so the phone should look like this
#general
dark wolf
loud marlin
nah. just separate charger
leaden shale
Canโt you ever give a straight answer to a question? By the way, what is your favorite anime?
silver hornet
Canโt you ever give a straight answer to a question? By the way, what is your fa...
silver hornet
sure, going askin for this category at #advanced-general
neat kindle
sure, going askin for this category at <#771819113902374913>
heh it shows no access to me what channel is it?
sturdy sequoia
super secret hacker channel
silver hornet
heh it shows no access to me what channel is it?
this's advance channel for anyone want to askin about of maldev or any relevant
silver hornet
ohoho so its not for schizos like me
neat kindle
https://tenor.com/view/don't-care-meow-meow-meow-uwu-dont-care-didnt-ask-eepy-gif-264934140470163207
harsh comet
Yo can someone help me hack my bitch ig I think she a ho but act like she faithful
sturdy sequoia
Yo can someone help me hack my bitch ig I think she a ho but act like she faithf...
illegal activity isnt allowed here
sturdy sequoia
what?
harsh comet
Ian finna be tied down with someone who I canโt trust tell me how ho
So dis a puss ass server
sturdy sequoia
Ian finna be tied down with someone who I canโt trust tell me how ho
i dont understand what youre trying to say
ah
winged nimbus
Shut up big bitch ass up wt I said lil nga
@gusty inlet @cloud quiver
sturdy sequoia
theres a lot to it. its not something that can be answered in a sentance
fervent rune
what you mean
sturdy sequoia
like if i asked you how to build a car. you couldnt just give a simple answer
fervent rune
ohk i know
sturdy sequoia
theres lots of steps that require lots of different kinds of knowledge
fervent rune
but any tool
like get a rough idea
somthing put website link and get right summry
sturdy sequoia
theres probably some rooms on thm that will give you a good start
fervent rune
becoz i actually want to work on my own website
sturdy sequoia
maybe portswigger. its like thm but specifically for web apps
fervent rune
what about sonarsource ?
sturdy sequoia
never heard of it so i dont have an opinion
fervent rune
ok
frozen gull
anybody tells me how to find website vurnabilities ?
exploit database
they have all kinds of vunerability exploits
verbal dragon
I hate being humbled by this damn site every day ๐
rapid merlin
I just hacked
Iโve been hacking off the past couple of days Iโve learned a lot for sure
marsh lark
Iโve been hacking off the past couple of days Iโve learned a lot for sure
on tryhackme?
torpid forge
Guys
Should I buy a high ram or high processor
lunar jolt
morning
digital estuary
Guys
Should I buy a high ram or high processor
You'd want to prioritize having RAM or the Processor sober.
loud marlin
just depend what cpu you have and how much of a ram
loud marlin
ello
static kettle
is there anyone usualy visits the darkweb? i have a question regarding my CTI graduation project
i want to find the sites that post threats so we can analyze them and do dashboards, but we can not find those sites
stable steeple
i want to find the sites that post threats so we can analyze them and do dashboa...
You can "easily" find these sites with dark web research engine websites such as Ahmia for example but the reality is that between the 5% real websites you have 95% of full scam
rapid merlin
is there anyone usualy visits the darkweb? i have a question regarding my CTI gr...
hidden wiki
But its not recommended to visit trash website
marsh lark
But its not recommended to visit trash website
yo, takashi, may I dm?
rapid merlin
yo, takashi, may I dm?
Why
rapid merlin
sure
stable steeple
It is important to notice that you can also access real websites that are used to avoid censorship
static kettle
You can "easily" find these sites with dark web research engine websites such as...
do u know other sites? we want to create a dtabase
stoic quarry
i want to find the sites that post threats so we can analyze them and do dashboa...
There's a decent amount of clearnet forums. Most of them are Russian speaking though
static kettle
There's a decent amount of clearnet forums. Most of them are Russian speaking th...
can you send me some of them plz/
marsh lark
There's a decent amount of clearnet forums. Most of them are Russian speaking th...
Silastic, how are ya?
stoic quarry
Tired
cedar grail
Hi ๐
stable steeple
do u know other sites? we want to create a dtabase
Other search engines, legal websites, less legal?
stoic quarry
Silastic, how are ya?
Did 72 hours in 6 days
marsh lark
Did 72 hours in 6 days
72 hours of wut
stoic quarry
Work
sleek hare
You'd want to prioritize having RAM or the Processor sober.
Ram
I can tell that as I have 20vCores xeon which is max 10% loaded and ram which is minimum 80% loaded
Tho can't complain I bought that xeon for 0.99โฌ
Love coupons ๐ค
static kettle
Other search engines, legal websites, less legal?
yes anything, illegal will be better becase we can not get any
sleek hare
..._...
stable steeple
yes anything, illegal will be better becase we can not get any
You have the famous dread forum which is a forum about everything but be careful as some threads are "disturbing" ykwim
Then just by using Ahmia you can find a bunch of shit
You can do researches on the clear web too to find some websites
pallid zinc
do the points received from Jr Pentest Cert go towards the weekly point league?
marsh lark
do the points received from Jr Pentest Cert go towards the weekly point league?
do you mean the PT1? or smth else?
pallid zinc
na, the path completion certificate
marsh lark
na, the path completion certificate
ah, yes, when completing the rooms in the jr pentester path, those points do go towards the weekly leagues
pallid zinc
ah, yes, when completing the rooms in the jr pentester path, those points do go ...
right, but why not the total points you get for completing the path? each room gives about 100 or so...but completing gives 3300 LOL...im having point greed today
marsh lark
right, but why not the total points you get for completing the path? each room g...
so, from what I know, completing doesn't actually give 3300 points
its just how many points you have gotten from the whole path
pallid zinc
ohhhh--now that makes sense.
marsh lark
ohhhh--now that makes sense.
yup ๐
feral whale
no machine on thm is gonna have a remote denial of service as room answer right? would mean i had to dos the thm network wouldn't it?
sturdy sequoia
You mean from outside the vpn?
marsh lark
no machine on thm is gonna have a remote denial of service as room answer right?...
the answer could be dos (or ddos), but that doesn't mean you have to do it
from what I know, you never should have to conduct them
marsh lark
no problem ๐
sturdy sequoia
Are there any thm challenges/ctfs that are more than one node? Like you have to ping a whole subnet to find the active machines?
marsh lark
probably not, but if there are any, I'd assume it would be an AD room
sturdy sequoia
Fair enough
stoic quarry
What're the networks like
I assumed that's what those were but I've not touched them yet
stoic quarry
Yeah
worn thorn
I think wreath or throwback is free. Don't remember which though...
marsh lark
I think wreath or throwback is free. Don't remember which though...
throwback was removed, no?
digital estuary
holy shit
first time ive seen a extraction shooter and i genuinely enjoyed the gameplay
marsh lark
guys is tryhackme free>
60% of the rooms are free, but tryhackme itself isn't fully free
digital estuary
guys is tryhackme free>
some rooms are free, not all of them though
balmy timber
if im a beginner what should i do
sturdy sequoia
if im a beginner what should i do
balmy timber
im kinda stuck i dont know what to start with and dont know which free hacking course fits
sturdy sequoia
thm is good for beginners
balmy timber
yea i wanna learn but networking needs subscription
worn thorn
throwback was removed, no?
dunno. I haven't looked at networks for a long time.
sturdy sequoia
yea i wanna learn but networking needs subscription
There is a free path but I can't find the link. I think it was on their blog
digital estuary
There is a free path but I can't find the link. I think it was on their blog
ill go fetch it
@balmy timber
sturdy sequoia
But if you want to do that specific room, you'll need to buy the sub
digital estuary
tbh the sub is worth it
sturdy sequoia
Yer there's heaps of free rooms. Enough to keep you entertained for a while
marsh lark
dunno. I haven't looked at networks for a long time.
yeah, it was removed ๐
sturdy sequoia
but do you think this is enough or i need more info
Enough for what?
balmy timber
i dont wanna be a skid
digital estuary
i dont wanna be a skid
one thing; Skids have no fucking idea what theyre doing
when you're learning and applying knowledge you're not a skid
digital estuary
if you're brainlessly pasting random commands with no CLUE what you're doing
that is a skid
balmy timber
but i want the maximum
marsh lark
thats what im trying to do
what is your end goal?
sturdy sequoia
It's enough to get you started. And after a while you'll know how to find any extra info you need
stray kindle
Just do it
marsh lark
for fun idk
so, your goal isn't like getting a job in this industry?
just wanna make sure
sturdy sequoia
Yer it's great as a hobbyist
balmy timber
if i can sure
marsh lark
if i can sure
well, here's the thing
you can definitely get a job in cybersecurity if you keep learning
digital estuary
oh yeah i have to be blunt as well
marsh lark
however, if you think "yeah, if it helps me get a job, then lets do it", you could lose motivation
marsh lark
so you have to be clear what your end goal is
marsh lark
took my words
LOL
balmy timber
tbh as a skill
digital estuary
what do you wanna do with it once you acquire the skill
sturdy sequoia
Yer if you just want to learn it as a skill, or just like leaning, then it's great
marsh lark
you gotta be specific about your end goal before starting
balmy timber
idk protect my self and have knowledge
marsh lark
idk protect my self and have knowledge
then, THM free rooms might be enough
I'm not entirely sure
sturdy sequoia
I've been doing free rooms for 46 days now and I've still barely made a dent
sturdy sequoia
like tcp and ip
I think so. But probably not in much depth
balmy timber
do you think cisco will help in networking
sturdy sequoia
I don't really know what the most basic stuff is on thm. I assume you need some sort or basic understanding beforehand
digital estuary
so your end goal is networking?
digital estuary
yeah it is
sturdy sequoia
Yer security/ hacking heavily relies on networking
balmy timber
but i find it difficult
sturdy sequoia
yer it can be tough at the very beginning. especially when a lot of the info is new. and theres also some generic concepts that have lots of detail that arent really relevant. but its different for everyone. difficult is ok as long as you find it interesting
sturdy sequoia
haha yer
digital estuary
but i find it difficult
once you get the basic stuff down it actually becomes kinda fun
sturdy sequoia
and unfortunately its hard to know what bits are important
balmy timber
once you get the basic stuff down it actually becomes kinda fun
what are the basics?
brb
digital estuary
what are the basics?
IP Addresses, MAC addresses, LAN, WAN, Packets, Protocols, Routing, Switches, Subnetting, The OSI model, TCP/IP model can't think of anything else ยฏ_(ใ)_/ยฏ
sturdy sequoia
uuurrrghhhhgghh the osi model is giving me flashbacks
digital estuary
the 1-2 weeks of me randomly repeating the OSI model in my brain led me to fully memorizing it
mint inlet
the 1-2 weeks of me randomly repeating the OSI model in my brain led me to fully...
do you use a mnemonic sentence ?
digital estuary
do you use a mnemonic sentence ?
at first I did to just quickly memorize the layers but I don't need a mnemonic anymore
mint inlet
at first I did to just quickly memorize the layers but I don't need a mnemonic a...
same, it's really helpful at the beginning
sturdy sequoia
how often do you use that knowledge nowadays?
marsh lark
at first I did to just quickly memorize the layers but I don't need a mnemonic a...
I forgot wut it was again LOL
mint inlet
how often do you use that knowledge nowadays?
i would say often, it depends
marsh lark
I know there are smth like Physical, application, smth
digital estuary
I was planning to pivot into networking or sysops because I became fond of both so I'm sure I'll use it at some point
mint inlet
I know there are smth like Physical, application, smth
Physical Data link Network Transport Session Presentation Application
if i'm not wrong
marsh lark
All People Seem To Need Diet Pepsi
LOL
digital estuary
i remember one for the trigonometry circle
in which quadrant is sin,cos,tan, or cot positive
sturdy sequoia
All People Seem To Need Diet Pepsi
haha the one i leaned ended in Data Protection
digital estuary
I can't remember the mnemonic of that one ๐
mint inlet
I can't remember the mnemonic of that one ๐
"Oscar Has A Hold On Angie" ? ( just google it idk if it's that one)
digital estuary
that is NOT the mnemonic
marsh lark
that is NOT the mnemonic
smth about pizza?
digital estuary
All Students Take Calculus I think
mint inlet
soh cah toa ?
marsh lark
soh cah toa ?
I can remember than one well lol
sleek hare
chat when new challanges with difficulty "insane"?
sturdy sequoia
good for a beginning. and you can figure out the next step when you get there
small nexus
Hi 
balmy timber
alr thanks
whole rapids
Hi <:psyDuck:861274247438532639>
hi
silver hornet
i love tiktok
dark mason
peak highschool experience
digital estuary
lunar jolt
ngl 2 days in THM and its amazing
whole rapids
another hard challange into my completed challanges list
noice
sleek hare
ngl 2 days in THM and its amazing
ngl I need more insnae challanges
which actually take hours to solve
and are fun to do
sleek hare
noice
100% didn't messed up few times with reverse shell
100% didnt do rm -rfd / after got flag 3
delicate token
anyone know any good tools other than kali
sleek hare
kali is OS not tools
sturdy sequoia
anyone know any good tools other than kali
Tools for what?
sleek hare
which includes tools
delicate token
which includes tools
yeah thatโs what i mean
sleek hare
(from kali-tools repo if not wrong)
delicate token
Tools for what?
what do you think
sleek hare
Tools for what?
common sense doesnt exist
sturdy sequoia
what do you think
I don't know, that's why I'm asking
lunar jolt
ngl I need more insnae challanges
try hackathrons
whole rapids
phishing links
whats that
delicate token
whats that
replica of a site that looks real but counterfeit
sturdy sequoia
Kali has phishing tools
whole rapids
replica of a site that looks real but counterfeit
nah bro i mean why do you want such thing
delicate token
Kali has phishing tools
my kali donโt work.
delicate token
nah bro i mean why do you want such thing
prank my mates
still glen
I have completed Junior Pen Tester this week, i did my first two challenges yesterday. I was doing Rick and Morty CTF (easy difficulty) but overlooked some simple stuff. How should i improve my methodologies to stop wasting time on trying to find exploits and vulnerabilities when the answer is literally in inspect element? Or is this something that just improves the more you do CTFs?
sturdy sequoia
That's illegal and is not allowed here
delicate token
That's illegal and is not allowed here
itโs only illegal if i use it for illegal stuff. iโm using it for non illegal purposes
sleek hare
try hackathrons
uh
whole rapids
I have completed Junior Pen Tester this week, i did my first two challenges yest...
its normal to cheat on CTFs you'll face this many times
sturdy sequoia
itโs only illegal if i use it for illegal stuff. iโm using it for non illegal pu...
If you are doing it to your friends without their permission it's illegal
sleek hare
its normal to cheat on CTFs you'll face this many times
For me cheating is using AI
and I use AI often to fix my broken code or broken command while challanges
delicate token
If you are doing it to your friends without their permission it's illegal
theyโre my friends.
marsh lark
its normal to cheat on CTFs you'll face this many times
cheat on challenge rooms?
whole rapids
For me cheating is using AI
i meant by cheating is reading writeups
whole rapids
cheat on challenge rooms?
writeups bro
sleek hare
i meant by cheating is reading writeups
ah ok im not cheating then โค๏ธ
once I tried as I stuck for hours
writeup didnt helped
room was just broken
whole rapids
ah ok im not cheating then โค๏ธ
yeah i didnt mean it like that
still glen
its normal to cheat on CTFs you'll face this many times
Yep, i started to use literal brute force on the login page using ffluf and looking at CVEs for the web server and ssh versions
sleek hare
๐ my sided issue java 8 and spark refused to work so I gave up
or wait it was another room?
I forgot I 100% remember I gave up on some room after it was broken
like heavily
sleek hare
I have completed Junior Pen Tester this week, i did my first two challenges yest...
always check F12
I had situation when I literally hacked in real life production deployment admin account using F12
sounds funny but company later got "attacked" by local DPA
whole rapids
the rooms ive done without writeups can be counted on hand lol
sleek hare
as there was data breach due of that
suspected data breach*
ah yeah web is now down and I never heard anything from person who hired me to test their web after that โค๏ธ
๐ insane stuff but F12 is powerfull
still glen
I will remember to check f12 now. Is trial and error the only way to learn this skill?
sleek hare
I will remember to check f12 now. Is trial and error the only way to learn this ...
About F12
I always did that even before I started to mess around in cybersec
sleek hare
As I used to check if my backend somehow got leaked to frontend
๐ just lets say I got used to F12 so I always check it on pages such as login/sign up etc
But ig for most people it would be as you said "trial and error" way to learn
sturdy sequoia
yer slowly adding more methods over time. then just getting a general feel for it
still glen
I see, i am also confused on when i should start moving to the next learning path (the web application pen testing > red teamer). I would really like to apply what i have learnt over the span of months without going directly into theory / solving questions again.
still glen
But ig for most people it would be as you said "trial and error" way to learn
Is there a way to learn how to do basic recon and stuff faster than the trial and error method or should i just keep trying to do ctfs and learn that way
sleek hare
wellllll
I always do rustscan, if web server then check it and gobuster it/ F12 on such things which can be seen to be connected with backend
rest is well tryitandsee methode in most cases xd
stable steeple
I always do rustscan, if web server then check it and gobuster it/ F12 on such t...
This is the way
sleek hare
This is the way
I know
stable steeple
still glen
I always do rustscan, if web server then check it and gobuster it/ F12 on such t...
I see, thanks ๐
twin ridgeBOT
Gave +1 Rep to @sleek hare (current: #1279 - 4)
sleek hare
np
narrow bone
I always do rustscan, if web server then check it and gobuster it/ F12 on such t...
Not a fan of RustScan its aggressive scans can crash weak infrastructure and get you flagged by IDS/IPS, making it noisy and risky for stealthy pentesting. Nmap controlled is much more fun.
sleek hare
Not a fan of RustScan its aggressive scans can crash weak infrastructure and get...
I use agressive scanners
I got told that netdata is undetectable
never used it will look
nmap is too slow for me
in real world scenario if I hack something I have tons of ips
and I can allow myself to do agressive scans
narrow bone
and I can allow myself to do agressive scans
sounds quite suspicious never seen someone who is working in that field saying/doing agressive scans knowingly hurting the infrastructure of the attacked one.
and nmap is not slow. You can always go for a -T4 -T5 if you really want to.
sleek hare
sounds quite suspicious never seen someone who is working in that field saying/d...
not like its doing high impact to their infra
also I always get permissions to do that
nor I do it that often - if I do its usually on my own infrastructure (or in THM challenges)
if you have something against my ways - ok idc
agile path
Hi
I am a person who wants to learn hacking. Is there anyone who can come to me in a room and teach me everything and we can be friends?
sturdy sequoia
I am a person who wants to learn hacking. Is there anyone who can come to me in ...
sleek hare
and nmap is not slow. You can always go for a -T4 -T5 if you really want to.
comparing to rustscan its slow
atleast for me
marsh lark
comparing to rustscan its slow
nmap is slower, but doesn't mean rustscan is better
sleek hare
fairs
agile path
I want someone to talk to and let me know that I have all the tools
sleek hare
for me it fine (rustscan)
marsh lark
for me it fine (rustscan)
however, rustscan is also very noisy
marsh lark
and I can allow myself to do agressive scans
agressive scans can definitely damage infra
sleek hare
agressive scans can definitely damage infra
maybe maybe
marsh lark
maybe maybe
from what I've heard from experts, never do aggressive scans when pentesting
marsh lark
like while you are pentesting?
sleek hare
in most cases
marsh lark
oh yeah
sleek hare
blue team might get alerted
but in my scenarios they rarely have blue team watching stuff 24/7
so I can allow myself doing that
if even they have them*
rich pulsar
anyone want try brute-force ssh my server for me to get logs ?
marsh lark
anyone want try brute-force ssh my server for me to get logs ?
-# can't you technically do that yourself?
winged meadow
-# can't you technically do that yourself?
yea sm
rich pulsar
but i want more haha
marsh lark
but i want more haha
the main concern with that request
is that your logs will have details that no one wants to give away
winged meadow
but i want more haha
hahahh hahahahahahahhahHAHAHAHAHhahahahHAHAHHAHAHAHAHAHAHAH very funny joke ๐คฃ ๐คฃ ๐คฃ ๐คฃ ๐คฃ ๐คฃ ๐คฃ ๐คฃ ๐คฃ ๐คฃ ๐คฃ ๐คฃ ๐คฃ ๐คฃ ๐คฃ ๐คฃ ๐คฃ ๐คฃ ๐คฃ ๐คฃ ๐คฃ ๐คฃ ๐คฃ ๐คฃ ๐คฃ ๐คฃ
rich pulsar
I mean you can try if you want
white wharf
Heyo, as a cs undergrad who is just starting to center into cybersec, what advice would y'all give? Also how do you guys sit long enough to do that stuff?
marsh lark
-# also probably best to delete that image
white wharf
Heyo, as a cs undergrad who is just starting to center into cybersec, what advic...
Like I'm literally that the cyber sec 101 path rn.
rich pulsar
hah ok
winged meadow
I mean you can try if you want
hm i will tel u after abot this
stable steeple
Like I'm literally that the cyber sec 101 path rn.
that's a good start where you will learn a lot of things
rich pulsar
Heyo, as a cs undergrad who is just starting to center into cybersec, what advic...
as much as you enjoy the work
white wharf
as much as you enjoy the work
Ah, I see. But sometimes, it just turns into googling a lotta stuff and yeah...
I did some cryptography and really liked it
That's why I decided to enter cybersec
rich pulsar
it shows your ip, so
it in DMZ i think it fine
white wharf
But it's so vast my mind blows into smithereens.
stable steeple
Ah, I see. But sometimes, it just turns into googling a lotta stuff and yeah...
take it easy, there are some parts in cyber i hate and other parts i love take your time ^^
white wharf
take it easy, there are some parts in cyber i hate and other parts i love take y...
Ooh, I see.
stable steeple
Ooh, I see.
like i didnt learn a lot of active directory but i fkin hate windows and powershell, however im a huge fan of web hacking!
cyber 101 will teach you everything then you can try doing some guided labs in thm
even standard labs with why not a walkthrough if you struggle
white wharf
like i didnt learn a lot of active directory but i fkin hate windows and powersh...
That's exactly the part I have no motivation to do lewl.
rich pulsar
you can choose whatever you like from pentester to soc analysis analyze logs or build a SIEM to monitor logs
sleek hare
anyone want try brute-force ssh my server for me to get logs ?
try it by urself
stable steeple
true
sleek hare
cuz
we all know you might get us in legal toruble
or get infos which nobody wants to share
sleek hare
we all know you might get us in legal toruble
eg: if it isnt ur server etc
stable steeple
That's exactly the part I have no motivation to do lewl.
are you french by any chances according to your nickname, else i can give you some good ressources
white wharf
are you french by any chances according to your nickname, else i can give you so...
No I'm not. (But why the french hate ๐ญ )
stable steeple
No I'm not. (But why the french hate ๐ญ )
ahah sad cause i know a very good guy on youtube that is doing a bunch of CTFs explaining very good
sleek hare
saves up to 90% of storage space!
rich pulsar
eg: if it isnt ur server etc
but mine, i building a ELK to monitor the logs
sleek hare
--no-preserve-french
some systems dont need that tag
white wharf
ahah sad cause i know a very good guy on youtube that is doing a bunch of CTFs e...
Oh. In French?
stable steeple
some systems dont need that tag
oh really? i thought it was now universal to be needing the flag
stable steeple
Oh. In French?
yup
white wharf
:/
sleek hare
oh really? i thought it was now universal to be needing the flag
most modern ones need flag
sleek hare
but mine, i building a ELK to monitor the logs
use VPN and do it by urself
white wharf
ahah sad cause i know a very good guy on youtube that is doing a bunch of CTFs e...
Another dose of life screwing me ๐
(Should I learn french?)
stable steeple
(Should I learn french?)
lol xDD
rich pulsar
<@768520286676975656> actually curious, give me server ip
dm me
stable steeple
trust me dont
i am french and i dont even know why and how im making some sentences
sleek hare
i am french and i dont even know why and how im making some sentences
I'm learning french since 3 years in school
I still cant build proper sentence
thats just sad
white wharf
trust me dont
Can't be worse than german. ๐ญ
(No offence to anyone, its just that I don't pay attention in classes)
sleek hare
Can't be worse than german. ๐ญ
(No offence to anyone, its just that I don't pay...
It is worse than german
white wharf
๐
stable steeple
Can't be worse than german. ๐ญ
(No offence to anyone, its just that I don't pay...
german is way easier
sleek hare
fr
white wharf
Why couldn't people just stick to heiroglyphics ๐
sleek hare
alr guys I was right
he could have gotten us in troubles
its resident IP and he got no perms from ISP (in most cases without it its illegal atleast here)
๐
stable steeple
fine
stable steeple
anyway if you want a good roadmap to learn cyber with thm you can have a look to this github https://github.com/rng70/TryHackMe-Roadmap
sleek hare
<:NotLikeThis:689847725969244171>
xd
white wharf
anyway if you want a good roadmap to learn cyber with thm you can have a look to...
Thenks. <3
stable steeple
npp
gusty inlet
@rich pulsar ?
sleek hare
feral whale
do you guys take a break for a day when u feel overwhelmed?
sleek hare
can he stop lying?
I literally looked up their subnets
hes in residental or enterprise subnet
not cloud services subnet
๐ญ ๐
hostname localhost insane
stable steeple
do you guys take a break for a day when u feel overwhelmed?
yeah ofc dont be overwhelmed with learning something new
rich pulsar
i mean the router on ppoe then the firewall manage routing
rich pulsar
i just dont know this one just for my lab
feral whale
yeah ofc dont be overwhelmed with learning something new
aight, yeah my heads burning right now
sleek hare
in most cases you need to get permission from ISP for such things
like DDoSing urself, port scanning, bruteforcing, etc.
stable steeple
aight, yeah my heads burning right now
what are you currently learning just by curiosity?
feral whale
what are you currently learning just by curiosity?
web application penetration testing
solar echo
lebron james
sleek hare
Update!
I just checked some fanzy vietnam laws
He really tried to make us do something illegal there
โค๏ธ
stable steeple
web application penetration testing
ahah yeah web app testing can be hard at first cause there are toooo much things to learn but honestly i learned webapp hacking by just doing easy web labs and having the walkthrough near me, in web app testing i would say the most important points when beginning is
- directory/files fuzzing with gobuster or ffuf or idk which tool
- sql injections
- lfi (local file inclusion)
- rce (remote code execution)
but there are so many ways to execute them that i would recommend you to do some practice alongside the theory
like in the past week i learned how to do api fuzzing by doing a lab and reading a walkthrough
then i did another lab with api fuzzing in solo
stable steeple
He really tried to make us do something illegal there
yay xD
sleek hare
yay xD
he continues on lying in my dms
and stating its legal
๐ญ bro I just read law
from 2019 and 2024
sturdy sequoia
just report them and move on
sleek hare
just report them and move on
h o w?
sturdy sequoia
./report without the .
feral whale
ahah yeah web app testing can be hard at first cause there are toooo much things...
alright sounds good. i might give it a shot trying it like this. but for today i am surely out ^^
sturdy sequoia
just click the button?
that reports them to discord
stable steeple
that reports them to discord
yeah true but it will block the user
sturdy sequoia
./report should auto fill as a bot command in this server
sturdy sequoia
report user
marsh lark
either report message or report user
grim ledge
hey any one working in soc ? also fortisiem i want some help with it pelase let me know if you know someone who knows soemone
calm briar
hidey ho neighboreenos
sturdy sequoia
report user. that looks like report
stable steeple
that's the wrong one?
silver hornet
hi everyone
calm briar
yall know how when you NMAP scan something - ifyou sudo it you'll get back different results?
sleek hare
report user
sleek hare
just report
calm briar
anyone know how to SUDO a db_nmap while in msfconsole?
sleek hare
ill just dm moderator atp
sturdy sequoia
report user
you need to enter a reason
stable steeple
i was got brainrot w new machine at HTB fr
ive been rickrolled twice in a row yesterday with a machine kek
marsh lark
both of them
for the first one, you need to add less characters
for the second one using YAG, you can't do that one
silver hornet
ive been rickrolled twice in a row yesterday with a machine kek
i got these passwords w passwdspray but can't get the user session:)
freakin insane machine
sleek hare
for the first one, you need to add less characters
I just dmed mod atp
I can't explain this situattion in 200 chars
marsh lark
gotcha
sturdy sequoia
I can't explain this situattion in 200 chars
"illegal activity" is all you need to say
sturdy sequoia
I would also avoid dming people asking for that kind of stuff
If they're not willing to say it publicly then they're doing something dodgy. And if they do say it publicly then the mods can see it more easily
sleek hare
If they're not willing to say it publicly then they're doing something dodgy. An...
โ๏ธ ik
this is why I went ahead ok give me ip etc
sturdy sequoia
Yer but I wouldn't do that in dms
shrewd dune
sup gang. Do you think DFIR is getting paid better than pentesters?
sleek hare
Yer but I wouldn't do that in dms
they moved me there โ๏ธ
calm briar
is anyone confident with the msf DB skillz??
sturdy sequoia
they moved me there โ๏ธ
you could have just said no
sleek hare
you could have just said no
eh
sand trench
Canโt you ever give a straight answer to a question? By the way, what is your fa...
kara no kyoukai
calm briar
so nmap with SUDO gives a different response than nmap without sudo - then how does one use db_nmap in msfconsole , because you cannot do a sudo in msfconsole? also running msfconsole via sudo does not some how carry the sudo priv over
sleek hare
so nmap with SUDO gives a different response than nmap without sudo - then how d...
id say AI got nice answer and explanation (ik this reply is useless)
broken plaza
grim widget
Anyone knows if there any Agentic AI Security certs or similiar yet?
silver hornet
sup gang. Do you think DFIR is getting paid better than pentesters?
yup
golden robin
sly vine
Is working in bug bounty solo that hard?
marsh lark
Is working in bug bounty solo that hard?
yes
sly vine
Why
marsh lark
in most cases
you find very small bugs
and even if you do find them, its probably a duplicate of what someone else found
neat kindle
im gonna skidy my skidaddle
THAT IS CRINGE
hey li bro
this just aint it
jabba he is just so corny and a new account
kinda sus a bot account
gusty inlet
Not the server for it.
neat kindle
i have several silly gifs for this guy but jabba will shoot me if i post
oh good
hes gone
stable mantle
Guys, in a month, I'm going to go to a CTF tournament in my city. So far, I know a little bit about Linux, how the network works, and the OSI model. What do you think about it?
open lake
stable steeple
https://cdn.discordapp.com/attachments/1415032375456563270/1428036877159628800/a...
naaah you leaked my ip too ๐ค
stable mantle
Guys, in a month, I'm going to go to a CTF tournament in my city. So far, I know a little bit about Linux, how the network works, and the OSI model. What do you think about it?
twin sparrow
Guys, in a month, I'm going to go to a CTF tournament in my city. So far, I know...
Great job
W
boreal scarab
marsh lark
https://tenor.com/view/marines-gif-11132393
hi matt ๐
boreal scarab
hi matt ๐
stable mantle
Great job
thanks but I don't know anything about ctf, I just got a message from my curator about what ctf will be like in a month, and I said I'm in
twin ridgeBOT
Gave +1 Rep to @twin sparrow (current: #3223 - 1)
twin sparrow
thanks but I don't know anything about ctf, I just got a message from my curator...
It's your first CTF?
stable mantle
It's your first CTF?
yes
stable mantle
It will be easy
why?
twin sparrow
why?
Well yeah prob for you will be a lil bit hard at first
But you got to learn and practice what you learned
marsh lark
it probably won't be easy, but you learn ๐
stable mantle
Thanks for the advice, now I know what I'm going to do today
marsh lark
https://open.spotify.com/track/2yN2B1x7ypvUd13EzEblz2
wut
alpine sigil
How do you guys focus developement dsa job + hacking
twin sparrow
Thanks for the advice, now I know what I'm going to do today
Np
grizzled sky
How do you guys focus developement dsa job + hacking
one day at a time;
procrastination is a great motivator for learning;
like i am supposed to be applying for jobs atm. instead i am going to be working on a thm page for a bit;
gritty bane
like i am supposed to be applying for jobs atm. instead i am going to be working...
i think these are just excuses
but yea
grizzled sky
after that might work on my nextcloud setup on my homelab instead of working, or reading this cool website about offensive hacking someone linked yesterday: https://book.hacktricks.wiki/en/index.html ;
grizzled sky
i think these are just excuses
of course they are. but its not fun to do something if you don't have something else more important you're not doing so you can feel naughty while you do it;
gritty bane
you know what let's just agree to disagree
open wharf
hi
rapid merlin
how can i buy THM premium if i only have a card with doesn't support international payments and a regional payment method (in my case UPI, the indian online payment method)?
solemn yacht
how can i buy THM premium if i only have a card with doesn't support internation...
I use Wise. Its like prepaid debit card. There's other brands as well.
rapid merlin
Just use crypto
topaz sedge
how can i buy THM premium if i only have a card with doesn't support internation...
You can't.
pine bison
Guys, in a month, I'm going to go to a CTF tournament in my city. So far, I know...
if its a jeopardy style ctf. that won't be enough
paper stirrup
hi
slow cloud
Hi
proven quartz
Thanks for the advice, now I know what I'm going to do today
If you want to learn about CTFs, I'd suggest checking out PicoCTF. It's a free platform from Carnegie Mellon University to train people to become good at CTFs. You should be able to cover a good chunk of it in a few weeks and have lots of fun in the process
https://www.picoctf.org/
bleak quartz
If you want to learn about CTFs, I'd suggest checking out PicoCTF. It's a free p...
Got any AD labs on that?
I've heard a lot but never tried
gritty bane
Got any AD labs on that?
you're not finding AD in picoctf lol
heady parrot
guys i make my own pip for pdfs could u give me a feedback tysm https://github.com/Abdullah-js/colorchangerPDF
proven quartz
Got any AD labs on that?
PicoCTF is foundational knowledge. Once you're able to pass the networks on THM, you should consider AD-based cerrtifications like ZeroPoint's CRTO I & II or Altered Security's CRTP/CRTE, etc...
sleek hare
first time ever used my skills with working on log analyze to mitigate ongoing ssh bruteforce attack
gosh my friend just released mc server
and instantly people started trying to bruteforce his VPS
I like felt it will repeat situation from last time and in the end yeah instantly someone trying to compromise it
5 IPs blocked, 3.6k total attempts
heady parrot
is my project looks good?
sand trench
guys i make my own pip for pdfs could u give me a feedback tysm https://github.c...
naah sticking with zathura here
sleek hare
guys i make my own pip for pdfs could u give me a feedback tysm https://github.c...
so its
dark mode for pdfs?
who even likes dark mode???
light / white mode on top
sand trench
who even likes dark mode???
heady parrot
omg lol
what a hate but u can even make any color u want
like if u want pink
no problem
pink pdf!!!
heady parrot
yeye
sleek hare
curious - for how much would you sell the project?
I know a friend who might be interested in that
slow glen
Thanks for how ever do what he did last time
And for everyone else I need an expert blue member
heady parrot
oh really that actually good but i make this project so i can applied for more jobs lol it took me about 2 weeks i believe but i was doing other things
slow glen
Anyone who has the skills plz DM me
sleek hare
Anyone who has the skills plz DM me
why tho
sleek hare
It's a new kind of virus so I could need some help
explain
slow glen
explain
It's look like a picture but the reality is a hidden virus after a lot of legitimate links and .exe so the anti virus can see it
Can I call u and explain to u in a video call plz
We'll be glad if you could help
sleek hare
hm
not that I can go in calls
but that sounds interesting
but good antiviruses will spot that easily tbh
if the virus is known ofc
frozen gull
guys
should i learn solidity
blockchain tech
if i do learn outta pure curiosity how can i merge my cybersec skills
slow glen
if the virus is known ofc
I think it's an unknown one that's the case
sleek hare
^ hes victim / his friends are victims of social engineering attack as it seems
sadge
bleak quartz
PicoCTF is foundational knowledge. Once you're able to pass the networks on THM,...
Yes ofc for certs but like practice
bleak quartz
It's a new kind of virus so I could need some help
Not new..
frozen gull
dreamy bronze
๐ญ
umbral shore
hi
dreamy bronze
what up
umbral shore
someone plz try my costumize roblux and tell me it performance 1000 roblux forme me trust
plz
molten wyvern
loud marlin
@gusty inlet
dreamy bronze
get emm outtaaa here
umbral shore
is just an app test plz
molten wyvern
umbral shore
plz
loud marlin
@mossy river
digital estuary
too bad
noob
i am not customizing ur roblux to tell you it performance 1000 roblux foryou you trust
molten wyvern
how do i get permission to post media
digital estuary
how do i get permission to post media
verify your discord account
NOT DISCORD
THM MY BAD
sharp citrusBOT
digital estuary
refer to above @molten wyvern
ripe sleet
https://cdn.discordapp.com/attachments/1412459337796026431/1428037000308719737/9...
Hello No Name! 
digital estuary
hello darkfly
ripe sleet
hello darkfly
Hello aaron!
digital estuary
someone plz try my costumize roblux and tell me it performance 1000 roblux forme...
why did you delete the malicious link
sleek hare
Hello No Name! <a:wave:1368841660749975612> <a:wave:1368841660749975612> <a:wave...
hai ๐
digital estuary
oh he left
sleek hare
hru?
digital estuary
boring
dreamy bronze
i wanted to look into it now its gone
digital estuary
:/
digital estuary
i wanted to look into it now its gone<:NotLikeThis:689847725969244171>
u na na una
dreamy bronze
https://tenor.com/view/dance-usagi-gif-13220781894726031162
๐
rugged valley
team?? anyone wanna take me in?
onyx vault
Hii i have a question, when accesing target machine on try hack me tasks which IP do we have to use?
worldly pollen
gm girls
worldly pollen
Hii i have a question, when accesing target machine on try hack me tasks which I...
u have to connect with ssh port
onyx vault
oh ok i found it thanks a lot ^^
boreal scarab
loud marlin
https://tenor.com/view/cat-cat-meme-cat-wiggle-funny-cat-raised-cat-gif-16677521...
u fat
boreal scarab
i no ugly. my mom tells me that im special โค๏ธ
Mine too! My mommy tells me I'm special!
loud marlin
so we special on ^2
digital estuary
velvet gull
can i hire y'alls moms to tell me that too i missed out on that experience
loud marlin
can i hire y'alls moms to tell me that too i missed out on that experience
u special also ๐
velvet gull
ty now i feel complete, can conquer the world now
loud marlin
@sand trench idk if yu try linux app for yubico. you have nice things to play with
sand trench
<@228199546050707456> idk if yu try linux app for yubico. you have nice things t...
tried the simple yubico app before but this looks different
loud marlin
app phone is ok. this is on linux it self. have tons of things that idk what they are lol
just to make it work need to tweak some shits bit more. kinda
boreal scarab
so we special on ^2
loud marlin
fat is ok
loud marlin
oh that's not ok
worldly pollen
oh that's not ok
/:
loud marlin
health releated, or just lazy ?
loud marlin
so if i tell you LAZY FUCKER, im not wrong ?!
loud marlin
not as insult ofc. just straight forward talk.
worldly pollen
I talked to a girl, but she called me a shitty clone fat ass.
loud marlin
then again, im skinny. can't get fat even when i was on stereoids (medic order and so )
worldly pollen
should i try again my chance?
loud marlin
well... if you are not lazy to talk then go heh
worldly pollen
well... if you are not lazy to talk then go heh
but.. she said fat ass
and I am cooked
loud marlin
well... again, is she wrong?
worldly pollen
no sir
loud marlin
well... then you know what problem is...
worldly pollen
The dorm has a shared pool. All the girls were there. I jumped into the swimming pool, and everyone thought there was an earthquake.
loud marlin
at last you can get ppl to leave you alone ๐ which is not so bad thing lol
worldly pollen
IT'S ALL ABOUT THE HE SAID SHE SAID BULLSHIT!
we need a glowup
limpid summit
There is a lot of car here , i like that
sand trench
183cm 183kg is that fine?
so you are shorter then shadow but more then double shadows weight
worldly pollen
so you are shorter then shadow but more then double shadows weight
bombaa
yh ๐
sand trench
188cm
75kg
loud marlin
everything is possible if you have Jesus Christ in you'r heart... (and other lies that ppl tell them self)
sleek hare
188cm
75kg
I'm like 180cm and I weight around 50kg
worldly pollen
I'm like 180cm and I weight around 50kg
dudee
sleek hare
48kg nearly 49kg was last time I weighed
worldly pollen
48kg nearly 49kg was last time I weighed
how old are u
sleek hare
15
sleek hare
Nearly 16
whole rapids
15 and 180
crazy right
sleek hare
15 and 180
I'm tall ๐ญ
worldly pollen
I'm tall ๐ญ
dont jump anymore 180- 185 fine but 200cm idk
you need to eat bigmac like me
worldly pollen
bigmacs suck btw
damnn
sleek hare
detector 860 lines
protocol 279 lines
rule manager 644 lines
yara updater 483 lines
agent 896 lines
central manager 1315 lines
rule manager cli command 217 lines
test suit for alerts 403 lines
test suit for custom features 212 lines
test suit detection 406 lines
manage.sh 269 lines
install.sh 130 lines (could be less if I just didn't put a lot of instructions -> same applies to manage.sh)
I'm working on Python based IDS
worldly pollen
hardworking
worldly pollen
blue team right?
worldly pollen
I'm purple teamer
lol yh sure
queen flare
@sand trench mind if i send a dm?
queen flare
i wanna discuss something regarding internet privacy
sleek hare
And I do a lot of blue team stuff too
sand trench
<@228199546050707456> mind if i send a dm?
about roughly want???
sleek hare
so i'd say im purple teamer ig
worldly pollen
But red team is more fun โค๏ธ
I agree that , are u using suricata or snort for IDS IPS
sand trench
i wanna discuss something regarding internet privacy
go ahead
worldly pollen
btw yara rules is kinda boring
sleek hare
I agree that , are u using suricata or snort for IDS IPS
uh
I don't use any of them
I use my own
Novel
the thing I'm coding its remake / v2 of it
I want to integrate its alerts with wazuh
probably easiest part out of everything im doing
worldly pollen
hmm good job for 15yo
worldly pollen
wasting my time tbh
u are not
sleek hare
as I know I wont go into cybersec later
I will go into politics
and everything I do here is a waste of time
xd
worldly pollen
wasting your time when i was 15yo I was playing brawl stars all time
sleek hare
I don't like games..
and I get yelled by playing them
Well- I still play some of them like osu or minecraft
actually Suricata made me interested
as my novel is 100% bad in current stage I might put it
worldly pollen
actually Suricata made me interested
Suricata > snort
sleek hare
yeah noticed
even tho I studied mostly cisco stuff
sorry cisco nah im not going with yall stuff today ๐ญ
worldly pollen
its also fine u know the rules how to use
its very simllar
cisco (snort) as i understand
sleek hare
btw yara rules is kinda boring
true
maybe
but as far as I see single thread
ehh
my server is not that good for single thread apps/softwares
loud marlin
loud marlin
Jeffrey Dahmer setup
sand trench
where did he steal a half life 1 blue barrel from???
naive path
first message on this server and i will say i swear that's insane
he play on a barrel
loud marlin
idk. but then again will not ask him
distant robin
Some random person from here tried to add me as a friend and I don't know them. No friends in common either.
loud marlin
wellcome to internet
whole rapids
Some random person from here tried to add me as a friend and I don't know them. ...
average discord experience
distant robin
I've not even spoken to that person in here. ๐
digital estuary
wellcome to internet
loud marlin
I've not even spoken to that person in here. ๐ <:NotLikeThis:68984772596924417...
ask him does he knows anything about'h aerodynamic shape of a cow
digital estuary
Aaron. <:tipsfedora:662730883513450504>
digital estuary
gorgeous
loud marlin
don't let me start
quick blaze
Cow.
quick blaze
don't let me start
I like aerodynamics.
quick blaze
I'm a little bit of a Formula One nerd.
loud marlin
I like aerodynamics.
my ex try to be funny when asking me that... well...
quick blaze
goodnight everyone ๐๐ผ
Goodnight Aaron.
loud marlin
yea
rapid merlin
13 yr old girls on discord have it so easy bc everyone wants to be their friend but take the average dude like me and itโs the opposite, the world is cruel
sand trench
...
loud marlin
13y old is not girl, it's a child
floral ice
13 yr old girls on discord have it so easy bc everyone wants to be their friend ...
... wha-
loud marlin
just ignore. it's trolling
mighty granite
the OSI model the most boring thing...uhhh
loud marlin
the OSI model the most boring thing...uhhh
kinda. but important to understand
mighty granite
how good do you undertstand it?
loud marlin
50/50
slow cloud
I know the layer names but thats about it for me
trim portal
13 yr old girls on discord have it so easy bc everyone wants to be their friend ...
โฆโฆuhโฆ but isnโt 13 year old a child? And why are you talking to them?
rapid merlin
What's going on here?
stable steeple
Hey! Have anybody experienced that with mysql?
honestly i checked on google etc but i can't find, peoples are talking ssl certificates but yeah tf i just want to connect, peoples in walkthrough dont have this issue xD
. ?
whole rapids
honestly i checked on google etc but i can't find, peoples are talking ssl certi...
try --ssl-mode=DISABLED
loud marlin
you'r target have trust issue ๐
ripe sleet
โฆโฆuhโฆ but isnโt 13 year old a child? And why are you talking to them?
Hello Skittles!
stable steeple
you'r target have trust issue ๐
his parents must have told him to not trust people you dont know
stable steeple
maybe try `--ssl=0` or `false `or `--skip-ssl`
YEAAAH --ssl=0 works
sleek hare
people
stable steeple
tyy
trim portal
Hello Skittles! <a:wave:1368841660749975612> <a:wave:1368841660749975612> <a:wav...
Hello Darkflyy 
Hello No name and Alexander 
rapid merlin
Halo๐๏ธ
whole rapids
Halo๐๏ธ
hii
gilded zodiac
hi ๐
wet kestrel
Hello!
sleek hare
Hello No name and Alexander <a:CE_WaveWave:1351327669991768159> <a:CE_WaveWave:1...
haiii
rapid merlin
Hello everyone, I begin to learn computer science in french highschool, im starting the chapters of computer science and I would like to perform and to improve myself with these trytohackme box but I don't know how to start when I start one.
sleek hare
mitigating brute force attack which is going on in my servers
not like someting will happen just annoying to see 6k+ logs in wazuh
rapid merlin
If anynone could guide me in starting tryhackme box challenge it would be great !
sturdy sequoia
Hello everyone, I begin to learn computer science in french highschool, im start...
rapid merlin
<#806554132117979143>
Thanks you, I'll watch.
twin ridgeBOT
Gave +1 Rep to @sturdy sequoia (current: #388 - 19)
rapid merlin
I see
sleek hare
Hope you are having a good day<:st93_wow:939128985554653204>
how are you doing?
fierce tinsel
hi anyone help me please
i have start the machine the lesson machine but it didnt open split screen so now how can i access that machine
and open split screen
?
sturdy sequoia
hi anyone help me please
i have start the machine the lesson machine but it di...
did you also start the attack box?
trim portal
how are you doing?
I am good, and you?
sleek hare
existing
fierce tinsel
once i start the attack box then how can i connect to my Target Machine?
sleek hare
target machine is the one you need to compromise
task is either given or not
id suggest port scan in the start if no info is given
rest is dependent on what port scan gives
if web server (in most cases so) id gobuster it etc
if wordpress wpscan it etc
have fun
bleak quartz
is thm working for ppl?
Like the vpns?
For me I get connected but can't access machines
pinging or scanning
0 things back
works just fine from attackbox
thus why I think it's vpn issue
@mossy river any clue?
If not I'll just do it from attackbox
sturdy sequoia
once i start the attack box then how can i connect to my Target Machine?
When you start the attack box it will open the split screen view. Additionally when you start machine a red bar will show in the room, after 1 minute it will show the target ip address.
Are they both working so far?
fierce tinsel
yes
fierce tinsel
so currently i am in attack box root kali right . now i need to change my machine to that target machine suppose target machine is 10.102.21.222 for example
then how can i connect that
sleek hare
you need to compromise it
sturdy sequoia
That's the challenge
sleek hare
aka hack it
sturdy sequoia
All good. You're not stupid, just new
sleek hare
i am so stupid
I'm stupid tbh but you aren't
Solving challenges instead of learning stuff
And using educational platform as a game
๐ญ ๐
sand trench
game goes
DAKA DAKA DAKA
sleek hare
game goes
DAKA DAKA DAKA
Games goes about mythical stuff
I believe greece or whatever
I'm bad at mythology+ don't remember
distant robin
Is there a way to force it despite returning errors?