#quiet-conversation

it's just a suggestion. You can still use it afterwards.

Hey, does anyone know about an IP grabber that can use custom link? i got scammed on facebook marketplace and the guy is a ghost

call ghostbuster i suppose

:hammer: m1theplug#0 has been banned.

How do I perfom a ddos attack with ftp protocol

You're aware it's illegal?

practicing, not doing it to other ppl lmao

There's no benefit in "practicing" a DDoS attack.

Well to understand how it works
Red teamers dont do it?

Here you go.

If you think red teamers DDoS people then you should really go back to the fundamentals of cybersecurity.

Oh sorry, I thought red teamers ddos web servers to find vulnerabilities

How would DDoS find vulnerabilities?

Well I thoguthht

DDoS is to bring assets offline, how would that uncover any kind of vulnerability?

https://tenor.com/view/allegromk2-star-citizen-allegroloopmk2-offline-maintenance-gif-5954804137882925779

Dkob did you ever look into the guy sending links

So they don't ever do that?

why would even a pentester have to DDos anyone skid

Well, logically speaking, do you think a company would hire you to crash their servers?

When you put it like that no but I assumed that red teamers do ddos attacks

Well that's pretty much what DDoS means.

¯_(ツ)_/¯

What guy?

I cannot think of a single type of engagement in which a red team performs a DDoS at full scale.

All of the elements involved can be tested seperately and with much less risk. There may be a driving factor that would make a full scale DDoS "test" worthwhile, but in my experiences it is an unacceptable risk.

Maybe if you are attacking the network to set up a fake access point

but no, you would never do that in web application testing

Plus, modern day websites usually have ddos protection enabled

still many ways around that

yeah it depends what service they are using

It honestly depends, there isn't any reason to do ddos attacks anyways

agreed

https://tenor.com/view/suco-sucoxrpl-xrpmemes-memes-ha-gif-10965019412936813670

Hello?

i accidently DDoS'd a clients website by running dirb 👀

that's be DoS, since it's from one host

Do you guys recommend VM or Live boot for CTFs?

3.2 USB boot

I can't dm you yet man

Vm definitely

Okey, thank you

Gave +1 Rep to @weary meteor (current: #1 - 5845)

hi guys,

HI GUYS

i am sending friend request to a friend he is not recieving my mail
any solution?

Hello there
I am kind of new here and I need a help how to become an ethical hacker
Please help

You can follow this article 🙂
https://tryhackme.com/resources/blog/free_path

Are you both verified on THM ?

yes bro
i have linked my mail and mobile number

Your friend did too ?

yes bro he did

Try to send request to me KGBTHM is my username

My favorite quote so far in powershell room:
Remember, a true pirate never stops seeking treasure—so keep honing your skills, and who knows what pearls you’ll discover in the next adventure? Until then, may your cmdlets be sharp and your scripts swift. Fair winds, and happy hunting!

bro ❌ God ✅

request sent please check

I accepted your request so your friend probably gave you a wrong email

probably
i will verify again

im gonna switch from chirpy to this blog template hugo seems a bit nicer to work with

https://www.youtube.com/watch?v=2_Dtmpe9qaQ

maybe

guys i found website that not validate the JWT after i change the signature to 1, what should i do next?

notify the site

is that enough? do i need to escelate? just to be sure?

what do you mean escalate?

i dont know i just finish my learning in web pentest and try it in real website, so im not sure what to escalate

is this a bug bounty?

yes

then you could keep going and see how far you could get depending on the scope

DEPENDING ON THE SCOPE

okay thxx

Hi

Anybody know when the next ctf event will be?

Are you referring to a THM ctf or any CTF for that matter?

A thm ctf

Like industrial intrusion

I played solo b4 but now I want to try playing with teamates

@analog pilot

@velvet hawk

y u ping people?

Yes

Huh

Yes is not a great answer to why

No?

👀

yes

Okay!

Are there anybody can help me

I cannot connect with open vpn in my vm linux

Stuck in protocol option: explict-exit-notify 3

In a new tab when i command whoami its showed me one ip but when i tried in browser 10.10.10.10 its showing error

whoami shows your current user rather than ip(?

what error is it showing when you connected to 10.10.10.10?

This site cannot be reached...dns address could not be found

try the magic command then

sudo ip link set dev tun0 mtu 1200

Showing cannot find device tun0

are you doing this after connected to openvpn?

I am not sure if conmected with openvpn or not bcs when i put 10.10.10.10 on browser its showing error

i meant did you type the

sudo openvpn yourname.ovpn

or did you use gui to connect

Yes i used this command

Here is where i got problem

yoo anyone wanna do the enumeration and bruteforce room with me

call me if yes

hi

Hii

Does anyone know what's happening on September 1, tryhackme said to mark our calendars?

Follow #announcements 🙂

Probably some new ctf

If it was a ctf they would let us know in advance right?

To whom did you escalate the event associated with the malicious IP address

Whats this server about?

Nice, sounds interesting 🤔

1 year THM streak

You go get them tiger !

Congrats , keep it up 🙂 🚀

https://tenor.com/view/impressive-darth-vader-most-impressive-gif-1233758011459247961

I am looking for a mentor in my hacking journey... Is anyone interested?

There's no individual mentorship here but we're ready to help you in #room-help channel 🙂

my friend also had this problem there s a script to solve this

just need to be around, interact, and ask questions. people will help

No, it's too slow.
You become my mentor, I will learn by watching.

nope

not going to happen like that. nobody is going to do that for you thats worth their salt.

I see then, would you answer my questions if I get stuck or have any difficulty? I can't ask on the server, it's too much to explain exactly what I am doing.

I won't annoy you, promise

why cant you ask on this server?

just ask it in chat

its unlikely that someone here is willing to give you private lessons

I am working on a project right now, and it will be very difficult for me to explain exactly where I need help and it will also be difficult for people to understand it if someone experienced is not already guiding it, and the whole thing is not just about hacking, so that's why.

well, how about this. i have another server thats alot quiter, has a lot of knowledgable people. how about you ask in there

Sad bro😭

Okay

were not going to hold your hand and spoonfeed you though

I don't need to be spoonfeed.

just have to accept my friend request and ill send an invite

Slide the link to it

In dms ofc

yeah would also be interested

@covert remnant ur already in the more official one. @onyx violet friend request me

Oh

U meant that server

omg can I get a link?

I want to learn about...

Encoding, Encryption, Hashing, Obfuscation and Salted Hashing

Can anyone suggest me some good blog posts ... multiple if possible... I want to learn them completetly

Does anyone know a good hacker i can talk to?

about?

Some business

which is?

I can't Talk about it in public

why not?

Because it's private

you can dm me

Hi I've an unusual request......Is there anybody who practises IOT for Hacking??? Like creating IOT projects especially for hacking like that of Hak5.....

yeah im the best

This feels like sarcasm

Well if you are can we talk in private?

sure

as suspected it was some kind of social media account thing

yep lmao

look at his profile

lol

😏

hey all , i saw we have new event with ticket ? but all can have prize or i need chance ?

Everybody can participate

Is hack 2 win started

I completed one room & got nothing except some knowledge🙂

Hey I need a roadmap for cybersecurity, specifically for Red Team Can you help me?

You can follow this roadmap
https://tryhackme.com/hacktivities

No , it starts on September 1st

Whats this mission on the dashboard about? I can't seem to locate any info on it. It says 4 days remaining

It's a new feature , try to complete all the tasks required 🙂

Got mine completed already. Was just wondering what its for

guys, i've just finished pre security and cyber security 101. I tend to join red team, can you guys give me some advices on what to do next
i' tried OverTheWire but found it rather hard, i have to search for many things
I wonder now i should continue jr pentest, redteam learning path or solve challenges on THM or play CTF on picoCTF
Thanks for your advices

Whichever path you're comfortable with honestly. I went down security engineer first then jr pen test. but i prefer the blue side a bit better so i'm more focused on that path

i'm almost finished with the red path

you can look at the challenges as using the knowledge you gained from the paths

but if you like red teaming, try the soc simulator out a few times. those are pretty cool

so you mean after each room, it suggests us some other challenges to practice?

or we have to search challenge and room on our own

in some cases it'll suggest stuff you've already finished but they do that so you fully know and understand the path or corriculum

you can look through the ctf rooms and select them based on the difficulty

if you go to the rooms tab you can sort them by just red team

can u check the inbox

Fr

Where can I learn OWASP Top 10 (definition, impact, mitiagations). Along with the main vulnerabilities in it.

I guess to learn main vulnerabilities in it, I should look for it in port swigger.

I want to know expert people point of view.

Thank you so much in advance.

Anyone got any idea about any websites like antiscan.me or nodistribute.com(dead) used for scanning malware detection without distributing it openly?

you could run a sandbox locally

have you done the OWASP top 10 THM room

https://tryhackme.com/room/owasptop102021

yes...

I need to dig deep now... I need to understand definition, impact, mitigations.. and also CWEs..

Why Tickets tab removed....??

its probably coming back in a couple days when the new event goes live

Event starts on sep 1st

Okieeeeee

im actually having fun learning this stuff, the channel is good for breaking it down to a beginner with no clue like me. Planning to learn C after this course to strengthen my fundamentals and understanding when reverse engineering

guys, is it true that each tier Silver gold, bronze in the next event will roll for prize once?

Hey @zinc peak
So I’ve a binary file that I tried to reverse engineer, ran static analysis on it via Ghidra and Hex-Rays, so as far as I could understand from it,
It prompts the user with a message “Enter your fav color:”
reads the user’s input into the memory buffer and then calls the function that just base64 encodes the flag and saved the encoded string into a file named “encoded_secret.txt”

I even double checked via multiple LLM’s and that’s exactly what it does, I let them deeply inspect the decompiled versions to see if there was anything like it modifies the flag with the user input or anything, but there was nothing like that

you need to find the flag?

is this for a thm room or something like that or a ctf?

Yesssss
But I don’t know what to do next
Should I run dynamic analysis? Even though I don’t think it’ll be of much help

can you send me the decompiled code or the binary file in dm if you're okay with it

Noooo, it’s from some club task, my friend shared the file with me cause I wanted to try my hands on some reverse engineering tasks

Yes sure
But the decompiled code is 200-300 lines
Is that alright?

The analysis conclusively shows that the user's input is a red herring. The buffer containing the input is never used in the encoding process or to modify the hardcoded flag in any way. Its only purpose is to be printed back to the user, creating the illusion of interactivity.

the LLM replies this

@shell summit can you assist me with this? your help would be much appreciated

whats the ctf?

more like a club task and im sorrryyy
i overlooked something
All the flags were in the syntax of "ISCP{}"
but this one was in "ISCP"😭😭😭

it was the flag?

yeaaaaaaa 😭😭

nice

thankyou snowiee and slavetomints for your assistance🫂

Assembly? Wild.

Hi guys!

Hello guys can I get someone's attention for a quick help?

Currently working on Linux privilege escalation but got stuck on SUID, user2 hashdump cracking in particular

Try to ask in #room-help channel 🙂

Gotta say, I like the new weekly challenge idea. Streaks and leagues are decent motivators but having something that takes more than just logging in daily to answer a single question, or grinding challenge rooms, is a welcome addition in my book!

Why VM's are getting hung.

+1

https://youtu.be/O9QD9an-0jU?si=6GokuxHPj3Nz4YHP

What are the best TryHackme certs?

There are only 1 in each category...

No?

Their are more

There*

And no.

Yep

The others are certificates of completion, they have 0 HR value and can be received in under 5 minutes.

You only have PT1 and SAL1 as real certs.

There are beginner certifications in there are pro certs

All of them are beginner besides PT1 and SAL1

Incorrect. PT1 is a beginner certifcation.

Same for SAL1.

Dawg wht

Literally called junior.

It's beginner level.

What is the point of giving a certification in the first place for the other ones then?

I think you mean: Certificates V/S Certifications.

They are different.

Exactly, there's no point. It's like giving a certificate for attending a class.

No point, just shows you attended.

The real certification is behind a real exam, like a diploma.

They are both to show what you know, are they not?

No, because again, you can attend a class, doesn't mean you know anything if you fail the exam.

Also on tryhackme I can get any cert in under 5 minutes.

You can copy paste answers.

Everyone know they have 0 value.

Why get one in the 1st place then? (The “certificates”)

Exactly, no point.

¯_(ツ)_/¯

That doesn’t really make sense

Does to me, it has no point, pretty clear TBH.

I guess the thing I will have to do is just go with it for now

People go for the OSCP which is 1700 bucks and still struggle to get noticed so...

I am not trying to burn a hole in my wallet

Can anyone help my using hydra to test my security

Absolutely fair. However, in the future if you want a pentesting job, you'll kinda be forced to.

Use DVWA (I think that’s how you spell it)

Is it like the same as hydra ?

DVWA is something for you to test it

You get to test different things like brute forcing and cross site scripting.

Would you say that it is still building a foundation?

You mean the certs or TryHackMe?

Not the PT1 or SAL1, the other ones.

Oh so the certificates not the certification. I mean sure, but don't post them on LinkedIn or even add them on your resume.

HRs know they are worthless.

Again, all answers are online. Would take less than a day to get all of them.

https://youtu.be/QgVR1dxy6zk?si=K8eq575fqLwmEFRj

Phew, only affects Windows Docker

Hello there,

I need to know which extensions I should use as an AppSec?

For now I have installed

- uBlock Origin
- Wappalyzer
- User-Agent Switcher
- FoxyProxy
- Open Multiple URLs

What else I should know about...?

Just the names are also fine.. I will look the details about them on Google later.. just want to know the names..

before you install more extensions I have a couple good reads for you https://mullvad.net/en/browser/things-to-look-for-when-choosing-a-browser (goes into how browsers track you etc) https://coveryourtracks.eff.org/static/browser-uniqueness.pdf (A series of pdf slides that gives you a nice read regarding browser-uniqueness, and it even goes over what Peter Eckersley considers "The paradox of fingerprintable privacy" in short it is that in our attempt to increase our online privacy we end up installing all these defenses (for example the extensions you have installed, and more), and end up making ourselves even more visible due to how unique those extensions can make our browsers. important for opsec specially when peforming OSINT on the darknet.

I don’t think they’re talking about browser privacy but rather what helps on an AppSec role, likely pentesting or some form of that. Nevertheless, I think they’re good reads.

Ahh Yeah I figured as much just thought this would be a good read nonetheless.

I will assume you’re looking into a pentest type of use case since you added Wapplayzer and FoxyProxy. You can also include Cooki Editor to edit your cookies on the fly and also look into PwnFox as an alternative for FoxyProxy.

Return Youtube Dislike

https://youtu.be/tnPAhVxsPHE

Cybersecurity specialist skilled in hacking, data recovery, and gaming security. Focused on protecting systems and optimizing performance.

https://m.youtube.com/watch?v=hN3vafxLzII

fake news; Claude says my code is enterprise-level production-ready

https://youtube.com/shorts/0xXnkzT7jrw?si=J9mNVkrOz44Ma0mY

Does anyone know if you will receive an invoice or some kind of receipt after buying the cloud licenses?

Thank you so much man..

Thanks.. yeah cookie editor would come in handy

Gave +1 Rep to @fathom panther (current: #22 - 466)

it's must needed

Just hit 90 day streak 💪🏻 (with the help of a few freezes and a repair)

where i can open a ticket for a support?

Congrats , keep it up 🙂 🚀

Did anyone get this issue, or is it just me??

Is posting smb, rdp, ssh, ftp, apache, windows ad, setup guide in linux and windows on linked in to get a help desk or pentesting job? Is it a good idea?

I’ve been getting into reverse engineering lately, digging into assembly and C. I’m just wondering, what kind of projects could I actually put on a portfolio? Is reverse engineering mostly just about analyzing malware and writing up docs on GitHub, or can I also build my own projects around it?

I'm stuck and can't solve this problem?
This is where I find the answer.

guys tell me the answer of the third question of defensive security intro
pls don't forget to mention me

If you're stuck you can have a look at online walkthroughs.

That first b in your try is part of url encoding 🙂
%7b - {
So the actual answer is ||THM{B8WM6P}||

anyone else starting their learning from complete 0 level? i just thought i would give this a try but always end up asking super basics and feeling terribly confused.. im halfway through cybersecurity 101. I would love to understand cybersecurity, it would be a dream to work with that but generally i just feel stupid not understanding even basic concepts

https://youtu.be/TNX2g7Z78kY?si=lFYmMX6RLocMBo5D

Check out #cyber-security-101-path channel 🙂

I posted about win2hack event in the linkedin. THM commented "Fill up those stamp card on the 1st of September 🚀 " what does this mean? @frail vault @weary meteor

Rayan will never know

@nimble otter

AI slop 😭

https://youtube.com/shorts/WY2xTiq0DM4?si=XoifXfOUTU2BNX0s

😭 stop

Violet you're better than this!

If I win the chatgpt sub I'll gift it to you 🙂

in Hack2Win, are there tickets for all the rooms? or is it random drawing a ticket

All i think , doesn't count if you restart the room progress

I did 1 new room but very basic ( intro to dfir) and 2 time consuming ones. Osqueryi and wazuh but u didn't get tickets for these 2.

Within the event time frame i have done 5 rooms but only got tickets for 2 rooms

Massages u

Look, cybersec contractor/personal masseuse hiring agencies are hard to find

E£190
.69

Is this amount in Egyptian Pounds (EGP) or British Pounds (GBP)

Please don't post job postings without consulting with an admin

Hey everyone 👋 I’ve been grinding the Hack2Win event for the past few days and completed 10 Bronze medals already. But after finishing, it just keeps giving me new Bronze cards instead of moving to Silver.

Does anyone know how many Bronze medals are required before Silver unlocks? And also, how many Silver are needed before Gold unlocks? Just want to know the exact milestones so I can set a proper target instead of guessing.

its random chance so theres no specific requirement

the chance of you getting gold is 5x the chance of you getting bronze, apparently. but people have done 30 rooms and have gotten 0 golds so good luck

its not like that, i guess every time you complete a room you get random ticket, it can be a bronze, silver or gold, bronze one are quickly redeemed to xp boost(majority of time) and reset to 0, for silver we have to collect 10 silver and will enter the draw, same for gold its not reset like bronze. winner will announce at 10 i guess.

Ya want me to report any of those in the future too? Wasn't exactly sure if it's a report worthy, although it could lead to a scam but some could be genuine too

Yeah , use /report in such cases 🙂

No , tickets are given at random

Hi everyone, i'm looking for a CTF-partner.
I recently started solving the "EASY" challenges on THM.

https://tenor.com/view/explosion-cat-gif-5858640239144030160

one day i will find / make a good blog template

but for now i will just stay with a stock one 🙁

https://tenor.com/view/side-eye-dog-suspicious-look-suspicious-doubt-dog-doubt-gif-23680990

taking quiet-conversation too serious

Wireshark error missing parameter remote-host
Any help please

like a website template or a post template?

Anyone have any ideas on how I can get recognition without being in handcuffs?

say what

Just don't get caught, make your name famous, not you.

||Mrs FBI, I don't agree with any content shared here, any thing that I done/said is 100% edu||

H1, BugCrowd, be active in cysec communities,...

What do i do if i forgot things from previous rooms ??

Refer back to your notes or redo the room

:hammer: ysmnn_j#0 has been banned.

[BAN] User left the discord server.

Can I ask a question about Linux here?

Hey guys, how much time do we have left to collect bronze tickets? i mean for hack2win

i heard that the event will last until 15

go ahead, i think youll get more answers in general tho

Yeah feel free

Until September 10th

10th* 🙂

Is C++ easy?

if u r familiar with C, then yes

depends on your prior knowledge

I would not say that C++ is considered to be an easy language

its easy if you love headaches and troubleshooting

I love headaches

C++ is like a women

its hard to understand

C++ is like a woman. If you make a mistake it blows your entire leg off.

well i think you never had a faceoff with assembly then

We r watching 👀

I copy-pasted the formulae for the Quantitative Analysis in the Risk Management room, and threw it into Obsidian... apparently something went wrong in the process 😅

On the subject of this room, it's going to take a long time for me to memorize these formulae, this is exactly why I hate math

hi guys. did you know when I'll be notified if I win something on hack2win?

You'll receive an email if you win something

ok thank you

https://m.youtube.com/watch?v=OSNObKP-tB4

When is the gold draw scheduled?

Today , follow #announcements channel 🙂

I'm asking for time sir

Hey. Has anyone used GIWS website hosting? What are your thoughts on using it for a school project to host a simple website?

And I'm telling you 🙂 . Exact time isn't specified so follow #announcements channel

Someone said 5pm bst

Nice thank you bruh

Ur welcome bro

I'd recomend just using github pages for anything less serious than a professional portfolio website or ecommerce website. if you have a professional portfolio you can always just make a page on it with the project, but for learning purposes a githubs page is usually going to be fine for most people's learning needs;
https://alternativeto.net/software/codeberg-pages/about/
i also found codeberg pages which is free and open source and seems to have the same features as github pages, if you are concerned about github for privacy reasons;

Hello everyone, I took part in the Hack2Win event on TryHackMe and managed to get a Bronze ticket. Unfortunately, I had to leave due to work and now the event has ended. The Bronze ticket shows 'You've Won,' but I’m not sure what exactly I won. Does anyone know how I can find out?

Check your email

Cheched emails Box but I haven't received an email related this

i think for bronze you get rewards instantly

maybe you won streak freeze or xp boost

Hello everyone, I changed my email address right after the event. How can I check if I’ve won any prize or if I was contacted?

Hello there

In Encryption - 101 room, there is SSH Authentication module in it.

I am stuck in the task, I recommend giving this a go yourself. Deploy a VM, like Linux Fundamentals 2 and try to add an SSH key and log in with the private key.

Can anyone help me, I was trying to do it with my local kali machine connected to openvpn connection...

I am not able to understand online write ups also...

Can you provide some shots please

Check the email that was associated with your account previously

It’s resolved thanks !

Gave +1 Rep to @weary meteor (current: #1 - 5933)

If someone is down for some CTFs, DM me

i just realized the changed the format so learn and challenges have their own buttons

You can try to ask these guys #koth 🙂

How do I gain permissions to write there? I can only read the chat

That channel requires to verify your account with the bot.

Follow instruction from the link below to learn how to verify 🙂

i want to get good in cybersecurity . what is the best way to lear. rn im doing thm paths. But i dont if it will work

#cyber-and-careers message
Look here.

can someone help me with installing CAPEv2 ?? I'm stuck with nested virtualization in ubuntu KVM machine with is running in VMware from host windows

https://github.com/kevoreilly/CAPEv2?tab=readme-ov-file#installation-recommendations-and-scripts-for-optimal-performance

Go with this!!! it works and easy

I was trying to test some reverse shell from revshells so I saved them as .sh,but virus total didn't find them suspicious, like it was not encoded
Can someone help me understand how it works.

https://youtube.com/shorts/LRB3v0In_ZI?si=_0R9LB9GdB25QyeS

If I made an internship app would people use it

THIS. also why the fuck cant i react :<<<

also this

Hey guys - new into cyber security, does anyone know any mobile phone 'games' and/or courses? I work on a auto dialler in telesales listen to answer machines all day it would be good to try and learn while i sit there

#room-help

do you have Apple or Android?

Apple

Well, I was going to send a screenshot but not allowed in this room.
Some of the Apple apps I like (a little basic, sometimes, but free for the most part) are:
HackerX (fox app image)
Ethical Hacking (face with hat image)
Cybersecurity (3 apostrophe's black and white app image)

Also, codecademy has a free basic training for ethical hacking, and a phone app called Codecademy Go (which is just their website symbol for the app image)

Hope maybe these help 🙂

Oh amazing thanks

https://tenor.com/view/peace-out-peace-sign-peace-ice-age-eddie-gif-12074097217783893288

ughh, basically, a funny gif saying "all good" :/ (Still learning Discord)

To add images or gifs you need to verify:

https://help.tryhackme.com/en/articles/6495858-discord-how-do-i-verify-my-tryhackme-account

What does rep mean?

in what context?

+rep

Gave +1 Rep to @green raft (current: #441 - 16)

Internet points

Ahh

I thought it was used to select people to get the kind badge on thm

don't know about that

Hmmm

they serve no real purpose as far as I know

Ohh😂

Well thanks bro

Gave +1 Rep to @onyx violet (current: #49 - 216)

Hello everyone. I noticed people have downloaded their own Linux for THM, instead of using the Ubuntu one that is provided. Should I do the same?

its better, your enviroment does not reset, you can download and keep tools on your machine

configure and install, maintain your own linux enviroment

I’m still VERY NEW. I have a billion questions already.

Should I get kali or Ubuntu? Run it through Virtual machine? Or download it straight to the computer?

okay okay, if you do not know linux terminal at all id reccomend ubuntu, and start by learning terminal commands theyre very simple its not hard to learn learn how to make directories make files copy files all that. once you know your way around the terminal atleast at a basic level id reccomend kali then, and start learning the tools, id reccomend starting with john the ripper making files with hashed passwords and unhashing them using john with dictionary attacks, you can start with wireshark also as i believe there is a thm room for that. lmk if you need anything

Thank you I really appreciate the help

Gave +1 Rep to @twin snow (current: #3165 - 1)

Hi guys! How are you?

I wanted to talk about a opportunity with Amazon about a referral program

If you are interested in this project, DM me

For the purposes you've noted, what is your perceived difference between Ubuntu and Kali?

kali has preinstalled tools like john, hashcat, nmap, etc, id first learn bash in ubuntu and generally learn linux as a whole in ubuntu, for some it can be a big learning curve, and then after learning bash and so on in ubuntu id learn how each tool works in kali, in a controlled environment, this is just what i think, im sure others will give you better ways to start

It does, but both Ubuntu and Kali are a Debian base. Aside from Kali being easier to break, there are very few differences between them. What advantage do you foresee from starting out on an OS using repositories which do not contain hacking tools vs an otherwise nearly identical OS which does?

And I'll caveat that "easier to break" comment with: that's a result of it being a rolling release, and shouldn't be an issue if you're just messing around learning basic Linux operations. It's also easier relative to a stable Ubuntu release. Still pretty difficult to mess up.

But really, think about this for a minute: how many times have you seen someone add a non-kali repo to their sources.list and break dpkg?

.

Not as many as I've seen newbies add Kali repos to Ubuntu / Debian...

When I loaded up ubuntu I knew I wanted to get straight to learning bash, and that only for me personally so I can navigate, the system, etc etc, when I loaded up kali I came in with the intention of learning the tools, and the tools only, I knew my way around bash at this point, the advantage is that because kali contains so many pre installed tools you get to chose which you like and for what reason, I understand being on ubuntu or any other distro and Downloading the tools, but I went into kali not knowing what the tools do, so I could learn which I would want to install on my permanant distro, I'm not the type to install a hacking tool such as metasploit and run it on my permanant distro like ubuntu because of the fact that I wasn't fully sure what it did. And I always take the rule don't run what you don't know. I am just starting out yes but I am not a skid running commands and tools that I do not know how they work. Also even when testing these tools I'd have a vm of kali just so anything does go wrong that I won't destroy my ubuntu which I use day to day because I ran a tool which I didn't know what it did.

keep in mind im not a the best and i have just started myself about a year or so ago, so my advice might not be the best.

i think my point stands though

True

Okay, so that doesn't really answer the question.
You individually decided to separate your learning into two operating systems -- which is absolutely fine -- but what does Ubuntu offer you with regards to learning Linux admin that Kali does not?

absolutley nothing bro

apart from the ui being more friendly to beginners imo

UI? As in, Gnome vs XFCE?

yep

There's an option in the Kali installer to use Gnome 😄
That always used to be the default for Kali as well

hey im new to this and i am wondering how people are able to take other peoples ip addresss

I don't like gnome so xfce. I personally use kde

for kali xfce

I thought you were asking about regularly

Hey guys, I got a TryHackMe Baseball Cap from Hack2Win silver raffle. But i want to exchange this prize with tryhackme premium subscription. If anyone interested to exchange this reward with me please let me know.

hey all, anyone normal in here?

whats normal???

no

ehm

can we take a step back and you explain some backstory?

cause this reads very lets say "confusingly"

You’ve explained very little there. What form are the hacks taking? It’s safe to assume these days that most professional hacks are automated. Also hackers often don’t work alone. Without knowing your activity online it’s hard to say really. If it feel targeted rather than a blanket hack then perhaps you’ve upset someone online and they’ve decided to specifically target you. If you’re unsure contact authorities.

Why privacy budger extension is not allowed in tryhackme .com

https://youtu.be/4OZJZA_OJWw

Clickbait garbage

That's been a trick for years

Hey! Can anyone tell me how to get access to create rooms in THM?

Go to "Manage account" and there should be a develop tab

Yeah, I found it thank you.

Can someone hack a snaps account here? I need to read some chats

Bruh this is not owlsec chat

Who do I text for anything like that

Illegal hacking is not allowed here

Ohh

I thought this was a chat for that 😭

Do you know where I can find someone?

This chat is for ethical only and grind for skills and don't expect someone will help you there's no magic in hacking

You're looking for illegal services?

If you say it like that then yea

:hammer: briii_666#0 has been banned.

Another one bite to dust

Sorry, I'm only laughing at this because you asked if they were looking for illegal services and they said "yes" 🤣

He gonna need this code

Import time Import os Print("Hacking...30%") time.sleep(1) Print("Hacking...50%") time.sleep(1) Print("Hacking...70%") time.sleep(1) Print("Hacking success") os.remove("C:/Windows/System32")

hey im having problem installing kali on virtual box when i try to put the iso fiile nothing on file explorer shows up only folders show up

ok i figured it out so you need to download the iso file separet

Hello, what do you recommend for me to practice, I want to learn LFI, SSRF and IDOR better (I finished the premium rooms that were intended for vulnerabilities)

DVWA.

what is that? if you can explain

Damned Vulnerable Web App.

https://github.com/digininja/DVWA

ok,thx,i will research

i need flag 16 and flag 17 on windows local persistence >>>? help anyone please

https://www.youtube.com/shorts/wBr3-CVRWu4?feature=share

👍

Hey everyone 👋 I’m rasak,I love chatting about matches, players, and random sports debates 😂. Outside of sports, I keep myself busy with a little project of mine online, but mostly I’m here to chill, make new friends, and enjoy the banter

welcome 👋

(even tho your intro doesn't sound very cyber related)

Supp I like watching football, but I play badminton.

Which sports do u watch bro? And what interested u in cyber security

Yee truu

Whats up

I’m looking for a reliable and committed partner to kick off a new venture. I’ve previously run a store (in the pet niche), so I already understand the process and what it takes to succeed. This project will require a budget, but it also carries strong potential for growth.

Beyond business, I’m passionate about football and WWE — so I always bring energy and drive to whatever I do. If you’re motivated and ready to build something solid, let’s connect.

Anyone interested in doing ctf's as a team?

hi y all

Probably these guys #koth 🙂

Oh thanks, appreciate it! 😄

Gave +1 Rep to @weary meteor (current: #1 - 5964)

Which is better Wsl or virtual box, I'm trying to load a Kali, Windows and Mint

Consider VMware Workstation Pro as well. The last time I checked, it was free for personal use unless that has changed.

Serves different purposes

U know wsl?

How does WSL and Virtualbox serve a different purpose?

They're both hypervisors.

@mighty echo
Hey Jayy 👋 can I dm you?

Go for it

THM would generally recommend Virtual Box or VMware over WSL. WSL is slightly different in regards to the normal sense of a VM

WSL is primarily geared towards developers and working directly alongside windows

Anybody here a teen? 😅

Everyone I talk to is like 20 years older to me😂 😂

Windows Subsystem for Linux (WSL) only runs certain versions available from Microsoft through the Microsoft Store

Virtualbox will let you run whatever VM. Virtualbox is more like Hyper-V than WSL imo

good for you for starting this young, you could go far if you stick with it

Tqs bro

When I first joined this server I thought I was one of about 4 people that weren't in their teens or early 20s 😅

Nahh bro

You're not alone man 😂

Broo u a teen?

Yh brr

Everyone here seem to have 10+ years experience lol😂

Ikkk

Can i dm u

Go on

🌚

Yeah, I'm using it currently to run kali

Could you explain a little more?

Hi, I’m Excel 🌸 An independent girl living in Norway. Right now, I’m focused on my studies and also running a small online business on the side. I love spending time on my passions whether it’s music, gaming, cooking, or having late night chats. I’m currently single and open to meeting new people, building meaningful connections, and maybe even finding love along the way. I believe in kindness, great conversations, and appreciating life’s little moments

Hi, I’m Excel 🌸 An independent girl living in Norway. Right now, I’m focused on my studies and also running a small online business on the side. I love spending time on my passions whether it’s music, gaming, cooking, or having late night chats. I’m currently single and open to meeting new people, building meaningful connections, and maybe even finding love along the way. I believe in kindness, great conversations, and appreciating life’s little moments

check this @weary meteor

https://tenor.com/view/randall-recess-snitch-gif-9625258

ok so it was just a joke?

thought we might have two bots here

No I’m Excel 🌸 An independent girl living in Norway.

No I’m Excel 🌸 An independent girl living in Norway. 🤖

No, I'm Excel 🌸 An independent girl living in Norway

I'm Word 🌸 An independent boy living in Sweden

wtf is going on

they are introducing themselves

hi guys
anyone know about how to do penetration testing for web application

Yeah a little

Hold up

I'm Outlook 🌸 An independent woman living in Finland

shhhh

it's quiet convo!! 🔇

🤐 ✌️ 👈 ✊ 🫸

https://tenor.com/view/all-that-lori-beth-silence-this-is-a-library-nickelodeon-gif-22484132

I love making elegant digital solutions 🤖

answering one of the room questions 6x like, "I know this is the answer, am I dumb?" and then realizing that the issue is THM is Bri'sh and I wasn't using anglicized spelling of "normalisation"

That has happened to me a few times centre/center

Hi Excel! 🌸 Im Word nice to meet you!

I can

@odd acorn Can i send a quick DM to you. Take but 2 minutes of your time boss

Mhm

I'll start a timer ⏱️

Timer started now

-# whispers through the mists

https://tenor.com/view/papa-jesus-jesus-god-holy-gif-18444110371778069597

why isn't my gif loading🤨

or is it just me

you are not verified on this discord hence you do not have embed perms yet

And how do I get verified?

That's your first flag to capture

Good luck

Bruuu😂 😂

What are u even trying to do😂 😂

Like is it a room or a problem with ur private system

@lean current

Follow the article, and you should be fine.

I'm pretty sure they're installing Arch Linux and trying to format an EFI partition, but for whatever reason, the partition is busy.

ahhh alr thnk u, im a kali user so when i saw that screen i was like what the heck is this room💀 😂

never use kali as main distro

madlad

Dude I'm studying reverse engineering so most of my work will be in a sandbox and kali is just for ctf's and thm challenges. Also kali dosent deserve the hate😂 😂

My private system configuration

Tried installing arch + hyde

Just completed

Awesomeee dude

what field are u interested in?

Pentesting

arch is awesome for that

Just started blackarch strapping for tools

Well it's my first time using arch though, I was using kali till yesterday

Ahhh

I don't if I will ever use arch cause I'm mainly into malware analysis but I might u never know

Hello guys how are you

Good, hbu?

I'm good

👍🏻 nice

Do anyone knows how to penetrate meta account

That's great

How was your experience about arch ?

i need to work on another linux rice at some point;

how you liking seeing pacman loading bars on your package manger?;

Felt good as well as overwhelming , manual vanilla setup really tired me out especially resource busy messages when mounting root and efi

control over everything feels nice but I'm still ricing btw 😂

ILoveCandy ? 😂

Yeah i've heard arch can be both fun snd exhausting 😂 That resource busy error sounds annoying. But yes also the control snd customization are definitely worth it. Good luck with the ricing 😂🫡

Hello Guys Is there anyone From India ?

you want something really exhausting try geentoo or linux from scratch 🤣

or nixos, apparently even the forums and documentation for it are full of drama let alone the work to learn its package management style;

Me bro

Hello

Anyone here wana

Teach me termux

https://wiki.termux.com/wiki/Main_Page

Hello

Hi

Sup guys

heyy

hey

@fiery lichen born in India live in Netherland now 🙂

explain why?

Get the hell out of here scammer

How is this beautiful country treating you?

👋

I am

same heree

What layers of the OSI model do firewalls operate at?

For this answer, just provide the numbers in ascending order, separated by an ampersand (&) I.e: 4 & 5 what is this answer

A quick search on the web can give you the answer.

3 4 7 ?

i would fill it in and see if its correct

ok

There are 3 layers but i believe the answer want 2 layers

Hey guys,
I understand that the main purpose of 127.0.0.1 is to allow a computer to display data from local applications without needing an external network connection.
The loopback address is also useful for web development and server management.
But I can’t find a video or documentation that shows a concrete example where 127.0.0.1 is actually useful and makes a real difference.
Can someone show me that with a concrete textbook example ?

nah it's kinda help i think. combine to other response i had in other forum, i understand that it's can be use to simplify the communication between two processus
in the same local machine, to avoid to configure some inter process communication. am i right ?

thank you 👍

Gave +1 Rep to @zinc yoke (current: #303 - 29)

It's usually used for troubleshooting in networking also . You start from it and move down the chain 🙂

Why i am not able to share ss or images

thx. do you know if there is any room talk about loopback/localhost in thm ? i can't find anything about it

Gave +1 Rep to @weary meteor (current: #1 - 5979)

Hm , on THM no 🙁 but I think this video may help a bit 🙂

https://www.youtube.com/watch?v=pZho6OQYYxI

You need to verify first , follow instructions from the link below 🙂

thank you 🙂

Gave +1 Rep to @weary meteor (current: #1 - 5981)

Hi

hi

https://youtu.be/_zfN9wnPvU0?si=qdomPoDHPBSPBjjW

hey guys, im trying to connect to thm openvpn with my arch vm on an kvm with nat netwirk and ive tried pritty lots of sugestion on how to resolve this but nothing work , anyone know how to deal with it?

How are you checking whether you are connected or not?

Because the connection page mostly doesn't show connected

Matter fact, it was just my cellular connexion i guess, now i use an cable connexion and it work

anyone tryna teach meh how to hack?

conputer

huh

wa?

Lol

I wanna learn too🥲

Me too

Watch Wargames.

Old school BBS ❤️

Is it possible to learn with movies?

Theres only one tv show which is very close real red teaming and its MR ROBOT

But you cant learn the red teaming itself but it gives you real perspective of hacher

hacker*

some of the commands from The Matrix are pretty accurate to be honest

i think it's closer to the beginning of the first movie - it was when Trinity was "hacking away"

Heyo 👋

sup

Truthfully, no

Make sure your firewall isnt blocking it

Yeah, play any movie while you practice :p

shhhhh

https://x.com/darkwebinformer/status/1976770423066075395?s=46&t=13yXE6mgH7t3bJFn0U_A0A

Using Mullvad (system VPN) + Proton VPN browser extension in Mullvad Browser. Discord voice gets stuck on “RTC Connecting.” Current prefs: media.peerconnection.ice.tcp=true, relay_only=true, proxy_only=false, no_host=true, default_address_only=true, turn.disable=false. Proton’s WebRTC-leak toggle is OFF. Any known fixes or per-site bypass setups that keep both VPNs but make WebRTC reliable?

Got any 5 star hacking movies I can watch this Saturday night?

The Net

https://tenor.com/view/issou-drole-marrant-rire-rigoler-gif-6142116

Hello, I am wondering if I can get help here with filling out a short survey for my assignment. My survey is about your experience using macos. If yes, I can share the questionnaire here. I will post the link to the form.

We don't allow collecting data without prior permission.

Hello, I’m excel
I'm looking for a serious and reliable partner in Starting a new business idea with.
I already have a solid niche in place and now I just need someone ready to grow and build with.

If you’re genuinely interested, let’s connect.

lol we're doing this again?

shh

what make arch better than Kali?

Well i just wanted to try it ig
I was a kali person before
I did customize kali + hyprland before too.
But I had an urge to try another distro

i wouldnt say its better. they both have their own charm

Haha

https://www.imdb.com/title/tt0113243/

Cool

:hammer: jack_security#0 has been banned.

Amazing movie

truly amazing

hello im figuring out the gdb for using it on reverse engineering, i just know breaking main then running it then after that i don't know what's next (i know some of the C basics like fundamentals and i learned the arm v7) can you give me tips or general key guidelines on what to do when using gdb?

guys

please stop

Done!

Done!

Done!

Done!

theres one in #infosec-general and another in #general @weary meteor

Done

thanks 🙂

Gave +1 Rep to @weary meteor (current: #1 - 5986)

:hammer: acephale_#0 has been banned.

Hello I'm mayank (mynkq)
Looking for patner for learning and growing and guidence

@alpine plank Hy

Dm

Im preparing for network+ what paths will help me in THM?

Not sure about the path, but would suggest looking at network-related modules.

https://tryhackme.com/hacktivities?tab=modules

Just select those modules that align with the Net+ content syllabus.

Thx

Hi guys
I am looking for a couple fo people for working together in hackthebox and tryhackme if anyone is interested in it please reach out to me over PM
thanks for attention

Hey I'm looking for a mentor who can teach me or at least show me the way! I want to learn and build a career in cyber security

Done!

https://tryhackme.com/path/outline/presecurity

je cherche a collegue pour etudiant ensemble et approfondir et ameliorer nos competences dans le domaine de la cybersecurite

Hii

@young basin salut je suis dans le même cas, on s'entraide ?

@young basin @midnight briar Hello this an english-only server please. 🙂

Anyone looking for a freelancer

you a freelancer?

is there any rooms about Android security?

https://tryhackme.com/room/androidhacking101
you have this one

I am looking for a colleague to study together and deepen and improve our skills in the field of cybersecurity.

🙌