#general

ohh i dont think i have it in my uni

its CS

i got cs cause i didnt want anything too specific

but i just take a lot of cyber courses

i know it focuses a lot on coding but a lot of employers seem to accept cs

for a variety of thins

nah you dont know

Yeah companies will hire Comp Sci over CyberSec for Cyber Sec positions but like why 🙃

there is mabye 1 or 2 coding courses

any degree has a lot of unrelated courses

wait why really?

Because CyberSecurity is a SCIENCE

yo how often do 50% vouchers pop up for pt1, i had one pop up a couple weeks ago but was too slow and im dying for another one

but Computer Sci is NOT coding

That’s like half the curriculum

thats why we hd classes like data structurs and algorithms

72 101 108 108 111 32 119 111 114 108 100

I’m not converting all’at

not related to coding

its not meant to be converted

its english

It's because you're open to much more than just learning a SIEM. You're learning the basics of a computer than staring at a pcap and say there's their initial access.

numbers are english

hello world!

it doesn't completely teach you how to code though i will agree with that

nah i dont know what about you , but i took only 2 coding courses in Java and C and thats it

you have to learn it on your own

what a coincidence!!

Brother that doesn’t even make sense. I don’t know what you mean

those were random numbers

hahaha

yeah cuz cs is not about coding

to me its a peice of paper

I didn’t do C just 1 full year of Java

what is it about then lol

praying for all cs grads

The computer SCIENCE

lol okay

algo , structs , os , networks

Hi

and a lot more

we didnt' have much about networks

Science is already in the degree why gotta say it again comp sci nerds?

Hi

atm machine

to feel important

Computer Science^2

Cyber degrees teaches you the tools, but not the basic understanding of the architecture of a PC, the Internet, Coding,, etc.

That is completely false

Calc is short for calculator ahhh discussion

at least at my uni its like that there is everything from AI to Crypto

for those of you who joined late

80-90% of my degree program was shared with IS and CS majors alike

https://tenor.com/view/my-honest-reaction-honest-reaction-skull-skeleton-gif-7769318199696770420

we had graph algorithms which is kind of related

Computer Science is a much more broad field of study than cyber.

That I won’t deny

yeah

But it also means less detail into concepts like cyber

We are niche gng

Hey @strong fjord I joined late, what does calc stand for again?

Calculator 🥸

Oh ok thanks. I didn’t know you were using the slang term

that's what i spent most of my time learning during school too i did read a lot of books that werent' assigned

I didnt know calculator could hurt so much 💔

cs is kind of weird in that it will teach you finite state machines but not regular expressions lol

books about cyber?

I know you're holding a calc rn

no programming

Dude you can do it in your head

I wont deny there's like math geniuses

I’ve never read a programming book. Ima 🤡 in the eyes of the programming lordes

I literally cannot tell if you know the video or not

not all of them were technical. for example the mythical man month

hello, i wonderwhat is the point to set up a shell through rce like you alrready have the possibility to execute arbitrary code on the machine hosting the website what do you get from setting up a shell on it

Get ready to clip this chat

Aight

A interactive shell is more stable.

I don't know how useful it is to learn finite state machines first it's kind of like learning latin to learn spanish

Maybe you want to fully pivot and own the machine?

lowkey a ctf where you have an ai on the other side acting as an active soc analyst and monitoring traffic would be cold as hell but has to be extremely well developed

its a lot of work and ou could just learn spanish

i get to write it on my resume though

that was the reason i went

ok i didnt know i can "pivot" and "own" the machine i guess i ll learn about it later

thank you

That's the billion dollar question when is it AI smart enough to run over a soc.

Microsoft Sentinel

Microsoft Copilot

Microsoft Defender

Microsoft XDR

It’s already done

It’s built in automation and response

Not quite soar

Wasn't there a sentinel in one of the aoc rooms

Microsoft is complete fucking shit

You can use sentinel in SOC sim

Microslop

everything they make seems overengineered to me

The point tho is that Microslop handles all the SOC work without needing an MSSP or team of analysts. Best for small businesses or large businesses who don’t need a SOC and are mostly cloud based.

which makes me feel bad cause their coders are way smarter than me so if they make what they make what can i make

i think whoever designed linux was a genius because its so simple but more powerful

Whoever???

You mean the legend

Linus

well he didn't make minux which is think was what he was basing it on

im probably spelling it wrong

No you’re thinking of Unix

it's been forever since i red the history

no

He made Linux as a FOSS version of Unix

i'm definately not

it was a type of unix though

ii think hang on

https://en.wikipedia.org/wiki/MINIX

it's in teh wikipedia article

https://en.wikipedia.org/wiki/History_of_Linux

i read whatever article i read more than 10 years ago so i don't remember the details thoug

but the way you chain simple commands to make bigger ones seems genius

i think it was actually a guy that worked for bell labs that came up with it

Ken Thompson and Dennis Ritchie that's in the article too

if anyone cares lol

the point is it's a good os

i wish things like bell labs still existed

companies don't really do things like that any more though

I had a Bell lab technical manual in my hand once

At Avaya

I wish I kept it... Not sure what it was about, but it was Bell Labs so I didn't care

the history

He’s pink!

yeah about that..

how do I change my color?

it's based on your level at thm

oh

whatever it's fine

I don't use it much

too busy working

I think they wanted me to do stuff on the weekend again

I logged off teams

im glad tthey normally don't bother me on the weekends where i work

i have a lot of reasons to keep my current job

being here keeps making me think about trying to move to security though lol

I'm not on call this week, so they really can't ask

you should

i have a long way to go

if i don't i could always consider bug bounty on the site i guess

side

that way i don't need to quit and i can still practice this stuff

Bug bounties can be depressing. Go with htb for a while

There is so much automation in bug bounties now that it's hard to find low hanging fruit

i don't expect it to be easy but someone where i work managed to do it so its not impossible

oh true

not impossible

he learned on the portswigger website

good training

highly recommend

im gonna try and focus on this for now

if i branch off too much i will get unfocused

and won't end up doing anthing

I feel like I'm never going to get this cert

you'll get it

you need time off too though

lol

yeah

I do payouts to this guy every month for Out of scope reports.
He reports subdomain takeovers for out of scope domains that are valid.
And we want to know about them.

So he gets 50€ for every report as a thanks

Gave +1 Rep to @lean arch (current: #3588 - 1)

see that happend there 😄 ha

bot be AI ran

oh awesome!

So that is low hanging fruit

he looks for dangling aws ips

he just happen to be top tier but still, reports are about simple things

Think it's more about you having to expand your scope and move to other programs. 😄

i just thought that if my coworker can do it i can probably get at least one with enough dedication

not expecting to make a lot of money

I may be a bit pessimistic, sorry

most easier bugs are probably in applications where they have no idea what a bug bounty is though

Old gang awaken @half relic @sturdy sequoia @silver sky https://www.youtube.com/watch?v=q_fh7d1zYF8

The memories

apparently my work has a bug bounty program

They're having naps

tee pee for my bunghole

I knowm, but they will see ping in the home later

when its diper change time

Its Oldholio shyft

its new

Got them replying like

"Dear Math,

Ha ha ha!! Thank you for the "ping", very funny.

Kind regards"

lol

I got a manager that messages like that and she genuinely drives me crazy

it dropped 5 days ago

i haven't seen that in quite a while

im writing my reply with a qill and parchment as we speak

this is brand new so they are old now

i am so tempted to email work-all AD group

and just turn off notifiations

make 22k users happy

22k users?

Sheesh

I think all in all its something like that

MSP?

20k somewhat devices

i wonder if i should do thm tonight or something else

might reinstall my os too

A man was arrested on Wednesday evening after he impersonated an F.B.I. agent at a federal jail in Brooklyn while carrying a pizza cutter, saying he had a court order for the release of Luigi Mangione, according to a criminal complaint and people familiar with the episode.

🤣

haha

Hey, what's up

our ISE has 190k endpoints

oh

Sup Denial

shall we send them something to share

some wannacry-again

Don't you just love it when people hit reply to all in situations like that just to say "don't email me"

nope, leave them alone, they save peoples lives

ok

And set off a chain reaction

just something

viggo remember sheep.exe?

not malware

No Math, I think i missed that one. when was that

the cute thing that jumped around on application windows

Odd, never saw it

it is still downloadable, I have it on USB, when my manager forgets to lock his computer I install it

https://www.youtube.com/watch?v=eHbNAaCQ-Yo&pp=ygUSc2hlZXAuLmV4ZSB3aW5kb3dz0gcJCZEKAYcqIYzv

this was a classic

sheep.exe is a blast from the past

yeah it is

Got my grades today. Passed my last 2 classes 🥳

Great

Just my internship left now

now you can have extra screen time mr

Is there any good room to learn steganography?

Stay way from that crap

just horrible CTFs add it

the horror

That's why I want to learn it

That's greeat to hear Denial!!!

Yep, big weight off my shoulders

onto the next set of weights

Real

Ayyy. Congrats!

Thx 🥳

Gave +1 Rep to @stoic quarry (current: #97 - 107)

I saw some goofy post on Instagram that claimed "hackers use steganography to communicate"

why would anyone do it for fun

some horrible old bands takes forever to find

Talking discretely by sending a PNG with 2GB of data shoved inside it

No one will know

someone needs to tell them about modern things

reminds me of this https://www.youtube.com/watch?v=O2rGTXHvPCQ

hello all

hello

It was just cringe Instagram engagement bait

it just seems kind of riduculous kind of like that video

not that hackers didn't use irc ever it's jus the way they describe it lol

Nahh, then it'll turn out that hacking isn't as exciting as in movies

No way

Have you ever read the comments under any hacking-related ig reel ?

Yes

It's insane

iv'e never been on istagram

instagram

Good

It's hellish

someone i know sends me facebook posts all the time and i pretend i can't load them

i just don't want their cookies in my browser lol

I have a family member that will send me similar things

I just give em a 👍 every now and then

that's nice of you

My guilty pleasure is reading comments on Facebook from russian bots - I can learn so many new things about myself and many other things that's insane

I always just wonder "should I try to correct that person?"

There's no point

It's either engagement bait, or someone is just trying to look cool

do facbook beacons still track you all over the internet ?

Probably

that's one reason i don't even want to load the page in my browser

i do have an android phone though so i shouldnt complain

i could use a incognito window or something probably but that's too much work

lol

or a browser profile just for facebook

I deactivated my facebook

i did too a long time ago

I have too much old crap posted there 😄

they doing a background check on me

easier than finding old crap 😄

Maybe they'll find it while doing the check lolz

Just post fake stuff

i don't want prospective employers analyzing my social media either

I post on random city subreddits lmao

i do have reddit but its a lot harder to find

Someone got mad at me and tried to check my post history, thought they were all smart by referencing a city I've never been to, but post on the subreddit for shits and giggles

reminds me of fuzzers that generate random browsing dta

if its not theyre they cant see it 😄

but they might have access tho

its the govt

Who knows, they might not find anything under all the smoke from the money they set on fire

Guys I need help

someone hacked your roblox

or a phone

No what it is this

Sometimes security policies can't be followed because of business needs. What avenue does a security engineer have to fulfil business needs in these cases?

mitigation

I mean I need answer

Like NIS2 or ISO27001?

That's just a guess.

What room are you doing?

the engineer will make the board understand the policies and the need

Security engineer intro

Mmm

oh maybe exceptions

hahaha I got it right from guessing.

Risk acceptance would make sense as an answer too, i guess

That would have been my 3rd guess.

Is also wrong

No is wrong

which 1 is wrong?

All of the answer

"Sometimes, a need arises for granting exceptions to the security policies due to business needs. In such scenarios, the security engineer consults the security principles to allow or deny exceptions and suggest mitigating steps to minimize risks. "

Read through that and it'll make sense.

It really makes sense buh am doing tryhack me security engineer intro have triad all ur answers buh they are still saying is wrong

make sure you're spelling - exceptions - right. I double checked my notes here.

Thx man

np

Really appreciate u saved me

@narrow yew you’re a sec eng right

nonono not that cool

Oh ok

Nvm then

I am what do you need help with?

You know how many meetings they have to do 😄

meetings all the time. I can agree.

Jw what should I study up on to prepare while I’m getting IT exp

Like should I really harp on pen testing and defense or more like sys admin

I originally planned on using analyst role to pivot there but that’s not really an option rn

depends - a lot of places want a combination of cloud and defense, but for specific tools.

But you can focus on firewalls, proxy and IPS/IDS rules, SIEM tuning etc.

and some want passwordless and zero trust and you need to have everything talking

XDRs and SIEM galore

throw some XOR in there 😄

What exp did you have beforehand? Just curious

First IT job I got was at Cisco as a QA Tester on 1 of their AI tooling projects.

So you came from programming side?

I know a few languages, but it wasn't programming focused.

pretty much we were told to use the AI "chat bot" for a better word for different industries like finance, tech, bio, manufacturing, etc.

https://tenor.com/view/steve-harrington-stranger-things-stare-funny-captions-gif-15691791425466219653

It would then corollate the info you feed it and train off that data. So take finance, since that was what my case study was on.

Gotcha

Pretty nifty

just finished this one, fun room indeed

https://tenor.com/view/thumbs-up-dance-happy-rooster-gif-12552254

You can really tell it to exchange dollars to euros with a hard-coded number, so you would have to teach it how to get the real-time conversion from a currency trading system.

is it a practice room or ?

challenge room

and document on how you taught it to do things. So a lot of reporting.

arl

who is actuall ylearning html css js and python and php and rust ?

and react and go ?

node js

so basically you were training models?

in the simplest sense

From there I got laidoff with 6k other employees.

🙁

that's the tech industry i hear

you get kicked by ai ?

yeah, I wasn't doing the taxonomy that was left to the computer scientists to build.

No I didn't get kicked out because of AI. This was when it was illegal to train AI on copyright material. Not like today.

From there my manager at Cisco was apart of another AI startup that was involved in education. So using chat bots for education - pre-ChatGPT.

We mostly taught IT certs like CCNA, Sec+, Cloud, Salesforce, and other stuff like accounting with the use of AI.

At that time, we were using it as a glossary of terms you could lookup and create your own practice test from the teaching material that was uploaded to it.

i knew chat bots existed back then but that still seems really cool despite not being a modern LLM

again, sorry to hear you got laid off tho

Anyone willing to test something for me? (Preview for a project)

We were using IBM Watson, which "was" a major player in the AI race and we were funded through IBM, so we had access to build our chatbot on their cloud platform.

I mean i don't mind

dkob

I got over it by getting a new job immediately, so that's how you handle a layoff. But I was pretty butthurt at first cuz I just moved from the East Coast to San Jose for the job.

Yeah that makes sense. How you enjoying SecEng so far?

I was asking about SecEng because I'm kinda undecided what I want to really aim for in cybersec. I know I want to configure systems and prevent attacks, but I'm not rly interested in cyber analyst, net sec, and some other things.

I was kinda in between aiming for SecEng or DevSecOps (I would say I like programming too) so I was wondering what you think

like IT it can be a lot of trial and error to get things working correct. you can fat finger a firewall rule and break things or DOS the network running a vulnerability scan.

If you like programming then you can do both, but you'll probably shift towards DevSecOps.

You'll still carry over the security principles that you learned, but implement them into an application or code.

Ah thanks

I appreciate it

I still gotta figure out how to get there

np

But that depends more on what comes up

I been applying to analyst positions to pivot but I'm not going to be focusing on that anymore. Probably up my applications toward sysadmin

I would apply to become a SWE since that would help with DevOps but I don't have the resume for that

I got thrusted into sec engineering as an sec analysis cuz my client was retooling their whole security stack, so I was open to the opportunity to learn.

You're still in school right? doing a cyber security degree?

No i graduated

Was that something you wanted?

if i cancel my subscrtiption do i still get to use premium

Until it expires

I think

u sure? not trying to risk a year

Read the terms

No im not sure

NO not at all. I was so against it. 1. I was getting paid shit to everyone around me, so no pay raise. 2. more responsibility 3. on-call 24/7.

For sec eng? That’s insane

I was still under the title of "IT Associate", not even soc analyst L1 then.

Yo chat technically how deep can someone hack just by knowing my real Gmail or phone number

i mean they can do OSINT and find out more, you gotta figure that out for yourself

or social engineering if they can trick you

What the fuk is OSINT

Sos no one can get in my phone even if they have my number and gmail

yeah I got worked to the bone and can say it was traumatizing, but I look back and think of all the cool stuff I learned, all the technology got to to play with, and it was exciting vs building out an chatbot, teaching the bot, and sitting with hopeful investors.

Just Google yourself and see what comes up lol

hey at least it's paying off now right? 🙂

they came at last

Jack shit

Congratulations

you're safe

Here its a yes and a no

The police and the FBI can still track you down easily so don't do whatever you have planned.

Well I haven't done anything it's some other bs

they have your phone number and access to your gmail ,lets imagine that.
So what can they do, oh you have your gmail connected to your apple ID as backup.

get the ball rolling here

I figured it was you accidentally gave out some info

Also WHAT DO YOU THINK I AM THAT THE FBI HAS TO TRACK ME

what do you think happens next

Yeah the new job is nice, same with the pay.

Why are you shouting for no reason to randos on the internet?

Idk you tell me

you forgot to put MFA on your apple ID but login trickers a ping on your phone.

you are just used to see them because you log in every now and then and do not think twice, you accept it

the police and the fbi show up at your door. I'm too lazy to walk over there and knock.

then they now have access

Mf I got android

this cutiepie

you just want to hug him

😊

Then you're already tracked... RUN!

Android is even worse

Mate idc about tracking can some dude access my gallery messages or some camera

Bs

if you dont care

Idc if someone knows my location not the others

It is quite easy to keep the phone safe from most things

Mr. IDC yes the police can subpoena your account info and get access if they really wanted to.

NOT THE POPOS MAN OTHER POEPLE 😭

Like what about front camera can that be hacked

That depends on you

The answer is all the same if anyone wants in, they'll find a way in.

Jesus christ you must be a genius

No its logic

who the fuck are you?

https://klipy.com/gifs/kiashyy-made-by-kiashyy-1

you just got here

he's friday night fun

Oh yes ill put my surname and second name right mr curious

What are you talking about??

But to make your mind at ease. No they can not look at your camera thru you gmail.

But they can easily make you install a 3rd party apk file

here is where the table turns

How the fuck can they do that

free robox download

Why do you wanna know who I am

Sooo if they send me a link and I click it

Then they get access

naa but almost

you still need to do things

Cuz you strolled up in this mofo like you some badass or something then start talking shit to everyone. You don't know shit and then when people tell you, you argue.

but there can be a autmated download from that link, sure

but it needs to be ran

someone might as well do it borrowing your phone

I'm not talking dhit nor arguing wer just talking😭

Idk the way I type might look aggressive but im chill

Like I said don't do illegal things and don't worry if people are watching, cuz they are...

You need to present less agressive and more chill

He at least googled some

How is that talking shit or being agressice

since his username is Kali

and not brandon19

cuz 19 is too old for him.

Boy am i sleeping nice tn

I am beeing kind

If we go below 17 snowie will awaken

lol

Awaken to what

😭

Splunk hasn't loaded yet

splunk and elastic hasn't been loading for me either.

Im off too bed gents, cya tomorrow

oh really??? I just launched this machine, i figured i have to wait 5 min

night math, take care dude

Goodnight Moon

Jesus can't even sell weed these days other traders have started hacking phones for info on your shit

yeah I wait 5 minutes and I still can't get to the login, but I think it has something to do with my pihole.

At least the cops just shut down your account

Dis some bullshit

Im today years old when i found out searching a font applys it for the current search page

the hell

😭

My splunk loaded. Now I just need to find What is the full path to the malware that performed the Discovery?

Anybody down to try something for me? (PC)

install Graphana

I have to finish Task 8 of first shift

what is the IP

elaborate

we start huff and puff

oh yeah I'll help out DKob

8 more questions to go

9

DM!

My work sent an email to all employees regarding cyber training for each team (for general stuff people should know) and said if anyone had questions to email them so I emailed them and asked them a question about using the MITRE ATT&CK

I always ask about if the training will teach mitre and most will say no.

I'll see what they say. I know they use MITRE

and if not then ill just start reaching out the the people I know in Cyber

The people I emailed are higher up on the chain lol

They gonna be like wtf is this network engineer asking about

The way I see it, CyberSecurity in a company has 2 jobs

1. Prevent the company from being hacked
2. Try as hard as possible to make everyones job more difficult.

Ok so

THM removed dates from rooms

So for the longest of times

I couldn't know if I was studying old or new content

or how outdated it was

Feedback is welcome.

Interesting. I've always sorted by newest so i can knock out the oldest first.

There is no dates, but at leaast there is a sort

Now there is.

Whenever you open a room that you find interesting, you can see its exact date.

where did you extract it from?

Gotta read the code to discover. 👁️

Fully open source. Might expand the tool to send notifications for new rooms as soon as they drop etc.

A full THM tool, in your browser.

oh look , it already has a star 😛

Took 9 hours to polish.

nice yeah i've seen a lot of people asking if certain rooms are closed/ outdated cuz they can't get in.

I was working on one yesterday "Looking Glass" thats completely broken. sudo doesn't work, yet the writeups all did sudo reboot

Thanks @gusty inlet 🤙🏼

Gave +1 Rep to @gusty inlet (current: #25 - 459)

That's why I like writeups because you never know if the room is broke and shouldnt waste too much time on one room

I can publish it on chrome store! But I'd have to pay 5 bucks lol... only for chrome.

I'd rather have it open source and you guys can load it yourself.

https://tryhackme.com/api/v2/rooms/details?roomCode=${roomCode}

nice

https://klipy.com/gifs/yeah-budy-ronnie-coleman-1

Poor Ronnie dude was a savage

are you wanting feedback from everyone or just someone

depends, is it good feedback? lol

j/k

idk i haven't tried whatever it is yet

i just now sat down at my PC

Everyone is welcome.

meepy moopy meep moop to beep boop for sleep sloops times

it'd be cool if you added a button here to pop up the window

but i like it

Goodnight Moon Shadow

I definitely can do that, however, I don't wanna be near any kind of THM ToS breaking.

Who here knows splunk well?

I'm trying to use regex pattern and it doesn't return the desired results.
index=* C:\\Windows\\system32\\..... produces nothing while index=* C:\\Windows\\system32 produces 2469 events including C:\Windows\system32\svchost.exe which should have matched unless I need a * at the end of my query

nope, even with the * .. nada

dkob don't you have a splunk cert?

lol

DKOB only lists the certs he doesn't have because its quicker

See 3.2

[You are prohibited from:] employing any automated or programmatic method to extract data or output from the Website, including scraping, web harvesting, or web data extraction.
See 5.2.25
[As a User of the Website, you agree and undertake not to:] Make any modification, adaptation, improvement, enhancement, translation, or derivative work from the application.
These are the only applicable items under the ToS as available here: https://tryhackme.com/legal/terms-of-use
I believe I read exceptions are okay with approval.

Yes btw I read the ToS for you

i think you have to further filter down by field

not by generic search

SIEM filtering like KQL and SPL are so weird to me

https://tenor.com/view/su-57-funny-aviation-is-for-you-meme-gif-18279334555103731554

Trade offer. I give you 1 AIM-9X you give me 1 F-16E

ok im checking the docs

In my use of splunk it's always the regex that's wrong.

https://regex101.com/ game changer

I have no problem with Python regex and perl regex

i love regex

regex changes across things

like c++ regex might differ from js regex vs linux regex

yeah, pita lol

Would 3.2 break ToS in my tool u think?

Why not just ask ben

unfortunately i'm not a lawyer 🙁 i think you should straight up just ask someone on staff or legal

you can argue for or against it with how it's worded

Yup! Will see.

Best of luck

Data is already sent to browser, I'm just reading it.

Well time to sleep.

https://klipy.com/gifs/good-night-chat

Counter Offer - I give you nuke, your country no longer exists lol

MY COUNTRY IS YOUR COUNTRY

FULL SEND IT 🚀🚀🚀

FUCK YAH!

https://tenor.com/view/nuke-press-button-gif-14853646

That’s the Diet Coke button

Shit

Y'all want some diet coke? I now have 10,000 diet cokes

Yeah I'll have one

Good morning

Oh shit yeah, I will have one

Sorry, we ran out, we have this though:

I hope you got some for me as well

Or do you wanty some Freedom Fuel?

Oh yah, I got a 12 pack sitting on the shelf lol

BRCC has done some sketchy stuff

That’s more like it.

But their coffee still good

Oh?

https://tenor.com/view/the-lone-ranger-hi-yo-silver-hi-ho-silver-horse-rearing-gif-13879261716339155132

rip trydateme

Excuse me? That’s real?!

Yeah like allegedly donate millions to Clinton (iirc?) despite their customers obviously not supporting that side

Damn it @lone thistle Why'd you end this?!

Ahhhhhhhhhh, I mean, still veteran owned/ founded. Still support em

You will never get banned for using it, it literally doesn't even interact with the website in a bad way. It reads data already sent to your browser.

But they're strict with their ToS to stop actual real harm.

Yeah fs as long as they aren’t screwing over other vets

For example, I could have injected DOM elements into the website to make it better.

Yeah @lone thistle it's all your fault.

Jesus Christ @lone thistle you failed us!

I'LL TAKE ALL 3

Yes.

HELL YEAH

It works well too

Beyond Black is good I think I've had it before

I think that's their dark roast?

I gotta train with my rifle more, get a better sling for it, right now it's single point. I don't have much gear, I got shooting gloves, prepping for my range day soon

Correct

What’s next? TryGhostMe? 🙁

Then yeah that was really good. I love dark roast

Hahaha I gotta move outta this state so I can do that too!

You def saw my rifle, right?

TryLeakMe
https://www.dragkob.com/articles/tryleakme-deanonymization/

Noooo

Wanna leak it?

You ready?

Yessss

That is a CLEANNN Scar

Can't tell what brand the pump is but also nice

Did any of guys completed the Reconnaissance Phase under incident handling with splunk in having issue while searching in splunk

That’s really informative… hey is there a way to get notifications when you post?

I also got a Eotech G43 3x Magnifier for the Scar too, $360 for it (New is $600-$700, with STS AND a unity mount, THAT new is $200. All that, for $360

Mossberg Maverick 88

I'm lookin for a new 9mm soon. On the fence about getting a Canik or a Shield 2

I got a discord you may like, up your alley to ask that question

👀

I rarely post so, I don't think so for now.

🔗 me

Wilco, dropping in 1 mike

rgr thx

Payload has been dropped

You said gn chat why you still here 😠

go bed mister

I'm in bed.

https://tenor.com/view/bearded-dragon-googly-eyes-gif-6523742490147640179

I will hack your fucking Toaster, Kob. GO TO BED

Yi

Hi

fellow SCAR enjoyer

https://tenor.com/view/2-gif-7749019966943875056

I just woke up and I'm going back to sleep lol

Do you eat adderall daily?

you are always so hyper

I wish I would have been off when you were here but I had just joined here lol

you going to defcon this year?

why the feck aint nobody done said much in the past hour... ahh its friday

back to a regular friday, but last friay was poppin ... or was it the friday before? idk anyhow this ctf sucks

haha now you sound like youre on adderall

I was just thinking the same thing

you still grinding thm?

yeah, tonight i am.. want to finish first shift ctf

tried looking for writeup but they on medium and blocked so griding for the impossible answers that aren't even there in the logs

I downloaded the whole log to csv and used python regex to search for answers

they aren't there!!!!!

oh damn

Sometimes it is about patience if you have to extract 24 parts of the powershell script from the Splunk logs, base64 decode the payload within, deobfuscate it by xoring each byte with 35, calculate MD5 for the reverse shell and voila, Virus Total says it's ....

thats from linkedin regarding this task

How do you extract parts of apowershell script from splunk??

no idea. i can barely even understand the question

Since I am still in the pre req part of the cyber security path way. What practice rooms would you recommend or should I just wait till I'm further along to fully understand

how do I know if I won the giveaway for cyber 101?

One way.......

and I do NOT suggest it...

but one way is to get into an accident and get in a coma for three months and when you wake up you will know

That's wild lol

I didn't know there was a giveway

a bit heheheh

Hello

How skittles

Hi *

Hi skittles, did you do first shift?

Would you recommend first shift to newbies like me ?.lol

No

There's some recommended prerequisites

For ctf?

def not

it's labeld medium but very hard for me

For first shift yeah

For Newbie .... Pre-Security .. Cyber 101 .. First red path section ... THEN try an EASY ctf

but at the end of cyber sec 101 you will do a ctf that is fun

pickle rick

That's the path way I'm on

You will spend about 2-3 months depending on how hard you go

i do hours a day at times

Oops I didn't mean to tag you silastic

took a couple months off where i jsut did a little

but i have a 210day streak 😄

im stuck on the last question of operation slither

😔

Im currently on linux module 4 of the pre req

You're all good

How cool is this ???? I exported the splunk to CSV .......

Lol nice

I'll be honest though I feel a little overwhelmed with trying to remember the commands so far lol

One way to do it I suppose

I have a python script parse it and use a regex to match the question format

but get ZERO results

this is BS

You get used to it. I recommend using Linux in a virtual machine and just repeating commands to get them memorized

if you guys dont know

wait till you see how I pull out the fields on linux command line.

I am going to start parsing it now, but the csv has like 80 columns

If I were a massochist I would open it in Excel

Grep | sed | awk | sort | wc | uniq | cut are all super useful commands

I have a website that was recommended saved with all the commands

Glad to see someone else who appreciates those commands

searching in linux is always WAY faster than a stupid database

Mmhm

click ... wait for spinning wheel ... wtf

i get instant results with grep 🙂

he wrote cut too

This is just the list of columns

imagine opening in excel LOL

In my latest blog post I recommend taking time to practice commands like grep, even if you can check the answers quickly, good to get into the habit

i thought the photo doesnt load until i zoomed in

I've been using grep awk sed for 25+ years

parsing firewall logs, email logs, etc

The three heroes of text manipulation

but python is pretty awesome... i just wrote this real quick

import csv

tasks = []

with open('bullshit.csv', 'r') as f:
    reader = csv.DictReader(f)
    for row in reader:
        if len(row['Task_Name']) > 0:
            if row['Task_Name'] not in tasks:
                print(row['Task_Name'])
                tasks.append(row['Task_Name'])

pulls all unique tasks out of the csv

the names

Yummy

im getting old and clicking the wrong shit lol

this took a while

I should have just started with that in the first place. This should be easier especially since there are 24 parts of a powershell script to assemble, whatever that means.

https://tenor.com/view/national-croissant-day-croissant-day-croissant-croissants-croissant-lover-gif-123438442875992505

i never really used github before so i had to figure out the ui

😔

boom .. got that answer .. 5 left

Find all the columns in the csv that have file in the name ...
head -1 bullshit.csv | sed 's/,/\n/g' | grep -i file

Export is my new fav button in splunk

Dont need to use the ui if you just learn git

https://tenor.com/view/roblox-mighty-omega-gif-22253898

I think i should go to hackerone for bug bounty for some money for premium in thm after i finished the free path

is the cybersecurity 101 certification worth it? could it replace security+ or any other entry level certifications?

i dont think the free path gives you enough pentesting knowledge to do bug bounty

Oh yea

What its mean to be compromised

mean your device penetrated by someone

What jf i want to say it in a professional way

To be "compromised" means to have one's safety, security is exposed to danger.

Thank u

Gave +1 Rep to @coarse karma (current: #3589 - 1)

Youll make more money working at McDonald's

No

In N Out Managers make bank around 95-140k

More than most people will see on hackerone

Just saw on X that THM offerinng 40% discount on SEC1 cert but I can only see 15% premium discount.

yup, heck they start at 17-24hr

i got 50%

that expired

now its only 15%

snooze .. lose .. hehe

it was only valid for 24 hrs

but it says offer ends on 2nd feb

oh my bad

idk then, im distracted lol

https://x.com/tryhackme/status/2017287027071258950?s=20

wait how

Insane sanein

i still have 2 dYAS LEFT

should i take cause i strted a weeksago?

if i were in your place i would surely.. it's a very good price.. there's no good industry certification that comes that cheap

https://tenor.com/view/good-deal-damn-good-deal-inglourious-basterds-gif-9641888780287763794

thanks

Gave +1 Rep to @pine tinsel (current: #585 - 13)

np!

https://tenor.com/view/standing-on-top-enlightened-enlightenment-windy-wind-gif-18416422945658579589

Greetings.....chat

How are y'all doing

67

oooh yeah

0x9

im so cool

Do you have dementia

Why

https://tenor.com/view/standing-on-top-enlightened-enlightenment-windy-wind-gif-18416422945658579589

How are y'all doing chat

Greetins

Ya always send same gif at same time and same message everyday

How much is the homework

Nothing

I am a bad boy 👿

Thos who nose💀 🥶 🔥

https://tenor.com/view/bad-boy-its-fun-to-do-bad-things-bad-things-gif-14349537

Short tarm vs long tarm pleashar

Thos who nose🔥 💀 🥶

I don't nose

U don nose!!??

I don't nose

I'm still in pegasi b btw

I can shoot you from here

So don't be disrespectful

yo i got premium idk how

wtf

i didnt do anything

for free

should check payment history

Bcs your THAT guy

I never got an email

I got a 3 month voucher

Hi

thats cool asf

hlo

I'll give you -70 dollars if you give me that account

-70

Dj alok

https://tenor.com/view/hoje-gif-19626407

WAIT

I WON

NO WAY

You won ?

What did you won?

3 month premium ?

and exam

it says I get a retake, doesnt this just mean I got 2 exams?

Nope, it just means that if you don't pass you can try one more time

Oh what exam you got ?

SAL1?

SEC1

i won the giveaway

How , when did they even gave away Sec1 👀

LinkedIn

From a youtuber ?

Oh

hey guys i was doing some questions related to misc and i got a attached file which was a qr code ,,, when we scanned , it gaves us a flag but the flag says this is not the flag ,,,, so what should we do now
the hint says
the qr code is valid but qr codes allw small errors

flag for?

What room?

yeah lol

not rooms tbh it's a challenge from my friend

How are we supposed to help you if it's a challenge from your friend

LMAO

Ask your friend for help

loll idk much about qr codes and if i dont i'm gonna get mocked and all

😄 i wish he did help anytime 😭

Get some better friends if they mock you for asking questions

but somebody wants to be good boy of their girl

.... Huh

wtf

https://giphy.com/gifs/side-eye-the-boys-smittymoocow-bXdUn1pnjcMpgKnaLk

he gave me the challenge we both entered and are exploring cybsersec and he comes yo can you solve this or no 🔮

ikrr

So say no

"Total sections in the exam : 7
Questions: 10 per section
Time: 30 or 45 or 60 minutes per section
Duration: 24 hours total; breaks allowed between sections.
Format: Fully hands-on, no multiple-choice questions
Prerequisites: None, but we recommend pre security and cyber security 101 learning paths
Requirements: You must have a valid ID/passport
Attempts: 1 free retake (further retakes cost $100)
Passing score: 455/700
Language: English"

"Requirements: You must have a valid ID/passport"

why do I need a valid ID/passport?

Greetings chat

https://tenor.com/view/standing-on-top-enlightened-enlightenment-windy-wind-gif-18416422945658579589

To verify your identity

he said no balls

😭

I dont have that

uhh

Then you can't take any exams

damn

I've taken a bunch of exams, they all require you to confirm your identity

oh

so I NEED one if i want to do ANY exam

An ID? Yeah

well?

what exams?

No. 1 balls

Comptia exams, Microsoft, ISC², TryHackMe

ID appress

oh

damn

well

idk how I feel about giving my ID to a company

what

If you ever want to earn certifications that's what you gotta do

How da heck you make a typo on a and o . Both are on the whole different sides of the keyboard bro😭

I said no. 1 balls