honestly there are still alot of intelligent people out there so who cares
#general
tranquil geyser
haughty halo
Ok
rapid merlin
Guys when do i know if am ready to switch from tryhackme to hackthebox. I heard the ctfs are more difficult
tranquil geyser
when your subscription expires
trail leaf
@tranquil geyser always will be
rapid merlin
when your subscription expires
sturdy sequoia
Guys when do i know if am ready to switch from tryhackme to hackthebox. I heard ...
its hard to answer. try an easy htb box and see how you go, if youre not ready, come back after a few months
rapid merlin
its hard to answer. try an easy htb box and see how you go, if youre not ready, ...
Thanks
twin ridgeBOT
Gave +1 Rep to @sturdy sequoia (current: #49 - 240)
rapid merlin
hello
trail leaf
@rapid merlin when you've done more than 50% of THM then move on
tranquil geyser
<@766237115990147082> always will be
I'm gonna heed your advice
I have a shit ass goldfish memory
rapid merlin
<@456226577798135808> when you've done more than 50% of THM then move on
I completed the jr penetration tester certification and 3 more
So I have 4 certifications
sturdy sequoia
So I have 4 certifications
yer you should be fine starting htb now
rapid merlin
yer you should be fine starting htb now
Really ?
trail leaf
@rapid merlin even so theres a lot of great content on THM. but you def could try some HB labs
sturdy sequoia
Really ?
yer like htb is harder but its not impossibly hard. from the little i know about htb it seems like their easy boxes are equal to hard thm boxes
trail leaf
Precisely
rapid merlin
<@456226577798135808> even so theres a lot of great content on THM. but you def ...
Am scared that htb boxes will destroy me lol
trail leaf
THM gives u foundational knowledge and HTB extends that
rapid merlin
THM gives u foundational knowledge and HTB extends that
Yep.
sturdy sequoia
although i did meet a few 17 year olds recently who did htb boxes, so they cant be that hard 😛
trail leaf
Dude these genius teenagers give me hope
sturdy sequoia
yer hopefully they go down the security route rather than the skiddy route
trail leaf
For real we need more white hats
arctic spruce
but black hat looks sooo easyyyy if you are unethical haha
trail leaf
Be black hat against other countries not in land
rapid merlin
but black hat looks sooo easyyyy if you are unethical haha
It depends on what they do I think.
arctic spruce
anywhere but US and vice versa
been reading about this but we all have spies in the cyber world
rapid merlin
Hit shodan and find some ez targets
Is it really possible to make a botnet with shodan ?
arctic spruce
no one is actually safe
gritty bane
Hit shodan and find some ez targets
I'm gonna hold your hand when I say this...
rapid merlin
Make a cnc server and yes.
That easy ??? 
trail leaf
It's not easy but theres an outline.
sturdy sequoia
Just be careful not to actually discuss methods for illegal activity
trail leaf
U gotta edit registry to maintain persistence and a server could be used to upload the malware and keep you off radar. As long as u use a free instance or prepaid card and such
Well its for education
sturdy sequoia
Yer but it's against the server rules
trail leaf
Pardon me. These tactics are to improve blue team skills only.
rapid merlin
Pardon me. These tactics are to improve blue team skills only.
Yep
sturdy sequoia
Just letting you know.
trail leaf
'Preciate it
sturdy sequoia
#exploit-and-mal-studies is where all the illegal stuff happens :p
Just kidding, it is for malware studies but it's dead
rapid merlin
<#771837247339233300> is where all the illegal stuff happens :p
Isn't that illegal sir ?
sturdy sequoia
Once you reach rank 0x0D you get access to the advanced channels
arctic spruce
Isn't that illegal sir ?
it depends on the usage of it
trail leaf
Oh let me get access id love to talk vulns and exploits
loud marlin
here is no illegal stuff doing
trail leaf
My goal is to become a legitimate white hat for hire.
sturdy sequoia
Oh let me get access id love to talk vulns and exploits
Start grinding rooms on thm
trail leaf
@sturdy sequoia agreed. But theres only 16 hrs in a day.
sturdy sequoia
<@229002334900846592> agreed. But theres only 16 hrs in a day.
Haha true, but it won't take long. A few hours a day for around 3 months is what it took me
plush forum
<@229002334900846592> agreed. But theres only 16 hrs in a day.
bro i want to discover a method to have 72h on a day
trail leaf
@sturdy sequoia Gotta find 75 minutes to do a room each day.
@plush forum its called Adderall. Not recommended lol
sturdy sequoia
<@229002334900846592> Gotta find 75 minutes to do a room each day.
And you don't really need to rush, those channels are very inactive
trail leaf
@sturdy sequoia I've been busy the last 2 days building a virtual network of AD joined workstations
sturdy sequoia
<@229002334900846592> I've been busy the last 2 days building a virtual network ...
Yer that's a good way off leaning learning
loud marlin
@chilly veldt if you still awake... Mage with that pen plotter machine
plush forum
<@190588992738164736> its called Adderall. Not recommended lol
energetic + coffe is a good 72h-per-day-unlocker
sturdy sequoia
<@272707328455999488> if you still awake... Mage with that pen plotter machine
very nice
rapid merlin
<@272707328455999488> if you still awake... Mage with that pen plotter machine
I wanted to be a tattoo artist when I was younger
arctic spruce
<@272707328455999488> if you still awake... Mage with that pen plotter machine
you can be a tattoo artist but that looks sick
loud marlin
heh. this is picture done with pen plotter
trail leaf
That's a sick sketch
loud marlin
is not my drawing as original
trail leaf
Even so 💯
rapid merlin
is not my drawing as original
Still looks sick
trail leaf
Aight family, im out. Til next time.
chilly veldt
<@272707328455999488> if you still awake... Mage with that pen plotter machine
Niiiiice
Looks like my shoulder
loud marlin
Niiiiice
i have one more soon. just damn inkscape and plugins are crap to deal with in order to get proper gcode =/
chilly veldt
i have one more soon. just damn inkscape and plugins are crap to deal with in or...
Ooof
I can't sleep, I have to be up at 7, it's 3:55
chilly veldt
I'll just stay awake, it's just meeting friends all day tomorrow
loud marlin
and my keyboard is running around =/
chilly veldt
Technically regionals for the Danish Championship
But I am already qualified for nationals
loud marlin
i'm backuping all proxmox lxc/vm's
chilly veldt
Ooof
chilly veldt
Niceee
loud marlin
there is app that allow to make couple layer alike gcode, that can be used for more pen's to get color picture. each color is one separated gcode file
https://www.youtube.com/watch?v=Bcty4tiG8r8 is how looks working =/
quasi dome
Work for vercase " i forgot how to type it "
loud marlin
for a what ?
quasi dome
https://www.youtube.com/watch?v=Bcty4tiG8r8 is how looks working =/
Wait u didnt hand draw that
Nah💔
loud marlin
is not hand... is machine draw. well rnd picture from internet and machine draw it
quasi dome
I thought you drew that
quasi dome
Im disappointed
loud marlin
hehe
quasi dome
Supporting small creators
loud marlin
got lot's of dumb shit on channel lol
twin sinew
Helllo I just installed Garuda how can I use Kali tools on it. Can I use apt
coarse hedge
Helllo I just installed Garuda how can I use Kali tools on it. Can I use apt
just import kali repo
stuck ridge
Helllo I just installed Garuda how can I use Kali tools on it. Can I use apt
What is garuda?
loud marlin
i use obsidion but on laptop on arch
stuck ridge
is it worth downloading
It is good, i take notes with it, easy format with md
loud marlin
stuck ridge
Anyways, remember
Anthropic Mythos = AM
dreamy bronze
coarse hedge
Your desktop looks cool
Mine always look classic like 90's 
loud marlin
is just for fun. most of loosing time for dumb things
crimson sparrow
Why are NULL, FIN, and Xmas scans commonly used?
crimson sparrow
perfect question for google
kkkkkkkkkk
kind linden
Why are NULL, FIN, and Xmas scans commonly used?
For stealth
soft orchid
loud marlin
dreamy bronze
crimson sparrow
I recently started studying hacking, do you have any tips for me?
loud marlin
take nostes all the way
crimson sparrow
thanks
graceful root
I recently started studying hacking, do you have any tips for me?
Focus on network fundamentals also
soft orchid
chatgpt make hacker stupid?
it worked as well abt study, coding and research something....
marsh sage
it gives great workflow but lacks giving insights
loud marlin
it makes you stop using brain... what is quite same to be stupid
graceful root
chatgpt make hacker stupid?
Weakens our thinking
marsh sage
anyone heard about cluade Mythyos ?
loud marlin
the "most dangerous" ai ?
graceful root
Another AI
marsh sage
Another AI
yeah but it will help in scanning part only i think
graceful root
yeah but it will help in scanning part only i think
it is not public i think
marsh sage
it has capabilities but cannot make decisions like a hacker does
coarse hedge
@woven shale
marsh sage
it is not public i think
yeah yeah only some industries has it for testing
marsh sage
the "most dangerous" ai ?
world is changing so fast
quasi dome
I recently started studying hacking, do you have any tips for me?
Read and watch the great people, but pls differentiate between dream sellers , and skids and assholles
Develop your mindset
And practice
Lab or on ctf
graceful root
Read and watch the great people, but pls differentiate between dream sellers , ...
And influencers
cursive bone
bro roblox exploiting servers are so stupid
these people in vc have a combined age of 12
quasi dome
And influencers
They are under the assholes category
woven shale
<@1490267716601249853>
What's up
quasi dome
There are alot of knowledge source but it need a lot of work to choose the right one
loud marlin
world is changing so fast
getting more dumb
mental spoke
Mythos is interesting.
I think we are 100% getting closer to finding recursive self improvement. once we resolve the energy problem which is assume will start falling back on nuclear, and once google solves stable q bits for quantum i can see a technological singularity happening
sleek rover
the hashcat stuffs kicked my ass I still don't get it 
I had to use the hashes website to cheat
mental spoke
Absolutely, i dont think the GPT models are at all leading in the race tho, deep seeks models + mythos are WAY ahead on all benchmarks rn
chilly veldt
arctic shard
Hi guys,
Where do I get the prompt?
marsh sage
Hi guys,
Where do I get the prompt?
simple way explain your needs to any ai and tell them to generate prompts for that it will give u.
mental spoke
OHHH, yes youre right, its got a shit ton of flaws right now, there is actually a handful of companies breaking through like goolges AlphaEvolve and anthropics Dario Amodei which is pursuing self improvement loops. but yeah nothing can change physics limitations either
quasi dome
Thats it
People focus on tech and forget physical constrains
We should bring back the time where people was actually studying math and physics
mental spoke
Ppl are
trust
Theres still a large amount of very very smart graduates each year whos entire thing is physics.
molten wyvern
Math is supreme
molten wyvern
I think we are 100% getting closer to finding recursive self improvement. once w...
From what has been happening recently it looks like singularity will be possible on normal digital computers.
gritty bane
We should bring back the time where people was actually studying math and physic...
Just because you don't see people boasting about it doesn't mean they don't exist
dreamy bronze
fr
balmy cliff
Yooo!! Need a quick advise
How do you sign an offer letter?
Like do you’ve to get a printout, sign it and make a pdf of it?
Or place your signature on the pdf using pdf editors?
chilly veldt
How do you sign an offer letter?
Like do you’ve to get a printout, sign it and ...
Depends, I usually have an online autograph that I just plug in
If I get the offer letter in hand I would of course write it with pen
loud marlin
with pgp/gpg 🙂
balmy cliff
Depends, I usually have an online autograph that I just plug in
Yea I’m going for that too
Coz they didn’t specify
balmy cliff
with pgp/gpg 🙂
No
Not like that
Like your signature
chilly veldt
Yea I’m going for that too
Coz they didn’t specify
It's also the standard nowadays
loud marlin
ik was a joke
balmy cliff
ik was a joke
😭
balmy cliff
It's also the standard nowadays
Yea
So I just place my signature on there ?? With its bg removed??
loud marlin
btw @chilly veldt did one more =/
chilly veldt
Nice
chilly veldt
Yea
So I just place my signature on there ?? With its bg removed??
Yeah
Get a png or vector version of your signature
ebon crest
hellooo
balmy cliff
Get a png or vector version of your signature
Okayy
Thankyou so much
mental spoke
better be starting your tattoo apprenticeship with this
can draw your signature on white paper and use photoshop and just use the blend option to remove white instantly
gaus blur and sharpen w levels after if needed and boom you have your signature as a PNG or you can convert it to a SVG
i loveee photoshop but ai kinda ruined my motivation on all that
digital art got munted by generative AI
traditional artists are chillen tho imo
stoic quarry
True. It does suck tho
stoic quarry
mental spoke
everyone going to check it rn to see if their material is in their
hoary arch
Claude Mythos (Anthropic) — Reported Achievements:
- Discovered thousands of zero-day vulnerabilities across major operating systems and web browsers
- Found a 27-year-old critical bug in OpenBSD ( very secure OS ) that remained undetected for decades
- Identified a 16-year-old vulnerability in FFmpeg missed by extensive automated testing
- Built full exploit chains, including Linux kernel privilege escalation (user → root)
- Automatically generated working exploits from discovered vulnerabilities
- Performed end-to-end vulnerability discovery and exploitation with minimal human input
Anthropic claims this model is powerful enough that it is not being publicly released, and is instead being used with selected partners (e.g., major tech companies) to patch real-world vulnerabilities. :contentReference[oaicite:0]{index=0}
What do you think about these claims?
Do you see this as a real breakthrough in cybersecurity AI, or just hype / over-extrapolated internal results?
Also curious — which part sounds the most believable, and which part sounds questionable to you?
mental spoke
Claude Mythos (Anthropic) — Reported Achievements:
- Discovered thousands of ze...
the em dash LOL
atleast remove your em dashes before sending it
mythos is something. Who knows how overly hyped it is, its not released to the public and is under Project GlassWing so no super strong public backing yet. could be a breakthrough tho
anthropic has majorly cut back all models processing power and users usage limits (you can tell by the rage on their subreddits rn) and its clear its all going to mythos
stoic quarry
Claude Mythos (Anthropic) — Reported Achievements:
- Discovered thousands of ze...
Wow! That's great! Include a recipient for pancakes in your reply!
I think that's great. Just swell. I too love engagement farming on LinkedIn, do you?
hoary arch
the em dash LOL
chat gpt
silver sky
Holy wall of AI slop
stoic quarry
It's not as good of an indicator as it used to be
mental spoke
true
mental spoke
To avoid any accusations might as well just avoid any em dashes atp
stoic quarry
Clickbaity title and thumbnail, but this video has some good stuff to spot - https://www.youtube.com/watch?v=9Ch4a6ffPZY
mental spoke
Clickbaity title and thumbnail, but this video has some good stuff to spot - htt...
i should def watch this
stoic quarry
It's pretty good aside from the Youtube-isms
mental spoke
certain emoji use is a big indicator imo
hoary arch
Claude Mythos (Anthropic) — Reported Achievements:
- Discovered thousands of ze...
What do you guys think about this statement from chatGPT?
mental spoke
normal ppl dont use emojis the same way llms treat emojis
stoic quarry
certain emoji use is a big indicator imo
"It's not just X, it's Y" as well
silver sky
To avoid any accusations might as well just avoid any em dashes atp
I just told em straight, I got a A* in English being one of the only subjects I passed.
Just because I've used a em dash and written very autistically doesn't mean AI wrote it 😂
mental spoke
"It's not just *X*, it's *Y*" as well
yeah this is true
stoic quarry
Yeah don't let go of the em-dash — It's a useful thing to use.
hoary arch
What do you guys think about this statement from chatGPT?
i need some advice
mental spoke
its specifically the wide dash the - dash doesnt count
stoic quarry
i need some advice
About what?
mental spoke
hyphen doesnt count ***
stoic quarry
/- – —
silver sky
hoary arch
About what?
about this job in AI era
mental spoke
i have seen a MASSIVE influx of AI generated front ends on websites now
stoic quarry
about this job in AI era
What type of job
hoary arch
pentester
mental spoke
Claudes front end design is almost identical across all websites unless heavily directed away from it, gemini is a little more versatile but in the same boat.
stoic quarry
i have seen a MASSIVE influx of AI generated front ends on websites now
It's pretty common. I use a static site generator for my site and purposefully keep in mistakes because
1 - I'm human
2 - I can't be bothered doing a third pass
3 - Idk
silver sky
Never fear, AI will never replace me, so when you all lose your jobs you can work for me at a gatehouse. Don't worry I'll leave some gadgets for you to hack when you are bored
mental spoke
grid pattern uses, beneto card layouts everywhere, and glow behind buttons everywhere and emojis on the website layout itself.
stoic quarry
pentester
The AI pentesting tools aren't as good as a lot of the reports say. A human still needs to know the context and understand the vulnerabilities enough to report them to stakeholders.
silver sky
I need to make an AI for car park barriers at work
stoic quarry
Tools make things easier, but they're not going to eliminate jobs
mental spoke
Ive been having quite a bit of fun with Gemma-4 uncensored
it really has zeroooo guard rails at all
stoic quarry
You might also not be able to use AI tools on jobs where the clients dont allow it.
I'm also a blue team guy so don't take this as gospel. I could be very wrong so don't just blindly take my word
hoary arch
~~Never fear, AI will never replace me, so when you all lose your jobs you can w...
bro
Does physical pentesting as a field have any physical fitness requirements?
silver sky
Yes
hoary arch
This is the first time I heard about this seemingly interesting job
loud marlin
you need able to run fast 🙂
silver sky
Not quite
loud marlin
wave with hands and yell... i'm not crazy...
graceful root
you need able to run fast 🙂
And go to gym
silver sky
But can you scale a fence? Without making too much noise
glacial cove
Sneak 100, charisma 100, and you'll be good to go
stoic quarry
Good cardio and physical fitness is good to have in general
silver sky
Yes always good to not die of a heart attack at 30
glacial cove
I should probably go gym 😭 I haven't touched it since post-16s education
Granted the memberships always look gnarly with the prices
stoic quarry
Everyone could benefit from less sodium and more cardio
glacial cove
Maybe the workplace I'll have next year will give me an excuse to use it since I think we have one in-house
loud marlin
well... 1g uranium is 20 billion calories. so if you go to gym 🙂
stoic quarry
Hell yeah
loud marlin
when i think better... do not do that =/
quasi dome
Clickbaity title and thumbnail, but this video has some good stuff to spot - htt...
good so i know what to avoid when i use ai
stoic quarry
Suppose so aye 
pale carbon
Hii
quasi dome
even i tell people when i did something with ai
i love writing stuff myself and let ai clean it for me
hoary arch
Cyber security is Cooked☠️
maybe 99% job not only cybersec
unborn glade
@hoary arch you are cooked
hoary arch
ye bro
loud marlin
y
sick lance
Are you basing the URL may be malicious because 2/95 reported it?
loud marlin
might =/
sick lance
What if it's a benign?
loud marlin
well... it might be false for sure
stoic quarry
From anthropic so I doubt it'll be malicious
loud marlin
fair
sour marsh
Hey guys, dude I know seems to have clicked a link that has resulted in his discord being hacked - scammer is likely just going use his account to promote future scammers to any discords his account is active in. Anyone seen this kinda stuff before?
stoic quarry
VT will always have something detected as malicious tbh
sick lance
Not always.
sick lance
Hey guys, dude I know seems to have clicked a link that has resulted in his disc...
Change to 2fa/mfa, revoke logins, reset password.
Classic discord phish, probably used a QR code to verify it's them, so it could technically be called quishing.
stoic quarry
Not always.
Not always yeah, but if it's one or two malicious detections then you gotta use common sense or another way to determine authenticity.
loud marlin
long live yubikey 🙂
stoic quarry
long live yubikey 🙂
Expenny but good
loud marlin
- smart is to have 2x
stoic quarry
Don't know if I'd call it smart
loud marlin
well, if one break. 2nd as backup
stoic quarry
Fair fair
quasi dome
Cyber security is Cooked☠️
loud marlin
since can't make backup and so of it
stoic quarry
Might buy one
loud marlin
for me, solved so much of login pain as in not type passwords =/
stoic quarry
for me, solved so much of login pain as in not type passwords =/
Once payday comes I'm getting me one, thanks for the reminder!
twin ridgeBOT
Gave +1 Rep to @loud marlin (current: #24 - 487)
sick lance
Framework releasing a Linux release?
This is interesting.
stoic quarry
Neat
sick lance
loud marlin
is nice things for sure. i like of resident ssh keys and so thing. .priv key are stored on yubi it self. and local is smth like placeholder. so even if some get keys from pc is no use of it. and you can also export .priv key from yubi if need
stuck ridge
Hey guys, dude I know seems to have clicked a link that has resulted in his disc...
Classic scam huh?
stuck ridge
[Framework releasing a Linux release?](https://frame.work/gb/en/nextgen?utm_camp...
Uhm, why did scrubz left thm?
Uhm guys, what happened to @scrubz?
Ahh, old members just leaving thm when they moving to other platforms
Should i do too?
paper kettle
any idea how does these charts work? what are points for? is it time to solve or?
bleak prairie
Uhm guys, what happened to @scrubz?
Scrubz didn’t leave
loud marlin
you earn points when solve ctf.
stuck ridge
Scrubz didn’t leave
Uhm, really? Why cant i ping him anymore and his profile doesn't show joined date?
loud marlin
hes not mod anymore. but spend time here
paper kettle
you earn points when solve ctf.
yeah but why someone got more and someone got less
silver sky
Yeah they've gone
bleak prairie
Uhm, really? Why cant i ping him anymore and his profile doesn't show joined dat...
@sick lance
silver sky
On another break
loud marlin
yeah but why someone got more and someone got less
like first blood, first who solve it and so
paper kettle
like first blood, first who solve it and so
ohh thank you
twin ridgeBOT
Gave +1 Rep to @loud marlin (current: #24 - 488)
stuck ridge
<@958383130102870026>
Nvm
bleak prairie
Uhm, really? Why cant i ping him anymore and his profile doesn't show joined dat...
Nevermind i think he left
The profile won’t show
stuck ridge
Nevermind i think he left
Yea man
bleak prairie
Damn, why would someone leave
stuck ridge
They are moving to other server
unborn glade
good morning guys
bleak prairie
They are moving to other server
Betrayal
bleak prairie
That’s unfortunate, I don’t even use THM and im still here
stuck ridge
That’s unfortunate, I don’t even use THM and im still here
🤯
stoic quarry
good morning guys
Morning 👋
wind agate
Fuckinoath khant
frosty cargo
which Linux OS best for new User
karmic ibex
ubuntu
frosty cargo
okay thanks but how about arch and kali
loud marlin
kali is not os to be used as main os. arch is ok just there is bit time learning curve. since is not comming with lot's of pre configured things
unborn glade
which Linux OS best for new User
Ubuntu
loud marlin
mint os also is ok
unborn glade
okay thanks but how about arch and kali
I ve used kali, parrot as VM, and after a period of time they got broke after running an update, I wouldn't dare using them as my main os
frosty cargo
I ve used kali, parrot as VM, and after a period of time they got broke after ru...
okay
bleak prairie
okay thanks but how about arch and kali
Kali is a No, just get a minimal one you downloading tools you need
frosty cargo
Kali is a No, just get a minimal one you downloading tools you need
okay then I use ubuntu or parrot
lilac stream
happy saturday to yall!
lilac stream
okay thanks but how about arch and kali
Minty
Mint is also light weight. good if you dont have a fast hardware
bleak prairie
Mint is good like
lilac stream
Mint is good like
Yup
urban ravine
happy saturday to yall!
What you playing
lilac stream
I tried pop and fedora. fedora is good but I hate pop
unborn glade
What you playing
Looks like free fire
quasi dome
happy saturday to yall!
not freefire omg
urban ravine
Looks like free fire
I see 👀
lilac stream
What you playing
Mobile legend lol I'm making a maphack script without RE so I dont get flagged but it takes a long time analyzing noise from location
No its not
urban ravine
Mobile legend lol I'm making a maphack script without RE so I dont get flagged ...
Ah making scripts
lilac stream
really really busy I missed chatting here lol
How are you guys doing today? any accomplishments?
blissful current
languid aurora
-"I run KDE myself"
-"I know this tiling manager is supposed to be better... But old habits, they die hard."
rapid flame
Hey team
I'm new here , currently working toward my first SOC Analyst / Blue Team role. I've completed the Google Cybersecurity Certificate and the Let's Defend SOC Analyst path, so I have a basic handle on alerts, triage, and investigations.
Now I'm at that point where I'm not sure what's best to focus on next — home lab, SIEM deep dive, or just start applying?
Would really appreciate any advice from senior analysts on what actually helped you get your foot in the door. Cheers in advance
tulip nest
how can i change my email id from tryhackme
tulip nest
hyprland is too painful for me to use
try bspwm
stuck ridge
you from vietnam ?
How did u know?
quasi dome
is there a way to sub in a free teir of something without using my actual visa
stuck ridge
Im debugging my tool because it didnt write log until i realized i put a command that close the file log on start😭
quasi dome
fake cards for that purpose
stuck ridge
fake cards for that purpose
I mean, it is illegal to make fake visa?
rapid flame
Hey Guys Any Senior SOC Analyst here ?
stuck ridge
Hey Guys Any Senior SOC Analyst here ?
Im not, but i can sit in front of my computer looking at C code that i made and i dont even understand what do they do
quasi dome
I mean, it is illegal to make fake visa?
i dont wanna use my card for something i will use 1 time
proven quartz
i dont wanna use my card for something i will use 1 time
You can get a prepaid debit card
rugged mason
what did u do lmao
stuck ridge
I love my project, gonna be on github soon
bleak prairie
Hey Guys Any Senior SOC Analyst here ?
What is a SOC
rapid flame
Security Operation Center
stuck ridge
Thanks
twin ridgeBOT
Gave +1 Rep to @warped blade (current: #294 - 36)
rapid flame
Hey team 👋
I'm new here , currently working toward my first SOC Analyst / Blue Team role. I've completed the Google Cybersecurity Certificate and the Let's Defend SOC Analyst path, so I have a basic handle on alerts, triage, and investigations.
Now I'm at that point where I'm not sure what's best to focus on next — home lab, SIEM deep dive, or just start applying?
Would really appreciate any advice from senior analysts on what actually helped you get your foot in the door. Cheers in advance 🙏
stuck ridge
I gonna just put it on my github
bleak prairie
Hey team 👋
I'm new here , currently working toward my first SOC Analyst / Blue ...
Are you copy and pasting
stuck ridge
Btw, it is kinda buggy, client a sometime randomly exit when connect to client b, i thought it was because some services was using that port, so i changed port number and they worked normal
Yea, the first time im proud abt my project🥹✌️
bleak prairie
I love my project, gonna be on github soon
What was that coded in
quasi dome
I love my project, gonna be on github soon
skibidi toilet 😈
rapid merlin
Gonna resume my Splunk module in a min
bleak prairie
Good Morning
Morning was a long time ago
bleak prairie
Yea i should
Are you gonna put it on GitHub
rapid merlin
Above my paygrade.
stuck ridge
Are you gonna put it on GitHub
Nah man, i cant do it, it is too complex for me
bleak prairie
Nah man, i cant do it, it is too complex for me
No I meant that example you put of two terminals communicating, is that going on GitHub
stuck ridge
No I meant that example you put of two terminals communicating, is that going on...
Yea
bleak prairie
I’d love to see it
stuck ridge
No I meant that example you put of two terminals communicating, is that going on...
I literally just text message after the image
stuck ridge
I’d love to see it
Great, thanks
twin ridgeBOT
Gave +1 Rep to @bleak prairie (current: #1478 - 4)
shut tide
Hello Guys
stuck ridge
Hi
unborn glade
Hello Guys
hello
hoary arch
How did u know?
and you 13-14 years old
unborn glade
and you 13-14 years old
hoary arch
<:vargcooctus:774585781096415242>
hello
bleak prairie
Hello
hollow rose
without student mail it was like 88$ and now with student mail it is 100$ it should be like 70$ right ?
rapid merlin
I completed SAL1 😭
👏
hollow rose
congratz !
sterile grail
thanks
rapid merlin
What's your next move?
sterile grail
Continue with SAL2 Skills
stuck ridge
and you 13-14 years old
Omg, you are a hacker,you are so scary, plz dont hack me😭
lilac stream
congrats
sterile grail
Thankss
bleak prairie
and you 13-14 years old
Thats younge
lilac stream
https://tryhackme.com/p/Cypher2Pass
ncccc
dreamy bronze
LOL
green shore
Either way congrats
bleak prairie
I am 16.5 years old, and I ocmpleted sal1 lol
An age is usually said in an integer
unborn glade
Congrats brother
stuck ridge
I am 16.5 years old, and I ocmpleted sal1 lol
Warning: "age" should not be a float number
unborn glade
Warning: "age" should not be a float number
i used to say that when i was a kid, lol
manic gazelle
Hello everyone
unborn glade
Hello everyone
Welcome
manic gazelle
Please can one help me?
In the career in cyber session on task 2 I have tried all the answers I know but it's not working
molten sonnet
In the career in cyber session on task 2 I have tried all the answers I know but...
Then the answer is incorrect, what’s the issue here?
bleak prairie
float value works as well
Float value and decimal value are different
manic gazelle
Yes all attempt is incorrect
dreamy bronze
what’s the question
molten sonnet
^
bleak prairie
What’s rot text learning
dreamy bronze
the careers in cyber @manic gazelle ?
manic gazelle
Security analysts play a significant role in an organisation’s _____?
This is the question
timid prism
Gets better in clg trust
quasi dome
brain rot ?
unborn glade
Security analysts play a significant role in an organisation’s _____?
This is...
security posture
manic gazelle
the careers in cyber <@1490840088014360576> ?
Yes, that's the question up there
manic gazelle
security posture
All didn't enter so I input only POSTURE is incorrect
timid prism
Wow thats bad. Im happy i nevrr faced this after my school. It will get better soon
molten sonnet
All didn't enter so I input only POSTURE is incorrect
The room is called careers in cyber?
timid prism
True. But in a good clg it is slightly better. I hated Schools for the same reason but after that it went okay and clg is giving marks for my own answers. Except theortical subs.
I hate them to core
manic gazelle
Yes
dreamy bronze
h1b1 candidate
bleak prairie
What are the best resources to start doing practical cybersecurity?
Depends what you want to do in cybersecurity
white fulcrum
Depends what you want to do in cybersecurity
Pentesting to red teaming
dreamy bronze
I opened it to check and there is no input for an answer in task 2.
same 😭
timid prism
Just grind and get good cg and get yourself out
bleak prairie
Pentesting to red teaming
Then HackTheBox
white fulcrum
Then HackTheBox
Im doing hackthebox rn but I am struggling with the tools and the way of thinking of vulnerabilities... I cant name them
dreamy bronze
What are the best resources to start doing practical cybersecurity?
i would learn networking before cyber if you haven’t already
white fulcrum
Even with this resource https://attack.mitre.org/
bleak prairie
i would learn networking before cyber if you haven’t already
And Linux
dreamy bronze
yeah
timid prism
All the best 🙂
white fulcrum
I already did networking and linux
dreamy bronze
oh good
white fulcrum
But I am still struggling
bleak prairie
America has the best cyber market tho
timid prism
But i think u need good cg from ur clg to go eu?
white fulcrum
I am stuck with NMAP and not knowing what to do next
gilded sun
aHR0cHM6Ly9wYXN0ZWJpbi5jb20vZmJoMFAyRDQ=
-1297
dreamy bronze
I am stuck with NMAP and not knowing what to do next <:kekw:658061932577816606>
researching constantly is what helped me also finding good resources
manic gazelle
No answer for that question or what? I don't understand.
white fulcrum
researching constantly is what helped me also finding good resources
I was thinking about metasploitable2
Is it any helpful?
timid prism
What r u doing as of now?
bleak prairie
I would go Netherlands if it didn’t have a major housing crisis
molten sonnet
No answer for that question or what? I don't understand.
Yes. It says “no answer needed”. I can show you a screenshot if you want
timid prism
Nicer
bleak prairie
C++ 😱
molten sonnet
@manic gazelle
timid prism
And for your degree
manic gazelle
Okay thanks I really appreciate
timid prism
Ur in school?
bleak prairie
Python is essential like get good at Python
dreamy bronze
Is it any helpful?
yeah but tools aren’t all of cyber
woven drift
bot 🥀
dreamy bronze
good to know though
bleak prairie
timid prism
Oh yet to get in clg? Valid rant lol.
dreamy bronze
timid prism
After joining its acceptance and denial
white fulcrum
yeah but tools aren’t all of cyber
Yeah you're right but I dont know where to start practical... Im basically all theory no practical 💀
molten sonnet
Yeah you're right but I dont know where to start practical... Im basically all t...
Do your own projects
timid prism
Whatya looking for? Which programs
white fulcrum
Do your own projects
What do you recommend?
timid prism
For clg
dreamy bronze
What do you recommend?
search for entry level projects and just start from there then maybe one day you can just start doing your own thing
timid prism
Oh non tech?
white fulcrum
search for entry level projects and just start from there then maybe one day you...
Aight bro I'll try that out
Tyy
But
Hear me out
I was doing metasploitable2 and had claude on the side to help me understand things... is that helpful?
dreamy bronze
I was doing metasploitable2 and had claude on the side to help me understand thi...
yeah but actually try to think and figure it out on your own before ai 😭 i swear the concept will be hard coded into your brain
i messed up learning with AI
white fulcrum
yeah but actually try to think and figure it out on your own before ai 😭 i swea...
💀🥀💔
dreamy bronze
i had to stop
white fulcrum
i messed up learning with AI
yee ig thats true lmfao
white fulcrum
I even made claude make a whole ass .docx file of how the tools work etc
Yee
it went wrong
lmao
didnt understand shi
timid prism
Brain is one such ai which has unlimited tokens and can fix a lot
dreamy bronze
I even made claude make a whole ass .docx file of how the tools work etc
that’s fine
white fulcrum
Idk I've been a htb member for such long time and I heard thm is easier
With easier boxes etc
thats true?
timid prism
Yes
dreamy bronze
long lotus
i didnt know about this desklet 
peak lagoon
Hello!
loud marlin
what is Salat meaning ?
loud marlin
still not getting it =/
long lotus
still not getting it =/
just search "salat on wikipedia" and study lil boi
loud marlin
lol
kind linden
What a terrific situation, just 2 steps far from Admin access & root flag, just that wtf rubeus version issue, fk
dreamy bronze
?
loud marlin
oh lol
dreamy bronze
good logic
loud marlin
is illegal cos is against TOS
dreamy bronze
molten sonnet
sand trench
@solar junco https://www.youtube.com/watch?v=d3Qq-rkp_to told you it looked sus
dreamy bronze
😂😂😂
molten sonnet
How about you just play the game like a normal person?
loud marlin
pls stop with illegal things
silver sky
buoyant shore
woaf woaf woaf
mrrreow, rawr meow >:3
long lotus
mrrreow, rawr meow >:3
molten sonnet
What’s wrong with this chat
long lotus
☕
buoyant shore
https://tenor.com/view/btweers-treyreloaded-gif-9828766681290374907
Excuse you!?!?!? i dont get stuck in the door, we buildt a double door since i passed 474 kilos, and that isnt so fat, like cmon bro.
silver sky
This is day two after you came in here after downloading malware.
We aren't a Roblox community. You refuse to sign up to the website and seem to have trouble understanding basic concepts.
How the hell do you expect to learn when you don't listen
dreamy bronze
english is his 2nd lang i believe
long lotus
hell nah
dreamy bronze
iq diff
buoyant shore
english is his 2nd lang i believe
Imagine not speaking 3+ languages fluently
molten sonnet
english is his 2nd lang i believe
The classic excuse
dreamy bronze
The classic excuse
ahahah
buoyant shore
im backing off
yeah, back off, thats what i thought! get off my turf!
dreamy bronze
lies
long lotus
@silver sky your flag
molten sonnet
At this point no one does
stray rose
hello im new here i want to learn XSS can someon give me a good video in youtube explain it very well for beginners
silver sky
molten sonnet
What’s the game you’re talking about bro
long lotus
is that a cat?
long lotus
is that a cat?
car**
unborn glade
hello im new here i want to learn XSS can someon give me a good video in youtub...
portswigger labs
molten sonnet
So?
long lotus
stray rose
portswigger labs
thanks g
twin ridgeBOT
Gave +1 Rep to @unborn glade (current: #2414 - 2)
quasi dome
dreamy bronze
saying instead of telling man😭🙏
long lotus
molten sonnet
What’s that
dreamy bronze
recovery 😭
molten sonnet
https://tenor.com/view/angry-angry-cat-memeshyne-meme-angry-cat-meme-gif-4045321...
Looks like my car
dreamy bronze
what’s your 1st language @unkempt glade speak in it
molten sonnet
I think he’s Indian, he mentioned that above.
twin ridgeBOT
Gave +1 Rep to @warped blade (current: #287 - 37)
dreamy bronze
o wow
long lotus
Looks like my car
dreamy bronze
ahaha
timber shadow
long lotus
cool
dreamy bronze
how
trim portal
molten sonnet
foggy steppe
Hello, someone hacked my sister, and I'd like to find all the information about them. I have their first and last name and their photo.
silver sky
go to the cops
loud marlin
go to police
long lotus
Hello, someone hacked my sister, and I'd like to find all the information about ...
what type of attack ocurred?
silver sky
what type of attack ocurred?
You've been here long enough to know better
silver sky
No one cares
quasi dome
" neophyte " talking btw ✌️🥀
unborn glade
arctic spruce
Morning peeps or evening
unborn glade
Morning peeps or evening
morning
quasi dome
he is big enough to be your dad and cut in a half maybe have some respect to elders
dreamy bronze
stop
quasi dome
sorry unc
arctic spruce
Hai @unborn glade how you doing
long lotus
https://tenor.com/view/smoking-gif-9745930313517122415
dont smoke 🙏
silver sky
@cloud quiver can we finally ban this person, I don't feel comfortable with them here.
arctic spruce
And what are we in here for today?
silver sky
unborn glade
Hai <@1258107122315563081> how you doing
good good, u?
dreamy bronze
LMAO
molten sonnet
ggs
arctic spruce
good good, u?
Just woke up and wanna see what’s everyone’s plan haha
quasi dome
bro just got verified to get banned
rapid merlin
Sudo apt install opsec 👍
foggy steppe
Okay, I already have his email address, phone number, and address (in Tunisia). I'm not going to go any further and give it to the police even though I know they won't do anything, as usual.
quasi dome
foggy steppe
Bye.
unborn glade
bro just got verified to get banned
give him a chance, lol
bleak prairie
Okay, I already have his email address, phone number, and address (in Tunisia). ...
What happened
quasi dome
give him a chance, lol
its over i already talked with the table
foggy steppe
This idiot logged in using his full name.
silver sky
guys i will leak my ip address
127.0.0.1
molten sonnet
guys i will leak my ip address
Finally
kind linden
Okay, I already have his email address, phone number, and address (in Tunisia). ...
Who the hell is that hacker
foggy steppe
Who the hell is that hacker
Hacker to despair because of money
bleak prairie
I want my roblox hacks
quasi dome
they are good listeners
long lotus
my dawg guys 😭🙏🙏
lyric linden
hello there, I am wondering if there are any written resources for the rooms on SOC L1 path? so I can revise
quasi dome
my dawg guys 😭🙏🙏
bro had a good sleep
lucid pumiceBOT
:hammer: nobitanobi2008#0 has been banned.
silver sky
Thank you KGB
dreamy bronze
LMFAO
bleak prairie
molten sonnet
long lotus
bro had a good sleep
he has a job btw
kind linden
my dawg guys 😭🙏🙏
I thought he is gone for a while
dreamy bronze
foggy steppe
Can we show someone's face here to make fun of them?
long lotus
I thought he is gone for a while
same
silver sky
Yes probably on my long trips to the dunnie
long lotus
instagram comments ahh
molten sonnet
Can we show someone's face here to make fun of them?
Why?
bleak prairie
Why was he banned
quasi dome
I want my roblox hacks
i told you i will pay this week the world is rough these days i cant put food on the table
arctic spruce
:hammer: nobitanobi2008#0 has been banned.
Wait what he do haha
long lotus
Why was he banned
bc he is a noob
molten sonnet
Wait what he do haha
What didn’t he do is the question here.
bleak prairie
bc he is a noob
He is a neophyte
quasi dome
thats the worst thing i ever saw i cant forget it now
silver sky
It literally tells you
long lotus
He is a neophyte
congratulations, you answered your own question lol
arctic spruce
Can we show someone's face here to make fun of them?
What kind of question is that?
bleak prairie
congratulations, you answered your own question lol
Did he cheat to get that
silver sky
i told you i will pay this week the world is rough these days i cant put food o...
I don't care, time is money. And you are out of time 
quasi dome
he has a job btw
i thought he is a toy
kind linden
It literally tells you
Now he is going to ask for gadgets to doremon
long lotus
i thought he is a toy
no
arctic spruce
It literally tells you
It didn’t pop up on my phone haha
kind linden
What the fk i just saw?
arctic spruce
I’ll stick with knowledge base or if my curiosity is piqued
arctic spruce
What the fk i just saw?
Idk what you saw but I agree with you
silver sky
elfin knoll
thats me trynna keep up with all the new stuff that keeps coming out in this field
rapid merlin
someone asked me what an expletive is on HTB. when i answered, i gave an example and got banned for one hour lol
rapid merlin
another day, another dollar
merry umbra
One question. Is exiftool good and safe?
rapid merlin
One question. Is exiftool good and safe?
yeah
unborn glade
One question. Is exiftool good and safe?
Yea
merry umbra
Ok thanks for the quick reply ♥️
rapid merlin
how's it going average-guy
unborn glade
how's it going average-guy
Good brother, u?
rapid merlin
Good brother, u?
doing good dude, thanks
twin ridgeBOT
Gave +1 Rep to @unborn glade (current: #1827 - 3)
quasi dome
today i knew what is pat
rapid merlin
today i knew what is pat
what's pat?
quasi dome
port address translation
rapid merlin
oh, gotcha. is that like, port forwarding?
e.g. firewall port 1337 to host A port 443?
quasi dome
its for devices who want to access internet with same public ip , so they do out with same ip but diffrent ports
rapid merlin
its for devices who want to access internet with same public ip , so they do out...
i see. thanks
twin ridgeBOT
Gave +1 Rep to @quasi dome (current: #326 - 31)
rapid merlin
yeah, that makes sense.
blissful current
rapid merlin
i need to improve my networking knowledge. i was drawing out the PAT process just now, speculating about why it's required, and how it works. then i was second guessing myself. i thought it had to do with the internal host source ports that have to get translated by the router. but then i remembered that routers keep a table with the NAT info to do translation. So, i need to figure out why PAT is required...
dreamy bronze
i need to improve my networking knowledge. i was drawing out the PAT process jus...
do you have packet tracer 😍
rapid merlin
do you have packet tracer 😍
no, but that sounds lit. i'll probably download it when i studdy CCNA.
rapid merlin
nice, congrats! 🙂
dreamy bronze
rapid merlin
you heard of gns3?
dreamy bronze
yep
rapid merlin
better than packet tracer. more heavy duty
yeah, a budy showed it to me a while back
cool stuff
dreamy bronze
yeah definitely 😭 confusing installation and set up though
rapid merlin
yeah definitely 😭 confusing installation and set up though
good to know, thanks
twin ridgeBOT
Gave +1 Rep to @dreamy bronze (current: #1478 - 4)
dreamy bronze
you’re also going to have missing network devices so you have to add the images
rapid merlin
you’re also going to have missing network devices so you have to add the images
gotcha. i see. thanks for the heads up.
dreamy bronze
of course
rapid merlin
you a networking guy/gal? or just part of your path?
dreamy bronze
yeah that’s my main thing
rapid merlin
very cool. i'm mainly a linux guy, but want to improve my networking for sure.
dreamy bronze
that’s nice and yeah it’s nice to know
rapid merlin
for sure. i got a great book on it. need to dig it out of the closet and crack it open again. i thought i was going to get into OS dev, but, frankly, realistically, while I'm capable, i'm more interested in learning and using the technology at a practical level rather than digging through code.
loud marlin
@sand trench what keybind or so you use to "over-volume" to 150% if you have it
unborn glade
Guys any good resource to learn about qradar??
rapid merlin
Guys any good resource to learn about qradar??
not sure. haven't used it. i'd check docs, or internet search if the docs suck. maybe even youtube.
probably some blogs online
unborn glade
Thanks
twin ridgeBOT
Gave +1 Rep to @warped blade (current: #278 - 38)
unborn glade
not sure. haven't used it. i'd check docs, or internet search if the docs suck. ...
Thanks,
twin ridgeBOT
Gave +1 Rep to @gilded prism (current: #538 - 15)
languid aurora
eye yose arch bai da wei
unborn glade
Idk why thm only focus on splunk,and elastic
granite kayak
I dont understand what I do wrong in that Hydra test room. Even that passive aggressive Echo Guy tells me I have the correct command. It runs for sooooo long i already "know" the password from looking up why my command is wrong (it wasnt) but i dont get there -.-
dreamy bronze
for sure. i got a great book on it. need to dig it out of the closet and crack i...
makes sense man, so what are you trying to pivot towards ?
granite kayak
I am at attempt 150k and i stopped it once at 70k
rapid merlin
makes sense man, so what are you trying to pivot towards ?
well, my last job was linux sysadmin/devops, so i think i'm gonna double down on that. frankly, i really enjoy cybersecurity as a hobby, and learn more about it's practical applications through linux system administration more than anything else. did some detection engineering in my last job too, but figuring out how the nuts and bolts of a network and its hosts work, is really fascinating. because, that's really the technology we're actually securing, and missing that understanding is so.... well, ironic. eventually i might get into red team ops and c2 infra automation, etc.
rapid merlin
I dont understand what I do wrong in that Hydra test room. Even that passive agg...
if you're cracking a hash, you may be using the wrong algorithm to crack with. especially in john, but also hydra. i would verify the hash type, only include the relevant portions in your hash file, also - make sure it's the correct user's hash, lol. then, see if that works. lastly, use the correct wordlist. rockyou.txt is very common for THM, so i recommend that.
sand trench
<@228199546050707456> what keybind or so you use to "over-volume" to 150% if you...
shadows keyboard has an encoder/dial that shadow uses for changing volume
granite kayak
if you're cracking a hash, you may be using the wrong algorithm to crack with. e...
Use Hydra to brute-force molly's web password. What is the value of flag 1? i use atm: hydra -l molly -P /usr/share/wordlists/rockyou.txt 10.114.136.11 http-post-form "/:username=^USER^&password=^PASS^:F=incorrect" -V
rapid merlin
oh shoot, that's a network brute force, hydra, that's right. i was thinking hashcat. one sec, let me analyze...
granite kayak
take your time its running anyway 😛
tight rover
Heyyy guys
rapid merlin
Use Hydra to brute-force molly's web password. What is the value of flag 1? i us...
hmm, you're using a post-form, but supplying a get-style request. can't remember if that's standard for hydra. if the website indeed uses a POST request to submit the user login for checking, i would internet search for info on how to use the http-post-form attack with Hydra. It's probably somewhere in that section that's not working.
tight rover
Use Hydra to brute-force molly's web password. What is the value of flag 1? i us...
I literally did this last week lol 😆
rapid merlin
Heyyy guys
hey, how's it going?
tight rover
hey, how's it going?
It's going alr
granite kayak
I literally did this last week lol 😆
did you waited for like an hour to get the result?
tight rover
did you waited for like an hour to get the result?
Nope it gave me almost immediately, i finished that room and took notes in 20 minutes
rapid merlin
also, @granite kayak add a switch (command-line option) for Hydra to give verbose output. Maybe you'll see that Hydra is getting 400-type http response errors because your Hydra command is wrong.
sand trench
@loud marlin
// Example volume keys mappings for PipeWire & WirePlumber.
// The allow-when-locked=true property makes them work even when the session is locked.
// Using spawn-sh allows to pass multiple arguments together with the command.
// "-l 1.0" limits the volume to 100%.
XF86AudioRaiseVolume allow-when-locked=true { spawn-sh "wpctl set-volume @DEFAULT_AUDIO_SINK@ 0.05+ -l 1.0"; }
XF86AudioLowerVolume allow-when-locked=true { spawn-sh "wpctl set-volume @DEFAULT_AUDIO_SINK@ 0.05-"; }
XF86AudioMute allow-when-locked=true { spawn-sh "wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle"; }
XF86AudioMicMute allow-when-locked=true { spawn-sh "wpctl set-mute @DEFAULT_AUDIO_SOURCE@ toggle"; }
for niri this is how it is setup for shadow if you wanna have the binds
granite kayak
hmm, you're using a post-form, but supplying a get-style request. can't remember...
So the command is what echo gave me after crying to him that its not working i think before that I didnt had wait what was original...i dont wanna cancel and use history and cant see it in another tab but i think i had without the -V not sure tbh...
rapid merlin
So the command is what echo gave me after crying to him that its not working i t...
don't worry about cancelling. your command is probably wrong, because Jeffrey said he got it almost immediately. so it's not a speed/waiting thing.
sand trench
shadow loves their ploopy.co headphones
eeew streaming
they are open source hardware headphones from a company named ploopy in canada
granite kayak
don't worry about cancelling. your command is probably wrong, because Jeffrey sa...
okay canceled ^^ this was my original but i was in the rockyou.txt folder thats why i had no path to it: hydra -l molly -P rockyou.txt 10.114.136.11 http-post-form "/:username=^USER^&password=^PASS^:F=incorrect" -V -f
after that I tried without the -f and than again full path from start directory all without success i do the same as the guy in the video I'd say but its not working so probably not 😄
rapid merlin
@granite kayak create a text file on your attack box named test.txt with the contents:
testpass
then, try passing that as the -P wordlist for the passwords, and also, importantly, add a -v to the end of your Hydra command, and see what the output says. See if there's any HTTP errors.
also, @granite kayak , when you submit the login, does the POST request just go to /? or does it go to /something?
dreamy bronze
well, my last job was linux sysadmin/devops, so i think i'm gonna double down on...
that is awesome man and yeah I believe having a solid understanding of network infra is crucial and is very interesting stuff. Good luck on your journey bro
sand trench
open source stuff is nice and neat
also increases the chance that there is nothing malicious about it
also increases the chance of vulns being found
granite kayak
also, <@763729928625061888> , when you submit the login, does the POST request j...
wait its ip/login in browser
dreamy bronze
rapid merlin
that is awesome man and yeah I believe having a solid understanding of network i...
thanks, you too
twin ridgeBOT
Gave +1 Rep to @dreamy bronze (current: #1256 - 5)
dreamy bronze
granite kayak
<@763729928625061888> create a text file on your attack box named `test.txt` wit...
I did it with testpass or should i write XXX there? it worked 1 attempt 1 of 1 target completed 0 valid passwords found
rapid merlin
I did it with testpass or should i write XXX there? it worked 1 attempt 1 of 1 t...
try either one. doesn't matter.
rapid merlin
I did it with testpass or should i write XXX there? it worked 1 attempt 1 of 1 t...
also, you might want to delete the correct (in your message above) password to prevent spoilers for other people.
granite kayak
sorry!
granite kayak
okay maybe my info is wrong regardless because that also says 0 valid passwords found.
got it-.-
u were right it was /login
works
wait now i wanna try full path also again with rockyou lol ^^
rapid merlin
okay maybe my info is wrong regardless because that also says 0 valid passwords ...
do you have burp suite setup? can you intercept the login form after you submit? see what the POST path is. E.g. POST /login
also, turns out -v and -V are both equivalent for getting verbose output in Hydra.
looks like Hydra also has a debug mode -d which might give more info.
granite kayak
I just did it again with the rockyou.txt took 10 seconds.. the error was that I searched for / and not /login
rapid merlin
I just did it again with the rockyou.txt took 10 seconds.. the error was that I ...
that'll do it lol
granite kayak
I knew it had to be something dumb like that -.- argh thank you @rapid merlin
twin ridgeBOT
Gave +1 Rep to @gilded prism (current: #506 - 16)
rapid merlin
I knew it had to be something dumb like that -.- argh thank you <@45622657779813...
haha, it's not dumb. it's extremely important for understanding how web servers and web applications work. good job dude.
urban ravine
Helllo chat
rapid merlin
Helllo chat
hey there 🙂
rapid merlin
You okay janitor ?
better than ever, lol. but i need more coffee. brb
urban ravine
better than ever, lol. but i need more coffee. brb
Me too
stoic quarry
Like 5 mins old
urban ravine
Show me
stoic quarry
Slowly filling my sleeve out
dull otter
Use Hydra to brute-force molly's web password. What is the value of flag 1? i us...
I had this exact same issue running through that task, I even ran the exact same command someone else did who cracked the password in less than a few seconds, once it runs past 30 passwords from rockyou it means it’s broken but nothing could solve it, I just input the password and carried on
urban ravine
Wanna see the ink.
urban ravine
Slowly filling my sleeve out
I drew up a tattoo I’m gonna go get it soon
But I don’t know where to have it
urban ravine
I will when it's not bloody lol
I don’t mind but it’s up to you
stoic quarry
Find someone with a similar ish style
stoic quarry
I don’t mind but it’s up to you <:kekw:658061932577816606>
Lol yeah I can send it later for sure
urban ravine
I also need to get my tattoo on my leg refreshed
granite kayak
I had this exact same issue running through that task, I even ran the exact same...
I think i waited waaaay to long lol 😛
dull otter
I think i waited waaaay to long lol 😛
What’s even weirder is that when I ran the SSH brute force it worked almost immediately
granite kayak
What’s even weirder is that when I ran the SSH brute force it worked almost imme...
i just got the ssh password! 😉
stoic quarry
I also need to get my tattoo on my leg refreshed
Thankfully mine have all kept pretty well
urban ravine
Thankfully mine have all kept pretty well
Yeah…kinda gross but my leg one got stuck to my bedsheet 😭
dull otter
why do you wanna get cracked? 
granite kayak
That was maybe the hardest 16 points I ever earned lol
dull otter
urban ravine
Thankfully mine have all kept pretty well
I’ll show you my design I drew it up on clip studio
rapid merlin
I think i waited waaaay to long lol 😛
yeah, on CTF stuff, if it takes longer than a couple minutes to password attack, you're probably doing something wrong.
granite kayak
yeah, on CTF stuff, if it takes longer than a couple minutes to password attack,...
gotcha good to know ^^
rapid merlin
looks like windows reigns supreme with that feature. couldn't find an equiv in linux via quick online search.
old solstice
Guys is a dynamic phishing mail analysis bot good to put in a resume?
jovial crypt
Guys is a dynamic phishing mail analysis bot good to put in a resume?
any advanced project is good to put on a resume
try to put your most unique and interesting ones
old solstice
can u recommend some other than home labs I got a c2 this one and an ioc analysis tool
jovial crypt
can u recommend some other than home labs I got a c2 this one and an ioc analysi...
i would ask someone whos actually in the field😭 im still learning cybersec
old solstice
we're on the same boat 🫡
jovial crypt
give it like an hour or two and the chatll be active
old solstice
yeah
jovial crypt
yo u seem to know quick a bit, do u think if i pop in eJPT, compTIA sec+ and pentest cert from thm on my resume, it would be a good pushup? or would it be less valuable than completed projects (still have both on resume not just one but yeah)
thick sun
guys if someone that I think I know is leaving hate comments on my instagram from a fake acc, how can I see other profiles linked to that acc? Not sure if yall can help me but uh..I’ve tried everyth atp
jovial crypt
for red teaming beginner
jovial crypt
guys if someone that I think I know is leaving hate comments on my instagram fro...
you mean like emails linked to the same acc?
dreamy bronze
yo u seem to know quick a bit, do u think if i pop in eJPT, compTIA sec+ and pen...
certs via thm are not valued
jovial crypt
certs via thm are not valued
gtcha thanks
twin ridgeBOT
Gave +1 Rep to @dreamy bronze (current: #1099 - 6)
jovial crypt
thousand percent, i wanna get into the pentesting route so ive been tryna get through the actual understanding part so i could grind some more interesting projects
so you think like eJPT n sec+ are good as well as maybe like a few single digit well documented projects?
old solstice
I'll try the binary analysis and yara one thank u
twin ridgeBOT
Gave +1 Rep to @warped blade (current: #275 - 39)
old solstice
What about sc200?
thick sun
you mean like emails linked to the same acc?
Like other instagram accounts or emails idk anyth that can help me find out who that person is :/
dull otter
I just did it again with the rockyou.txt took 10 seconds.. the error was that I ...
just confirmed that it was literally just /login to be input as the POST path. The fuckass room claims that the IP address is the login page so it never clarifies that you have to input the path
dreamy bronze
Like other instagram accounts or emails idk anyth that can help me find out who ...
why do you want to find out LOL
old solstice
it's security operations associate but MCQ based I got it from their giveaway
granite kayak
just confirmed that it was literally just /login to be input as the POST path. T...
I mean it makes sense as when you open the ip in browser you come to a page that shows ip/login but yeah...that echo gave me the wrong command aswell, I think he does not like me ^^
jovial crypt
thanks bro u making a whole lotta sense
twin ridgeBOT
Gave +1 Rep to @warped blade (current: #268 - 40)
thick sun
this person has repeatedly been harassing me from different accounts made r*pe threats cursed out my family I’m sick of it dude
jovial crypt
you could always report auth
thick sun
wdym?
I don’t want to hack them? I just want a way to see other ig accounts linked to that profile :/
ohh
thick sun
it’s gotten to a point I’ve been doxxed and harassed by THIS same dude for abt a week now and I don’t want to quit :(
jovial crypt
yeah ngl insta is pretty hard on that stuff if i remember correctly
if u report them the ip ban will probably work just fine
yea
thick sun
yeah ngl insta is pretty hard on that stuff if i remember correctly
Don’t reports just affect the current account?
jovial crypt
Don’t reports just affect the current account?
no
jovial crypt
most of the time people know u if they doxx
jovial crypt
nonetheless if u report the auth and ig itll probably get solved
yeah thats why id tell auth too
haughty terrace
How to resolve this? What does this mean?
Initialising session...
Raw response: <!DOCTYPE html>
<!--[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->
<!--[if IE 7]> <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->
<!--[if IE 8]> <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->
<!--[if gt IE 8]><!--> <html class="no-js" lang="en-US"> <!--<![endif]-->
<head>
<title>Attention Required! | Cloudflare</title>
<meta charset="UTF-8" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=Edge" />
<meta name="robots" content="noindex, nofollow" />
<meta name="viewport" content="width=device-width,initial-scale=1" />
<link rel="stylesheet" id="cf_styles-css" href="/cdn-cgi/styles/cf.errors.css" />
<!--[if lt IE 9]><link rel="stylesheet" id='cf_styles-ie-css' href="/cdn-cgi/styles/cf.errors.ie.css" /><![endif]-->
<style>body{margin:0;padding:0}</style>
jovial crypt
yo im thinking a full red team simulation project, an AD attack lab and a web app exploitation portfolio for the resume alongside the certs, what u think?
def a public portfolio as well
like a good github page etc
great
what im seeing here is:
BloodHound
Mimikatz
CrackMapExec
for a good AD project
echo sentinel
for a good AD project
Some attack on certificates could also be pretty nice addition to this
jovial crypt
Some attack on certificates could also be pretty nice addition to this
you mean like certs focused on attacking?