ?
That's a built in Kali tool
winged nimbus
can't shake this dude off my tail π
muted dove
If you got the money for it, yeah
Yeah, I have seen the price, but I mean just in general tool for learning NFC and more things to safe from
knotty valve
Yeah, I have seen the price, but I mean just in general tool for learning NFC an...
imho it's great, since it's not just limited to NFC or RF
muted dove
I think it would be great for me because I'm studying Cybersecurity at the moment.
But still don't know whether I want to be Blue or Red team
knotty valve
learn both sides, and you can always split off to what one you find more enjoyable
flint egret
can't shake this dude off my tail π
Come on!!!
knotty valve
but generally knowing both, or at least the basics of both, will give you better leeway when you focus on one
flint egret
Do harder rooms
flint egret
learn both sides, and you can always split off to what one you find more enjoyab...
True
Itβs what I did
winged nimbus
Do harder rooms
i am 95% done with cyber 101
flint egret
Also noticed that it is valuable having having knowledge in both if you are trying to pursue management level roles
knotty valve
I'm waiting for some automated scans to finish
I've got plenty of time since there's like 30k nodes it's scanning rn
jovial cobalt
can anyone help me with a simple javascript issue ? not related to thm i was studying for my exam tmrw in fcc and idk whats the issue or error
flint egret
i am 95% done with cyber 101
Holy shit nice
flint egret
I'm waiting for some automated scans to finish
The life of a soc
winged nimbus
Holy shit nice
knotty valve
The life of a soc
not exactly soc, just general enumeration rn
muted dove
but generally knowing both, or at least the basics of both, will give you better...
Thanks, @knotty valve yeah, I think you're right about understanding both will give me more understanding and advantages.
twin ridgeBOT
Gave +1 Rep to @knotty valve (current: #415 - 15)
winged nimbus
alongside uni cybersecurity
knotty valve
before I go hunting down vulns
knotty valve
can anyone help me with a simple javascript issue ? not related to thm i was stu...
reread the steps
it tells you what you need to do
flint egret
Hell yeah: you cannot miss a day
flint egret
can anyone help me with a simple javascript issue ? not related to thm i was stu...
Check the spaces
jovial cobalt
reread the steps
i did
knotty valve
Check the spaces
that's not it
jovial cobalt
Check the spaces
let me try
knotty valve
Codecamp says what the issue is lol
oak river
What's with the JD Vance memes recently everywhere, lmao
knotty valve
otherwise I'd just be telling you the solution
jovial cobalt
otherwise I'd just be telling you the solution
ahm i tried spaces it seems to not working
flint egret
can anyone help me with a simple javascript issue ? not related to thm i was stu...
What exactly is the issue? Do you mean the βichigoβ thing printing twice?
winged nimbus
Tasty charts
i can't see much apart from this
jovial cobalt
What exactly is the issue? Do you mean the βichigoβ thing printing twice?
my task is to concantinate the strings in console the ouput is concatinating perfectly and after concatinating i should log the the bot variable i done that tooo but still its saying i have not passed the code
knotty valve
because you don't have that variable
flint egret
my task is to concantinate the strings in console the ouput is concatinating per...
Hmm I donβt see an issue with the code itself, but maybe try declaring and assignment on the same line
knotty valve
Hmm I donβt see an issue with the code itself, but maybe try declaring and assig...
not the issue here lol
neat scaffold
is there a way to bypass Amazon WAF
flint egret
not the issue here lol
You ainβt actually helping you know
knotty valve
You ainβt actually helping you know
Because the answer to their issue is literally in the steps on how to complete it
jovial cobalt
Hmm I donβt see an issue with the code itself, but maybe try declaring and assig...
but in js its not a syntax to do like that right?
knotty valve
they tell you what variables and methods you need
dreamy marlin
hi, so i'm doing pre-security path rn, do i have to setup or do any config rn in my device? or they teach later how to do that? I've not done anything like setting up vpn or like that
jovial cobalt
Because the answer to their issue is literally in the steps on how to complete i...
the issue you are pointing out is using + operator for concatination right but i have done it
knotty valve
the issue you are pointing out is using + operator for concatination right but i...
no it's not
the issue is the fact you are misinterpreting their steps
knotty valve
they tell you what variables and methods you need
This ^
flint egret
Because the answer to their issue is literally in the steps on how to complete i...
I get that you want them to figure it out but sometimes you give them a close hint at least
knotty valve
I get that you want them to figure it out but sometimes you give them a close hi...
I have
twice now
knotty valve
because you don't have that variable
^
muted dove
can anyone help me with a simple javascript issue ? not related to thm i was stu...
TRY THIS let botIntroduction;
botIntroduction = "ichigo";
botIntroduction = "My name is " + botIntroduction + ".";
console.log(botIntroduction);
jovial cobalt
because you don't have that variable
which variable bot?
knotty valve
TRY THIS let botIntroduction;
botIntroduction = "ichigo";
botIntroduction = "My...
Still not what's being asked
knotty valve
which variable bot?
you don't have a bot variable
jovial cobalt
TRY THIS let botIntroduction;
botIntroduction = "ichigo";
botIntroduction = "My...
thats the exact code i have written
silver sky
Still not what's being asked
They definitely used ChatGPT
knotty valve
They definitely used ChatGPT
ChatGPT would've gotten this one right lol
jovial cobalt
you don't have a bot variable
its being declared in previous step in this step its not required to declare
knotty valve
not to be rude, but this is just a moment of weirdly written questions
jovial cobalt
this is my entire code
silver sky
ChatGPT would've gotten this one right lol
unless it's just not been briefed correctly
knotty valve
its being declared in previous step in this step its not required to declare
you're not declaring what they're after
they tell you in the steps what variable
jovial cobalt
this is my entire code
??? isnt this correct?
knotty valve
With the full code that makes it easier lol
jovial cobalt
With the full code that makes it easier lol
π i still cant understand it lol
muted dove
let botIntroduction;
botIntroduction = "ichigo"; // Step 1: Store the name
botIntroduction = "My name is " + botIntroduction + "."; // Step 2: Combine and store sentence
console.log(botIntroduction); // Step 3: Print it
knotty valve
π i still cant understand it lol
issue is still with the variables
but not what I initially thought
jovial cobalt
but not what I initially thought
oh
knotty valve
Because I didn't have the full code i assumed you weren't assigning bot at all
you're still misreading their tip tho 
the tip tells you what variable
terse dawn
bot is assigned at line 7
jovial cobalt
the tip tells you what variable
bot variable i tried it too
knotty valve
bot is assigned at line 7
Yeah, I know that now after having the full code lol
jovial cobalt
still error
jovial cobalt
still error
i tried the variable bot too but it was also wrong i cant understand where iam wrong in my pov im going on right path
knotty valve
what's the tip above it say?
I think you may have the order of operations around the wrong way
jovial cobalt
tghis is the tip
knotty valve
yeah, you're supposed to concat on the variable, then console log the variable
in steps:
- create variable
- assign the concat string to variable
- log variable
jovial cobalt
in steps:
1. create variable
2. assign the concat string to variable
3. log vari...
isnt that i done ? i created a variable assigned a value assined concatination and atlast loged it ?
jovial cobalt
You're concating on log
wait a sec
knotty valve
I admit they did word that tip weirdly
jovial cobalt
wait a sec
this was the eg i got for reference
jovial cobalt
I admit they did word that tip weirdly
fr π π€£
jovial cobalt
not how to write your code
yh but the isnt the question is to concat the string?
knotty valve
in the steps they tell you to do it, yes
in all other aspects, you'd have done it right
but it's just not done in the order they want it
jovial cobalt
but it's just not done in the order they want it
haha i think im high lol i cant take it
π
terse dawn
maybe take a break for a couple of minuts
knotty valve
in steps:
1. create variable
2. assign the concat string to variable
3. log vari...
Simplified steps of what they're asking
can always come back to it later
jovial cobalt
maybe take a break for a couple of minuts
i wish but i got exams for these tmrw so i wanna learn
knotty valve
Prep for your exams first lol
jovial cobalt
Prep for your exams first lol
haha this is kinda my preparation lol
terse dawn
i wish but i got exams for these tmrw so i wanna learn
what is the exam about?
jovial cobalt
what is the exam about?
front end dev html,css,javascript,lil bit of j query html and css are simple i wanna focus on jscript and jquery tho
jovial cobalt
Prep for your exams first lol
haha i should lemme go grab some snacks and get back to it haha... apreciate your help buddy β€οΈ
terse dawn
haha i should lemme go grab some snacks and get back to it haha... apreciate you...
ok, and good luck for your exam tomorrow
knotty valve
Also in future: With code problems it's better to send all the working/PoC code lmao
jovial cobalt
ok, and good luck for your exam tomorrow
tnks
jovial cobalt
Also in future: With code problems it's better to send all the working/PoC code ...
point taken soldier haha
mortal root
How would you retrieve the items in the current directory with size greater than 100?
someone help please im stuck at this one
mortal root
get-childitem | where-object -size <100>
i did this but its short by 11 words
get-childitem | where-object -size-gt< 100>
sick lance
get-childitem | where-object -size <100>
crystal moss
Morning..
hehe, this on is cool.. I recently read an article about a guy recently succeeded in running Linux - in Excel. A bit nerdy maybe but really cool π
rapid merlin
What delivery, I canβt see one.
dreamy marlin
What delivery, I canβt see one.
that yellow box ig, if that was for me, i must have tripped -_+
rapid merlin
that yellow box ig, if that was for me, i must have tripped -_+
I was being sarcastic lmao
knotty valve
Ah yes "safe place"
It's even funnier when they think putting the doormat over it will hide it
silver sky
Very safe
I've messaged one of my neighbours to ask if he'll take it into the block for me
knotty valve
Nice
My housemate is usually home when I'm not so I just get them to do sign packages for me
round orbit
silver sky
Yeah it's food so π anyone is welcome to steal the meals if they are that desperate
knotty valve
Confirming blind Injections would be using a ping or a http request to controlled server, yeah?
pliant onyx
Confirming blind Injections would be using a ping or a http request to controlle...
Ye, if you couldnβt ping them before
knotty valve
If it wasn't blind, I'd be able to see it
Was just wandering so I knew if I'm building additional tools correctly 
While I wait for my current toolset to finish the very long and arduous process of enumerating 200k nodes
Cause apparently it discovered even more
pliant onyx
Ash scanning her whole state
knotty valve
This is a single service btw
pliant onyx
Bruh
knotty valve
It used to be more
But they culled 150-200k nodes this week
Random question, but how does the memory in a VM work? Is it shared with the host or is it isolated off in kernel?
sick lance
It's shared.
So you have 8GB and assing the VM 4, you'll be left with 4GB for the host.
knotty valve
Wouldn't that allow for an advanced malware using ICE to spread from the VM to host?
sick lance
It's rare for a breakout, it can happen.
But most threat actors have a way to break out VMs done make it public, it's not common knowledge.
knotty valve
I'm reading a malware analysis report and it was an an idea that propped into my head since in-memory malware usually are very hard to identify
The report was specifically the MRm-DLDet framework
sick lance
Ah, you mean can the nalware attach to the RAM that has locked from the hypervisor for the VM?
knotty valve
Yeah
jade oar
I donβt understand where I did wrong
sick lance
I donβt understand where I did wrong
jade oar
Thank you
sick lance
Yeah
It's... annoying.
If you assign yourself 4GB of RAM to the VM, the malware can work inside that 4GB that is locked off, but as soon as you turn the VM off, it stops.
thorny knot
I donβt understand where I did wrong
Did you trying to write C not c
jade oar
I tried C as well
sick lance
Come on.
I literally just pointed you to the channel this discussion should take place in.
I don't appreciate being ignored.
jade oar
Umm I alr put it there
knotty valve
If you assign yourself 4GB of RAM to the VM, the malware can work inside that 4G...
It stops as in everything gets deallocated ?
jade oar
He just asked a question I replied my bad
sick lance
It stops as in everything gets deallocated ?
Yeah, since RAM is volatile.
knotty valve
I wonder if there's a way to essentially "breakout" of that lock
Cause that would handled by ring 0, right?
Or kernel for the unfamiliar
sick lance
That would be a breakout.
CVE 2017 4901.
CVE 2015 3456 and CVE 2023 20867
It's not easy, and most breakouts happen with something stupidly set by the user, or something like Vmware Tools.
sick lance
Clone could be one word.
knotty valve
I couldn't think of another lmao
sick lance
Another way to look at it, is it can happen through Shared folders, drag and drop and clipboard access.
sick lance
CVE 2017 4901 was running execute code in the OS via drag and drop.
knotty valve
Out of Bounds moment
sick lance
shared folders Is more file system than memory
I know, but I was listing examples of breakout cases as a whole.
winged nimbus
this dude has relentlessly fighting me for a week
sick lance
Weekly.
modern fox
arrives
agile arrow
Hello I got a problem please help me
sick lance
What is your problem?
agile arrow
Actually I use VMware community edition and install the TryHackme openvpn configuration after running it using sudo openvpn user.ovpn that connection is successful but after join a room the labs ip address not opening in my browser
rapid merlin
Is there any technology that allows people to check for voice changers, redirected call and ai imaging.
winged nimbus
Is there any technology that allows people to check for voice changers, redirect...
it would be hard for calls because of the quality
some ai artifacts might be detectable
but all of this would prob mean they have an ai constantly monitoring every call which is not good
0 privacy
i am tired i can barely read words but i don't want to come seccond
craggy wadi
this dude has relentlessly fighting me for a week
Any update?
winged nimbus
Any update?
still fighting to get #1 back
rapid merlin
it would be hard for calls because of the quality
Okay, you still having issues on KOTH?
rapid merlin
Ohh okay
Iβve not been on THM in a few days
I want them to make an icon of a phone on the rooms that can be done on phone (No lab rooms).
sick lance
That would be none.
dreamy marlin
i am tired i can barely read words but i don't want to come seccond
how many rooms do you clear in a day or week?
sick lance
As the website isn't really optimised for a tablet/phone.
winged nimbus
how many rooms do you clear in a day or week?
a lot
sick lance
Especially if they utilise a split screen machine or task downloads (or both).
rapid merlin
That would be none.
The rooms that you read and answer questions are fine on mobile
mellow narwhal
I mean I've done it on phone, but its the largest PITA
That was just because I was bored and wanted to try it out
and yeah the content is fine on the screen, but you're cursed if you try using the attackbox
rapid merlin
But itβs just you need to join the rooms to find out if you can do the rooms on mobile.
I need something to do while Iβm on the phone.
sick lance
Not optimised != Not able
winged nimbus
it's sooo hard to keep focus for so longggg aaaaa......
i have really really bad adhd and thm is like the only thing that is actually productive i can concentrate on
dreamy marlin
i have really really bad adhd and thm is like the only thing that is actually pr...
same here. most of the cases, I have to read same lines for 3 to 4 times.
winged nimbus
same here. most of the cases, I have to read same lines for 3 to 4 times.
rn its because i need to sleep
but that is happening to me rn
it is only 10:28pm but my brain is being pumped with natural melatonin
craggy wadi
The rooms that you read and answer questions are fine on mobile
fair but most of those types of rooms are meant to be educational. i personally don't get a lot out of learning from a mobile device.
craggy wadi
still fighting to get #1 back
keep at it π
dreamy marlin
rn its because i need to sleep
but that is happening to me rn
whenever I study, I have to study 5 times more to grasp the knowledge.it's become so hard. then I quit early.
craggy wadi
do you take notes?
dreamy marlin
do you take notes?
yeah I try to.
craggy wadi
I think it is common to have to reread things but taking notes definitely helps. Just the act of writing what you are learning can reinforce the info. Even more helpful is going over those notes again after learning.
Also try to do practical exercises whenever you can so you're "doing" what you're learning.
I'm specifically talking about learning cyber related stuff but it's probably applicable to other areas too
slow cloud
Morning chat
serene ginkgo
Hello Guys
dreamy marlin
I think it is common to have to reread things but taking notes definitely helps....
thanks, but where can i practice?
twin ridgeBOT
Gave +1 Rep to @craggy wadi (current: #264 - 29)
dreamy marlin
Hello Guys
hi
jade oar
I think it is common to have to reread things but taking notes definitely helps....
That what I will do I havenβt been doing a lot one room a day bc covid but tmw or after I will take a pause to resit everything and re read and understand more
dreamy marlin
I'm specifically talking about learning cyber related stuff but it's probably ap...
and one more ques, from when should i start those ctf challenges? is there any path /roadmap for only ctfs?
slow cloud
Hello Guys
hii
supple crest
hello I am new to this,and Iwanted to ask how much would the theoretical basics help in the coding parts later on
craggy wadi
thanks, but where can i practice?
Here. That is what tryhackme is. You learn then you have the opportunity to test and explore what you learned. I would personally choose a path to start depending on what youre interested in.
supple crest
hello I am new to this,and Iwanted to ask how much would the theoretical basics ...
like yk the networks,and other theoretical stuff
bleak quartz
hello I am new to this,and Iwanted to ask how much would the theoretical basics ...
everything builds up
craggy wadi
and one more ques, from when should i start those ctf challenges? is there any p...
Most ctfs are pure challenges in which you aren't taught how to do the exploits. It is up to you to figure out the path to the flags. After beginning your learning journey you can try them out. There are tons of good writeups both text based and video available online to walk you through them too.
bleak quartz
new stuff will be built up on top of old stuff you know
if you don't know the old stuff it will make it extremely hard
kinda like math
supple crest
how am i supposed to move on with the courses,like from what i see theres only a bit available in the free pathways
supple crest
kinda like math
problem with the analogy is that math is entirely practical from the first,here it is theoretical at start
craggy wadi
That what I will do I havenβt been doing a lot one room a day bc covid but tmw o...
Good call π
supple crest
if you don't know the old stuff it will make it extremely hard
so like making notes and stuff?
bleak quartz
problem with the analogy is that math is entirely practical from the first,here ...
Kinda fair, although it does go practical very quickly
supple crest
i did it like for a few days and am yet to make notesπ ( 1 week)
bleak quartz
And I got basically my own library for a lot of stuff, although I had previous experience
with diff platforms
supple crest
yea no me a noobie cs fresher in clg
bleak quartz
i did it like for a few days and am yet to make notesπ ( 1 week)
I mean if you got an insane memory go for it
For me note taking and reflecting helps
Obsidian is what I recommend
supple crest
I mean if you got an insane memory go for it
yeah i dont have a memory like that
bleak quartz
Boutta reach mage soonish!
sick lance
I've been here for 32 days
supple crest
Boutta reach mage soonish!
32 days...srsly... and all tihs
sick lance
Did you happen to read our rules, when you joined the server?
supple crest
Obsidian is what I recommend
will try out
valid orbit
Did you happen to read our rules, when you joined the server?
sorry will look at them
supple crest
just more confused bout cyber and CS in general (oof)
sick lance
sorry will look at them
You've already agreed to them... π
supple crest
am level 2 rn(in the app)
sick lance
Probably should specify, won't confuse people.
sick lance
sorry will look at them
tl;dr
We don't allow advertising of servers.
dreamy marlin
Here. That is what tryhackme is. You learn then you have the opportunity to test...
ohh...thank you....
final linden
i have no one to share this but guys reached mage today yay! https://tryhackme.com/p/vivekgh0sh
split plover
Hey, are there any email analysis tools to integrate with siem?
craggy wadi
i have no one to share this but guys reached mage today yay! https://tryhackme.c...
Congrats π
sturdy river
i have no one to share this but guys reached mage today yay! https://tryhackme.c...
yass congoo π
final linden
Congrats π
thankyou sage im coming for you next : )
craggy wadi
haha you got it.
craggy wadi
Hey, are there any email analysis tools to integrate with siem?
What siem and what type of logs?
i think splunk has some native utilities or addons for email analysis. id have to look into it though
final linden
yass congoo π
thanks
twin ridgeBOT
Gave +1 Rep to @sturdy river (current: #2857 - 1)
knotty valve
tl;dr
We don't allow advertising of servers.
Wdym I can't advertise my super special super cool chatroom for only the gigest of chadests of discordians? /j
split plover
i think splunk has some native utilities or addons for email analysis. id have t...
Yeah just something that can analyse emails. I wanted to do a project/lab on it. Lemme know if you find something. I'm also searching...
hallow hazel
Wdym I can't advertise my super special super cool chatroom for only the gigest ...
This is the super cool special chat room
craggy wadi
Yeah just something that can analyse emails. I wanted to do a project/lab on it....
are you using splunk or something else?
You could set up a windows server 2019 vm with 365 mail. Splunk has an addon spefically for that https://splunkbase.splunk.com/app/5365
i have a decent amount of experience running splunk and its forwarder on vms so lemme know if you need any assistance.
knotty valve
My emails get filtered through my own AI model and CloudFlares filters
topaz topaz
Hey guys, this is more of a Linux based question in case anyone knows, I use alt tab a lot, but it's really frustrating when I alt tab across various different programs and they stay on my screen after skipping through them on Debian, anyone else who managed to turn off this feature?
knotty valve
Wdym?
As in they're constantly set to on-top? Cause that's a setting you would have applied to the individual window
topaz topaz
For example, there's 4 programs open, I'm on program 1 and I gotta alt tab past 3 programs to get to program 4
I press alt tab until I get to it, but the previous 3 I skipped still stay on the screen as if I selected them if that makes sense
knotty valve
That's just how your DE works
topaz topaz
On Windows you press Alt Tab multiple times it skips through them , they stay minimized
topaz topaz
That's just how your DE works
Yee figured, I just don't know what that setting would be called or if there's even a way to tweak it, it's weird behavior
knotty valve
You'd probably have to create a plugin or find a plugin for it, specific to the DE
ebon jay
HI
knotty valve
There might be one in your compositor settings
But that would take some digging through the DE settings
topaz topaz
You'd probably have to create a plugin or find a plugin for it, specific to the ...
Thank you my friend. It's been a while since I've been on this chat, haven't seen you before I think. Nice seeing you
twin ridgeBOT
Gave +1 Rep to @knotty valve (current: #397 - 16)
frozen gull
hi hi]\
knotty valve
Heya
lament ingot
good morning!!
lament ingot
how are you all doing today?
gusty inlet
how are you all doing today?
Pretty good, I hope you're doing great as well!
Thinking of hanging out in Paris today, but I'm lazy.
lament ingot
I am! Just hanging out before work π
lament ingot
Thinking of hanging out in Paris today, but I'm lazy.
haha i feel ya
split plover
You could set up a windows server 2019 vm with 365 mail. Splunk has an addon spe...
Oh nice, so, does it analyze emails in real time?
craggy wadi
Yippeee!!!!
congrats
bleak quartz
Thanks!
gusty inlet
craggy wadi
Oh nice, so, does it analyze emails in real time?
ive never used it myself but the link is there if you want to take a look.
as real time as the logs are ingested into splunk i imagine.
craggy wadi
Thanks!
you gotta verify again so we can see the role change. at least i think that would force it to update
lament ingot
quick question, is there a service that offers web-based virtual machines that I can use if my computer is too slow to run VM's?
worn thorn
THM offers such an option for their service
lament ingot
THM offers such an option for their service
Neat! Yeah i saw that but i didnt know if there was one that I could use for any other projects too or if thats not really a thing
gusty inlet
Neat! Yeah i saw that but i didnt know if there was one that I could use for any...
The attackbox is only for THM usage.
Using it for anything else would be breaking ToS.
lament ingot
yeah, thats why i was wondering if there was one that was for general use
not super familiar with it though
gusty inlet
I think AWS allows you to host machines. It's paid, though.
lament ingot
I think AWS allows you to host machines. It's paid, though.
neat, ill look into it! thanks so much!
twin ridgeBOT
Gave +1 Rep to @gusty inlet (current: #74 - 117)
craggy wadi
neat, ill look into it! thanks so much!
aws for sure. youre basically looking for IAAS
bleak quartz
you gotta verify again so we can see the role change. at least i think that woul...
hes thinking (tryhackme bot)
Yooo
worked
craggy wadi
epic
lament ingot
aws for sure. youre basically looking for IAAS
yeah haha i just didnt know the term for that yet, im new to all this lol
craggy wadi
yeah haha i just didnt know the term for that yet, im new to all this lol
have you tried installing a hypervisor and running some vms?
lament ingot
have you tried installing a hypervisor and running some vms?
I havent yet so im gonna do that first but i only have 16gb ram a slow processor and 256 gb storage rn
bleak quartz
neat, ill look into it! thanks so much!
Digital Ocean is cheaper and offers basically the same shi
craggy wadi
I havent yet so im gonna do that first but i only have 16gb ram a slow processor...
worth a shot. the storage might be the biggest issue if youre running a few vms but one instance of some linux distro wont be a problem i bet
aws also has a free tier btw
but it has usage limits of course
lament ingot
Digital Ocean is cheaper and offers basically the same shi
good to know
lament ingot
but it has usage limits of course
yeah sounds about right
i mean i was expecting to pay for it bc it just seems like if its free its prob sketchy
i mean AWS less so bc its amazon
but yk like other smaller companies
craggy wadi
yeah i get what you mean
cosmic pendant
DO is really good
And you know exactly what you'll pay
AWS (especialliy their free trial) tries alot of stuff to get you to pay
craggy wadi
yeah sounds about right
if youre just starting out it might be worth it to try out some of the THM content first because you can start up those vms free of charge and use the attackbox. then youll get a feel for linux etc.
craggy wadi
AWS (especialliy their free trial) tries alot of stuff to get you to pay
definitely
knotty valve
AWS (especialliy their free trial) tries alot of stuff to get you to pay
Till they harass you for a 1Β’ that shouldn't even exist
cosmic pendant
Till they harass you for a 1Β’ that shouldn't even exist
This is what theyt tried with me
knotty valve
They've tried it with me too
cosmic pendant
There is a script that you give your API key and it goes in and deletes everything
I used that
knotty valve
Have been trying more so lmao
winged nimbus
shit is sooo hard
lament ingot
if youre just starting out it might be worth it to try out some of the THM conte...
yeah will def do this first
knotty valve
I haven't paid the 1Β’ in two-three years
gusty inlet
shit is sooo hard
Has this not been fixed?
winged nimbus
shit is sooo hard
winged nimbus
Has this not been fixed?
what
knotty valve
shit is sooo hard
Still fighting for 1st place?
knotty valve
Lmao
winged nimbus
i want to sleep
winged nimbus
Diamond league? You skipped one.
wdym
gusty inlet
This is week 4 of leagues.
knotty valve
I'm currently 1st for bronze iirc
gusty inlet
You should be in Sapphire.
Diamond is week 5 - which we haven't started yet.
Someone else had this same bug but I thought they fixed it.
winged nimbus
i think gyrus has gone to sleep
knotty valve
Despite only doing one or two rooms a day
rapid merlin
This is week 4 of leagues.
Does it reset?
winged nimbus
i think gyrus has gone to sleep
but they are prob get up and grind tmrw
rapid merlin
Is there an info page on it :
gusty inlet
shit is sooo hard
@umbral bay Sorry for the ping! - Is this bug not fixed?
gusty inlet
Does it reset?
Weekly. You either go up one league, stay in the same one, or get demoted one league under.
This is week 4 so the best league you could get into is Sapphire and ferglar is in diamond which means they probably got promoted 2 leagues above. (Which is a bug someone else also had.)
rapid merlin
So thereβs not seasons like in video games? You either maintain it or it drops?
knotty valve
Hi
knotty valve
Tipsy
tame nexus
Good morning guys :)
rapid merlin
Or you get promoted one above - until you reach Diamond.
Thanks for explaining it
twin ridgeBOT
Gave +1 Rep to @gusty inlet (current: #74 - 119)
rapid merlin
Good morning guys :)
GM!
frigid stump
I give chatgpt hard time. First time answer take 8min and 16 sources and 70 search π
knotty valve
I give chatgpt hard time. First time answer take 8min and 16 sources and 70 sear...
Iirc you can iterate through all 10βΆ possible TOTP codes in just under an hour with about 320/s
And you're likely to hit 1/4 active codes at any given time due to time drift
frozen gull
knotty valve
Or you can cheese it and attack the HMAC using timestamp bashing, or you can calculate the numeric biases and predict codes that way
There's a few different ways to do it tbh
winged nimbus
Or you can cheese it and attack the HMAC using timestamp bashing, or you can cal...
ptsd from the test the otherday
blissful current
Diamond league? You skipped one.
how
gusty inlet
Bug.
It has been 4 weeks so the best league someone could get into if they were promoted each and every week is Sapphire.
rapid merlin
I wish my desk had that pullout keyboard space
warped hollow
how much lead should i pull
Do you get points from doing challenges or walkthroughs?
winged nimbus
idk
winged nimbus
Go do learning instead of Pulling ahead in points
i am learning i just want to be number 1
orchid bloom
Folks, u guys prefer to have the Kali ISO or image on a VM?
gusty inlet
@sick lance Can I DM you?
hallow hazel
<@958383130102870026> Can I DM you?
I already saw it π
hallow hazel
I mean, just send him a DM, I don't think there's a reason to ask.
You already seem to have a valid reason.
winged nimbus
is it safe to go to sleep now (almost 2am for both of us)
dark sail
hello everyone
rapid merlin
How many times do I have to click not interested on a video before it stops showing up in my algorithm. π
@winged nimbus I have same fear
He anyone have monthly subscription?
winged nimbus
i have yearly
rapid merlin
How how much you pay?
rapid merlin
is it safe to go to sleep now (almost 2am for both of us)
No itβs not. Hackers donβt sleep and neither should you π
All at once or per month
gusty inlet
All at once or per month
It's all at once for yearly.
winged nimbus
No itβs not. Hackers donβt sleep and neither should you π
the problem is i have a report due on the 13th that i haven't started writing
rapid merlin
Ook
winged nimbus
i did start today until that dude started clashing with me for 1#
rapid merlin
And what about monthly/ how it works
rapid merlin
the problem is i have a report due on the 13th that i haven't started writing
Why do you need to be number 1 again
If a buy now 8pm when it expire jun 8pm or 1jun?
Does that league go off of region ?
winged nimbus
Why do you need to be number 1 again
second is for loosers
shadow coral
yo im new
rapid merlin
If a buy now 8pm when it expire jun 8pm or 1jun?
?@gusty inlet
gusty inlet
?<@538468652630933505>
1 month from the day of purchase.
rapid merlin
So expire on 8pm juncif i purchase at 8pm?
gusty inlet
On 4th of june.
Not sure if exactly at 8PM, but a few hours shouldn't make that much of a difference on your decision making.
rapid merlin
π¦ok π€£
gusty inlet
BTW - New cert coming soon. Got confirmation that it's ok to be public.
Source: https://www.credly.com/org/tryhackme/badge/jr-penetration-tester-pt1
rapid merlin
Which website source
fast orchid
BTW - New cert coming soon. Got confirmation that it's ok to be public.
Source: ...
I need this
boreal scarab
just open up burp suit, run a proxy like mitmproxy, route ur browser traffic thr...
Or that too!
bleak quartz
Which website source
It says TryHackMe pretty clearly...
boreal scarab
I should start doing that when I get phished lol
blissful current
rapid merlin
@bleak quartz issue by tryhackme not the website itself
gusty inlet
<@888691227766169652> issue by tryhackme not the website itself
The source is mentioned in the message.
rapid merlin
@gusty inlet ππͺ thanks
fast orchid
Question for the people that are already OSCP: I'm studying hard to learn ethical hacking / pentesting and want to keep going at it untill I am skilled enough to have a go at OSCP. Will it be wise to get an easier one like ejptv2/CEH or Pentest+ first? After about 150 hours and 100+ rooms here I feel slightly confident I can pass an exam like that. Or will that be a waste of time/money? I'm not looking for a job in CS just yet as I'm already employed as an engineer. For now it's all hobby
gusty inlet
Question for the people that are already OSCP: I'm studying hard to learn ethica...
Hi, I'm the subreddit admin for the company that gives the eJPT/eCPPT. So I can help you with that.
I'd say eJPT is pretty nice only when it's on discount.
eCPPT is not worth it.
boreal scarab
Question for the people that are already OSCP: I'm studying hard to learn ethica...
Are you in India? If not, CEH is worthless.
winged nimbus
should i sleep now
fast orchid
Are you in India? If not, CEH is worthless.
No I'm in a western country :p
blissful current
Are you in India? If not, CEH is worthless.
wdym by that?
gusty inlet
wdym by that?
CEH is worthless outside of India.
boreal scarab
wdym by that?
CEH, it's useless outside of India
winged nimbus
why is it?
blissful current
ya but is it a good thing or a bad thing
fast orchid
i'll skip CEH then. ejptv2 looks best since its all practical.
gusty inlet
i'll skip CEH then. ejptv2 looks best since its all practical.
150 hours of video course. Labs & CTFs 2 exam vouchers. 48 Hours exam.
150$ on discount.
fast orchid
only $150? thats a steal!
boreal scarab
Lemme quote Juun here
``If I were interviewing as a pentester, I would strongly question the ethicalness and knowledge of teh employer asking for that cert. It's outdated, and the company is well known to act unethically publishing content.
A quick google search turns up a fair amount of the nonsense EC-Council has done.
If I'm on the other side and interviewing a pentester, CEH opens them up to a lot more questions about the up-to-dateness of their technical knowledge.``
#general message
gusty inlet
only $150? thats a steal!
150 is fair. Anything more is not.
It's usually around 300.
fast orchid
well money is not an issue here. for $150 i'll have a go
blissful current
150 hours of video course. Labs & CTFs 2 exam vouchers. 48 Hours exam.
what would u recommend after eJPT (international value wise)
gusty inlet
The eJPT course is what is very good. The exam is really bad.
boreal scarab
Unless you are going for a DoD job or a job in India, CEH does not help. And even DoD is phasing it out with the new schedule (I think it's 8470?)
fast orchid
bad as in?
boreal scarab
Another one from Juun
gusty inlet
what would u recommend after eJPT (international value wise)
OSCP. There's no other cert that gives you jobs as much. PNPT and CPTS are less recognised.
gusty inlet
bad as in?
You become a certified brute forcer.
fast orchid
give me some of that rockyou.txt
gusty inlet
I have a fully detailed exam review, check it on my website if you want.
blissful current
OSCP. There's no other cert that gives you jobs as much. PNPT and CPTS are less ...
aight
fast orchid
I have a fully detailed exam review, check it on my website if you want.
nice! can you dm me a link?
gusty inlet
It's in my profile.
fast orchid
got it thx
boreal scarab
The eJPT course is what is very good. The exam is really bad.
@royal gazelle @simple bone @rose tusk Hey, any of you wanna chime in on eJPT?
gusty inlet
BTW - New cert coming soon. Got confirmation that it's ok to be public.
Source: ...
It's why I'm a bit worried when it comes to this ^
If it's going to cost 300-400 and will use the pre-existent THM jr pentest path as a course, it will be no match against the eJPT which has over 150 hours of video course with Labs and CTFs.
fast orchid
I've completed the jr pentest path and thought it was pretty good
simple bone
<@320305132321505284> <@557136711453376515> <@369112657871110145> Hey, any of yo...
Mine was a long long time ago, 2019
fast orchid
I mean 150hours of video is nice but you learn more by doing and googling and making mistakes
gusty inlet
Mine was a long long time ago, 2019
So I guess that was the eJPTv1.
It's now retired.
gusty inlet
I mean 150hours of video is nice but you learn more by doing and googling and ma...
Yeah, correct. Each video has a lab attached to it. π
simple bone
Mayybbeeee think it was like an easier version of Wreath?
gusty inlet
I zone out quickly when the video is boring π
Oh then you are going to zone out a lot lol.
If you guys want the eJPT exam in a nutshell? Here it is: https://tryhackme.com/room/internal
But obviously, there are multiple machines not just one.
fast orchid
If you guys want the eJPT exam in a nutshell? Here it is: https://tryhackme.com/...
nice! going to do that one soon
boreal scarab
Mine was a long long time ago, 2019
Thanks anyways 
twin ridgeBOT
Gave +1 Rep to @simple bone (current: #6752 - -31)
gusty inlet
nice! going to do that one soon
If you can do it without hints, then you are ready for the exam.
The course will be very boring, but if you skip it, you basically wasted your money. The exam gives you nothing back for your money - the course does.
blissful current
It's why I'm a bit worried when it comes to this ^
my only concern atm would be the exam ....if i fail .money would be wasted, coz its expensive since 300-500$ is not expensive for y'all but here it is ..since thats like 3-4 months of salary of an above avg software engg here (not like companies aint getting profits ..its just that in this stupid country Employees are treated as either Servants, Cheap Labours etc and all the money is eaten by the company top position peeps)
gusty inlet
Yeah, understandable.
fast orchid
If you can do it without hints, then you are ready for the exam.
The course **wi...
I might 'reverse' it then. skip straight to the lab and when I'm stuck I'll check the footage
gusty inlet
I hope they're going to give free vouchers to eJPT holders or other junior cert holders (PJPT...) like they did with SAL1.
This way I'll test the exam as soon as it drops.
And I'll compare both.
rapid merlin
Are there rooms on THM that teach you about DNS attacks.
Redirection and such
Malicious traffic
gusty inlet
I might 'reverse' it then. skip straight to the lab and when I'm stuck I'll chec...
Problem is that labs don't always have everything that is in the course, so you'd also be wasting your money.
And vice-versa.
warped hollow
BTW - New cert coming soon. Got confirmation that it's ok to be public.
Source: ...
Nice!
fleet pivot
https://tenor.com/view/langosta-matem%C3%A1ticas-funny-animals-writing-gif-14366...
step on it
boreal scarab
step on it
hallow hazel
https://tenor.com/view/langosta-matem%C3%A1ticas-funny-animals-writing-gif-14366...
what a smart one
stoic quarry
He's showing intelligence
hallow hazel
don't step on it
tame nexus
Is this the right place to question some things? If so... I've been doing the Cyber Sec 101 for 3/4 days and I came to section 5 Networking it stated that I should do Pre Security (Which I havent yet), there are 2 modules that I haven't finished yet (because the other modules were completed while doing Cyber Sec 101), should I do Network Fundamentals and How The Web Works or should I keep on CyberSec 101?
stoic quarry
I'd suggest doing presecurity yeah
Gets the fundamentals out of the way
You'll breeze through it
stoic quarry
Good luck!
median hound
Where can I learn Azure cloud Security Engineer course⦠where I can do lots of practicals
somber latch
Iβm completely beginner. I wanted to know if anyone can tell me what is the best way to start from scratch?
Any courses or smth else?
blissful current
Iβm completely beginner. I wanted to know if anyone can tell me what is the best...
fleet pivot
hello
winged nimbus
i think it is safe to sleep
somber latch
<#806554132117979143> <#878341649829330994>
Thanks
twin ridgeBOT
Gave +1 Rep to @blissful current (current: #247 - 32)
stoic quarry
Where can I learn Azure cloud Security Engineer course⦠where I can do lots of p...
Try the soc engineer pathway
It requires some previous info tho, so I'd suggest finishing the other paths
For practicals just spin up an azure subscription imo
stoic quarry
I've given up trying this week, top in my league has 12000 points
blissful current
I've given up trying this week, top in my league has 12000 points
same shit with me last week
a guy literally did 9.4K points in less than 16hrs , popping in the leaderboard out of nowhere at # 1
stoic quarry
Assuming they're just grinding unauthorized write-ups
dreamy marlin
a guy literally did 9.4K points in less than 16hrs , popping in the leaderboard ...
how they do it?
blissful current
ya
knotty pendant
stoic quarry
I'm sure they'll do well in a job
stoic quarry
https://tenor.com/view/good-day-bonjour-have-a-nice-day-hello-coffee-gif-5705350...
Morning!
blissful current
how they do it?
probably cheating themselves by just submitting answers from writeups from YT/google etc
worse than skiddies
hallow hazel
true
dreamy marlin
probably cheating themselves by just submitting answers from writeups from YT/go...
good luck who ever give them jobs
sick lance
BTW - New cert coming soon. Got confirmation that it's ok to be public.
Source: ...
We already knew that was coming anyway.
stoic quarry
Using write-ups for answers has the same energy as using chatgpt at work. It'll work for basic stuff but once you have to explain your working you're screwed
dreamy marlin
BTW - New cert coming soon. Got confirmation that it's ok to be public.
Source: ...
how much will it cost anyway?
hallow hazel
I assume as much as the SAL1
sick lance
More than likely.
stoic quarry
Here's hoping THM get more acknowledgment in the cert field
median hound
It requires some previous info tho, so I'd suggest finishing the other paths
Thanks so much
twin ridgeBOT
Gave +1 Rep to @stoic quarry (current: #247 - 32)
strange dome
Hi everyone π
stoic quarry
Hi everyone π
Hello π
oblique loom
Sick with a cold and have my final in 2x days x.x
strange dome
I'm trying to get more hands on with learning Cyber. I've been studying it for almost a year now, but I don't really know anyone who is also interested in it. So if theres any community nights/events or whatever, make sure to ping me π
strange dome
Sick with a cold and have my final in 2x days x.x
That sucks, sorry
stoic quarry
Sick with a cold and have my final in 2x days x.x
Get well soon!
stoic quarry
I'm trying to get more hands on with learning Cyber. I've been studying it for a...
THM does a few events every year
oblique loom
The whiskey helps with the sore throat but my brain feels fried
stoic quarry
Advent of Cyber is the annual advent event, there was a big giveaway thing a while back.
Probably more coming up soon
strange dome
Tea might be a better option? Or if you still want something a little strong, maybe a hot toddy
Awesome, thank you Sil!
stoic quarry
Gotchu
oblique loom
I need to buy more tea, that is a better option
stoic quarry
I bought 200 teabags for like 5 local coins when I first moved
I've barely gone through half
strange dome
I don't enjoy tea that much, but I do love the smell of it
I have this one specific kind that I wish I could turn into a candle
strange dome
That sounds pretty great
I'm thankful that I decided to start with the very basics on TryHackMe. I got the IBM Cyber Security Analyst cert, and studied the whole program, but I feel like I'm learning a lot on THM that wasn't covered in the cert.
stoic quarry
Nice!
You should be pretty well prepared then
Done the pre-security path?
It's very fundamental heavy, but good to get those done early
strange dome
No im still in the pre security path. Doing OSI Model currently
dreamy marlin
No im still in the pre security path. Doing OSI Model currently
i passed that room today ig.....painnn....
strange dome
Yikes, don't say that xd I just started it
dreamy marlin
i hope windows and linux fun. will not be so boringgg
strange dome
Linux got a lot more fun for me after I finished classroom stuff and actually tried to use it for stuff
stoic quarry
Oh yeah 100%
strange dome
Like I wanted to host a VintageStory server for some friends. Think like Minecraft. But I built a homelab, and decided I would host the server on a VM running Ubuntu Linux. VintageStory is notorious for being really hard to host using linux. I probably learned more setting up that server than I did in my college class on linux
stoic quarry
Best way to learn is to dive in imo
dreamy marlin
It's good to know but it's theory that makes me want to cry
one moment I enjoy theory, next moment it enjoys me 
hoary pasture
one moment I enjoy theory, next moment it enjoys me <:cri:631271644287074334>
REAL
blissful pulsar
sand trench
t minus 12 days if shadow lucky
strange dome
12 days till what?
umbral rain
?
boreal scarab
12 days till what?
Till the 16th, duh
sand trench
12 days till what?
open source music player ships
sand trench
hallow hazel
what is a tangara
strange dome
An MP3 player?
sand trench
An MP3 player?
it plays flac files too :D
sand trench
what is a tangara
open source mp3/flac file player using a sd card and a real headphone jack
strange dome
Huh, I just looked up flac. Never heard of it before
sand trench
lossless compressed audio files basically
sick lance
open source mp3/flac file player using a sd card and a real headphone jack
As apposed to a fake one?
sand trench
i.e it has all the data that was originally there
sand trench
As apposed to a fake one?
yeah.. that is called bluetooth
sick lance
yeah.. that is called bluetooth
No, it's called digital.
sinful moon
I kind of miss running Rockbox custom firmware on things like my iPod 5.5th gen. Was lovely and supported FLAC and much more
sick lance
3.5mm and 6.35mm is analogue.
sinful moon
sick lance
Doesn't mean it's fake or real.
sinful moon
Supported quite a few devices
slow cloud
π
sand trench
Doesn't mean it's fake or real.
fair enoughs
strange dome
Literally me last night
sinful moon
lol it happens
sand trench
Try 2,800 packages.
thats more then 1/3rd more of the packets shadow has installed
it is actually more then double the amount of packages shadow has installed :D
sinful moon
lol I do have a cursed Arch server with slightly less but yeah
just use it headless for infosec
slow cloud
this was on a kali vm
sand trench
oof updating kali
sinful moon
yeah we could tell from the apt parts. But do keep in mind the change in package signing or whatever that happened
hallow hazel
i have 1063 packages on my arch
sinful moon
very recently, they lost like the repo key or something silly
lol not great, but not as bad as Manjaro letting SSL/TLS certs expire multiple times and just telling users, βeh just roll your clock back for nowβ
strange dome
I'm considering punishing myself and moving on from Ubuntu to Arch, but I'm not sure I'm familiar enough with Linux and CLI to do so yet? Might try that website with linux cli practice games
sand trench
I'm considering punishing myself and moving on from Ubuntu to Arch, but I'm not ...
the command challenge???
sinful moon
The Arch wiki is a fantastic resource which will teach you a ton along the way, but yeah Iβd say wait until you know thatβs what you want
sand trench
arch wiki + gentoo wiki == lots of info that is helpful