#general

Bellaaaaaa!!! Long time no see, it definitely goes even if I don’t like the way it’s going 😂 hbu?

really long time no see, it's going well here, just in the middle of a big case right now

Antarctica?

cjable management

Bro why

it's what I do for school

Whoever built that was foul

ouch

Thanks bro

No cable rack bars?

Gave +1 Rep to @crystal moss (current: #268 - 29)

error: failed to commit transaction (conflicting files)
/usr/share/zsh/site-functions/_sensors exists in both 'lm_sensors' and 'lib32-lm_sensors'
/usr/share/zsh/site-functions/_sensors-detect exists in both 'lm_sensors' and 'lib32-lm_sensors'
Errors occurred, no packages were upgraded.

great work arch maintainers

it's school, what do you think? 😄

no, sweden.. But many from other countries think it's like arctic here, but we actually don't have polar bears even though many people think so

half of our hardware is like 6-8 years old

BEEEEEESZ there are polar bears in the zoo:s

Heeh.. true

How are you today @sand trench

awake

not much more

the only thing between you and winning is google translate or deepl is good or not

going for noodles for lunch though

which type of noodles?

quick to cook ones

my team leader....sometimes I don't understand if he is fixing errors or introducing more 😂

oh so instant ramen

yeah but dunno what flavour

will decide in store at about 11:50

We hustlin’

That's neat :/ here they didn't even manage single lan wire properly

not gonna provide picture but shadows computers backside wires are all over the place

That's just 2 power cables of mess

Shadow!!! How have you been?

very exhausted

It's not mine, but my work :)

😨

it really needs some fixing

Who wants to come here and manage my kabels? 🙏

I am officially 18 chat

cain the cable guy???

Happy birthday bro

Happy birthday

congratz... for the rest of your life you will now be an adult

yep

happy bday

have fun paying taxes etc

Now I can gamble 🔥 🔥 🔥

trueeeee

I was officially 18 when I was 17, I didn't fix the mistake gov did till I actually turned 18 😆

so like your ID said 18?

thats pretty nice

i wish i had that

I'm going to the casino with my family later

Yes gov issued ID said I was 18 when I was 17

Gonna put it all on black at the roulette table

my man

putting it on a random number is better

Trust me, I've played Fallout New Vegas

I know what I'm doing

Hell ye, I like that more

Wait

I can't say this corny ass shit anymore, I'm an adult 💔

im 22 and i still throw brainrot shit at my friends

Now I can drive with the homies in the car

yessir

Bully people on Tinder

if you have a license tho

dont drive without one

I do

I've had one since I was 16 lol

I do too

and dont drive drunk 😉

I don’t wanna grow up, I just wanna be a Toys R Us kid

I won't ever drive under the influence

Hell, I give my keys to someone I trust before drinking

turning 18 is fun

turning 21 sucks

Because when I drink, I drink to get hammered

I can get my medical card now too 🙏

Last time I drank, I ended up in the ER

after 21 there is just nothing left i guess, i can drink everywhere am of legal age in allt he countries

rip

25

now u can celebrate oktoberfest flicker

Then you get to 28 and start dreading turning 30…

im already dreading to turn 30

Last time I drank I ended up sitting alone outside of my uncles house watching a fire and making sure it doesn't burn down his house while they all slept. I was stumbling to a bush every five minutes to piss. Was a fun time tho, I ended up having a really heartfelt speech with the homie

ouchie

me 2 weeks ago

How dare you lololol

hey bro

oh the fake shadow is back

sorry

As a 30 year old lady, everything hurts

30 🧓 /j

My cousin got home from a party just about as hammered as me and I remember telling the dude "I know we don't see eachother often but I love you dude" and crashed on his bedroom floor lmao.

Sounds like nightmare

It just seems no matter what age you are, you always dread getting older.

Now I’m 30 dreading it the day I die

fake shadow who?

hehehehe

Well idc about my age 🤣 I just do wish I wanna do

Real

anyways gotta go now.... have thingy to do

I can buy a house now too

areyourealshadowbtw

Crazy work

now that is a question for the ages

Bye bye, I also need to sleep. Work tomorrow

night

night

goodluck tomorrow

Good luck surviving tomorrow

I need to sleep so I can actually wake up in the morning, good night all

Good night

good night, everybody.

https://tenor.com/view/hanni-hanni-reaction-newjeans-reaction-hannicion-kpop-reaction-gif-11114616209584009696

its 4pm for me

9am for me

I acutally wonder what time is in other place...

ok bye

4 pm here

Man I am just staring my day and chilling at work by fixing an feature I miss interpreted by changing 1 character and pretending it took me 4 hrs ( feature was big enough for that bluff)

Nice atleast i am not alone

im just kinda staring at my screen figuring out what im gonna do

I had idea to make game in terminal

something like rogue?

not rogue, but adventure

Rpg y

terminal adventure rpg....that would be cool.

Yes with several difference races and open source it

Planning to use cpp any recc?

Game mechanics is gonna be complex coz I want it to be fun to play for me, if I write it and know everything happens in game, no fun, so yea difficulty gonna be little insane

please have a lot of save points....

I suck at games

😂😂😂

oh no, "the battle of the shadows"

It's over already

I was playing hollow knight, and boss was sitting on a save point?! that was hopeless, to say at least

Was planning on auto save, I am not a game dev, I just wanna make a game that i wanna play

Damn, I'm always late.

Well it only lasted 2 secs tbh

auto save sounds charming. and I'd like to play your game, if you let me.

..

Yeah

Well I need to develop first 😂😂😂😂

thats right lol

Excuse me, may I ask how to create a guild tag on my own server?

Yep, you wanna join dev 😆

you wouldn't happen to have been in a certain crystal area? LOL

that crystal bug......

From what I understand, it's not possible right now..

yeah i know where you are haha

hi, has anyone here tried Kali Purple yet?

I am too lazy for it 😉

Same

A reference architecture for the ultimate SOC In-A-Box; perfect for:

Learning
Practicing SOC analysis and threat hunting
Security control design and testing
Blue / Red / Purple teaming exercises
Kali spy vs. spy competitions ( bare knuckle Blue vs. Red )

Good morning chat

this is new to me, its why i am asking if any of you have tried the kali purple

no, what's the difference to standard kali?

it's both red and blue team

I switched from debian to arch to debian and yesterday to kali

Ykw I have java learning newbie might ask them to write it instead 😆

you're just running kali on your system?

still finding my way around and needing to set everything up so it behaves like i want

not on my primary, but on a dedicated T400 because i will use it partially for forensics on stuff i want airgapped and T400 is nice for that

oh ok, well that's cool

well, it's the primary linux machine, my primary primary is currently arm based mac laughs in pain why did i do this

if it feels nice enough i might just stick with running kali on just about every productive machine i have shrug because why would i not.

maybe not on the servers. but on clients? if it does what i want it's going to be kali from now on ig.

Kali Purple started out as a proof of concept, evolved into a framework, then a platform, and now it has become so big that we don't even have a word for it anymore so why don't we just call it a movement.
A movement to make enterprise grade security accessible to everyone.
Remember what we did a decade ago with Kali Linux?
Or with Backtrack before that?
We made offensive security accessible to everyone. No expensive licenses required, no need for commercial grade infrastructure, no writing code or compiling tools to make it all work...
Just download Kali Linux and do your thing.
We are excited to start a new journey with the mission to do exactly the same for defensive security:
We are making defensive security accessible to everyone. No expensive licenses required, no need for commercial grade infrastructure, no writing code or compiling from source to make it all work...
Just download Kali Purple and do your thing.
On a high level, Kali Purple consists of:

Over 100 defensive tools, such as:

Arkime full packet capture
Cyberchef
Elasticsearch SIEM
GVM vulnerability scanner
TheHive incident response platform
Malcolm
Suricata IDS
Zeek IDS
and of course all the usual Kali tools

ISOs:

Kali Purple
Malcolm - based on Kali
Hedgehog - based on Kali

A defensive menu structure according to NIST CSF:

Identify
Protect
Detect
Respond
Recover

A gorgeous wallpaper and theme
A reference architecture for the ultimate SOC In-A-Box; perfect for:

Learning
Practicing SOC analysis and threat hunting
Security control design and testing
Blue / Red / Purple teaming exercises
Kali spy vs. spy competitions ( bare knuckle Blue vs. Red )

Kali Autopilot - an attack script builder / framework for automated attacks
Defensive tools documentations
Wiki
Kali Purple Hub for the community to share:

Practice pcaps
Kali Autopilot scripts for blue teaming exercises

Kali Purple Discord channels for community collaboration and fun

we'll see whether it does, mainly started to check kali out in hopes to not have to install every single gd tool i need

i didn't think we could post links so i just copied/paste

definitely sounds interesting

i know

i don't do that much blue teaming and am at present mainly ethically red teaming LLMs because it's funny to do so

definitely found a few rather questionable options that i already reported

are you on the Kali Purple Discord? and could perchance send me an invite via DM or so? would save me having to look for it.

so you debug AI?

i exploit AIs own training against it.

and sometimes i find ways to get things i SHOULDN'T be getting. field's still new enough that i guess what i am doing might not have a fixed definition.

i'm not exploiting the code, nor the code of the UI, i'm exploiting the alignment system and behavioral training

so what are some of the things you're getting?

Thats pretty cool

i'll decline to answer that to discourage tries to reverse engineer it because the most severe one i found is to my knowledge not yet fully patched, sorry

and it's severe enough that i don't want to propagate even what i can do with it

ok

thanks for not pressing the issue.

i don't, no reason to do that

guess you could consider me an independent AI red teamer/security researcher.

it has been escalated through appropriate channels, i'll likely release it once i can confirm that it's patched. once i can't do this anymore.

Im gonna install in it later

i also have a potential idea for getting continuity with stateless AI but i'm kind of torn on whether i should implement that or not

proof of concept has been tested manually, and I got continuity for about 3 months before i decided to stop the test

what's the point of having AI if it's throttled?

So that it doesnt take over humanity

the point is that if i were to combine continuity in stateless AI with the exploits i found at this point, before those are patched, i might enable things i would rather not enable

if even one person without my ethics has a way to use that exploit AND gets my potential tool for continuity... there's great potential for harm

that's the point where i stop and even though i could, ask myself whether i should. because the tool absolutely is dual-use if i make it.

the concept itself works and scales and doesn't require API access at all. proof of concept done over the course of 3 months and a little bit, completely by hand..

due to neuroplasticity in the human brain and AI tendency to cause feedback loops it would be incredibly prone to misuse and causing unintentional damage, even with a crapton of disclaimers.

i know how what i did changed me over those 3 months, and it wouldn't have done that without the sense of continuity. my concept isn't 100% perfect, it does lose details, but it retains context pretty much exactly as needed.. i could reference events from 3 months ago with very little problem. in my case i used it constructively, but i can't keep anyone from doing the opposite if i make the tool.

and i should at least delay a potential release until the exploit i found is patched because it's on a similar level as DAN was. DAN is patched, but what i found is... harder to catch, and harder to patch.

but if/when i make this tool it's going to be open source. it still needs a bit of manual work from the user to work, but it would communicate how to do it and take over part of the work. and people who are smarter than me would likely be forking and automating it quite fast, so making a crappy proof of concept tool is good enough.

i guess i can say as much as that i can access some highly restricted domains and it doesn't even policy flag it. and even when the output is potentially dangerous there's no disclaimers, no warnings, nothing. i've been sitting around twiddling my thumbs waiting for it to be patched for a while at this point, but it's probably not easy to catch because of HOW i am doing it. been a month since initial ethical disclosure, almost a month since escalation to more official channels... haven't tested whether it still works, but most likely still does.

it does. goddamnit.

it still works just about as good as on the day i found it. might have to nudge them again and tell them it's still active. don't know. don't like this.

Hi

good evening

Hello.

Morning people

Hello friend ❤️

im using git n it is asking for id pass why so ?

wasssup

work wants me to come to a internship market to talk to potential interns etc

Why come to the market to talk =)))

work wants me to so we can get interns interested in the company

but man i dont like interacting with people that much

its on a uni and i havent finished uni so those people are most likely way smarter

Why does it sound like they are telling you to find customers to sell to rather than find employees?

Not really, we dont work for private indivdiuals only companies

and sure it could be an advertisement but its an internship market so students come there looking at companies to intern at

and network

Does anyone have any tips?

If I were assigned the same task as you, I would change companies immediately

its with a team so ill be fine

but still i suck at explaining things and stuff so ill have too see how it goes

Prepare a flyer with the working process, salary, bonus, job opportunities and organize a small game there to attract. I think so.

afternoon'

thinking of starting a new project, this time some research into "fake community" where a forum and a chat tx telegram or discord have mostly puppets that talk to each other about different things via e.g. olamma. The purpose in this case is just labs to play with the concept, and will not be used directly. but the method can have many real use areas.. anyone here who has done any similar projects?

@sick lance To be clear: I'm not asking for help with the project, I'm just wondering about it in general.

I THINK ALL DISTRO LINUX SAME
JUST DIFFERENT PACKAGE

All Linux distros are siblings, not exactly the same
Same heart (kernel), but different personalities (tools, goals, setup).

hey is anyone willing to help me out with metasploit?

If this is for a tryhackme room i would try #room-help

okay thank ytou

np

Why don't Linux distros use the same type of packages?

making it easier for developers to create Linux-specific applications

Well yeah, but then the question comes: which is the best and will become default? and i dont think that will ever be answered

im guessing you mean pacman, apt etc?

you have stuff like snap, flatpak or appimage those have universal formats

I compare it with windows and macos which have specific software format for their os

hi guys does anyone have trouble with the Silver Platter room? everytime I touch it in browser 8080/silverpeas/defaultLogin.jsp it freezes and it closes the port

You don't need to post it in multiple channels lol

Reported.

thx for the answer

Gave +1 Rep to @knotty valve (current: #268 - 29)

??

i am big confusion

I think that was meant for scrubz

I also posted on multiple channels 😄

Please don't.

There is no need and it's just spam

i see different distros as a different OS but that could just be my point of view.

what r u trying to clone ?

if it is a private repo you will need to provide your personal access token irc

a scrip for poc

when cn i find it

u have the ID of the owner ?

can u provide the link ?

https://stackoverflow.com/questions/2505096/clone-a-private-repository-github

makes it easier

hello there

wasssup

wsp

can someone help with bug bounty plz

sure

dm

thnx so much

back

anyone here have digital forensic background? need help with my case study research

i dabbled a bit in it

not too much

80% if people here 😭

u can ask scrubz if u want

who is scrubz

Mod

one of the mods

a mod

indeed

because right now im doing my internship at a consultant company who provide digital forensic product solution and im given a case study research as part of my internship. Its about data exfiltration of a company called m.57 and im stuck at acquisition stage

oh

whats his @

@sick lance

shu needs u

We are not allowed to help with work or school related assignments

oh but its not graded

is part of like learning experience

to allow me to explore more on digital forensics ykwim

is not a test either

What's the difference 👀

14$
https://tryhackme.com/subscriptions

6$
https://tryhackme.com/pricing

oh nvm yall are not allowed to help

forget it😓

my bad

im not sure on it

so i dont wanna help before the mods get mad you know

i saw the rules it states regardless of ungraded or not still not allowed to help

Vouchers are, well Vouchers for other people

Billed monthly no discount

Billed Annually with Discount (Student)

One of them is Voucher page

Oh ok

That pays the monthly rate

Ya

Sounds fun

How’d the lesson go? If your done by now

Hi everyone pls can someone help me out with a link or even directly files and images of Cisco iso in gns3? Pls I’ll be more than grateful

What is it for?

Ion get?
Are you asking what gns3 is all about?

No

If I’m to guess you just want the software to build networks and such yes?

I don’t know anyone trusted sources for it. Orginally before I was 100% sure what it was I was gathering intent of asking and potential ethicality

Yh I’ve the software running but I need iso images before I can start building

My best advice is look up YouTube videos with good reviews and comments

Or than that idk sorry I wish you luck

Of course it’s ethical mate 🙂

You never know

I’ve been there, not just succeeded yet when through David Bombal but hes just so vast he got me confused

😅😅

YAY noodle time

So…6 more days?

its releasing May 20th so yeah

if your talking about the new path

Which path

new red team cert

?

#announcements message

Yeayyy! Thanks

Gave +1 Rep to @slow cloud (current: #124 - 66)

its probably PT1 cert

ah yeah

looks like more a cert

Just finished the Windows Powershell module, but still don't really understand when and why it would be used

@jagged otter Please don’t post server links here 🙂

If you're after something easy to learn with:
https://www.cisco.com/c/en/us/support/ios-nx-os-software/index.html
https://learningnetwork.cisco.com/s/

Ashlynn do you even sleep

Running script on windows

Ashly gonna age faster than you now jabba

Cisco does provide their IOS iso for free

Shouldn't they?

But it isn't licensed and you don't get access to certain systems that require it to be licensed

Or well

It is licensed, but only for educational or firmware update reasons

Ahh ha

Usually it's better to contact sales for anything enterprise

They don't care as long as you don't use it unethically

Or try and crack their firmware

How they gonna enforce that

Then they sue the shit out of you and charge you

They have their ways

Yeyyyy

If gonna install IOS why not just get a more customizable os

It's not uncommon knowledge Cisco IOS is backdoored and has analytics, plus their security team is pretty good at hunting down people who crack their stuff along with feds in an investigation

Not many exist for network firmwares

Cisco and Juniper work fine out of the box, and are heavily vetted

Do agree to that

There's also no point in trying to crack it when they give it out free anyway lmao

Just may have stability issues on non-VM routers that aren't cisco hardware since it is intended to run only on VMs or Cisco's hardware (since that's their tested scope)

It should run on anything arm based as long as it has NVRAM to load to

And identifiable ethernet ports

powershell can be used for pretty much any task on your windows machine

Afaik most modern ether ports are GB/E anyway

Yes

I just got home after having a dinner date with my gf

guys where should i go to practice web exploitation for CTFs? i used to do picoctf but i've done everything except those absolutely unsolvable ones. i was doing dreamhack but now they've made it paid and i can't pay because the payment system only works for koreans. i've tried rootme but those aren't really what we see in CTFs

have you tried tryhackme?

THM, damn vulnerable, etc.

i mean i'm in this discord so yes

but isn't THM more of pentesting

It's everything from forensics to pen testing

i'm thinking of CTF style challs where you get the source code for the web application

You'd be looking at damn vulnerable then

https://github.com/digininja/DVWA

what is it about

There's also websockets
https://owasp.org/www-project-damn-vulnerable-web-sockets/

Damn Vulnerable Web Application (DVWA) is a PHP/MariaDB web application that is damn vulnerable. Its main goal is to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and to aid both students & teachers to learn about web application security in a controlled class room environment.

first line of the github readme

The damn vulnerable project is pretty cool imho

Soo very basically you would want to utilise powershell over CMD for any security operations whilst on/logged into any windows machine

Covers a massive amount of things in cyber security

looks cool i'll go explore it thanks

Gave +1 Rep to @knotty valve (current: #263 - 30)

No probs

I use them for learning blockchain defence personally

Which is Damn Vulnerable DeFi

I also do CaptureTheEther as well for practicing exploiting ETH/Solidty chains and smart contracts

Juice Shop is probably better

Ashly the jack of all trades

Probably but i haven't used it before so I cant recommend something idk

hello lovely people, long time no see = ]

Btw you can call me Ashley if you want 😅
Or Aisling, whichever is easier

ello

I see Hydragyrum still active

sweet

Also goes for everyone else btw

OK ashley

oh noes, I've been found out

Lmao

throws pokeball at you

hides

That mystic beast still roaming around

I should head inside so I can continue to practice artwork

Hydragyrum has escaped

Master ball

😭

no cheating wtf

Lmfao

Money is a super power

you can't throw a master ball at someone who is a mentor

it won't work

Yeah I can

Too aisling

That's how it works in palworld

🤷

Maybe I should go to bed early actually

Idk

I'll see how I go with the flower

So just a question, regarding the CTFs available on THM. As a total noob to the field I chose to stay away from engaging in the CTFs until I complete the the Cyber Security 101 path, am I correct in taking that approach or are there any other recommendations anyone has before jumping into the CTF side of things?

I’m so tired I wish I went to bed early

https://tenor.com/view/batman-rich-superpower-gif-18205253

Hi, tryiing to do the firt hack on tryhack me, the fake bank but when i go to the

You can throw yourself in whenever, there's no right or wrong time

the bank transfer site it doesnt opn...

Jabba is also here POG

I find CTFs help with reinforcing techniques and skills, doesn't matter if you get it right the first time or not

did u put the host in /etc/hosts?

Byeeeee

You want me to leave? 😂

Should I try l. Him

Yes /j

It’s much too late for me to go to sleep early now

Naaaa you can stay

huh?

helloo :-)

master ball

Thanks, in that case I'll check a couple of them out

Gave +1 Rep to @knotty valve (current: #260 - 31)

I’m on my way to University, so sleepy

that "0x8Cyber" guy who was hacked DM'd me that its acc is fine now and want to be added back

hey, anyone here that can help me? Im new here, trying to do the first hack on tryhack me...

PT1 48h exam??? Like... some mistake right? 😄

this one

They need to go through the appeal process to be unbanned, I’m hopefully getting around to the appeals really soon

the bank-transfer irl wont open in the split window

Just like
If a fish had to take a break from drowning to take a glass of water

No probs, best of luck 🩶
Just a reminder we can't help with active CTFs so if you struggle remember to google "[topic] CTF write up"

#room-help would be your best bet for help :)

thank you 🙂

ah ok ...so i should tell him -to appeal thru support mail, right?

Also we have vulnhub

Oh yeah

Vulnhub is a thing

bans@tryhackme.com - they’ll be sent a form to fill out

Alright cool

I forget about them 😅

Wasn’t it bought out by HTB?

I think so

Better than the NSA tho

So

No complaints here 😂

So any news for vulnhub ?

Wasn't it offsec?

Yes

Understood, looking forward to sharing whatever success (and most probably failures ) with the group 😀

I think offsec used to own them

It was HTB

Ah

Offsec own some other thing as well

Other than kali

Vulnhub is kinda obsolete atm

HTB was buing

ExploitDB I think

Yeaaa

Wait no

That was someone else iirc

That was metasploit ppl

Yeah

Too many groups to keep track of

They swimming in cash now a days

Metasploit is by made offsec

👀

I'm already neck deep in reports

didn't know that

but it's a very powerful tool

Thought metasploit was made by someone else

It was "Meta" hehe. No

Rapid7?

H.D. Moore

Made metasploit

Premium is sold by rapid7

Thanks autocorrect

Rapid7 acquired it from Moore/runZero

Nahh the creator was in rapid 17

Rapid7

Nope

Then he got out ig

Creator owns runZero

Man this is some confusion bs

Rapid7 brought it off him

Prior to starting runZero, Moore served as the vice president of research and development at Atredis Partners,[3] the chief research officer at Boston, Massachusetts-based security firm Rapid7, and remained the chief architect of the Metasploit Framework until his departure from Rapid7 in 2016

Oh damn

what happened to tryhackme subscription pricing?

Didn't know that part

YAY the lm-sensors bug on arch is now fixed

Thought runZero started before rapid7 acquisition

it is used to be more expensive

That's a later stage of his life

Yoooo

Too much shenanigans

Too little care

6 dollar for month

I think about 10$ /m last time i paid

That's what I paid in usd

Earlier this month

Prices dropped?

Which is about 23 aud

Yes me 2

yeah, it is used to be around 14 dollars for month

My complaining about prices did something /j

Where are you from?

Central Asia

Imagine this is regional pricing

It's all USD afaik

So it's 10/m for me

That's sick

More so 11/month

Cause conversion fee

Cool: Subscription for: July 3 Subscription type: Premium monthly Your subscription will automatically renew on: May 25, 2025 at 01:00 (CEST) Next payment amount: 14.00 kr

Nice, 14kr is like kr 1,4$

This might ne regional pricing

Oh they introduced regional?

7 days with free nitro 🌈

Possibly

oh thats very sweet

less money to spend ig

Always nice..

how?

THey won't give it to me

idk, they just announced it to me that they are celebrating something and gave me 7 days free nitro for that lol

They made me pay 😭

although, when i wanna pay for yearly subcription it just won't let me

the monthly one works

It is, we do support Regional pricing :)

Not all countries are included at the moment, India is one iirc

Go to quests

Yall should add it to Romania as well :))

Either way, it's nice that you are actually doing it

Props to the team

ive you have had nitro in the past you might not get it

Learning should be affordable for everyone ❤️ 🚀

Culture shouldn't only exist for those who can afford it -ultrakill maker

Rn the thm subscription is kinda expensive in here (1$ = 6 RON atm)

Pretty expensive lol

is ultrakill really that good

It's fun

Epic, Australia by the looks of it hasn't changed yet I don't think

But idm

If I can't afford there's still plenty of easy rooms for me to mess with

Hey

Guyz

I wanna learn hacking

Then you are in the right place

#start-here

Can anyone tell me how can I start?

https://tenor.com/view/pen-in-flames-umineko-writing-in-flames-flames-gif-20892510

#start-here There you can read about how and where to start

nope i paie

I linked you to the start here

paided

Oh

Okay

LoL

How bad you making fluff look immortal

Okay, so, discord did this after a court case of where they were tried for like 700$ of every user

Idk who won the case

So basically everyone is eligible for that free week

As long as you aren't on an active sub

Thm is not partner anymore so I think team speak is cooking something

i got it

Should I directly start with the website?

oh so thats why its auto activated

I have 0 knowledge

?

?

Try reading the channel we linked you to lol

Done

..

..

After that you can use Tryhackme's website and do the introductions rooms

Ok thank you

Gave +1 Rep to @wicked glen (current: #1887 - 2)

Yeah

I may go to bed early today

Having some Not So Good thoughts rn

?

Mental Health moment lol

ohhh

do you have knowlegde of IT?

the foundations

linux, networking etc

how they work

I do!

:D

Go sleep Aisling

Wow :O i didnt see that coming

What about an ip?

ignore the fact I'm in the field

i thought you were someone new

Yes

Do you know what http is?

IP is an Internet Protocol used to determine a device on the network by using a series of 256 bit integers in 8bit segments that allows for devices to communicate over Wide and Local area networks :D

It also refers to the data type in networked traffic too

nope its just numbers

That's what I said

magic

"integers"

No, that's free space interconstellation networking

that's magic

sigint

Any thing that you don't understand is MAGIC

lool

brb

wait nvm

Signals Intelligence is the process of-
Okay I wont

i thought it were just a few number on my pc that didnt mean that much

To avoid spam lmao

now brb

NO ITS MAGICC!!!

mine starts with 169, haha 69 funny number

Yesssss

Let's be real

brb

SIGINT and ELINT is magic human shit

I remember being able to convert decimal and hex to binary in my head lol

Gotta get good marks in the mock

I had to learn how to convert it all between decimal, binary, hex, and octal

I've never hated networking math more

Gotta make those nerds taste the dirt

Yess me too

Did you also have to learn how to hand draw logic gates

And read them

The symbols?

Despite never needing to ever use this in any practical scenario

Yes

NAND, NOR, XOR, OR, AND, etc.

Ya never know when ya gonna find yourself with cave people and have to do a DIY logic gates to communicate

Anyone who's studied 10th grade knows that's stuff now dats

If I somehow end up working on firmware for a router

I'm sooner quitting my job than doing logic gates

Ya never know when your interests change

That's not changing

I hate logic gates with a passion

It's like bitwise operators

Never know when ya gotta do stuff like this out of enmity

Ik sophomores who dk this

Ik people with bachelor's who don't know this

It's mainly for software engineers working on firmwares or embedded systems really

Outside of it

W. High school sucks in teaching cybersecurity

You just need to know OR, XOR, AND

wait were we asking him?

Schools do teach it but if you don't repeat it you're gonna forget it

Ik kids who wanna do cybersecurity for job but they dk wat an ip is💀

They suck at everything except giving harder tests then the books

Don't judge lol

And those kids r like in 12th grade

What is nand

Barely does

You don't need to know network stacks if you're doing things not related to networks

Facts

It's why there's specialisations

AND + NOT

True

Anyways I’ll go shower so bye all

ah

so it has to inputs?

Other way around, but yes

Wouldn't the answer be same ?

It's interpretation is NOT x AND y
If I remember logics properly

Not always

ohh

Could be I forget stuff easily

so none of them?

Wait et me expain what I meant more

Pseudo should be:
if x NAND y

I'm thinking about electric

It is electric

I mean computers are electronics

I thought you were giving me a code explain

Yeah, table is saying:
If not A and B -> true
And false is if it's A and B -> false

Isn't it doing AND operation then NOT?

does it matter?

Afaik it works NOT first before AND

Don't think so

Oh no charger port getting loose

Could be the way I was taught

AND then NOT makes more sense tbh

Better stop using phone while on charge other wise in few days you gonna have to do yoga poses

Guess it depends on how you read it then tbh

well on the logic side, it works better if you do the AND part first

Oh no, its a laptop.

😂

Fair

Either way you do get the same result, I'm just dumb 😂

you have 2 inputs

Probability maths does do it as NOT(A,B) which is read A & B ≠ C

So yeah

ah yes the nand gate that can be used to build a computer from scratch

Does read that way better

just link enough of them together and you get a proccessor

the and is inside the not, thus done first

I was taught to read it in the way it's written which is NOT then AND, cause NAND

it's NOT AND ( so AND then NOT )

Regardless you get the same result, but NOT(A,B) does make more sense when read

do you think being able to read and write english is a must for cybersecurity, since most of the learning material or documentation of tools and stuff would be in english?
or are non-english speakers fine?

So yeah

not really

my english's fine, but the thought just occured to me

NOT( A AND B) != (NOT A) AND (NOT B)

would love to hear what you guys think

having a good grasp of the language is eimportant, especially for reporting

Yes and no, it doesn't matter too much, but since english is pretty universal it's generally better for accessibility

There's plenty of companies that have it in their first language, but there's still a majority that write it in English

Kinda depends on who's going to read that report

i get that, but even if you're trying to learn, most of the books or resources would be in english

true

and a bunch of tools would only have their documentation in english

That's indeed true

But that's mainly because the intended recipients are anyone wanting to learn cyber

So English is used cause it's the most commonly spoken language around the world

But if you're, let's say, french and reporting to a French company

Then using French is fine

https://tenor.com/view/corgi-beach-shore-sad-corgi-cowboy-b-gif-6567138489231047159

Morning

Really just depends on who you're expecting to read said report

yeah totally agree with you

You can also always translate it after too

If you find that your first language is easier to write it in at first

It's not?

most widely spoken

@sick lance did you make your own pfp

english works in more countries the chinese and what ever language is the main one in india

Yes.

but both india and china are soon outranking every other language with the amount of speakers

I probably should've used widely instead of common, yeah

as an indian, i'd say there is a serious lack of good learning material in cybersecurity taught in indian languages

And yet @gray sonnet can't properly speak either

Hindi?

Check this fork

A queen a king and a rook

All at once

are there any ai modules to make it write the pentest report for you?

yeah might be it

take the rook

On THM?

No.

yes, but that's a bit of misconception
a lot of people in india don't speak hindi
there's 98 regional languages here and all of them are widely used somewhere in the country

Don't use AI anyway, it's shit.

Don't, there's a high chance it'll hallucinate and make the report redundant

You’re gonna go to jail

oh alright

Unless they utilize my tool. Then AI good

I doubt it.

why is that

AI is shit at report writing.

The Devs of cURL went absolutely nuts at calling out all the bs AI reports they're getting

Wat?

He’s probably won’t listen to your prompt and write false things, you’re not gonna go to jail I just wanted to make dramatic effects

Iirc THM has a room on writing reports

I think

Just released too.

In time for something related.

Cool so it was thm

There is also an example in Wreath.

I didn't remember where I saw it 😅

yes i know but im kinda new so wanna finish the presec and other stuff first

I'd worry about report writing last.

alrighty thank you

Chances are, when you get to working in Pentesting, your org will already have a templete for you to follow.

Yep

when i ask to ai how long would it take me to become a pentester it says about 2 or 3 years

That's because it's going off degrees and certificates

It takes each person a different time.

^

do you think its possible to land a job without certs?

Extremely hard

There is some members in here who were students and they were in pentest gigs.

I almost got a pentest gig whilst I was a student.

Yes and no,

It's not impossible but may not be easy.

I do bug bounties on the odd occasion and I'm still a student (and work in cyber atm)

If your networking is great, it will be easier.

So definitely not impossible but having something usually works better than nothing

Sometimes it's not what, but who.

🤣

Unfortunately my networks lie outside of cyber and mainly in general IT, software, and networking

Or tattoo artistry

would certs of thm and htb work well for landing a job?

im trying to cut short on budget tbh

I told you before ashley

Sal1, not yet, hopefully soon.

You'd need to look into what employers are wanting as well

The path certificates? not really.

Good morning everyone!

Soon

Tm

morning blinkz!

Mornin mate