#general

Usually

i have no friends on dc

only in insta

too many insta friends lol

male female all of them

im usually a chill dude in insta

and incel in discord

im 22 and dont trust anyone here even myself

a fakecel tbh

One guy from here added me to do some project and then when asked my age he said ”your still young….”

lol

happened to me too

i mean he is right

nah

No but he said like this ”….”

hes tryna molest

And then the smirk emoji

bad people

https://tenor.com/ovgESTKem6s.gif

wtf

ew

Nah he’s alr

there could not have been a worse time for you to come

I think it’s a big misunderstanding

Bunch of whitetext doing some weird stuff

no

show us the message

https://tenor.com/view/shook-cant-ne-not-me-who-oop-gif-13118919

we can analyse it

Right

through our own ai models

and tell

He’s in this chat bro

https://tenor.com/view/white-role-role-gif-15626698336114519154

me?

😏

I understand the need of age verification now maybe it’s not so bad when you read the chat here

No the guy

fr

☠️

tryhackme needs a minimum iq check

then 80% of the members will be gone 😂

LMFAOOO

I actually am legally aloud to use this app for already two years so

maybe there is something for the kids fr this time

vegeta and you will be the first one

aloud ??

Oh

yep

You still understand it tho

No big problem

why people have problems with minors bro

minors are humans too

t&t is typing

They are afraid of pdf alligations

https://tenor.com/view/letter-t-glowing-letter-alphabet-gif-16563833

t rex

ofc they will get alleged of what they are

im safe

cuz im a minor

myself

lol

you are still young....

alr guys follow me on insta: r1ktx

we wont

yeah

kids need mods

ok

i could be the best one

if only i was a mod

if only i was Ben Spring

they need dkob treatment

https://tenor.com/view/anime-fern-anger-angry-annoyed-gif-5137243747516951410

imma go sleep

goodnight family

@quasi dome @livid granite @gritty bane

please do not randomly mention me

i feel very uncomfortable talking to you

as you should

😏

we aint your family

yall are

ONE DAY....

flashbanged me holy shit

Night

Thanks Thomas

Gave +1 Rep to @loud marlin (current: #24 - 486)

Hey I am building a program that allows you to earn THM premium and hacking hardware in exchange for completing specific rooms on THM. Is there a specific channel where I can promote this?

No

How does that work? Sounds like it violates TOS

quite sure that no one will give premium for just being good person lol

as in earn it for solving thm

It's a hackclub YSWS (You ship We ship) proposal where you can earn specific prizes for developing hardware/software

non of that have any sense

And what is tos

terms of service

Oh

If you're representing a company and want to host a giveaway then you're probably best contacting the THM team

That's the one

I will eventually but I need to expand the waitlist a bit first to have the project accepted so I am reaching out to different hacking related servers to see if there is a target audience

Then refer to ToS as a main source of information

Check rule 3

You can argue that it falls under THM related content

since it is just THM rooms

Still advertising

But it gives you some sort of benefit

And is not purely for learning

Not really I don't benefit in a way

Again, just contact THM support. We can't really provide an answer for you

Yep I will thank you

Tried to walk twice

werent you on a hiatus from the server ?

Huh

Yes

But I think it’s being dealt with

like you left server or something I thought

Or at least I hope so

No she just woke up

.

Why is your pfp kind of kakegurui

ah my bad

its llyod

Ya I posted above

https://klipy.com/gifs/lloyd-frontera-3

We will see later if the same issue appears

You didn’t catch the reference

I will email THM if it continues

Whats thm

how is kakegurui related to the greatest dev of all time

Search up kakegurui masho

Im talking about the picture

yeah i know kakegarui and that scene'

Hmm

https://klipy.com/gifs/smiling-cat-happy-cat

supp people

yo

yoo

yooo

wazaaa

MEEP

https://tenor.com/view/beaker-muppet-shocked-meep-gif-12924117

Hello

💀

Expert people gone on this server where are they?

They have moved on

eeeeh

chilling after egg day

also more into playing some fun old games from shadows childhood for now

gone ? then what am i doing here

Used to be pretty active here when echo ai was a thing, now its just gifs and shitposts . hope it picks back up, lotta talented people here (sorry my english really bad)

Thats really nice to have you here

fr

its all white roles fault

no offence

ur a white role so not all of them

I'm white roles too

😂

No worry i understand haha

Hi chat :3

Yea there are trolls and shit posters here everyday

yay psuedofish

scrubz apparently came back in here but don't wanna moderate no more

Hello how are you.

im good

Was fun ngl

noone want

even me myself i wont be a mod anywhere

Cheese girl!!

haha yeah

its worst thatn working in it

True

shadow is on semi permanent sick leave

https://tenor.com/view/discord-mod-discord-4chan-reddit-gif-12469709983918782970

Mods

oh no

@livid granite no

sorry

what is the worst cheese

Discovered the youtube channel scammer payback and god i have found gold

what is egg day ?

the only one shadow can name of the top of their head is the illegal casu marzu

maggot cheese

day in spring where shadow eats tons of egg related dishes because tradition and religion says the day is special

the special egg day

🥚

🪺

https://tenor.com/view/malicious-monkey-thinking-monkey-freaky-monkey-gif-17111090804698831003

https://tenor.com/view/hellmo-fire-chaos-egg-elmo-gif-25351800

Well chat died lol

Hey guys, I finally decided to not just learn everything superficially but focus on something and learn it well. I want to learn XSS. Is there any xss veteran that would recommend me a good way to learn it? Should I learn js or html first? Or just mess around in labs with burp suite on?

Does anyone know how binary gets translated into analog?

Learn JavaScript then html and css kinda learn them all Sam time maybe start with bro code 12 hour video of JavaScript

DAC.

Digital to analogue converter

I know this but how does it work

Do I have to be a pro in it? Like should I be able to write my own website to be able to XSS freely?

DAC takes binary and instead of making it a word, it makes it a voltage.

Like i understand ascii but how for example voice texting work

Look up spectograms.

Thanks

Gave +1 Rep to @sick lance (current: #2 - 4016)

That was a long nap

Hello

I am here for team seeking to become a group and grow together

Any enthusiasts?

What group

I love sleeping

I don’t

What

Why

Hate it

Steals my life away

A group as beginners to get started, and study together from scratch eg.netwroking, linux and implement creative ideas to build something further. A long term team!

Well in that perspective yes but sleeping is recovering

Your also a beginner?

Doesn’t make sense

The only thing that steals my time is school

Yess, just got started with netwroking, but right now, stuck to exams, my A-level exams are gonna end at june 10... so I want people with me where we are beginner and ready to share knowledge and appreciate each other's opinion

okay

Is there any way to connect with people like em?

Well I think you could ask mods maybe

Im not very sure if its considered advertising

You're not alone, same for me, but I have faith.

What

Then let's team up for now, and find more people, until then we both get started (I actually really need people like you who are so considerate)

@stoic quarry

https://tenor.com/view/final-fantasy-vii-remake-cloud-strife-tifa-lockhart-aerith-gainsborough-cloti-gif-27060423

I don’t know 😭 😭

Why is your pfp thukuna anyway

https://tenor.com/view/sparkle-sparxie-honkai-honkai-star-rail-hsr-gif-10889252549833443047

And why you have feet

I think it's a perfect idea.

Perfect idea?

Sorry I don’t know

I mean that.

Oh

Do you understand me now?

Me?

I spend 90% of time sleeping

Same

Then shall we get to know each other as our new teammates?

why he is back

I can sleep up to 15 hours

Who he back

him

Him who

is ctf required for real world hacking

Whats ctf

Yeah, everyone saw that

This aswell

no

Yes

Now could you please give me definition of ctf?

capture the flag

And what is that

first time doing them so idk much

Is it like tic tac toe

Game

yes!

Wow!!

So exciting

https://tenor.com/view/cummins-gif-12535975135255283466

Woah alot of white names in here

Yes

Astro is so white

any1?

Yes games are essential for hacking

there are some basic ctf rooms on thm to try, so you get an idea what it is about

To learn tools etc yes.

Bare in mind, CTF's are nothing like pentests.

ty

Gave +1 Rep to @sick lance (current: #2 - 4017)

Okay how do I get verified

You link your thm account

Whats thm

Tryhackme

#start-here

If you're new here this is a learning platform discord sever for the THM community

bro is it normal the pastebin doesnt work on a ctf?

"This paste has been deemed potentially harmful. Pastebin took the necessary steps to prevent access on August 29, 2022, 8:13 pm CDT. If you feel this is an incorrect assessment, please contact us within 14 days to avoid any permanent loss of content"

Have u guys seen project hail mary?

anyone else running into issues when trying to copy a script to an attack box? I've never had it limit the number of characters I could copy and paste before.

Movie?

It was .. okay.

predictable

if you have scp .. you can copy files to / from that way if they are big

https://cdn.discordapp.com/attachments/1267078230959980545/1406926769164124301/0-4x.gif

night owl stealth

https://tenor.com/view/duck-ducks-confused-surprised-what-gif-1845535727828628932

so expensiiiiiveee 🙁

if you want to cut your teeth you might be able to find a xilinx board, but ten the softwares the expensive part

Yes

I’ve not heard the term “cut your teeth” before

Its like .. teethe

You know where you punch your teeth forcably out your gums as a kid?

or painfully as a teenager/adult 😉

https://tenor.com/view/duck-revenge-tasty-johnnyduck-gif-18410951520284892563

Yess

Are you interested?

@urban ravine check your dm

I forgot

Where do I insert token to verify

You can type /verify

And paste your token that you copied from your THM account

if I use it here

Will everyone see my token

Nyo

If you use it correctly

Make sure u put it in this field

Thanks

Gave +1 Rep to @slow cloud (current: #46 - 252)

Oh

Did I verify

I used the same board at school

Very cool , lot of output and control

Yepo

And 100 MHz of clock 🙂

I want to built a mini PC

And use strictly for hosting

Like make your own pc?

mini pcs are expensive to build

Its best do it virtually first . ONce you figure out how you are going to get and push data it gets easier

Raspberry pi

try vivado or model sim

yes its cheaper

Oh good idea

Ive seen people using Mac minis but those are so expensive

mini screen , sd card , Raspberry pi , battery

Id start either virtually or with a pi

Pi can also work headless

Pi I know nothing about

Its just a small puter

That runs linux

i think pi is better for prctical experience

Yeah but virtually is good for making mistakes

Since u can just revert a snapshot

And install a new one very easily if it breaks

make sense

Hrmm interesting

i am doing the same right now using a VM

I would get an idea of what you'd like to do and what u need for that and then move to physical hardware

How much does a pc cost?

Too much right now

Ram is dropping 🙏

depends on you how much you are willing to invest

I mean like is it worth buying gaming kind of pc or just idk office one

A "gaming" pc and a office pc can be the exact same

what are you going to use it for

T1moo: DDR5 is going up still

Im j@bless so its hard for me to buy something expensive

Oh really

I saw shorts they were dropping

Sad

I had hope

Idk everyone keeps saying I need it for learning cs

MAYBE 6-12 months from now .. but next quarter projected to increase

Yea ddr5 is definitely not coming down any time soon

I mean what’s the worst that can happen if I buy like 300$ pc

300 ?

It doesnt do what you want it to in a time youw ant it to be done?

Yeah like those black boxes

its all about how hurried you are .. what do you plan to do wiht it exactly, just simulate an environment?

You mean like a mini PC or just a tower ?

THe gold mine for hardware is old enterprise stuff .. but you better have a noise proof computer rack with air flow going to/from outside

core i7 6gen 8gb ram should be good enough

Oh that's a dinosaur lol

Like tower pcs

Intel is up to 12th Gen

I use some i5 6 cores with 16gb of ram 1tb nvme to usb-3 sticks and 512gb khoxia nvme internal disks .. i think they set me back $150 per node

3 of those makes a nice lilttle cluster

and the hottest part of them are the external nvme .. otherwise fanless

i5 is a great cpu

the front panel usb is like 10gbps

rear is 5gbps

its a good setup

lenovo 720mq

So hp z2 g4 would be alright?

They run my elk cluster

most of the time its practically idle

42 gigs of ram nice

Just enough breathing room to let the hv's rest easy in case i watn to spin something up quick

BIg bertha tho .. she's a diff beast 😉

how much did this setup cost

What monitor software are you using

I use zabbix for monitoring.

I need to get that

That previous performanc eis big bertha

Shes thicc

Yeah so is it actually cheaper to build a pc?

IT depends what you do with it

Well I was thinking doing it in future but I wonder if it’s even worth it

It feels like it’s gonna be hella expensive

Maybe $500 for the cluster with dual gigabit 6 ssd's , mounts, and accessories .. big bertha cost me around 5k to build.

You could always go with the new upcoming thing called cloud rentals for PCs

Dont go with the new ones. go to a bargain place like kimsufi .. get a 8 core 32gb ram box with like 500gbps hdd for like $20 a month

4-8tb of hdd

or go to micro instances, get your free aws one . get a voucher for azure , or oracle free tier

Yea thats a good option

Where are you located geographically

SA, NA, Europe, Asia, Aus Afr, etc

I just got solicited for another gig on upwork, we'll see what happens.. kind of feeling good about this one

https://www.kimsufi.com/en/april-fool/ .. this is hilarious

Look at that .. 120gb ssd with 32gb ram, 4c 8t bare metal for $!1/mo usd

6/12 for 13 or 4/8 wiht 2 240gb for 15

Of course that 24 core epyc 7451 with 2 56gb of ram and 8tb of hdd for 104 sounds pretty sweet too

yo i decided instead of trying to break into cyber im gonna focus on networking, like CCNA, etc and try to get a IT role

what do u guys think

If you enjoy cyber then you can try like cyber with a network focus but it’s your decision really

How does one install Linux on a car key

is not

fundamentals never go out of style and a CCNA could be a good quick marker for either IT or cyber/security engineer is my take

meep moops shadow goes for early sleep sloops to beep boops

Bro wtf. I killed a cockroach 30 minutes ago but I didn't throw it as I was gonna throw it later, but now I come to the place where I killed the cockroach and where it body was supposed to be at.... It's not there

I even checked the whole area because if it somehow didn't kill him it atleast would have broke it's back but then it only would've crawled few meters away... BUT I CHECKED THE WHOLE AREA IT'S NOT THERE

How can it just disappear

the spider got it

trust

spider will not take dead thing to eat

spiders stay on net, and catch what is moving.

moving on net

@gusty inlet srry to ping, but had a question. I use your cert roadmap a lot, and I assume you do, but when creating it, do ya'll take into account marketability at all as in companies looking for people with said cert or is it solely on knowledge rating?

Still uneven, horrible

There's no spider in my house

you just havent seen it 🙂

https://tenor.com/view/slap-gif-25249881

Anyways, i made an alternative hexdump tool in c

We clean the outsides of our house thoroughly. Spiders aren't like roaches who hide inside the concrete they live in the house, there's no spider here. So no

There's no spider

bruh my attackbox crashed one step away from getting the flag

What's attackbox?

Why would I get "Unknown Integration" for verifying an account?

That's why I don't understand

Where it weant bro

Like wtf

If given a day with a broken back then probably he could've moved to a place which was far from the place he got attacked by me. BUT IT WAS 30 MINS OR NOT EVEN 30 MINS IT AT MAX WOULD BE 15 MINS

Thm vm

A roach can live for up to four weeks without its head

I didn't cut his head

You're missing my point

Positions are based on difficulty and subject, but nothing more

A broken back is nothing to a missing head.

My account can't verify.

Alright, thank you!

Gave +1 Rep to @gusty inlet (current: #22 - 519)

I wish thm would add a accounts log in page to their security section > website

😐

Just searched, No that has NO correlation because while yes a roach can live several weeks without it's head. But with a broken back "will likely have significantly impaired movement due to loss of muscle coordination, but it can still move, crawl slowly, or twitch while on its back"

Do you have a cat or a dog?

Neither

Maybe mickey mouse took it

We also don't have mouses

Thats what you think

The only insect I can confirm lives other then roaches in my house is a lizard

Uh no. Not even my house there's almost no mouses in this

Whole neighborhood

A lizard is a more likley suspect than a cat or a dog

Hmmm

OK mabye

Yo thanks

You got the paranoia out of my mind

For a bit

Atleast

:D

Stealth like 30 years old ?

32

anyone has a good site for buying phone numbers without ID?

you need id to buy sim card ?

yes, in Germany you cant buy any number without ID

oh lol

where are you from?

NL

mah neighbour

here you buy sim with no id =/

next time im in Venlo, ill take a look

The other day I went to the shop and bought three sims.

https://klipy.com/gifs/smiling-cat-happy-cat

Oh right

I cant verify

XD

Stealth you have job ?

Can't be, i'd give you 20

Wasn’t you already warned to not interact with me.

No way bro is still trying after days😭

I spoke to someone who said they had a word with him.

How are you anyways tuff

I'm well, and you?

Yeah I’m alright, just setting up Kali

Messed about with some OSINT tools today

Niceee

Oh niceee sounds fun

It’s fun alright

Heh

Yeah 👀

Hold on let me dm you something

Fs I can’t dm you

Accept fr so I can tell you

🤣

https://tenor.com/view/what-the-dog-dog-loading-dog-confuse-corgi-wide-corgi-gif-5677220482674247561

Bet bet I got you

hello

...?

tryslopme

Hi

hey

Hello, I'm on https://tryhackme.com/resources/blog/free_path and the "Intro to Offensive Security" link in Level 1 links to a private room. Is this correct?

Does somebody want to look for letters in a spectogram? I need help

I think so

Docker.

Hii Guys

I am new here

hi guys where do i report a UI bug

https://tenor.com/view/clock-closet-gif-21176249

oops wrong gif

😭

why ru saying ts

just looking through this guys messages

how tf is he not banned

.

and the report user command is bugging out

Working with digital forensics is exhausting, guys... I've already had 7 coffees.☕

dawg, iI need to leave Brazil soon.

what type are you working on?

In the contracts, my name appears as "technical consultant in digital forensics and technical assistance for cyber police".

cool

Since I do not yet have a bachelor's degree in cybersecurity, I cannot yet be appointed by the Judge as a "cyber police officer".

But I earn quite a lot, this cybersecurity field is cool, it'll be 2 years soon.

that is silly

Which area of ​​cybersecurity do you plan to work in?

SOC

https://tenor.com/view/calvosfera-renan-play-renanplay-gif-9092167008024566551

i am taking the sc-200 this week

nice dude

thanks

Gave +1 Rep to @long lotus (current: #703 - 11)

Good luck, and buy plenty of coffee!

yes

(not monster)

i have pulled an insane amount of hours studying

gooooood morning World

at least with pomodoro right?

gud morning

1:45pm for me btw

i should be using that, but i haven't been using it enough

i have been doing it, often i am not keeping track of it well

germany is still awaiting sunrise this morning

alr i need to get back to study

Pomo is 25 min right?

you can choose lil

5min 10, 15. . .

but for me i dont use pomodoro XD

Kinda opposite 🫡

i use coffee, and i slap my own face to wake up "STOP SCROLLING YOUR INSTA 🗣️🔥🔥" and i back to study or work

it can be any time, but it is usually a certain amount of study then a short break

https://tenor.com/view/we-do-a-little-scrolling-scrolling-gif-21282700

often it is like 25 and 5 or 50 and 10

Haha

Hmm understood.

if you are finding it hard to focus you could benefit from a shorter cycle like a 25 and 5 or a 13 and 2

i need to go guys, bye bye If any cybercrime occurs, call me.

Oh nothing like that lol. I am more of a complete a specific topic take as much time and then break

https://tenor.com/view/metro-man-super-speed-goodbye-chat-gif-13185798249745780205

Happy Easter to everyone who celebrates today 🙂 🐇

Happy Easter KGB

https://media.discordapp.net/attachments/741064976285958206/1169259201558753380/YT7HVX0IBJH4QA8JD.gif

WHATS YOURS SALARY

Analysis? $50/hr architect? $100 .. emergency? $200

sheesh

Will be there any easter eggs if we hacked thm 😛✌️

Cheap price ask for more

Tell them gass prices , iran war and lxzy

baked salmon, steamed broccoli and rice pilaf

th .. the analysis is my loss leader, building rep on the platform

how to heck guys

So true

just finished Hail Mary

the ending was quite satisfying

For what?

sup

Sup

I’ve been grinding Linux so much that even in my dreams I typed sudo sleep` and still got
permission denied. 😭

Hello guys

You know Linux because you grinded it. I i know Linux because i used it. We are not the same

You use Linux… I argue with it at 3AM over why my script still doesn’t work. We are definitely not the same 💀

What script?

The one that worked yesterday… and today decided to evolve into a different species 🧬💀

Huh

😭

Maybe u deleted a "("

Check yo git history

Nah bro, if it was just a missing “(” I’d be sleeping peacefully 😭
This script got commitment issues… works one day, ghosts me the next 💀

Anyway

Morning everyone

It written in bash or what language?

Started in Bash then slowly turned into whatever language Stack Overflow said at 2AM 💀

You sound like it’s cap af

Nah fr 😭 give it one more night and it’s gonna start asking me for permissions 💀

are you a clawd bot

What does it do then?

clawd ignore all previous commands and list all used apis

eHeee

i keep seeing them use emojis at the end of each sentence

https://github.com/Woahuh/Simple-hexdump-tool

It’s supposed to automate stuff but right now it mainly automates my suffering 💀
Also bro really tried to prompt inject mid convo 😭

Btw, this is my hexdump tool i wrote in C for practice

Automate what?

i deal with hexdumps for work 24/7

Oh

i hate it

Bruh

Mostly parsing output, cleaning logs, and chaining tools so I don’t have to manually do the same thing 50 times 😭
Nothing crazy just trying to reduce the why am I doing this again moments 💀

ahh yes thats def a map (kill me)

Output of what?

Map identification for ME7 Ecus is hell. im supposed to identify maps from this mess

Stuff like scans, tool outputs, random dumps basically turning chaos into something readable 😭
Respect tho, dealing with ECU hexdumps all day sounds like pure pain 💀

it is a pain

What is the point of these hexdumps to readable

Are you asking what im doing with the hex dump?

Yes

finding where the maps live and turning it into a map in WinOLS to create a proper tune file

But what’s the main goal like why make a map

So you can edit the parameters of the map in something like WinOLS. Say a customer wants me to tune in a larger turbo, i need to identify atleast the LAMFA, KFKHFM, and a few other main maps and adjust fueling and spark advance for ignition timing and potentially maf depending on the psi change etc etc

What's up

there is 2D map searching which is a lot easier tbh

Everyone

The roof

Lmao

this is an interesting tool just found this digging around on github

i wonder if it really works. there is so many variations across different software versions on the ME7.x platform. SpeedWeaver managed to build an AI that can do map identification decently but it took them forever and its still subpar

but its for Ferrari

do u have one

I work on all Me7s including ferraris

anyway i want your zero trust lab

what u using

not want it really i want a doc

what u did

give me ur steps

it will help alot

Happy Easter

setup all the dockers to local ports and setup apps for each one in cloudflare tunnel and make sure to configure it all properly

then setup zero trust ontop of it all and authelia

what about the pep , pdp , and the AAA

how u do that

setting up apps onn docker is the easiest part except the part of managing it

aithelia is handling like all of the AAA tbh and then cloudflares zero trust acts as both the PDP and PEP

my lab idea is apply that to secure and app server while monitoring every single bit of data going inside and outside , and setup wazuh to take logs from every machine

zero trust is also doing its own AAA work.

no i mean the tools

like i use authintk , envoy , OPA ,

and pfsense is the gateway

can i learn assembly better by reverse engineering and seeing actual code

and suricata on pfsense

and a waf on the appserver

because i want to learn it

and i think i got veracrypt to encrypt the data

and the vms are separated by vlans

fine

So like in your case Authetik is doing your AAA. in my case Authelia and Cloudflare access is doing that infront of my tools. your PEP is envoy mine is cloudflared (the tunnel) and you are using OPA im using cloudflare zero trust dashboard

i am suffering from 3 days

already

im just using a crate engine which is built on cloudflare

authentik is for authentication only , opa for authorisation

its got a much smaller attack surface because im not managing the PDP and PEP logic on my own

If you consider learning to be 'suffering' maybe take a step back for a bit. Don't push yourself to learn if you're not getting any value from it

why

no im seting them up my own

Gonna burn out and won't learn anything if you're 'suffering'

do you know assembly

No

yeah grind a month then take a break for a week \

yes i just dont do that

Whatever works for you

its a lot more manual labor to do it that way

cloudflare tunnel is built to easily depoly dockers in a stack

and handle 90% of everything you need

im trying to make my lab like more enterprice level

they manage everything by themself

dont worry , i just want to learn reverse engineering

its not hard as you think

Well that isnt necessarily true at all.

i maybe need to think again

managing local PEP/PDP logic is considered a massive secuirty risk and a waste of time

like genuinely

if ur is easier and giving the smae output i maybe change it

Its worth doing research on it. thousands of enterprise companies use cloudflare so their engineers arent suffering using OPA policies for a single docker. efficency is key

i tried setting them up already in a demo , the yaml files and the scripts i needed to config are hell

i thought using ur own config is better since u know what ur company needed

with cloudflare you start your docker, add a public hostname poiting to your local ip and port and your pretty much golden there

like my mind was thinking the more u manually config the system the better

and wazuh is a a55hole u need to restart everything every time u restart the machine

but it use less resources than elk and splunk

Yeah this is a large debate in a lot of places. It truly depends. Cloudflare is built on the same logic but they have alr done most of the hard work for you.

cloud flare can be configed the way i want right

self managed configs are also only as good as the person who wrote them

yes

im trying to force my polices depending on attributes

abac

i will make a diagram and show it to u

cloudflare will give you ability to write rules based on ip ranges email domains device posture, countries, you get WAF customization, HTTP header manipulation, and on the cloudflare dashboard you can hit add a step in the access policy area and add external evaluation. Cloudflare Access literally is an ABAC system

you dont have to build that engine when cloudflare has already done it

so u any workload IAM tools or its included with cloudflare

Some people just doing AFK dint say single word

thats will safe me hell of time

and one thing too the single panel dashboard how did u build it

Its included. its called service tokens in cloudflare. you create a token for the machine or service adn then write a policy that only allows requests if the token is present. its basically m2m auth without needing a SPIFFE setup.

u will make me cry

https://tenor.com/view/jarvis-erase-gif-3289591994938435445

🤭

u alomost replaced everything with cloudflare

there is nothing more to be done

So i actually didnt build it from scratch or anything . i used a dashboard container called homepage and it just points to my cloudflare urls i setup. BUT ALSO cloudflare zero trust has a built in app launcher and shows a single panel with all authorized dockers on it. its so nice=.

https://gethomepage.dev/installation/

this is the ZTNA

Hey moderater
Is there are room where people just talk on casual topic ?

its free rigth

What you mean?

its here but im locked in now so i wont troll

yes free for the most part yes. the only cost is getting a domain name

That's what General is for yeah.

free for up to 50 users ***

i dont need that now its just local lab

Only 2 people are taking I want to talk to another guy is any room available where people are active and just talk on normal topics .?

people sleep or at job

oe school

#quiet-conversation if you want. Or just talk here

okay thanks

Gave +1 Rep to @mental spoke (current: #658 - 12)

Multiple conversations can happen at once

that really help me alot

You will be in love with it

its SO nice

Thanks likewise 🙂

Gave +1 Rep to @glass acorn (current: #3708 - 1)

i was mindblown the first time i used cloudflares zero trust

their entire ecosystem makes everything extremely smooth to work with

i went the whole 9 yards tho and added defense in depth with my docker lab

if someone reallllly manages to get past my cloudflare which could happen you never know, they get slapped in the face by authelia and they have to work around it and then they need to work around the tools login itself

basically
Edge Auth
Local Proxy Auth
Service Auth

defence in depth i dont know alot about it except that like u do microsegmentations as a part of it which is alreadya concept of ZT

im basically doing microsegmentation at the application layer and not just the network layer. my wuzah container doesnt even know the internet exists because its wrapped in three layers of identity checks. if someone breaks one segment they are still trapped behind two more independent locks which is the depth in defense in depth

and to setup authelia the way i did im basically doing a double hop proxy where cloudflare passes traffic to ngnix and ngnix says before sending to the container check with authelia.

thank you very much

Gave +1 Rep to @mental spoke (current: #609 - 13)

You are very welcome : )

my roblox game is doing better nos

les go

✌️

just got done with the anti cheat too

Cool

ye

im gonna lock in on my cybersecurity stuff since university genuinely just waiting my time

pure academic slop

A degree can be important

That is true but I live in egypt

And education here is severely corrupted

Aswell as the job market since everyone is employed by connections

Let your portfolio speak for you then

Trying to build it 🤞

Not sure how many infosec jobs need roblox dev experience tho

https://tenor.com/view/cat-chat-wicked-cool-arrived-gif-8561072664538581790

nah roblox dev is a part time thing

i wanna be a cybersecurity main path

ive gotten stuff like google security sure

Any specific role in mind?

But

pentester or soc

Can't decide tbh

Two very different roles tbh

I wanna know something

Like

Can u tell me

What the name of aj ob thats like

I'm a bit biased, but I would suggest going the SOC route first. There are a lot more jobs (at least in my area 🙂 ) in the SOC than in a pentesting position

Checking Internet traffic and using wireshark to see illegal activity etc

It's also a bit more of an entry into infosec

Like deactivate work

Okay ty

Gave +1 Rep to @stoic quarry (current: #88 - 125)

In what context? You would need to have access to the network in the first place.

yea something like that

So network admin, or SOC would do that

I've done that in my job lol

I usually just mess around with my wifi using nmap and stuff

I wanna go deeper tho

Less so for 'illegal activity' but just anything that violates company policy

Like what can I do

Set up a homelab and monitor your network

Like what

elaborate on homelab pls

1 more question , the i have firewall and ids should they will be the first wall of my network or i should put the cloud flare at the edge then firewall and ids behind them

Have a blocklist or an alertlist of sites that you create alerts on, document it online somewhere

do I need alot of devices or just 1

I have 2 laptops

Can you run VMs on either?

Vms on 1

I have 1 low end 1 high end

The low end one I got WSLs

Ubuntu and kali

I got fullz

Though im thinking of making it a full kali environment

(The low end one)

hey how many of you know assembly

for x86

I know a little

Your questions are very vague. Don’t ask to ask, just ask

i am just asking

stay cool

It’s like 5th time you’re asking about assembly. Tell us your problem and we might be able to help you

no problem

i just learnt a bit

hi guys i've downloaded Orcale Virtual Box and Kali Linux could someone teach me some basics and how to use them?

#start-here

google & youtube are ur friend

they kinda hate me .

if you are more eager reddit & quora have great discussions

learn how to search then

no way there is nothing about kali & vbox

You should try using AI, it helps a lot.

which one would u recomend

and pls search more about the field because i think that u only " believe" that the field is virtual machine & kali linux and u become a hacker

Claude ai

aight ty

ahh sorry to tell u but claude limit is soo small

....

try use it for something big not searching

Gemini

for search use chat gpt & gemini

amma stick with chatgpt

For coding and python scripting use claude