#quiet-conversation

Hello everyone,

I’m currently looking for a tutor or mentor who can help me improve my skills in email penetration testing, phishing techniques (for ethical purposes), and general ethical hacking. I'm serious about learning and would appreciate guidance, whether it's through private sessions or structured lessons.

If anyone is offering tutoring or can point me in the right direction, please DM me. Thank you!

What's email penetration testing?

Probably a dumb question....Anyone can confirm that ctfs like The Sticker Shop
https://tryhackme.com/room/thestickershop

can be expected for OSCP?

hello guys, is this a place where I can find charge-free helpers/advisers about certain hacks?

For OSCP advice try to ask guys in #cyber-and-careers channel 🙂

Wdym by that ?

like can you please tell me how i can hack a feature, without me having to pay you to do so?

We don't do that here , we aren't hackers for hire

yes i know you dont do games..

why mention ''hire'', tho?

Joo has already told me it's not about working on / hacking games. I understood it

That is insanely easy compared to OSCP standalones.

Hello guys. I just started my cybersecurity journey two weeks ago. It's been daunting to be honest. I'd like to connect with like-minded fellows. Sharing insights, tips, new updates, helping one another grow, teaching and also learning from one another. Tutors and mentors(if possible) to be able to make this journey less challenging. Send me a message if you'd like to connect. I'm in Georgia, USA if there's also the chance of a physical connection. Thank you.

Hey just added you now bro

Ok bro

Sent you a message

Really? I couldn't find tutorials or write ups that follow the rules and regulations of the exam. ||People were using AI to make a script to exploit that vuln||

Can't use AI in the exam, and yes, that is insanely easy compared to OSCP... which is saying something given OSCP is entry level.

If I want to make a similar script..I do it manually with any language of my choice? Are there any other ways to achieve something similar other than scripting manually maybe with any tool?

I mean, not really? You need a language which will execute in the browser, bearing in mind you don't have full control over the application. JavaScript is realistically the only choice.

As far as automating that goes, yes, probably, but the JS required to exploit that is less than foundational. It isn't really worth the time building a tool for it.

Why would people make a TryHackMe writeup for an easy room that would follow the OSCP (From offsec) rules and regulations?
They are not related in any way.

You just need basic JS knowledge for this room. I personally did not use any AI tool. This is how programmers have been doing for years before AI, but people now just use AI mindlessly.

At the end of the day, remember that "hacking" is just abusing flaws in a system. You need to understand what you're looking at. You need to understand how programs work. How infrastructure is built. When you look at an app like that, you need to understand how it's likely to be architected, how the software stack works, the locations where it may be hosted, the kinds of flaw it may be vulnerable to -- and how those flaws may be implemented in the code, etc, etc, etc.
The most important thing for a hacker is mindset. You need to want to learn everything. Don't shy away from building knowledge in foundational topics. At the end of the day, that is far more important than knowing how to use hacking tools.

Hey all, if I'm in the wrong channel for this, let me know, but I came across Digital Forensics Examiner as a potential career, but it doesn't come up on TryHackMe as a path. Does this fall under something else?

@frail vault I sent a message to you via email for a week now but I am yet to get a reply from you. I was enquiring to know how I will subscribe to your business plan for my students.

You are talking to a bot.

You mean your email is a bot

No, you are actually talking to a bot. @frail vault is a bot.

It won't respond.

Hello I'm Carlos and i am a computer network administrator and cyber security consultant and analyst for 12 years now my certs are

CompTIA Network+ and Cisco certifications like CCNA and CCNP also (CEH)

I'M here to be of service and answer questions i am also looking for recommendations or to download any type of .apks of any good ethical hacking apps to add to my collection apps or hacking tools apps and or exploits my DM is always open

Thank you and you're welcome

Gave +1 Rep to @winged nymph (current: #2853 - 1)

My bad!
Thank you

I have a 2-year gap after graduation. I am unemployed. I'm having a tough time. This is my first time here. I don't know if this is the right channel to ask for help. I started learning defensive and did a one-month internship. I recently started learning Web application Pentesting, and it's so exhausting. I am feeling like quitting cyber and starting something fresh.

pentesting is difficult and rightly so, theres a reason a lot of people tend to start with IT -> Blue team -> Red team; in either case there are so many niches in cyber that you are bound to find yours, stick with it and keep showing up to train/practice/learn

Whats the reason your motivation is wasted? What keeps you away from trying? Explain your struggle some more, maybe i can give you some motivational adivce ☺️@north roost

I started learning web app pentesting using PortSwigger Labs, even though I am also following a playlist. Now, when I started reading the book "Web Hacking Arsenal: A Practical Guide to Modern Web Pentesting" by Rafah Baloch. It made me realise there's so much data, so many commands, so many recon steps and whatnot. After reading only 2 chapters. I now just don't want to continue. This is so frustrating. Even knowing that in the end, the steps that have been mentioned within the book are nothing but reality.

“Hey folks, I’m diving deep into cybersecurity and ethical hacking. Currently going through Python Crash Course + Linux. Learning daily, building tools, and aiming for bug bounty/CTFs soon. Looking forward to learning and contributing!”

I am looking for a mentorship because i am confused what to do next?

You want to make a living with bug bounty hunting? Then go try find some bugs! Wanna play CTF? Go play and c what you do not know yet ..and then learn it, so next time u know better {SIMPLE as that} 🙂 btw what tools are you building? where can we c them?

We are at same place

Bounty will be hard to win

remember: "a journey of a thousand miles begins with a single step" @smoky robin was asking about the next step, and that is always a single step even if you feel that'll be a long way 2 go.. all it takes is to figure out where you stand now, where you want to be in the future and what exact steps might be in between 😉 usually it begins with just starting. don't think - act

Ok thank you

Gave +1 Rep to @oblique laurel (current: #2857 - 1)

Who here uses or has used vulnhub? I don’t know how to set up an environment for practice. Please help

You download it?

make sure to set up your air-gapped network before attempting to hack anything from vulnhub

😉

Something seems wrong, leagues have been out for 4 weeks, how come you have all 5 badges?

Were you also one of the people with 2 league promotion bug?

Oh nvm, looks like you don't have any of those badges.

if i get promoted to one league to another and don't get the badge then is there any way to get that particular badge later?

yeah , drop to that league again and be the #1 for that week 🙂

nice

it mentions "play 2 rooms to join", if i dont join that week do i demote

My guess is yes.

I have also experienced that bug twice for both Sapphire and Diamond. Its probably time related, i got a badge for Sapphire and it got unlocked after ~3 hours.

Hello

We don't do that here

Btw @quaint basin I just redid Wreath to practice, 10/10 room

i just made it to Sapphire League : D

i have only the diamond badge but i am stuck diamond

ok and I already have the sapphire badge

Nicely done!

V nice, I lost my 100 day one

Are you referring to your streak? Did you lose it recently? If you did, you can ask THM Support to restore it for you.

It was a while ago

Just started watching a video about TOR vulns that popped up on my feed. No idea who this guy is or if he's trustworthy but his beard is glorious

It's like some sort of bald Gandalf

I've seen him before but I forgot the name

Send me the yt link pls

Sure

https://youtu.be/ooNmubCA680?si=q5Glynqf4fCxBjA-

As I said, idk this guy so do not blame me if he says smth wild or false

I'm still watching it

You passed 5 leagues in 4 weeks? This should be the badges list page, not the earned badges page.

Yes, I just have the Diamond League.

hey @stable charm can i DM u cause i see u was FR because i will sometime need , like some help

yes no problem

Dude used to run an illegal darknet market and got jail time for it (his channel even used to be called "DoingFedTime"). Now, he spends his time and energy trying to help people understand and increase their security and privacy. And yes, his beard is downright incredible lol

EDIT: by "illegal", I'm referring to the same sort of market that got Ross Ulbricht locked up, just on a much smaller scale. At least, that's what I'm remembering, it has been ages since I watched his videos

Great job , keep it up 🙂 🚀

Beard = professional at his work and know what he does

Hope I can reach you too in case of any problem I’m a beginner

Hey
Is there anyone who does web app pentesting or bug bounties?
I am looking to form a team where we can engage daily, learn, grow and get that future job we aim for.

Yeah , there is . Check out #bug-bounty channel 🙂

Thanks!

Gave +1 Rep to @weary meteor (current: #1 - 4848)

Hey everyone! I’ve started my journey into cybersecurity—so far I’ve learned Linux file navigation, basic networking, Nmap commands, and how to use Wireshark for stealth scans. Right now, I’m diving into Linux privilege escalation. I’m looking for a mentor to guide me along the way!

Good luck!

Id recommend boot to root challenges, try to do as much as you can by yourself, once you hit a point where you hit a wall, open up a write up on the challenge, but read it only until the point where it gives you a hint where to go from there. Repeat until done

Hello friends,
I am can anyone please help me understand if pursuing
A triple Bachelors in

1. Cybersecurity
2. CyberOperations
3. Cybersecurity Policy and Management.

Is it possible to get a better entry level job, obviously along with the other necessary certifications and Internships in the field.

a triple bachelors?

you mean three degrees?

besides, all of those topics likely come under cybersecurity as a whole

Yes three degrees, so more in depth studies.

do not try to do everything .. do one thing well 😉

deff get something refurbished

wayy better price for performance than something new

Not gonna lie, it's disappointing to see previously free courses get turned into paid courses

Where?

Intro to LAN
Linux fundamentals 2&3
Wireshark: the basics

They were free rooms a year ago or so, I recommended them to a friend along with some others and these ones are now premium rooms.

Yes, rooms get switched about now and then.

I mean I get that, but it's just disappointing. Especially when they're pretty basic introductory rooms

comnmunuty

<@&612305984752451594>

Thanks , he is removed 🙂

Appreciate you

Hey @weary meteor a while ago you recommended me codecademy for python. I was doing burp academy up until a couple weeks ago then I started python and i have finished the basics now it seems reasonable to go on to finish intermediate but I'm not sure how would I go about writing scripts for cyber. Do you maybe know any sources on that? So far it has really improved my understanding of it

Glad to hear that . THM recently released about making custom scripts in python , check it out 🙂
https://tryhackme.com/room/customtoolingpython

I did already, i guess exercising it more would be good and looking at at the libraries documentation couldnt hurt either.

Congrats on becoming a mod btw

Thanks 🙂

Gave +1 Rep to @surreal quiver (current: #980 - 5)

Anyone tried to use Tails OS with Ventoy?

Yeah i dont think that works, at least not the persistent storage bit

but its not recommended:
"Tails recommends against any and all non-standard installations, including multi-boots and things like Ventoy. Tails may not work as intended and it exposes your installation to malicious and accidental interference. In short, you would not be able to trust it."

it's just better to follow the installation instructions for TailsOS

As a side note, Ventoy is also subject to some controversy right now.

Something about injecting known malicious root certs in PXE Windows installs (iVentoy, rather than the USB installer, although people are questioning how opaque its source is).

https://www.reddit.com/r/sysadmin/s/ybr9QWyWVJ

oh damn that sounds bad

.... but are there any competitors to what ventoy does or is shadow basically stuck with it for their backup install linux iso and memtest86+ usb stick???

who knows about evilginx

The person?

Or the framework? If it's the framework, what are you trying to do?

the framework

i'm trying to learn about it

Hey! Anyone go through the Cybersecurity and information assurance bachelors program with WGU? I’m thinking of going through with it. Thanks to THM I like.. love cybersecurity

https://www.wgu.edu/online-it-degrees/cybersecurity-information-assurance-bachelors-program.html?query=quiz&refer_id=ga-1-589512227648-98479532353&ch=PDSRCH&strala_kw=wgu+degrees&strala_mt=e&strala_dv=m&strala_pl=&strala_nw=g&strala_ap=&s_loc_physical_ms=9033187&s_targetid=kwd-297286709498&gad_source=1&gad_campaignid=1019539613&gclid=Cj0KCQjwrPHABhCIARIsAFW2XBNrKd0EBV8V_O4R1QmDyZ8OU0zYMOrl9XjTSFTMqtawqIrZz2pS2MUaAkhxEALw_wcB&pa=pa02&cb=pb07%2C+pb08&xa=xa02&xb=xb01%2C+xb04&xd=Security+and+data+protection %2C+Data+analysis+and+decision+making%2C+Websites+and+applications 

Want to know if it’s worth it/respected? — or if I should just get net+, comptia sec+ and sal1 and network my way into a job

I don't know enough about WGU or the cybersecurity industry to give you a solid answer, but as far as certs and networking vs a bachelor's degree in general, it depends on what your goals are.

Do you want to just get a job in a specific industry? Then go with the certs and networking and working your way up. It will be much less of a financial burden and you'll gain a ton of experience in a specific field. But that comes at the risk of pigeonholing yourself in that field and possibly having to work harder and longer to get to where you want to be than you might have expected at the start.

Do you want to be exposed to a wide variety of subjects and perspectives that you can use to grow into a well-rounded and adaptable human being that can see the bigger pictures? Then go with the Bachelors if you can afford it (or can get a scholarship or can deal with the crushing student loans).

Keep in mind that my advice is biased by the fact that I have 3 Bachelors degrees and worked for 10 years between the 1st two and the 3rd in an unrelated, blue-collar industry where certs and networking are just as if not more important than any degree...🤷‍♂️

Thanks for the advice. Definitely shaped my perspective on the matter!

Gave +1 Rep to @turbid wasp (current: #854 - 6)

I did this, took me 2 years. It taught me theory, but not really experience. It will primarily take you through the path of acquiring your CASP+ through CompTIA, with a couple of other certs along the way. A+ was, in my opinion, the toughest besides the Capstone as I knew nothing starting out, the layout of CompTIAs exams can be intimidating, and there are two exams to pass (at least when i did it in 2022). It's great, but don't believe the people that did it in 6 months, some of those courses are outright exhausting. My recommendation is save your money and study with Professer Messer for free for the A+, Sec+, and Net+, then when you feel ready to take those, start WGU and steamroll through the prereqs and those beginner certs to save time.

Really insightful! Thanks for that. I really like the sound of that too, not that I’m in a rush, but it definitely sounds more appealing to get the entry certs out the way.

Gave +1 Rep to @cinder lotus (current: #1144 - 4)

.

bruh

Anyone got any opinions on OffSec. It’s expensive and i want to hear from you all before hopping on that.

For a certification advice , try to ask guys in #cyber-and-careers channel 🙂

Thanks KGB!

how important it is do you guys think that you remember very info-packed/non-task based rooms such as governance & regulation or red team engagements?

Knowing laws and regs is important in every aspect of everything, but, as for the rest I've just been taking notes and referencing them we needed vs trying to remember it all. Same for some of the task based stuff too. It's a lot to remember

Important, seeing as staying in scope is a core tenet of staying out of prison.

guess im gonna have to revisit those rooms once in a while

Or you could make offline notes with notepad or MS word

I make notes for almost every room I complete

I take notes for everything I do.

Exactly, very important

Some details will need to be taken down somewhere

Oh Jesus, you're gonna have fun searching those in a few months

I was skeptical of using things like OneNote, but it’s actually been nice as I’ve kept things organized and it’s been easy to look things up

I also take offline notes for everything how else would you do it, it all seems important and its not easy to remeber everything. I mostly know where to look when I need something. Also making a page or 2 of main notes that you know you are gonna need and use also helps

It actually makes searching for stuff easier if you organise the topics properly

and when the key is fixed, I want to play Russian

I have a 500Mb notebook. 4000 odd pages built up over the last few years, and it grows constantly. Give it time and you will too.

You're going to struggle to search that if it's in a collection of word documents.
Text (MD) in something like Obsidian to manage node relationships is pretty common, although you may run into problems when you start storing anything malicious related to Windows.

Personally I would go for something hierarchical. The tree structure makes it easy to follow down from high level topics to more specific branches. That's me though

And yes, OneNote falls into that category. My intern last year favoured OneNote. Worked well for them

Not sure how well it scales granted, but you'll find out I'm sure

I use OneNote in Uni for taking really quick notes, I could load up the lecturers pdfs and then use my graphic tab to take notes quickly during, them import it to trilluim.

oh nice one single file with information about everything you do .. what could possibly go wrong m(

I don't have to solve the same problem twice?

yeah and one additional problem: protecting that file 😄

with common sense you can get very far

i stick with "what I don't have doesn't cause any trouble" but i wish y'all good luck 🙂

Sure, you can have physical notes too and lock them in a safe or sum

Me personally I don't write absolutely everything and prob neither do Scrubz, it's mostly just stuff for learning purposes or maybe some plans or exam days

sounds like you are well educated and with that comes good decisions about those things 🙂 what exam are you taking?

Yeah, that's going to severely limit you in this industry. There's far more to know than you can keep in your head.

Be sensible. Keep notes encrypted. Etc, etc, etc.
But one way or another you're gonna need to take them lmao.

As Scrubz said -- you never want to solve the same problem twice. Especially complex problems which can take weeks and dozens of fragmented resources to tackle.

4n6 likes that d-_-b traces everywhere 😛

besides, you are right. i train my muscle memory and use manpages or history and logs. if i need to write down specifics i use a sheet of paper and later burn that

all i wanted was to raise awareness that's all 🙂

Raise awareness for... what... exactly? Data breaches? Yes, they happen. The solution isn't "don't keep data" though lmao

By all means, rely solely on your muscle memory and manpages (or your generally unencrypted raw data sources), but you will end up losing things 😆
e.g., I don't need to backdoor an ESXi hypervisor every day, but I sure as heck don't want to redo the research into how to do it the next time I need to -- whether that's next week, or in two years.

Hi everyone, I've been studying on tryhackme for a few months now and I've finished the free course. Does anyone know if there's a chance to get a discount on the monthly subscription?

There's a discount only on annual sub at the moment 😦

oh ok @weary meteor

@weary meteor just a question. I've had problems on the "silver Platter" room. I think the VMs aren't working properly. Where can I report the problem, since I don't have permission to write in the #room-bug channel?

what didn't work?

How ?

no ping on the machine and i can't see the website

Can you provide a shot ?

#site-support please

ok

You want to share notes and fixes for that? Lol

What, backdooring ESXi? No chance

😭

Is there a fix at least?

Just reversing it lmao
To clarify, I'm talking tradecraft, not 0days.

Gotcha

Done!

That was extremely fast lol.

https://tenor.com/view/test-gif-2341822946696656132

Is there anyone ?

i need help

Try to ask in #room-help channel 🙂

i messeged you because you see know more then anyone on here

hi

Hi hi

Something recently went fucky on my windows, it wouldn't boot. Troubleshot some stuff from the boot sequence, set it to auto repair the disk, and it worked. Anyone know if any logs are made? (I'd love to go through them if they are)

hi

Maybe check the event viewer? Otherwise check if there's any boot logs. I don't know where they're present but there ought to be

Wrong server for that.

wssup

yo, does anyone know how to spam someone on gmail, I would like to test it ?

This sounds unethical

litle

However, if this is inappropriate, I apologize for the question and do not expect an answer

it is. 🙂

😂

anyone have open dms

Why?

just a question

Fair enough, I meant what would you like to speak about?

Anybody here that can pull a wifi pass from a handshake capture for me? My hardware isn't ideal and I have time constraints

Why?

I'm having trouble finding the right community to ask tbh.. I have commercial space with devices containing creds from an old SSID and need to migrate them to the new network. These are permanently installed and I cannot access for hard reset. My only hope to interface with them is to obtain access to the existing AP before it is powered down

This isn't really the server for that.

What is? I'm not sure where the best place to ask is

Wifi hacking is reserved for our advanced channels.

That doesnt really help me though...

Sorry to hear that, doesn't change my answer.

Good morning!

Mornin mate

which type of kali linux i should download as a beginner

Latest version

installer machine or virtual machine

/what is difference between installer machine and virtual machine

bro i send pic to you personally can you please see it

i would recommend you to use kali as a vm

ok

can send send me the how it look like

yoooo wassup hackers

you have an official guide on the link below
https://www.kali.org/docs/virtualization/install-virtualbox-guest-vm/

minimal would be fine, if u have a strong pc i suggest a VM

https://www.kali.org/get-kali/#kali-platforms

how is it bro

hoe to download bro

ma man just watch a youtube tutorial

there is a guy called david bombal

ok

you have everything explained there , read carefully

You dont have to spam it

The first word lol

No offense but if you're struggling to figure out how to download and use a Virtualbox image, you might need to work on your IT fundamentals first and foremost. I know it seems boring but without a strong IT foundation, it's gonna be very challenging for you to get into anything related to cybersecurity.

Even if you don't plan to go for the certification, running through a CompTIA A+ course (even free ones, such as Professor Messer's courses for the A+ 220-1101 and 1102) would be very helpful in getting you up to speed on what you'd need to know. Once you figure all that out, learning the fundamentals of Linux, getting comfortable with advanced Windows (power user) features and basic networking would be extremely helpful. I have all those skills but still struggle with some cybersec concepts/tools, so yeah, you definitely need that foundation.

Also, if you're using THM for your cybersecurity training, it's perfectly acceptable to use the AttackBox VMs. I have Kali set up in VirtualBox but still just use the THM AttackBox for ease of use. Having Kali set up in Virtualbox would be helpful for practice, though. You could also set up Kali as a CLI within WSL if you're using Windows, but I wouldn't say that's the ideal setup unless you're an advanced user. If you happen to be interested in doing that, though, Networkchuck has a great video on that https://youtu.be/vxTW22y8zV8

On a different note, what do y'all sip on when learning or working? I'm a huge teahead, I drink all sorts of tea. I tend to prefer Japanese teas but I do really love the variety present in Chinese teas. I'm a massive geek about that stuff, could ramble on for hours but I won't unless someone else here is also a geek like me 😂 But yeah, just curious if anyone else gets a boost in focus from anything!

thank you bro for your great support for begginers

Happy I could help! I'm still a beginner myself (in terms of cybersec) but I try to help out when I'm able 🙂

can i message you personally for any douts

Well, like I said, I'm far from a pro, I'm just a little bit further on the journey. Probably best to just ask things in this server if they're relevant 🙂

for a begginnner only begginer can help

check out #start-here

I honestly can't sit down and learn/work if I don't have matcha or coffee with me

thank you bro

Nah, anyone can help, but when you ask for help, definitely give some detail on approximately where you're at in your journey so people know what sort of things to tell you

Matcha is fantastic for focus, at least to me! I have a heavy caffeine tolerance so very little aside from matcha and some pu-erh teas actually hit me. Even coffee gives me no noticeable effects haha

i will start in a few days ahead of my exams

Take your time, no need to rush things. The stronger grasp you have on the basics, the easier it'll be to not only tackle the challenges of learning security concepts, but it'll also make it easier for you to ask for help when you need it

is these job is worth

Depends on what you mean by "worth it". Keep in mind, what I'm about to say is just what I've heard and seen in my own research, it's not based on my own experiences. The field of cybersecurity can be a very lucrative career. Pentesting, for example, can make you a six-figure salary (in the US) but you also have to account for your own experience, skills and education. In other words, someone at entry-level will not be making nearly that. I've been on the lookout for entry level helpdesk positions for myself and I've noticed an annual salary range of around $32,000 to $45,000 for most of the positions I checked. Also depends on location.

As for other possible ways of defining "worth it", I know that as you advance in the field, there's more opportunity for remote work, flexible hours (that is probably most true about red team types of positions), and so forth. If you love tech and are passionate about the concept of security, that can definitely ensure it's worth it.

At the end of the day, only you can really answer that question, but for me, I felt it was definitely worth it

That's a little low for helpdesk, but that could be regional because that's a cheaper area to live. info/cyber security is not entry level to IT, and pentest is not entry level to security roles. Realistically, you need at minimum 4-5 years of experience because an employer will be willing to trust you with pentest unless you have degress or other relevant qualifications.

Even then, getting OSCP without having work history is not likely to land the coveted pentest role.

thanks for clear cut vision of cybersecuritu bro

Gave +1 Rep to @toxic lagoon (current: #860 - 6)

It probably is but I've never worked in IT before, and I can only work remotely (I live in a small town with next to no businesses with an IT department), so I'm willing to go for a lower wage if it gets my foot in the door and connects me with potential mentors. Wouldn't turn down higher wages if I find them, though haha.

And yeah, it definitely will take a reasonable amount of time to get yourself to the point of landing a position that you really want. At this point in my own career, though, I just want to get my foot in the door like I said. I learn best by doing, so it'd be very helpful alongside working on THM

Hey guys 👋
Can you help me to solve this lab
https://tryhackme.com/room/techtrixctfevent

I'm struggling in task 3 & 4

If I don’t have coffe or anything I just start getting hungry after a while

Idk if I’m weird but Coffey removes hunger for me

#room-help

I checked the link the user shared and it seems to be a private room.

We can't help with private rooms..:)

Hello, I need help, I have a friend who was fooled by someone on Instagram, we know that it is probably someone from high school except that the person cannot file a complaint without proof and does not want to go to the police. I have a few photos (profile photo, and post on TikTok) but the reverse search on Google leads to nothing.
anyone have any advice?

Sorry we can't really help you with that in this server.

Do you know of another server or solution?

Ethically speaking, no one can help you besides the local authorities.

ok thanks !!

Gave +1 Rep to @strange plank (current: #65 - 140)

Hello everyone,

I'm currently working through the "Linux Fundamentals Part 2" room and am encountering an issue while attempting to SSH into the target machine. The instructions indicate that the username is tryhackme and the password is also tryhackme. However, I'm receiving an authentication error upon login.

I've ensured that:

The target machine is properly deployed and running.

I'm using the correct IP address provided in the room.

The SSH command is formatted as ssh tryhackme@<IP_ADDRESS>.

I'm entering the password exactly as specified, noting that there is no visual feedback when typing the password. It is just saying access denied

Could anyone provide guidance or share their experience with this issue? Any assistance would be greatly appreciated.

Try to ask guys in #room-help channel 🙂

hii every one can any one help me about https://muquestionpapers.com/ i am a college student i want to download PYQ i don't know why my antivirus detect this website as a fraud

can any one telll me if i access this website what possible thing gona happen

yall u got any good but cheap wifi dongles for hacking(15$-25$)?

PYQ? Also, if this is related to any college assignment, folks might not help as assisting with school assignments isn't encouraged here.

WiFi hacking is for advanced channels

PYQ = Previous Year Questions. Dude prolly want help downloading some

This has got to be the best help request i’ve ever seen

Almost didn’t recognize you with the different pfp lol

Hi gys

Ok thx

Gave +1 Rep to @weary meteor (current: #1 - 4977)

This where I ask questions?

Depends which question 🙂

It's bout tryhackme learning curve

There's this question I'm stuck at dunno if it's from tryhackme or I ain't seeing it well

Try to ask it in #room-help channel 🙂

Anyone here ever watch K-drama? If so, have you seen any related to cybersecurity or tech thriller in general? My favorite one (Extraordinary Attorney Woo) has a two-part finale centered around a case of spear phishing against an online retailer, causing a major data breach that leads to the case where the two rival law firms battle it out. Those episodes were actually part of what led me to think about cybersec as a career change

Ohh.. I do. Haven't watched that one yet though. There was an episode on Start-Up that touched on a cyber attack but it was just a brief one if my memory serves me right.

Nice! Start-Up has been on my backlog for a bit, I have to be careful with K-dramas because they are addictive and suck away all my free time 😂 But yeah, if you get the chance, definitely check out Attorney Woo. The finale is great because of that case and everything comes full circle. Some of the best writing I've ever seen in a TV show!

Also insanely wholesome throughout. I was aware of some of the struggles that people with ASD deal with but that show helped me understand things quite a bit more

On the subject of relevant entertainment, anyone else here really love the Watch Dogs games? Nowhere near as realistic as games like Hacknet (also a great one!) but the combo of techno-thriller storytelling, geek and hacker culture references and generally solid open world gameplay is a blast, in my opinion!

The last once I've watched was IU's drama (as you can see in my discord pfp). 🤣

I'm still pretty inexperienced with K-drama so I'm not sure who it is to be honest 😅

Oohh.. do check When life gives you tangerines.. it's focused mainly on family though..

Thought of sharing a URL, but the last time I did that, I got a timeout 🤣

Haha no worries, I've actually seen that title before but haven't watched it. And I don't mind the family focus, as long as it's not an overly mushy romance story I can generally give it a go haha. Speaking of good ones, check out Castaway Diva when you can. Also has Park Eun-Bin from Attorney Woo and it's equally well-written, even has her singing many times throughout! If links get you a timeout here, and you're interested in hearing that, search "Park Eun-Bin Someday"; I'm partial to her "Beyond the Studio" live performance but any of them are great haha

@regal heron I've already asked you not to advertise your media.

We cant no

:hammer: testmewanker_00739#0 has been banned.

[BAN] User left the discord server.

They are a lot of fun, but I kind of wish they would show the effects of the dystopian parts

We are just sort of told that they're evil without witnessing it

Tbh in 2 they do have a lot of side and main stories that show it but we don't really see it in the world

Same with Legion where it's apparently a militaristic takeover but protesters can literally set up camp in the streets without getting arrested

I do really enjoy the gameplay mechanics though

The dystopian parts of Blume and such? The first game did do that with the privacy invasion minigames and such, that was one feature I really wish they would have kept in the sequels. The second game did have some moments like that but usually only as part of the main story.

I also think part of Ubisoft's reasoning for not going too hardcore on the dystopian aspects was because then it'd really feel like a cyberpunk franchise. I think they wanted it to feel more like "GTA if people could see what's going on", so to speak. But that's just my guess lol

Just finished the 3 games

I love it

Nice! I still haven't played Legion yet but the first two games are among my all-time favorites

People say the first two are better but tbh i liked it

Yeah, I did play a tiny bit of a free trial one time, I can see that it'd be fun. I think the reason people didn't care for it as much is the lack of a solid protagonist. I think Ubisoft would've done better to have had either Aiden or Marcus (or an equally great main character) in Legion but with the ability to switch out to random characters for certain missions and such

Yeah it was a bit unnecessary to design the game in the way that you can hire people and add to your team

But overall i liked the story

I mean, I get where they were going, the concept is cool but shouldn't have completely replaced a proper protagonist, not in a game like that

Yeah i agree

But you get to play with aiden and wrench when you buy the dlcs😂

Haha yeah, whenever I get to Legion, I definitely plan to place the DLCs! I just hope Ubisoft considers reviving the series at some point (as long as it's looong after they get their act together)

I’m waiting till they put it on sale tbh,m😂

On the subject of solid hacker games, one that doesn't seem to get as much attention is NITE Team 4. Instead of playing as a black hat or hacktivist, you play as a cyberwarfare specialist for the US military. Definitely a pretty darn interesting one! It's also part of the larger "Black Watchman" ARG, though you don't have to play that to enjoy NITE Team 4

I will give it a look

Anyone have any tips / ideas or ways to choose a thesis topic?
I am majoring in Computer Science with a specialization of Big Data at a Hungarian university
I've tried to make a thesis this year, but I chose the topic before I knew what I wanted and it was so dreadful and uninteresting for me that I couldn't finish it

We don't help with acedemic work.

Just tips for finding my topic

Your topic is your idea.

That's the whole point of the thesis.

There is nothing wrong in asking for help and searching for inspiration imo

There is if it's against our community rules, and possibly your own Student Code of Conduct.

Well is it against rules?

And it's not against the rules at my uni, I'm free to choose my topic

It's against our rules to help with academic work/projects.

It is not direct help, I'm just looking for suggestions on a way to make my own findings for someone more experienced in this

But if it's still against the rules, then I'll delete it

@rocky edge How about Dynamics of foot traffic manipulation in relation to strategic pinpoint signal jamming? IF you're going to break a rule might as well make it worth it

Thought experiment involving computers.. How can you tell in a browser you are watching something .. Right now my logic is as lame as "IF you spent X time on a Y min runtime and X >= 75% of Y then youw atched it.

It's interesting, but rather specific. How would I get data for that?

The same way you get to carnagie hall?

Did you not see the full previous conversation?

I don't think we can help you on this one, sorry.

I don't know if this is the proper way to send feedback

In the (i) menu below splitscreen machines it explains how to open clipboard on attackbox but I feel it should also include how to open it on windows machines (ctrl+shift+alt on windows / ctrl+shift+option on mac)
Could have it automatically detect if it is an attackbox or windows but honestly it would be easiest (and probably best) if it just said in writing:

• On windows web-based machines click CTRL+SHIFT+ALT or CTRL+SHIFT+OPTION on Mac.

Try to send it to #feedback-and-ideas 🙂

hi

what is the syntax of ping 10.10.10.10

First of all watch on your language ( swear words / slurs aren't allowed here ) , second - try to describe your exact problem maybe we can help you 🙂

Well it is
ping 10.10.10.10

it is a code ij the tryhackme

I'm not exactly sure what swear you're referring to but good to know mods are monitoring the net and this is not a place to have casual conversations. I will seek fellowship elsewhere.

?

Bro is quitting THM

My Mistake

You know when I first joined this server I just assumed you were an undercover mod. Congrats on the uncovering ❤️

Well he is the KGB

some italian here?

Here you go

@granite crest .....heaven

That looks awesome.

Oh, no, that's a stock image

Just wanted to make the joke

It does look good though

Hey guys! I just did the “The Hashing Basics” room and I’m confused about this. Please help me out!

When decrypting a hash using hashcat, we use the command
Hashcat -m <hash type> -a <attack mode> hash file wordlist

So my doubt is, how would I know what type of hash it is? Even if I check the hash using online platform such as hashes.com and suppose it says, sha256…..there are like hundreds of those hashes on the example page of hashcat

So how should I approach this?

(I’m currently doing the Cybersecurity 101 path and I’ve did it till John The Ripper Room)

Like what values after -m should I fill? How to figure that out?

your best choice now is to open the hascat page , do 'ctrl+f', enter the first letters of the given Hash, generally with this approach, you can get the exact type

That doesn’t work. I tried that during the task

And even if I identify by their prefix, for MD5, those prefix don’t work and it gets harder and harder to shortlist

i like this new feature

You could try to use tool called hash-id , it can help you detect tge hash although it isn't 100% accurate all of the time

I would like to ask, is it really useful to learn cryptography in information security? I feel that in modern times, passwords are hard not to be cracked if they don't sacrifice performance like ORAM or mix in useless information

Ohh, okay, I’ll try that
Thankyou

Who can teach me how to code?

Check out freeCodeCamp on YouTube 🙂

But can’t you just teach me on YouTube I already tried and I can’t understand

Learning coding is a life-long process

Mee tooo,i m with you mahn

I thought the same too

hi im interested to find cybersecuirty jobs and research works anyone can share info

Try to ask guys in #cyber-and-careers channel , they will give you some great advice 🙂

hi ppl :]

Hi , welcome 🙂

Hi

hi , please I need support in the Public Key Cryptography Basics last exercise , I am running gpg --decrypt confidential_message.gpg but i only get no such file or Directory

I tried the backup kay but same result also

I double checked the files and there are there in the right Directory

#room-help

Hello all, I want to know how hashing work (types like md2),

and it is (theoratically) possible to make hash to certain text by hand without the need for any electric device? (The word 'World', for examble).

Thanks in advance.

*example

Alrrr so hashing basically turns any input like ur "world" into a fixed size, unique looking value using sset algorithm (like MD2).

MD2 pads the input, uses a lookup table, and performs many byte level operations with it.

Yes, you can do it by hand, but it will be VERY slow and painful as fuck you'd need to follow the EXACT steps carefully and do many small calculations that NO ONE ont his planet wants to do

You can learn it on the link below 🙂
https://tryhackme.com/room/hashingbasics

https://www.reddit.com/r/tryhackme/s/46lTbFOjxE

Guys where Can I find more info on this one ?

as it says more info will be provided today 🙂

@covert remnant @weary meteor Thanks!

Gave +1 Rep to @covert remnant (current: #403 - 16)

Np :)

yo, instead of notion/ obsidien, where do u people save notes , commands, etc...
tells as if there is a better alternative 🙃

github/gitlab

i save it on onedrive but i wanna move to github

for noting, do u open a github page on a browser and start noting ? or u do it via cmd?

write notes in neovim then sync with git

but if you want more or less all in one solution triliumnext goes far

thanks, i will try it and see if it's suitable with me

Gave +1 Rep to @soft pier (current: #4 - 2151)

Does anyone know the best resource to learn how to code in python form a cybersecurity perspective?

would point at the book named black hat python

@soft pier thanks for suggesting

Gave +1 Rep to @soft pier (current: #4 - 2152)

check out freeCodeCamp on YT 🙂

I’ve done freecodecamp before it’s just that it teach it from a cybersecurity perspective

Check these resources
https://tryhackme.com/room/customtoolingpython
https://tryhackme.com/room/pythonforcybersecurity

Absolute legend. @serene trench

you know the score 😎

brilliant show

guys i have basic knowledge of python but i am not able to make scripts so i uses ai and do some little change and use it so can you guys tell how can i improve my python script creation or use ai?

find something you want to write a script for, and dont use ai. if you are unsure of something, look it up and read the docs rather than use ai. not only can it be wrong, but you learn good lessons from reading the docs

Improve your problem solving skills.

Work through a problem, top to bottom, of the steps needed to solve it. If you are just sitting down to bang on the keyboard and hope a script comes out, it's no wonder you have difficulty scripting.

Are you familiar with what 'tech debt'? It's worth looking up if you don't know.

Juun good piece of advice

Hey guys just a quick question - is Kali Linux still the recommended distro for ctf and pen testing? Anyone running parrot? And also, how? Bare metal or through a VM?

I'm trying different things just trying to find a good workflow so keen to hear your setups 👍

Personal preference tbh

Run what you like, don't listen to randos just screaming and fighting over distros. You see something you like? Go for it, enjoying your time is what matters.

Also ye I use parrot and kali, in VM. And I prefer Kali at least for now

Amd digital ocean for VPS

Thanks mate I appreciate it.

What do you use the VPS for?
Ive got a hetzner VPS sitting there monitoring my home lab with wazuh but not sure if I could be doing more with it.

Or did you mean, you run Kali on the VPS?

i use parrot home for daily driving, same is as the security version, just more geared to development and privacy. it doesn't have any of the hacking tools on it. i like it bc it's lightweight, uses MATE out of the box, and has some privacy things i like

Hi Guys, rate from 1 to 10 the best three LLM models finetuned on CyberSec stuff. 👀

Thank you ☺️

Gave +1 Rep to @shell summit (current: #611 - 10)

I would recommend you to use them in a vm environment 🙂

I know only about PentestGPT for now

when will pt1 giveaway be ending?

All the information is in the form.

giveaway ending date isnt mentioned i checked again. can u send? maybe i m missing something

keep in mind that hetzner does not allow portscans

hello guyz

hello 🙂

any idea how can i connect my account to discord ?

thanks

Gave +1 Rep to @frail vault (current: #61 - 147)

thanks gives reputation ?

yes, but you cannot give yourself reputation 🙂

only when someone else thanks you 🙂

understood

no one will thank themselfs anyways

someone tried it before (of course, it didn't work) 🙂

🤣 lol

Really?
Is your first thought as a hacker not "oooh, I wonder if there are any abusable edge cases the developers didn't consider"?

i mean everything should not be overthinked i come to discord to chill out i shut down my brain

https://tenor.com/view/hack-the-planet-gif-15624885

When you tried your first CTF ( catch the flag) how did you find it? Even though I am new to cyber security I decided to give it a go, and looking at the Cheese CTF level (easy) I was like hell yeah. Few minutes in I realized I know nothing, I looked at some of the walk through' s and it ranged from sql injection to knowing alot about php etc. What was your experience like? did you find it hard? or is it just me.

Ctfs are always hard cz they are designed to be otherwise they would.be very boring and most people starting out find them hard just gotta squeeze and enjoy

Cheese CTF is probably a bad example

Try simple CTF

Thanks. Gosh I feel alot better lol. At one point I was looking for the ssh login 😢 to the box I was trying to hack.

Gave +1 Rep to @south inlet (current: #2 - 3788)

thanks that helps alot, I was like crap is this even for me.

Eh? No they're not

There are some ridiculously simple CTFs floating around. I should know -- I wrote some of them in my early student days.

Welp I haven't played simple tbh

Simple as in easy. Not simple as in the room SimpleCTF

But muiri most people get like 50-100 points even in easy ctfs like ehhh nahamcon

description

how can you enter this giveaway bcs I can't seem to find anything on it on the THM site

i saw it on linkedin

Thanks

Gave +1 Rep to @quaint basin (current: #10 - 886)

thanks!

Gave +1 Rep to @nimble locust (current: #1907 - 2)

hello

Is Jr Penetration Testing really worth the time? I have an intern in 2 weeks and during these 2 weeks, I want to improve my knowledge about cybersecurity. Ive already completed 2 beginner courses. Now I want to gain experience with Linux tools and the offensive side.
I also thought to directly start solving difficult CTFs but maybe this course would be a better starting point. What you think guys? Which path should I do?

sudo apt install hacking sklls because i suck

Of course it is worth , I definitely recommend it 🙂

It's usually "that's odd"

Sometimes also "wait what?"

And also "did they seriously do that? No it can't be... Ah yep, they did. And now I have to write the report"

Insert explicatives as needed

Been grinding pentesting for a year and looking to collab with someone who knows the basics and is active daily.
Let’s team up, build projects, and grow together (ethically, of course).

Non-negotiable: Be active on Discord every day.

If you're down to level up together, DM me.

Wow, a daily commitment, how can you pass that up?

Oh

Can you please say what is YARA?

@hazy citrus YARA is a tool used as forensics and analysis of files based on strings/binary data. It is mainly a CLI (Command Line Interface) or Linux terminal application. It allows you to write up rules. I am just starting to use this tool.

If you are familair with Linux terminal, you can use any editor like nano to create them.

No but rules look much better and well organized with proper intendation 🙂

@weary meteor ok, got it! Thank you my good man.

Gave +1 Rep to @weary meteor (current: #1 - 5065)

Thank you say about it...😉

Gave +1 Rep to @deep lantern (current: #1907 - 2)

please don't advertise here 🙂

let it be for a few min

pls

No , self-promotion is prohibited by #rules

https://youtu.be/YPW_HeOHA1E?si=p1jcNfvqb3tgCMHh

https://tenor.com/view/pudding-gif-3571016

has anybody seen something like this before?

trying execute -f

What's the problem...?

i'm trying to execute find to escalate privileges but for some reason i can't get it to run. i'm pretty new

workin on pt1

You're currently in a meterpreter session, not a command shell.
Meterpreter is what we would call a command and control (C2) agent. It's (roughly) platform agnostic and exposes its own set of functionality.

That does include dropping into a command shell on the victim (the command is literally shell).

Bear in mind that it's... not exactly good opsec (although Meterpreter just generally is signatured to high heaven). Won't make a jot of difference here obviously, but worth getting into good habits early 🤷‍♂️

thanks

sounds like i should do the metasploit / meterpreter room first

What websites do you usually use to read articles about network security, which publish articles about the latest technology?

Hey, I've been trying to purchase tryhackme premium for past couple of months, and it ha sproblem processing payment. Can anyone help me ?

For paynent related issues reach out directly to support on the email below

Hello !
Maybe it's a dumb question but:
I finished every "pathway" of Penetration Tester in THM
Except "Red Teaming".
And i'm wondering if i should do this pathway ?because, i don't want to be a red teamer. But just a pentester 😅

it can be very beneficial as a pentester. just becasue the pathway is called Red Teaming doesn't mean you shouldn't do it because you won't become a Red Teamer 🙂

Amazing, keep it up.

yes but Is it really necessary to pass your first certifications for example? I absolutely want to get to the essentials for now

depends on your certifications, but it can be helpful

like OSCP or even the PT1 from thm

yeah, the Red Team pathway would be very helpful in those

ok thank you

Gave +1 Rep to @crude thicket (current: #73 - 122)

no problem 🙂

bro, you should run it at shell

does tryhackme have a new promo for premium?

Not yet

Hello guys I feel silly having to ask for help for this CTF - The Game would anyone be able to help point me in the right direction.

I unzipped the file and changed the permissions to allow the file to be executable and I am getting the zsh: exec format error.

you have to give executable permisions to the file. to do that, you can do "chmod +x (file)"

Hey everyone, I'm new to cyber security about a little over three months I believe since I started learning through tryhackme; coming from a software engineering background. I've been having a hard time doing some of the capture the flags feeling like I don't know where do begin. Does anybody have any tips for getting started with the CTFs?

For context I just finished the Networking course that goes over TCPDumps and WireShark.

those rooms are more connected to blue teaming than red teaming (red teaming is closer to CTFS), so I would recommend to take the Junior Pentester Path first (also completing the pre-security and cyberscurity 101 paths), and then doing ctfs

Thank you DonutMaster, for you're response! What would you recommend I should do to practice the skills I learned in those rooms. Also, I did plan to do the Junior Pentester Path I just have to finish the cybersecurity 101 path.

Gave +1 Rep to @crude thicket (current: #72 - 126)

which other paths have you completed?

I've completed everything up to the Cryptography lesson that where I'm at now

have you completed the SOC Level 1 path or the Security Engineer path?

No only the pre-security path and half way through the cybersecurity 101 path

ahh, then just continue with the jr. pentester path, and you should be able to solve some easy challenges 🙂

Thanks man! Have you done the Jr Pentester path yet?

Gave +1 Rep to @crude thicket (current: #72 - 127)

I've finished the Jr Penetration path + the Web Funcamentals path (technically I have like one room left for the Web Fundamentals, but 95% done)

Love it

How was it? Was it difficult?

not too difficult, but depends on the person 🙂

Always easier when you do it because you're genuiely curious and not the lovely pay packet

That's good to hear! I really wish I had more time during the day to dedicate to this I would be way farther along. How long have you been doing cybersecurity?

Hey jortboy3000 nice to meet you!

around 2 months (I'm a student, so I have tons of time)

That's awesome! Are you in college?

no, I'm not even in high school yet 🤣

haha dam dude! That's awesome, I wish I could have started when I was younger the computer I had at the time was so slow and I was never able to convince my parents to get me a better computer

ahh

I also ended up going the AI and Software engineering route because that's what we were told would guarantee us a career

actually, that is a very good path towards a good job these days

I had better luck finding something down the AI route however, trying to find something in Software engineering has been a challenge

good luck!

Thanks man!

Gave +1 Rep to @crude thicket (current: #69 - 129)

hello guys i just subscibed to sal 1 certificate and i coudlnt find the path start can anybody help me please

#quiet-conversation message
@weary meteor what do you think about it 🙂 ?

I would definitely recommend you to do so , extract knowledge won't hurt 😄 . Btw Red Teaming path is very detailed and you definitely learn a lot by going through it 🙂 . So , I would definitely say - Yes !

ok thank you 🙂

Gave +1 Rep to @weary meteor (current: #1 - 5089)

When you're in the page for the certification, there's a tab that shows "Recommended Learning".

It'll show you all of the rooms that are advised to go through for studying

Achieved top 7% in 24 days

congrats 🙂

https://tenor.com/view/lazy-cat-stairs-gif-20611362

Take a break next

YESSSSS

top 2 % in 15 days

is what i did

in my opinion, it's not really important how high ranking you are and how quickly you got it

whatever

solving 8 machines daily without seeing writeups

is something important i feel

I was just expressing my opinion 🙂

even i was expressing man chill

ok?

agreed

.

IS it possible to make a payload for android using metasploit focussing on

after the device restart the payload connection will reestablish

after the network change like victim switch there wifi or use the data or turn off and on there data and wifi the connection should reestablished automatically means the connection should active everytime

connection can only be closed if attacker wants and then when attacker wants he can reestablished the conection

payload should not be detect by antivirus and while installing it google play protect shouldn't warn as harmful or unknown software and block it

the payload apk can be deleted by an user but the payload should work for example i can delete the payload after opening it one time but it should work even the apk is deleted it can be communicate over wide network not only local network

Yes... quite advanced but yes

Done!

hi

wassup

whatsup 🙂

Hi everyone, I'm looking forward to joining the ranks of cyber security analysts. Question though, how is AI affecting what we do? I personally am pretty leery of how quickly AI has been integrated into everything and I've seen enough movies to know it's not a great idea for the reigns to be quite as lax as they currently are, but how is it affecting the profession itself? Are we as needed as we were a year or two ago? And if so, have you found that you needed to shift your focus in some way to more AI-based red/blue/purple-teaming?

Hey everybody! Looking for people to exchange and building a community, so write me a PM to discuss about topics, helping with learning etc. I am from Austria 🇦🇹, if anybody is from the DACH region it would also be nice🤙🏽

Nice greets 🤘🏼

There is a lot of automation that is being done where AI is used to ingest tons of data to make sense and see patterns. It takes some of the L1 grunt work off so that SOC can work on faster triage, etc.

I've also seen it implemented as a search tool where it parses through tons of inventory to find specific things you're looking for like "Give me a list of users who haven't rotated their password in 90 days" or "Give me a list of EC2 instances that are public"

There's still things to study and I myself know that human verification is still required to the data that AI spits out

what does Pm mean? bytheway i am from nepal i am new at this field if you consult then take me on your community

PM means private message, its another word for DM (direct message)

ohh

Okay, that makes sense, thanks. I'm just scared of getting into this field further (I graduated boot camp last year and have a Sec+ and just passed my ISC2 CC exam but am currently in Networking rather than officially cyber) and finding out I'm obsolete before I even get started, really. I hope that's not the case though. Your answer helps, thank you

Gave +1 Rep to @fathom panther (current: #22 - 457)

There is a considerable shift into integrating AI in most IT jobs so I think as long as you're working in IT, there's still fear of getting replaced by AI but I think its still far fetched.

That makes sense. I'll keep that in mind and maybe try to embrace it so I can pivot if needed. Thank you for your help and input!

To add onto it, AI is mainly integrated into workflows to help streamline the work. I wouldn't say that it would ever replace entire job positions by itself

It's nothing like the Terminator either and never will be for the foreseeable future, don't worry

When people say AI would replace jobs, what it is more accurately doing is replacing jobs where your only responsibility is GIGO in my opinion. It's nowhere close to taking on the responsibilities of an entire complex role, such as a system administrator or L1 SOC.

Plus, if companies train and use their own models with the aim of replacing job roles, it introduces an even bigger risk in itself since there's not nearly as much filtering, the sheer amount of data used to train the model, etc. Using established models can only go so far too

Also, a lot of companies do have strict policies around AI usage by employees

Not related to the topic but just a thought I remembered. My father's company has ChatGPT blocked

Is that from a "AI is bad" PoV, or the org doesn't want an employee spill secrets on a LLM?

The latter

I can imagine that employees would go ahead and paste error dumps with sensitive info directly into chatgpt

Okay, that makes sense. I've seen how it's being used to kind of serve as a SIEM for industries that wouldn't normally have that capability, but I wasn't sure how it was being implemented in our field and whether or not I had the absolute worst luck at timing for a career change haha

Good to know, that's what I'm worried about too (too many sci-fi movies, I guess)

Okay, I can see how the issues in training models would pose considerable barriers to automating more than just the data aggregation purposes.

Thank you for helping and your input as well! This conversation is truly helping me feel less apprehensive

Gave +1 Rep to @next bronze (current: #153 - 58)

We’re already seeing AI take over many traditional security tasks—like Tier 1 SOC analysis, responding to phishing attempts, parsing logs, and even some parts of penetration testing. What used to require entire teams can now be done by intelligent tools.

That’s why the real value for security professionals now lies in more strategic, creative, and cross-functional areas—like threat modeling, simulating real-world attackers, securing AI systems, ensuring responsible data use, and aligning risk with business goals.

That's interesting! Okay, so if I focus more on more creative aspects, that could be a better track to try and future-proof my career as much as possible then. That helps, because a key consideration in me entering the field was the possibility of being creative as well as technologically focused

Pls can anyone help me to answer task 4 question?

Try to ask in #room-help channel 🙂

Does anyone here listen to any sort of music while learning? Just curious because I've found that lo-fi, low-intensity post-rock and ambient eletronic genres like synthwave/vaporwave are really helpful in keeping me from getting stresed out while learning

Exactly! That creative + technical mix is what got me into cyber too. And yeah, AI’s taking over a lot of the routine stuff—but it still can’t beat humans when it comes to big-picture thinking like figuring out what is suspicious and what could be testing and understanding context, or thinking like a real attacker.

Stuff like threat modeling, explaining risk to non-tech folks (we do alot of this stuff with the help of Chatgpt), or making ethical calls—those still need a human touch. That’s the kind of work we should try to lean into more.

And with how fast AI is evolving—especially with agentic AI and things like MCP—it feels like teams will get leaner, and each person will need to cover more ground.

https://discord.com/channels/521382216299839518/876804968731009055
Try to ask these guys 🙂

I wasn't aware that existed haha, thanks!

Gave +1 Rep to @weary meteor (current: #1 - 5120)

I’ve been listening to classical style piano a lot lately while studying, andreavanzo , gibran alcocer

Juice WRLD is my favorite for chillin

.

Saint Pepsi/Skylar Spence is good too

hello kbg uncle jk

gym bro

TECHNO !!! ❤️

Hey guys my name is exoe and am new, it's nice to meet you all

Welcome to the community Exoe 🙂 👋

Now that i have something like this.
How would I even begin to encrich threat intelligence to this

I was thinking about trying a visualization if a dns query was made for an asset N seconds before it started getting enumerated .. who done it .

I’m Darrel, currently diving deep into cybersecurity and just finished the Junior Penetration Tester path here on TryHackMe. I’m building a 50-project portfolio, sharing my progress on GitHub and Twitter — and I’d really love to connect with other learners, especially teens or young tech enthusiasts who are on a similar journey.

If you're into pentesting, ethical hacking, or just passionate about tech in general, feel free to hit me up! Would be awesome to learn, grow, and vibe together. 🚀🔐

Let’s build a strong tech tribe!

— @gritty mortar

Check out Master Boot Record if you get the chance. Not exactly techno, more like computer-generated (not AI) metal for IT geeks. It's one of my go-to listens if I'm doing low intensity IT-related tasks 😎

Welcome!

found it "https://soundcloud.com/masterbootrecordmusic" && i love it ❤️ thank you!!

Gave +1 Rep to @toxic lagoon (current: #778 - 7)

No problem! They also have a Bandcamp if you prefer that platform. Cool stuff!

sup

Hi

I gave in and bought one month premium

gotta make this month count

finished an entire module in one sitting 😅

Summit was fun

Nice good job!

Hi, what has made you all prefer cybersecurity over , for example, programming or other IT fields?

(My question does not assume that you do not do programming)

Hi, I am competing in a competition in a bit with both red and blue elements. One of the red team topics is related to ARP spoofing, routing protocol exploits, SNMP exploits, VLAN hopping, STP exploits, and Mac flooding, which I am not at all familiar with. Where can I learn about these as well as protections against them?

Whats good my names Tax/TaxRealtor. Good to meet u guys

Hey! I’ve been learning the basics of ethical hacking and I really want to get better. Can you suggest how I should continue learning or what resources you’d recommend?

you can start with tryhackme's roadmap:
https://tryhackme.com/hacktivities

Thanks man
is they any path or source that make me very good at what we do like deeper into hacking

Gave +1 Rep to @crude thicket (current: #55 - 173)

depends on what you wanna do, all of the paths are a part of ethical hacking 🙂

Something fun way 🤗

fun way?

I mean very serious ethical hacker likeeeee 0day

again depends

can't really give a specific path that you should follow

So confused 😵‍💫

you have to follow the path you want to follow

Ok like bug bounty, pentester more offensive side

then, you should finish the Pre Security and Cyber Security 101 first, then continue with the Penterster path

Ok roger that 👍

Hello everyone, I have a question Even though I have 240 points I am not on the list of the best in June? The worst have 120 points. What is the problem?

what do you mean? could you /verify and send a screenshot?

This is my weekly league compete leaderboards

And Main Leaderboards

refresh the page

I try it, it dosen't work

It has been like this from the very beginning, it's not the first week.

which country did you set it to?

i mean month

Poland

ok, one sec

shows like this to me:

There is a problem with this system. Switch to "All time" and then to "monthly", then you will see the correct score.

yeah, there is a little bug where it shows like that sometimes, but idk

Recently, one Azure room was added, but
it would be a problem if a room was added after the cloud subscription expired.
I can't afford to pay full price just to work on an additional room.
I'd like to see a plan that is affordable for people who have paid in the past.

There’s also the business plan, where you can get access these rooms for free, but it has to include a group of people

@crude thicket
Do u know basic or full about hacking skills

He's "TITAN" rank

I'd say it's a safe bet he knows what he's doing

I need some help in learning so asking to everyone

“Remember switching to your sidearm is faster than reloading”

Im am noob

Not really, I've seen people being TITAN just because they copy paste answers and take absolutely no note.

Rank doesn't tell much.

Forgot to account for that possibility

https://tenor.com/view/carson-wcth-happens-to-the-best-of-us-hearties-gif-11543686

On a better note

I am so close to getting to titan

As you said, it means nothing, but it gives me a nice sense of achievement

How much time is recommended to spend on thm per day for someone interesting in a career in cybersecurity?

As much as u can. When I started cybersecurity, I used to study(not thm) for atleast 10 hrs a day

Hey I want to learn something new can anyone help me

you can start with tryhackme's roadmap if you'd like:
https://tryhackme.com/hacktivities

Could you help me, please!

I can't install php7.2-cli and gitlab-runner on the AttackBox.

Please don't post your message accross multiple channels.

so sorry, my fall

yeah thats me

not the copy paste part, but the no note taking

I did most of the grind in school so i wasnt too worried about it, now im regretting it

Hello

hi guys

Hey is anyone experiencing Internet outage?

Hi everyone,
I'm having trouble posting reviews on Google Maps. Every time I try to submit a review, it gets blocked automatically. I've tried using VPNs, waiting between posts, switching accounts, and even using different devices, but nothing seems to work.
It looks like Google is still detecting something and blocking my reviews anyway.
Has anyone dealt with this before or knows how to get around these blocks?

If they're blocking you, they likely have a reason. Helping you evade and protections they have in place would be a violation of TOS

Sorry, I’m new here, and since I saw "hack" in the name, I thought you might help me with a way to bypass that unfair block, because I just want to support a family member’s place with good reviews.

That's not a way to support a businness btw it is illegal

Illegal? What exactly is supposed to be illegal? Going against the rules of Saint Google? I'm just writing reviews, leaving positive comments — I'm not stealing data or sending people anywhere, just reviews. But anyway, I see it's impossible. Nobody gives me an answer, and I've been searching for a while now.

Here's the rules for the US: https://www.ftc.gov/news-events/news/press-releases/2024/08/federal-trade-commission-announces-final-rule-banning-fake-reviews-testimonials

I'm assuming UK/EU have similar rules

🔨 Banned saqh21 indefinitely

Hey guys does anyone tried blue machine using wsl?

If so i am unable to complete it because all i am getting is "Exploit completed but no session was created".

So, If possible can you please help me?

Wsl is poor for THM.

And, why is that if i may ask

Well, the issue you're experiencing is a common flaw with WSL.

Then what is the best solution for this?

Stop using a WSL and use a dedicated VM or attackbox

I think VM is the only option i have

Attackbox is good and i like it personally but it lags a lot on my wifi

the attackbox doesn't have like really good specs, so that's why it is a bit laggy

Oh, All this time i thought it was because of internet connection

that probably won't be the cause of it (it could maybe make it a little bit slower, but that isn't the full reason)

Can you explain it more if possible?