#quiet-conversation

Hi everyone, i have a question, did thmhave a public api? i wanted to use it to get my own account information in real time to upload them on a portfolio

Click on your profile picture > Get profile badge ID > First one is live 😄

ohhh haha i didnt saw, thanks !

good day fam, anyone with ccst cybersecurity exam dums please share

Please don't use dumps 😉

please advice

There's no point of getting a cert if you're going to use dumps . You won't prove knowledge of the subject that way , you will memorize answer patterns . I 100% disagree with that 🙂

noted thank you ,will have to stick to the right method

Hi Everyone,

Quick question:

I’ve gained some certifications and skills in ethical hacking, and I’ve been wanting to try out bug bounty hunting. However, I feel a bit lost. Most of my experience comes from CTFs or school assignments, where there’s always a clear path or you know exactly where to look (Or they give you a clue in the right direction).

In bug bounty hunting, you start from scratch, and the targets are often high-level companies that surely have the basics of security covered. How do you even begin in this field?

What has your experience been like?

They don't have to be high-profile companies a lot of smaller ones have bug bountry programs 😄

I don't know particularly for CCTS but many certs have official preparation exams , try to check those 🙂

Any websites you recommend to check out for those?
Personally only familiar with hackerone, and on those i see the big companies only (NBA, Netflix etc)(Way out of my league haha)

will do check but what ive seen sofar are demo's with few questions to attends to

Hacker one , Bugcrowd

Try to search for newer programs or smaller bounties 😄 . Also check out https://discord.com/channels/521382216299839518/743858961593139361 channel 🙂

👌🏼 I will, thank you sir 🫡

F in chat for my streak 🥹

f

You can ask support to recover it 🙂

Is that not against rules? I lost track of time and didn't have a freeze equipped. It's on me I feel like.

I think it isn't 🙂 . They restored some streaks in the past , you only need to be ask asap 😄

I`ll give it a shot, do I ask them on discord or send an email?

Send email to || support@tryhackme.com || 🙂

Thanks!

Gave +1 Rep to @weary meteor (current: #11 - 767)

Same...bug bounty programs are not beginner friendly unfortunatelly, it takes time to even hope to earn something. Finding a job is hard even for people with bachelor, master, certificates, experience and referral letter and I don't really think the market will get better...

No system is completely secure, even though companies may cover basics, your job is to think like an attacker and find any gaps or cracks they missed, my suggestion is that you start small even if you don't find any critical bugs, as well as building a solid foundation

Furthermore, the thing with large companies is that while they might have more resources to delegate to cybersecurity, they also have more moving parts, more staff to train, bigger network to protect, more assets to catalogue, etc. The size of the target on their back grows larger and larger exponentially, so you shouldn't necessarily give up in the face of large corporations (as long as you do it legally, ofc)

Thanku brother

im in the corner

whut

tryhackme time, well wishes y'aall

Happy hacking 😄

enjoying the struggle

hello

good day

Am new here and my name is robert

Am here to learn more about hacking

Hello

I'm looking to learn more as well 🙂

what are you hacking for $10?

wth is going on over here???

@south inlet

We're not hackers for hire my dude.

I got a question guys did anyone ever analysed a malware with themida?

Hi there, malware analysis is restricted to our advanced channels.

Oh okay I didn't know that, apologizies

You pull this from the Mayors repo lol

Anybody using arch and displaylink dock? If so roll back linux kernel to 6.11 lol new upsate brokw everything

Hello

hi need help .............udo apt update
Hit:1 http://http.kali.org/kali kali-rolling InRelease
Get:2 https://ppa.launchpadcontent.net/i2p-maintainers/i2p/ubuntu noble InRelease [18.1 kB]
Err:2 https://ppa.launchpadcontent.net/i2p-maintainers/i2p/ubuntu noble InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY A6D4480DE82574BB NO_PUBKEY AB9660B9EB2CC88B
Warning: GPG error: https://ppa.launchpadcontent.net/i2p-maintainers/i2p/ubuntu noble InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY A6D4480DE82574BB NO_PUBKEY AB9660B9EB2CC88B
Error: The repository 'https://ppa.launchpadcontent.net/i2p-maintainers/i2p/ubuntu noble InRelease' is not signed.
Notice: Updating from such a repository can't be done securely, and is therefore disabled by default.
Notice: See apt-secure(8) manpage for repository creation and user configuration details.

Have you conducted a query utilizing your favorite search engine?

Guys, what is the difference between a Web-based Kali Linux machine and the AttackBox?

You don't have to manage or maintain VM because everything is hosted on a web, unlike attackbox which is far more better with specific configurations, either connected via RDP or SSH

AttackBox runs on Ubuntu and have fewer tools , Kali is more robust 😄

The web based Kali machine is also maintaned.

Hello, after I finish jr penetration path where I can practice? or i should enroll in another path before i start practice

You can start with some easier CTFs 😄

Hello everyone, I think this is a good place to talk about it because something has been bothering me for a few months now, it's the fact that I completely lost my passion for cybersecurity and computer science in general, and I would like to "get it back" but I can't seem to find how.

I've been thinking about why that could have happened and tried some "friendly projects" with the only goal of making me passionate again, like following tutorials to code an AI that plays mario bros on NES, or even the advent of cyber. But i'm kinda ashamed to say that I think IT annoys me now. I still do it as my job and i'm fine with it, but a year and a half ago I was working almost everyday on something related to cyber, and now if I don't force myself nothing happens and I don't take that much pleasure anymore

Sorry for the big text, but I just wanted to know if anyone had experienced a similar situation and if you had tips to make it better

Pill, take a chill guys.

You're burnt out. Find something outside of computers/schooling and do that. Club sports, hiking, etc etc

Hi everyone, I need to do a interview project for college, and I need someone who already work in cybersec. The project is just basically answering some questions related to the career and the writting. Thank you!

Hi, we don't help with school work in this server. 🙂

Ah okay :), I didnt know

What do you call a lazy kangaroo

A pouch potato 😂

It should be a lazy baby kangaroo though. Or a lazy Joey to an audience who would understand that

@grave bridge What do you call the opposite of a lazy kangaroo?

A kanga-do!

I found a dad

I know a lot of dad joke, but I'm not dad at least not that I know of, nobody has come knocking to my door yet 😉 😛 😂

I just had a nightmare i got hacked and everything was targeted and it did the hacker movie thing where my monitor had skulls on it.

Hello good day here, please is anyone here among the Lazarus group?

anyone here doing aoc 2024?

Probably not 😅

I am

have you completed day 5

im having issues with aoc day 5 where it seems like im not able to access the wareville wishshop through burp

Turn off Interceptor in Burp 🙂

Yes , do you encounter any issues 🙂 ?

omg, i think i have ben trying to figure it out for almost an hour or two
thank you 🫡

Gave +1 Rep to @weary meteor (current: #7 - 1017)

not any issues but a confusion

What's the problem 🙂 ?

in Task 11, how can we see what's written in wishlist.php code

after we click add to wishlist, it is written that an AJAX call is made to wishlist.php....

then the XML format

and then it is written that wishlist.php accepts the request and parses the request to following code....

//the code//

my question is how do we find out //the code// from the website

<?php
..
...
libxml_disable_entity_loader(false);
$wishlist = simplexml_load_string($xml_data, "SimpleXMLElement", LIBXML_NOENT);

...
..
echo "Item added to your wishlist successfully.";
?>

This is the code mentioned in the challenge

That's just an example of how vuln. code could look like , it's common to see such code snippets in lessons so that you know how vuln. code could look like if you're performing white-box assignment or you stumble across source code during black-box assignment 😄

ohk...... wt are white box and black box assignements btw?

and the payload mentioned in tthe website is made as an assumption that the following code might be parsed by wishlist.php?

ok i got the basic overview of white box and black box

In white box assigment you're given the whole picture of the vulnerable app 🙂 . You're given access to the source code, network diagram, some history about the the app,... In black box assignment you don't have any prior knowledge of vulnerable web app server ( you need to manually explore it and see how everything functions ) 😄 . You can learn more about it in the Task 4 of the following room 🙂 .

https://tryhackme.com/r/room/pentestingfundamentals

thanks for such a descriptive answer ❤️

Gave +1 Rep to @weary meteor (current: #7 - 1018)

wtf... there's a leaderboard for this........ that's great

It's , funny little gimick 😄

Hi everyone,
I’m looking to join a team focused on ethical hacking and cybersecurity. I’m currently pursuing a BSc in CSE and am at Level 10 on TryHackMe, where I’m actively learning and practicing.
I’m eager to connect with like-minded individuals, whether beginners or advanced professionals, to share knowledge for each other’s growth. Building friendships with others passionate about cybersecurity would mean a lot to me. basically i need some friend to motivate me and other also in this line,,,,,,,,,If you’re interested, let’s connect and grow together in this exciting field!

Does anyone else set youtube to 3x speed and watch tutorials

Mine is 2x

@odd plank @autumn pike
You don't both don't use 15x?

Hey everyone!

I'm TGoldenBoy, and I'm excited to join this community! I'm looking to make friends and learn more about cybersecurity. I'll be starting with SOC studies and plan to dive into Pentesting later on.

Looking forward to connecting with you all!

Cheers, TGoldenBoy

Hello TGoldenBoy , welcome to community , glad to have you here 😄

Thank you Sir

thank you. i am actually in IT but would love to explore more ethical hacking. i have tried a few 'easy' boxes but found them hard 😞

Gave +1 Rep to @rocky mural (current: #2462 - 1)

are you in the practice rooms or learning rooms?

practice

do learning rooms first, in my opinion

I've been doing learning rooms and it's been tedious, whereas progress has been slow but coming along! keep in mind, I've been putting in some effort so it depends on the user, if that makes sense

i do understand the basics, its just more learning the tools and how they work for reconnaissance, enumeration

ill go through some of the learning stuff. thank you❤️

what ive noticed in the learning parts its just more theory rather than practical in regards to the tools that are going to be used. is there a path that explains the tools and how/when to use them when doing a CTF? or should i just do boxes with a tutorial on the side and follow along

the learning rooms include both, just stick to the roadmap and you'll see what I mean. again, it's tedious af but worth it in the end, esp since you can do rooms, which is sick af

alright thank you bro ❤️

I want to become a hacker, what should I do?

Join THM (it is the best investment you will ever make, then think, eat, drink and sleep Cyber. 🙂

Hi, I am into Cybersecurity Governance job already.
But want to learn and grow more into the field.
Using THM for a while now(not much consistently)
Want to know the right approach to roadmaps and rooms.

You can follow roadmap from THM 🙂

https://tryhackme.com/r/hacktivities/

Read and watch everything you find about hacking online

how do i fix frequent disconnection to attackbox?

do you receive any kind of error message?

no it just says disconnected and prompts for reconnection

after reconnecting it opens to the same screen though

nvm.... it didnt happen after i connected to another wifi

might be wifi issue

anyways thanks for the reply

no problem, sorry i couldnt help further

no issues,.,.

BTW another question........ i am doing aoc 2024 everyday, and at the end of tasks it suggests rooms to complete if i want to dig in into a topic..... as a beginner should i do them right oW?

there are some machines which are on medium difficulty,,,, should i do/try them?

you can always try

most of the times in rooms they tell you prerequsite knowlegde often with a link to a room

ahhh yeaa... thnx

thanks

and if you feel like the rooms are too difficult you can always do some external research or return later at a date

and people are always here to help with any rooms that are on tryhackme

why didnt that yagpbd thing came off

if you want to give someone rep you gotta reply to the message or ping them in the thanks

thanks @crimson lark

Gave +1 Rep to @crimson lark (current: #2465 - 1)

thanks @fair vine

Gave +1 Rep to @fair vine (current: #349 - 16)

thanks

and this should also do it but it has a 5 min delay i think between reps

@worthy jackal i found gold out of nowhere

i was looking if codecademy had any cool golang cybersec related projects

and saw they released courses on comptia certs

https://www.codecademy.com/catalog/subject/information-technology

they even have SSCP lol

Ooo! Good find! :D

WOW! @radiant jacinth Thank you for sharing this 👍🏼

Gave +1 Rep to @solemn pecan (current: #1214 - 3)

https://tenor.com/view/panda-animated-lazy-sleepy-cute-gif-2629443692090400496

@radiant jacinth im better

you do counter me

thanks for sharing @radiant jacinth

Gave +1 Rep to @solemn pecan (current: #979 - 4)

But you forgot to mention codeacademy is paid subscription 😭

Yeah, it follows a freemium model

IDK how is now but some years ago it was kind of restrictive without a sub

How is everyone?

Thanks for asking , good 😄 . How are you 🙂 ?

Gave +1 Rep to @lucid timber (current: #2470 - 1)

Good!

Glad to hear that , have a nice day buddy 😄

Great u too!

so i am new to what you guys are suggest

For what?

lol me too I wanna learn to hack

#start-here

Yay

I'm a bit behind on thm advent and up to day 4. The video for day 4 sadly isnt the greatest to learn from, too quick and she just reads it out like you are reading to a child. I really like the video from day 3, that guy really went in depth for newbies.

each person has their own teaching style, what worked well for you might not work well for others 🙂 they all do their best and each person helps in their own way

hello everyone, is anyone here following the "cyversecurity roadmap for beginners-

by youtube with sandra

How many hours a day do you recommend spending on TryHackMe while still in school?

However many you want, spend as many as you can if you want

Thing is I can't do too much because of studying and hobbies.

Well then don't spend much, spend as much as you like, even if that's 10min a day. There is no specific time amount that you should be spending

Alright mate thx

Gave +1 Rep to @wintry comet (current: #418 - 13)

Doing very little a day won't help u feel engaged

I'd say do at least 1h a day

yeah that's around the same amount I'm doing right now

hi

Tis the season to fry your arduino mega tra [la]{8} .... I grabbed a 12v 2a dc barrel and ... it looks like a test lead got unplugged from the pcb so i opened it up, plugged it back into my aruino ...and then the cpu promptly started to burn my fingers ... wunderbar

So much for my lcd color wheel driving the fiber optic christmas tree

(it was an old 12v light originally, when the wheel motor burned out first i replaced hte motor, when the second one died, i just replaced the wheel AND bulb with a pcb circle mount led and wrote a program to drive it)

and just like that, i need to replace my mega .... time to pull anohter out of the ramps boxes i have stashed for making 3d printers/engravers

phew.. down to last one.

it depends where your trying to get with it. If it is just a hobby 30 mins to a hour is good, but if you want to go further with it maybe a couple hours is best.

I have fun doing it, so i try to do it whenever i have time

Hi! I'm reading the Advent of cyber D9 about GRC and Risk Assessment. One thing I don't understand is, when you perform a Risk Assessment to a third-party, you have to trust they're telling the truth. How do you verify that?

Hacking is what I have always dreamed of

I left medical like to computer because of hacking, haven’t gone far for now but the dream of it is still germinating badly

Any advice for a new beginner?

Learn everything you possibly can, spend as much time as you can trying out different rooms, learn different methods and techniques.

Can I ask

In tryhackme does it also teaches about kali linux

Yes, you can find all sorts of stuff here: https://tryhackme.com/r/hacktivities/search?page=1&kind=all&searchText=Kali+linux

a lot of the rooms are free, but you can also just search google for the ones that aren't

Ok thanks pal

No problem, Good luck!

I'm trying to answer a question in Linux fundamental part3 section 3
they are asking me to run "python3 -m http.server" and download http://10.10.150.148:8000/.flag.txt so I ran the command "wget http://10.10.150.148:8000/.flag.txt" and somehow, its saying connection refused. Am I doing something wrong?

Could you provide a screenshot 🙂 ?

Somehow I can’t send a screenshot or picture in the chat

You need to verify first 🙂

Ooo alright

https://help.tryhackme.com/en/articles/6495858-discord-how-do-i-verify-my-tryhackme-account

would this be the place to ask a kinda specific question

You can ask here or in https://discord.com/channels/521382216299839518/680459914828972076 🙂

Uhhh so basically

would hacking into your old discord account that got hacked already by someone else for very non-ethical purposes (those reasons being attempting to scam your friends out of real money) be considered a “good” use of hacking

No offense to discord support bc i know they’re only human and can only do so much but it’s been half a year and i ain’t heard nothing, just had me wonderin

Try to contact Discord support in order to recover your old account 🙂

They could be busy as an there is an influx of tickets, try emailing them again with the old support ticket number attached

Aii gotchu, appreciate it

KGB whats up man, How are you?

Thanks for asking buddy , I'm really good for now , how are you 😄 ?

Gave +1 Rep to @jovial forum (current: #314 - 18)

Thats good to hear, Im doing great, thx

Gave +1 Rep to @weary meteor (current: #7 - 1213)

So glad to hear that , have a nice day buddy 😄

You too mate

You need to ssh into target machine and run server on it 🙂

thanks, it worked!

Glad to hear that , keep going buddy 🙂

Started Advent-of-Cyber two days ago. I am on day 8 now. What a fun intro crash course on Blue Team security. I am "Scriptkiddy food" not even Scriptkiddy 🙂 However, I didn't think I would have the opportunity to see yet alone learn SIEM software and AWS cloud security techniques this soon. Lots of fun!

Great progress buddy , keep going 😄

Anyone from staff here

Hi I'm new to the field of computer science with no prior knowledge I want to start learning cloud plus cyber security is it a good idea and can you tell about some resources

Welcome 🙂 . You can start with this pathway 😄

https://tryhackme.com/r/path/outline/presecurity

hey guys does anyone cleared AV evasion :Shellcode Task 7 i did got reversh shell but can't Esclate to Adminitrator Can any one Help Thankyou

#room-help for assistance with TryHackMe rooms

Analyzing Netflow Data Try Hack Me - does anyone know what software I use to analyze the packet information

Im pretty sure you would use wire-shark

why i can't add photo over here. is there anyone who can help me with that

You will need to verify first 🙂

https://help.tryhackme.com/en/articles/6495858-discord-how-do-i-verify-my-tryhackme-account

okay. thanks

Have a good day pretty people 👋

Thanks , you too buddy 😄

Gave +1 Rep to @dense mason (current: #1644 - 2)

Just jokes @odd acorn 😃

Okay im just gonna delete that it was joke lol maybe just one thats nlt funny lol

I thought it was a lil funny
Gave me a light chuckle

guys yesterday i find flipper zero at just 20 dollars in a site which make me curious. so i dig into it and booked one. i thought that i've to pay online but there's cod available. after i complete my booking they called me for confirmation too. but after a while when i do some research on them i found that they scammed many peoples already. here we dont have any strong laws to take steps against them. so anyone have any suggestion to stop them from scamming people.

When something seems too good to be true it's probably a scam 🙂

Yaa but here most of the people are not aware of this scams

And there are no such laws to take steps against them

Generally we ask that you don't post known scam links to chat, even if you are just trying to bring awareness

Okay I'll remember that

What languages are needed for someone in cybersec, I know basic python, I know a good amount of full stack web languages and that's it, I've been using computers since 9 years old so I have a pretty intuitive sense in that field

JS if you're interested in web vulns. 🙂

It's okay if I learn basics of it

Yes , as you practice over time you will get better and better . You have a room on THM about JS basics 🙂

Thanks 😅

Gave +1 Rep to @weary meteor (current: #7 - 1330)

This is the room 😄

https://tryhackme.com/r/room/javascriptessentials

My bosses, please I need help with an iphone 6s bypass

We can't help with this, sorry.

It would be against our community rules.

Good luck

Hi

I need a help perform security testing like DAST sast for internally hosted web app

Hosted where?

Edge server

I mean it’s not a public web app

Is this for your job?

Yea

Yes

I’m fresher for this role

Ah, then please ask your supervisor or manager, we can't help you with this in this server.

Also best not to discuss internal infrastructure with a server full of hackers...

Please see our Employee assignments page here as our community guidelines and rules prohibit help with this.

Got it

Android phone has been hacked due to opening of malicious file.
How to remove the malware
: Any apps: ?

Malwarebytes

I'd use Malware-Bytes, or complete factory wipe.

Or format the phone

Does malware bytes require subscription?

To scan and clean, I don't think so.

However I don't have an option that is free/cheap that doesn't require formatting the handset.

What paid apps are good

Malware-Bytes is the only thing I'll suggest.

It found the app and i deleted it

Will it still have traces of the malwar?

Use Malwarebytes to see

fresh os install

https://www.reddit.com/r/privacy/comments/fc5t7g/i_dont_trust_malwarebytes_they_want_your_data_bad/

Oh look,.a Reddit post.

Must be bad.

Just a bunch of peeps telling their sides of a story

Pure bs

Reddit is a very reputable source...

Context please. Coz i also sometimes prefer reddit posts 😅

I ran it.... It found 2 threats and deleted the app..... Should i still reset the phone or is it safe now?

I haven't denied that.

It was sarcasm, meant to be a captain obvious joke that reddit is not always a good source

Reddit, it's a very good source for weird things 😂

r/linuxsucks and r/windowssucks are literally the same subreddit, it's just linux users

I was about to say to delete the app in case you find it rather factory reset or smth. As android apps work in sand box environment. Means they have their own isolated space to prevent unauthorised access from any other apps/files in the system. Also, make sure to check if there were any new files created or modified by the malware cuz that might leave traces for malware in that case it's usually recommended to factory reset. I'm not an expert at this. Still learning about malwares (windows specifically). And sorry for my broken English lol 😅

@pure wagon what languages speak you

None, cuz I speak languages 🙂😎

So relatable💔

i think i would like to get into cyber and tech journalism but i don't understand how people get leads. usually the first time i hear of anything is from reading articles already covering whatever i'm interested in. does anyone have any tips?

just realized tips could either mean leads or advice and i'm asking for the latter

You need to build trust in the industry. People will be hesitant to talk to randos, but if you have a reputable block or current career in journalism people will be more likely to talk to you. It's common for people to float around topic areas when starting in journalism before going for a niche. There are also strict ethical requirements when it comes to journalism, of which you typically learn about in a degree program. As for getting started, I'd probably go talk to your local newspaper and see if they're looking for any staff to get your foot in.

i don’t have anything at all yet, and i’m not willing to quit my current career to pursue this hobby, but i am looking to get in contact with people who share the same interests. i need to start with some blog posts i think, but even there, idk where to start. i went to uni for comp sci so i’m not familiar with the field of journalism at all, i just know i have my interests i’d like to investigate, but i’m not sure how to start

Journalists take the same route as OSINT investigators as they cant research something not known to the public without getting in trouble. So being good at OSINT, phone calls and social engineering should do the trick for you.

@south inlet

@worthy jackal a+ practice question of the day:

Which of the following types of USB connections can support up to 4.5 watts of power per connected device?

A. USB 1.0
B. USB 1.1
C. USB 2.0
D. USB 3.0

why does IT support need to know that? god knows

|| Answer is D ||

Is this part of an exam?

it's practice question for comptia a+ not actual question

well maybe it's actual idk but it's from udemy

hey

is there anyone here

No.

I'm sorry, bad joke.

We are.

How slow is this slow mode?

Ok just 10 secs

anyone here a google sheets expert?

my end goal is:

1. record transactions on a day by day basis

2. show a monthly over-view of this spending

3. compare this to a set budget, so if i spend £500 but my budget is £1000 it will tell me i am 50% of the way there

4. i did using a table of daily transactions

5. i did using a pivot table, row = month and value = sum of month

6. i have no idea how to do. Because pivot tables are variable and can change, it is hard. i can hard-code stuff, but because they change hard-coding is not good 😦

Anyone know what I should do here? 🙏

this is interesting, are you still working on this?

Hey guys I'm trying to crack a wpa2 captured handshake password without a wordlist because its probably not in english. Any ideas?

What are you cracking?

I’m curious
Why would that power wattage matter if you are just using it for normal use?
Orrrr does it matter if you are using the USB for naughty activities

no clue it's from dion practice exams

i think the questions from them are a bit extreme

or unrealistic

你们那里现在是深夜还是白天

English only please.

Is it late at night or daytime where you are?

I have captured the handshake with aircrack but I'm having trouble with the password

WiFi hacking is for our advanced channels.

yeah, i am thinking to ignore the pivot table and play with sumif and have ugly mini-tables in excel of each month 🤔

just solved it

i used sumif and ugly tables

:hammer: 2130880375#0 has been banned.

:hammer: 2130880375#0 has been banned.

[BAN] User left the discord server.

It ain't D
USB3 standardises 1.5A @ 5V which is 7.5W

Usb2 is 500mA so also doesn't line up

Apparently 900mA by default for usb3, who knew?

"USB 3.0 and 3.1 allow 5V at 900 mA (4.5W). "

from google

You can demand 1.5a with the charger ID pins

https://hackaday.com/2023/01/04/all-about-usb-c-resistors-and-emarkers/

Good stuff the USB spec

I have no idea it just seemed odd to have that question in A+

About a million ways you can do it and be spec compliant, and no one ends up doing it

btw how do u even know this

you're into IoT?

Hardware stuff

Wrong channel; sorry

Uhm

Hey

I have a question

What's up?

I want you help me gain access my dummy Gmail account and I want to understand how it was done
Can someone teach me

No, that would be illegal, and against our community rules.

I want to know how images are uploaded too

You need to verify your THM account for that.

Can I learn pentesting

Yes.

Where can I ask a question about day 18 AoC2024?

Here https://discord.com/channels/521382216299839518/1305926862114914325 😄

Thanks!

.

Teach me pls

Have a read over #start-here

I don't know how to navigate my way

Im a complete beginner

hi

Hi , welcome 🙂

ty

will i succeed in this field

If you work hard you sure will 🙂

u got any tips to be consistent btw

Practice, fail, cry a little and keep pushing forward

Will the advent event be available in January? Can't work on it that much these days

Yes , it will stay 🙂

Nice, it's a lot of fun and full of discoveries 😁

hey, advent of cyber event has over so how am i gonna receive the prize ? : )

Prize drawing is on Jan 6th 🙂

Is there any room for side quest?

Here 🙂

https://tryhackme.com/r/room/adventofcyber24sidequest

https://discord.com/channels/521382216299839518/1312113121040535656

I meant, on discord

https://discord.com/channels/521382216299839518/1312113121040535656

And also, till when they are open?

It will stay , but you can win raffle tickets before Jan 1st 🙂

What's this "Learn and win prizes" room

Is it still valid

No , it isn't 🙂

@weary meteor what happens if i foresee not being at home for several days at a time? can i like buy streak freeze? do you know?

I don't think there's option to buy streak freeze , but you can ask THM staff to restore your streak if you loose it

i'll send them an email 🥹 thanks for the headsup

Here's the mail 🙂

Hi everyone. Have anyone tried running dualmonitor on virtualbox? Been running with one monitor now, even though my host has more monitors.

Please how does THM learning looks like

There should be a option for multi monitor setting under Graphics or Display menu in settings 🙂

What are you interested in 🙂 ?

Just want to see a screenshot of the learning field

Am yet to start tho

Merry Christmas! ⭐🐴🐮🐷🐔🐥🐭

Merry Christmas!!!

@uneven helm @shell dawn Merry Christmas 🎄 🎅 ☃️ 😄

You can create a free account and have a look

i want to tryHackme learning!

Check out roadmap 🙂

https://tryhackme.com/r/hacktivities

What should I learn as basic knowledge?

https://tryhackme.com/r/path/outline/presecurity

Follow along this path , It will teach you all the fundamentals needed 🙂

Can I check out all the roadmaps on the tryhackme website?

Yes on the link above 🙂

ok...!!

As someone who is entering into the cyber / IT world in his early 30's I feel like I have many dumb questions. I've managed to get my CompTIA Sec+ and i'm hoping to finish up the Net+ within the next few weeks. I'm still pretty new and trying to land an entry level role within IT. I grew up with the appreciation of wanting to understand technology, but never focused on it till I turned 30.

I feel like I want to get into network and cloud security, and I plan to get my CCNA and AWS Cloud Practitioner in 2025. I know I still have a LOT to learn. My question is in turn this: during the months i'm not working towards certifications, what should I be working towards? My current goal for 2025 is to continue working through THM CTFs and completing modules, I want to finish up Net+, CCNA, and AWS, and I was planning on taking some udemy courses this year on Linux, SQL, Python, CSS/HTML, and maybe C++ or C#.

Welcome 😄

I would recommend you to skip AWS practitioner certs if you ever had touch with IT/cloud in the past because they might be pretty basic to you , go straight to associate level ones 🙂 . If you're beginning your journey in IT then go with practitioner 😄 .

I'll definitely look into the associate cert over the practitioner. I really haven't looked into much of the cloud side of certificates just yet because I wanted to make sure I had a strong foundation before diving into them. So i just selected the most basic as my first step (:

Testing

Oh perfect

I have CISCO's and AWS's certs , if you have any questions feel free to ask 😄 .

I'll definitely keep you on retention when I start my CCNA in March. I definitely want to get better with linux and SQL before diving into my next cert

Good luck on your certification journey 😄 🚀

Tbh, SQL & CSS/HTML are just something you can master in a few days, let's say a week for each one with a good tutorial and it's done ... it's the easiest in all you can try and you've mentioned.

... Master? ... In a few days?
This should be good

that's a person with great confidence or total denial, I can't tell 😉 😛 😂

The fact that SQL is even there makes it 10x better

i did not google

hi

Hi , welcome 😄

I was expecting to spend about a month on each one. I assumed that it’d be better to get as in depth as I could for each one to continue being well rounded in my 2nd year of building foundations I should’ve had 13 years ago 😅

Ola

Up to you, but you'll get bored and go round learning what you've already seen for css/html !^^ Even if you go to the extend into learning a framework/tool to use them, such as Tailwind or Bootstrap for css/html, it won't take you that long ... the hardest is to maintain an inherited awkward spaghetti css monolith file, because it was made with some feet and no brain cell was injected all along !^^
On the other hand, if you try to look into DB administration tools such as PostgreSQL DB or Azur SQL DB it might take more than a month : with the latest for instance, there are so many features as ancillary services to administrate a server, you may spend years on it ... it's MS after all !^^
If you are on the defensive side, you may need to help maintain a DB on a daily basis ... on the offensive side, you don't need to go into deep DB admin, "just" how to hack the credentials and then to retrieve data are enough ...

small game, this image is linked to which series ?

"just" how to hack the credentials and then to retrieve data are enough

Uh, no. For a pentest role you need to know how to secure a range of different DBMS. "Bruteforce credentials and steal data" doesn't even come into it.
Credential attacks are on the checklist, but they're one bullet point, not the whole thing.
Red team ops you might have an end goal of exfiltrating data from a DB, but the same applies -- there's a lot more to it than just "hack the credentials".

God only knows what you think the "offensive side" does, but I promise you that it involves a lot more than just "hack all the things".

Hey guys please i wanna to ask if someone is familiar with openvpn and the iptables i have a pb routing the traffic through tor please

You can learn more about OpenVPN here 🙂

https://tryhackme.com/r/room/openvpn

It have nothing i mean i'm hosting a server on tor and i wanna to route all the traffic through tor but i'm getting some errors i need some help

This one all what it have's just how to connect to tryhackme servers

https://tryhackme.com/r/room/torforbeginners

Do you recommend CCNA for a final year uni student?

Why not , it's an industrial standard cert for networking although be aware it is a foundational one 🙂

Is it a better option than network+

I would personally go with CCNA 🙂 . Try to also consult with somebody from https://discord.com/channels/521382216299839518/707992725646999553 🙂

Can anyone gift me free premium voucher 🥺

why ?

Please don't ask for these in this server.

I am currently on a tight budget 🥺

lol, 14$ MDR

Anyone here have a black-belt in usb management?

I've got a device that likes to disconnect itself after about 90 seconds of inactivity from the usb bus. But for that 90 seconds, if i can connect to it, it will stay connected a lot longer .. not indefinitely, but long enough to access and program.

The only caveat is that communicating with it requires a 32 bit ehci type interface on a windows xp driver 😦 I've done the connect, and map the usb host device to the vm image during that 90 seconds, and then if i reconnect it, i can get the vm started and the system talking (Hey, hooray for a 15 second windows post with a 10 second login splash) ...

Does anyone know how to diagnose if the timeout is device side, or host side?

root@capgras:/etc/udev/rules.d# cat 99-usb-power.rules
ACTION=="add", SUBSYSTEM=="usb", ATTR{idVendor}=="4647", ATTR{idProduct}=="3000", ATTR{power/control}="on"

otherwise i have to connect device, boot vm, flash, then after flashing, shut down vm, reconnect device, boot vm, then verify the flash. which is a little cumbersome to get in under the timeout period.

[Sat Dec 28 04:07:44 2024] usb 1-10: new full-speed USB device number 54 using xhci_hcd
[Sat Dec 28 04:08:28 2024] usb 1-10: USB disconnect, device number 54
[Sat Dec 28 04:08:38 2024] usb 1-10: new full-speed USB device number 55 using xhci_hcd
[Sat Dec 28 04:09:12 2024] usb 1-10: USB disconnect, device number 55
[Sat Dec 28 04:40:43 2024] usb 9-4.3: USB disconnect, device number 34
[Sat Dec 28 04:40:43 2024] usb 9-4.3.2: USB disconnect, device number 35
[Sat Dec 28 04:40:43 2024] usb 10-4.3: USB disconnect, device number 15
[Sat Dec 28 04:40:44 2024] usb 9-4.2.1: reset full-speed USB device number 6 using xhci_hcd
[Sat Dec 28 10:44:02 2024] usb 1-10: new full-speed USB device number 56 using xhci_hcd
[Sat Dec 28 10:44:04 2024] usb 1-10: USB disconnect, device number 56

The only other way would be to hack windows driver so it could work in windows 11 .... but it's x86 territory

How would you limit your Google search to PDF files containing the terms cyber warfare report?
Ans: filetype:ppt cyber warfare report
is this. correct or incorrect ans?

filetype:pdf not ppt 🙂

Thankyou

Does it work now 🙂 ?

Glad to hear that , keep up the good work 😄

Hello, I want to connect the tplink tl wn8200nd adapter to the virtualbox kali linux. When I plug it in, wifi appears, I press connect and enter the password, but it does not connect, it keeps going around and around, I would be glad if you can help me.

Try to change network mode to bridged in VM settings

I tried this

Change to NAT if you haven't

I tried that too

I'll say mr.robot, just by the clothes and the old man ghost

Mr robot , the guy looks like Elliot

https://tenor.com/view/ban-hammer-yoshi-mario-discord-gif-12444703281338986867

@south inlet

I watched 1 season then stopped but the middle guy is defo Elliot, "Mr robot" to his left at the bottom, then that guy who I forgot his name in the blue shirt, his boss is the ghost again don't remember, the girl with the green shirt on the left is the FBI agent

Maybe it was 2 seasons (I remember nuthing)

Hi guys

How to fix (no sound problem with Kali Linux in VMware) ?

Is it muted?

Yeah no sound at all

hey im new here how can i get started

Welcome 🙂 . You can start with this pathway 🙂

https://tryhackme.com/r/path/outline/presecurity

thank you

Gave +1 Rep to @weary meteor (current: #5 - 1676)

Does anyone have experience with running Kali via UTM on a Mac? I was gifted a Macbook (absolute Apple-Newb) and wanted to use it for THM. I set up Kali on UTM but the window is so tiny and the resolution is just meh... but I can't find anything to fix this and now I was thinking maybe it's because of UTM? Maybe I should try a different VM?

You need to install brew, to install openvpn and run the VPN from there.

Oh, didn't even try to get into the network because the window is so tiny 😅 But if I get you right I won't be able to anyways without brew?

I'm not too sure tbh, whenever someone has an issue with Apple, that's what I suggest, I'm a Windows user and I have zero knowledge on MacOs.

Me too but I am still running the Attack Box and was thinking this might be a good chance to have a dedicated piece of hardware for this ... otherwise I think I will hardly use it

I'd suggest not using MacOs then, as some of their chips don't even support virtulization.

But it's running already... the whole question I was asking is how to get a higher resolution because it looks like it's running on 640x480 and my eyes hurt when I maximize it 😅

Hi

What?

Yes, I have it running quite well on M1 chip. Parrot, kali, and windows

Brew is a Mac OS utility package manager. I believe they are saying to just run the Mac OS directly? Brew does have most of the tools. But you can virtualize parrot and kali. The effectiveness might depend on your Mac setup(ram)

Which channel do you guys suggest to learn CLOUD COMPUTING FROM SCRATCH

Thanks... the question I had was kinda overread or IDK why we had this connversation. I have UTM and Kali running on a small M2 Macbook which was gifted to me and I don't have any Apple experience. And my only question was how I can increase the resolution of the Kali VM because it's really small (maybe like 800x6000 ?) and it's absolutley no fun to work with it this way. Do you know if there are any options which I did not see or how to get a better resolution within the VM? Or maybe UTM is the reason and I should try a different environment?

Gave +1 Rep to @harsh linden (current: #533 - 10)

All the big ones usually have learning platforms where you can start off... AWS Skill Builder, Microsoft Learn, Google The Arcade etc ... and Oracle has a Free Tier and learning material as well. The others have free tiers as well but they are different. You get some credit and once it's used up you either have to pay or can't use some service anymore... Oracle has a good chunk of their services which will remain free

..

What iso did you use to install(arm?), and how? which UTM system level settings and Display level settions do you have selected? have you tried changing the resolution in the kali display preferences? do you know if you have virtio and spice tools installed on the guest vm(kali)?

Now that's a lot of questions 🙂 I will look into it as soon as I find the time and might get back to you. Thanks in advance 🙂

Gave +1 Rep to @harsh linden (current: #493 - 11)

I was thinking of doing a small write-up, I can ping you if I get to it soon. though, it would be interesting to hear about the process you went through to setup so i can include those details too. cheers

It's my first Apple device so I am really new to it and went with UTM because it was the first thing that popped up when I searched for VM's ... (or was it given on the Kali page? can't remember). But I can try to reassemble it and send you the info. I remember that I had to look up something about the display settings otherwise I only had a black screen. And I had to run a CLI during installation. I will make myself a reminder and get back to you with the info that I can recall

yea that can be expected. you probably just need to change the default display preferences, and update the resolution to one of the 16:10 resolutions

Thank you mate

Gave +1 Rep to @shadow mauve (current: #1672 - 2)

what's +1 rep is?

can use rooms while using macchanger and torghost ip switcher?

• rep is given when someone says thanks when replying to the person. on the left its position and on the right its the amount of reps/thanks received

Gave +1 Rep to @hollow stirrup (current: #1672 - 2)

in my reply there was thanks so it gives you a rep

@harsh linden Would it be sufficient for you if I just drop you some bullet points? If you want to go into detail here and there we could continue from there

There should be more payment options other than credit and debit cards....

like I am in India, and as I can see the payment in my currency now so I should choose most famous option in India which is UPI.

I am just giving a small suggestion.

Because many people from India face issue with cards, because banks by default give Rupay cards. And many people don't know if they have to active international transactions in their card app.

Darth Vader for some odd reason it rejects my Credit card

I use paypal @tall relic that works

for me PayPal not working...

that's why I use my debit card..

My Debit and Credit card did not work

but as it is expired now... and I have to go to my home town branch to get a new one, because if I apply online they will give me Rupay card, which I don't want... and also they will give me less limit card.... I want to get the platinum visa only..

oh totally different process where I am from

you should check in your card details in banking app if the international transaction is on or not. And selection also like what services are on in international.

My cards are on hold for some odd reason

All of them

I am no expert.

But yes, in India PayPal have to follow lot of restrictions, so it is not working as it use to work in other countries.

now I want to buy the subscription like right now, but I can't buy it now.... because my card is expired. 🙂

same lmao

I can't buy the subscription but I want to right now

I got to call the bank

yeah,,

hello any help to contact tryhackme sales here

or send me any tryhackme sales email id

Try to reach out to support 🙂

Thank You

There are a few emails, what are you looking to do?

Hey guys I think I've definitely been hacked. Any advice to getting to the bottom of it and securing my system? How to kick them off and keep it that way?

What males you think you've been hacked?

Today some files were missing I found them in the trash, my pc keeps freezing and it's restarting on it's own

Have you ran an anti-virus scan?

Anti-virus never finds anything

Which one do you use?

I don't have one currently because you have to pay for but I had some issues before and never found anything I think it was avast norton or someting like that with a free trial

I suggest using Malware-Bytes.

It's free, but a purchase will give you real time protection and other stuff.

I could try it for free but what if it doesn't find anything

Or just use Defender...

It's built into Windows and it's easily one of the best (if not outright at this point).

I'm on ubuntu so I think I'll try clamav

Try Kaspersky

Malwarebytes is okay, but its like 50% adware lmao

Wat?

It keeps giving me ads everyday (non subscribed to premium plan)

Honestly annoying

Just like McAfee

it depends on where he lives but many countries stopped Kaspersky

Saying Malwarebytes is filled with adware, without proof, and then recommending a company that may or may not be involved with the Russian Government is pretty comical. Thanks for today's laugh

Gave +1 Rep to @next bronze (current: #400 - 14)

I mean, it's still a good AV 😭

Also, I got like 10 or more popups per day with Malwarebytes

Clamav found just the metasploit payloads because it's installed so I guess it recognized them as malicious except that nothing

Words have meaning. Calling a legitimate piece of software, adware, on a very public forum can have consequences in the form of people seeing your writing and making decisions off of it and in some cases, if the company is more litigious, they will drop a defamation/liable suit on you. A free piece of software that asks you to purchase the premium, is by definition, not adware.

Well, it makes sense when you look at it that way

hi

Hi , welcome 😄

Hello guys

hello

Any thoughts and tips on using clamav and maldet together?

I also have snort installed but it detects just normal traffic,once it found something suspicous so I blocked the ip but that could just be changed with vpn. I did some cleaning to speed up ubuntu too like autoremove,apt clean...

The questions is how could someone do it and how to fix and prevent it

@weary meteor do you work with THM ? you are super active in this discord 😅

No , I do not work for THM 🙂

Sometimes I think you are a bot 🙂

I should be real 😄

I hope so 🙃

you do get this a lott

Yes 😄

well they should at least pay him, for his time and contribution to this community

23k msgs in 3 months is next level 🫡

How you see that bro?

Search bar.

To me, what KGB does is really admirable. He helps a lot of people, including me when I need help.
And he’s insane #14 on the general all-time leaderboard!!!

Hi guys, there's a guy harassing my friend for several month and death threatening her. i need to connect to his socials accounts to take proofs and file a complain against him

Thank you 🙂

Gave +1 Rep to @main siren (current: #1685 - 2)

@south inlet

he can help me ?

Please go to the police, or contact the platform support

yeah but she dont want to, she's afraid, and ok for the support, thanks so much

She doesn't have to be, it's their job.

Having someone coming in to it could escalate the problem.

right thankss

Hey everyone. Who can give an advice about setting home lab on like purple teaming. There will be like me trying to hack, also some SIEM maybe, where I can also look for logs and what happened. Which resources are good to build that kind of lab?

Does anyone have experience with OS hacking? I'd appreciate it if you could guide me. I wanna prepare myself to compete in pwn2own.

Wdym by OS hacking 🙂 ?

Operating system hacking like hacking windows?

THM has some great rooms for that

The Pentest+ learning path will help you with hacking a Windows system, escalating in AD, etc

https://tryhackme.com/r/room/windowsprivesc20

Check out this room 🙂

Ok thanks

Btw this emoji. It's dangerous. Fr, cuz it has several meanings if you know what I mean.

No , I don't know , can you elaborate 🙂 ?

Lol, it makes me feel dumb. I am like sh*t did I ask something wrong

I think they mean that it can be interpreted in multiple ways

Nws, nobody criticizes you :) we're all here to learn

No , it doesn't mean that , it's a happy smiley guy , to cheer things up 😄

Haha yeah I see

No bad intentions in mind

Np sir

Sorry again if it was offensive 😦

Bro bro, that's fine, my friend. It wasn't offensive or smth.

who is KGB

are you are you new on tryhackme?

Not exactly . I have been on THM for quite some time by this point 😄

can we partner up

Of course, we're all one big team here , feel free to reach out whenever you need help 😄

@main siren how long are you into hacking

👍

If you need help with some room on THM , feel free to reach out in https://discord.com/channels/521382216299839518/522158539129618453 channel 😄

thanks

I've been into IT, programming, and stuff for about 3 years. I'm a student.
And Hacking? Pure hacking? Not so much.

what do you mean by pure hacking

Like fully dedicated to studying hacking

wow

what is zip in billing address

postal code

👍

Anyone know any hacker group chats I can join ?

Check out https://discord.com/channels/521382216299839518/680459914828972076 discussion 🙂

Thank you

Gave +1 Rep to @weary meteor (current: #4 - 1902)

Just finished the OWASP top 10.. SSRF looks powerful .. how do webapps protect against this?

guys, when're gonna receive the prize of advent of cyber ?

Check your email 🙂

i didn't receive any mail from thm since dec 30

🙂

Winners were contacted on email on Jan 6th , if you haven't received an email that means that you're probably not among them 😦 . Try to check out spam folder just to make sure

nope, there's nothing either

😢

😭

Hello all, I'm still kinda new to the whole security stuff and I had a shower thought yesterday. Maybe I‘m stupid but wouldn‘t it make sense to save usernames/mailadresses as hashes so that when a databreach occurs not only passwords are hashed. This would make it much more unappealing to leak such data in the first place!?

Because they are used for identification as an identity factor, not authentication, and hashing them would cripple the usability of services.

And usernames are always retrieved by websites back to the users

e.g. who made the post

ah okay this makes total sense and confirms my first hunch that I'm just stupid 😄 thanks!

It's not a bad thought for a newcomer to security to have, it's just usable. Look into the CIA triad and how security requirements have to be balanced against business needs.

@odd acorn

hi

Hi , welcome 😄

can u tell me how to write the answer of "Which team focuses on defensive security?" this question answer is blue term but it saying incorrect answer

Blue team not Blue term 🙂

Also be aware that answers need to be in English

thx

absolutely unrelated but i'd like to inform of my new findings:
hot chocolate and sweet chili doritos dont mix very well.

I am working my way through the Sec Eng path right now. Is there a way to find what rooms that are meant for Sec Eng to practice in? Are the practice rooms more for Pen/SOC?

You have SOC1 and SOC2 path 🙂

Are there practice rooms for Sec Eng?

Yeah , they're 🙂

I would recommend you to ask these guys for a career/certificate advice https://discord.com/channels/521382216299839518/707992725646999553 🙂

alright thank you, i will move my message there

Gave +1 Rep to @weary meteor (current: #4 - 1935)

thanks

Gave +1 Rep to @weary meteor (current: #4 - 1939)

Hello guys

Hello , welcome 😄

Hello, Which learning path should I go for to be able to work at a company that runs a social platform?

If you want to break into cyber security , I would recommend you to start with Pre-Security pathway, you can check it on the link below 🙂 . What do you mean exactly when you say runs a social media platform 🙂 ?

https://tryhackme.com/r/path/outline/presecurity

I already finished the Pre-Security and Cyber Security 101 paths, now I don’t know I should study for Security Analyst or Penetration Tester.

The company is a startup that just launched a social media platform similar to TikTok and instagram. They gave me two months to be competent enough to join their cyber team

What's supposed to be your job inside that company 🙂 ?

The way they explained it to me, for now they’re really just trying to get a cyber team to deal with attacks and threats. Hence I can’t make up my mind on whether to go for Security Analyst or Penetration Tester

For a security analyst you can check out SOC1 pathway 🙂

https://tryhackme.com/r/path/outline/soclevel1

Is it better to start with SOC1 or Jr Penetration Tester?

one month for each is enough time to finish both soc1 and pentester, depending on the hours you can put in each week

Those are two different fields , if you want to be a security analyst and prevent threats go with SOC1 pathway 🙂

Thing is I have a full time job and I need to the money to survive, and I think completing the practical rooms would more time

SOC1 and SOC2 have practice rooms 🙂

Yeah? I always wanted to be a pentester but if I have to go SOC to grab the opportunity then I’ll do it, thank you

Gave +1 Rep to @weary meteor (current: #4 - 1962)

I want to prepare myself thoroughly, so i think I’ll go for more rooms before I take on the job

Yeah , best way to learn is through practice 🙂

Yes, so one month for the learning path, then the next month will be for practicals

Thank you so much for your help, I’ve made up my mind. I’ll work my way up to Security Engineer while working at the company

Yeah , take your time , learning + practice = best combo 🙂 . Good luck on your job interview and hopefully on your future job 🙂

Thank you, I’ll definitely keep you updated

Gave +1 Rep to @weary meteor (current: #4 - 1963)

Keep up the good work , I hope that will hear some good news from you in a month or two 😄 . If you ever need any help feel free to reach out here 🙂

You got it, first update will be on the 1st of February. I hope our time zones are not too far apart, I’m in South Africa

Fingers crossed for your job interview , wish you all the luck , study hard your work will pay off 🤞 🙂

Thank you for that, it’s motivating really🙏

Gave +1 Rep to @weary meteor (current: #4 - 1966)

M1 Air OR T440p Upgraded

For?

daily usage, maybe light gaming. mainly just for school

I personally wouldn't go for ARM for gaming

Analyst is probably easier

Agree with Jabba. If you're using it for school, you should look ahead at classes to see if they have any specific computer requirements such as minimum performance specifications or processor architecture requirements.

I got both already

just thinking if i need both still lol, i havent upgraded my T440p yet

Which language is easier to learn rust or java

Either. Learn what works better for your use case. I prefer java though

java

java for me

How many questions do you guys do per day? Need to set a new target

I just do the questions until my brain starts to fatigue. I spend a few hours a day on tmh

It depends on the day and the topic/room

sometimes 5, other times 65...

The entry level stuff, the stuff I alreadyn know.... it was almost 200....

There are Many factors.

It depends from day to day and on room difficulty . Don't set a number of question answered as a target 🙂

phyton

Koth requirements?

I think that you need to verify to access https://discord.com/channels/521382216299839518/695343809726513292 channel 😄

https://help.tryhackme.com/en/articles/6495858-discord-how-do-i-verify-my-tryhackme-account

If you want to access koth on THM web site go to your Account settings and change your Technical Ability description to Intermediate or Advanced 🙂

thanks

Gave +1 Rep to @weary meteor (current: #4 - 2006)

You get voted in by Community Mentors, for being helpful and respectful in the server.

Guys I am absolute noob, where do i start?

i wanna be a bad ass hacker

Have a read over #start-here

alright thanks

will i be able to learn everything or do ineed to buy premium subscription?

most stuff on thm is free

i see but advanced stuff for atually securing a job is paid?

good question, perhaps @south inlet has an answer for that

60% of the content is free, however you'd want to learn with outside sources too.

alright , could I know the outside sources i can follow?

Eh, I usually use which ever sources I can find

https://tenor.com/view/besos-gif-27336541

okie thanks 🙂 are you a pro hacker?

Hi everyone

I have a question

some of the rooms I tried , I got like 260 or 300 points , and in the chart some people can reach to 600 or 700 , and some times it's and easy room !!! what they do differently ???

I was just looking into this a few days ago. It depends on the type of room and how close to the release date that you answered the questions.
https://help.tryhackme.com/en/articles/6563910-points-explained

OH, so it's not something I do wrong !

I was kinda try to work faster !!

No, most likely the high point scorers got "first blood"

Well , I'm relieved now

thank you

np 😉

Those are "blood points". Whoever finishes the task first gets more points than everybody else 😄

Hi @weary meteor I'm attempting the Jewel challenge in the uploads vuln room. https://tryhackme.com/r/room/uploadvulns

I have uploaded my Js payload and I've identified the file using gobuster. Using http://jewel.uploadvulns.thm/admin I tried executing my payload using ../content/<filename>.jpg but I am getting a module not found error

hi everyone :)
just a question:
if i need to make a crypted folder on my desktop (windows) what should i do?

hmm make 2 forlders both with the same thing in it and make 1 of them more look like it is correpted so change the ting a bit and done :)