Are we allowed multiple entries? Max age of pic?

i picked up an ooni karu. im really liking it so far

Not jealous at all 😄 I'd love an Ooni oven

Good question, I have a challah pic with the cook-off's name on it

Bread is love. Bread is life.

Bread is love

ok

Ok

Ok

do i buy a bigger SSD and dual boot Arch / Windows?

I need AUR stuff to publish AUR packages :L

DO IT

dual boot is just so annoying

i need some arch linux install tho

purely for AUR / homebrew stuff

VM?

arch really doesnt like VMs

what

everytime i have this convo, someone says "arch works fine in a VM" and then I try it, and its the most broken piece of software i have ever used and that person is like "oh yeah thats normal"

Arch works fine in a VM

wow

the exact words

lmao that’s just arch dawg

use Manjaro

i do

still broken

manjar odoesnt uih

resolution

very bad

in VM

even with VMware tools

I think you’re broken

or on virtualbox

i used manjaro for like a year as my own OS 😦

bee you’re broken

Bee would you happen to know what it would take to publish ARM image for rustscan in docker hub?

can you get a refurb laptop from a reseller/repair shop? it's less headache to have separate devices than to manage dual boot. Grub corruption is the worst

we have an ARM Docker image for RustScan specifically to publish ARM packages, I assume not much work?

Probably not. I built it locally and have used it, but hub published one might be convenient as well.

I use Manjaro in vm and works fine. I use vbox btw.

The latest image rescales without installing any guest additions.

@autumn trout dual boot is good choice imo just allocate 30-40 gb to arch or manjaro and turn off fast boot from window partition (so that windows partition is easily ready and writeable in arch) and mount those windows partition :)

I really really really really really really really like pizza

Pizza is delicious

depends on the pizza and where you get it from

I prefer BBQ pizza

Especially from Dominos with the cookies

Sadist

that just means more for blackout

How is that being a sadist?

Idk I wasn't expecting you guys to ask about it haha

Just seemed like an appropriate term for a guy who eats BBQ pizzas 😘

BBQ pizza isn't bad, I just can't order it or no one else will eat it

It aint my thang but I don't really eat any pizza aside from margheritas nowadays so who am I to talk eh

what's on a BBQ pizza?

isn't it chicken and bbq sauce?

Aye pretty much

Mebs some peppers or something

I think I did that once

though with a heavy cream base

Sounds like an improvement, decent pie?

we should just name this to the #cooking channel

Oh sorry, I shared my pizza pic on the wrong channel.

I wanna make a flammkuchen

those are good

wait, you're here talking about food and didn't ping me?

sorry sorry

I forget that you are here, you never talk here

yeah, too busy on other channels I often forget about this one (sorry folks)

hello, my mom is sleeping so I need to have a quiet conversation

shh.

Absolutely! I better find the LAMB SAUCE!

Also it's Burns night tonight in Scotland 🏴󠁧󠁢󠁳󠁣󠁴󠁿

Yous having a kick about using a haggis?

It is?

Oops

i found a way to have arch

i have a spare ssd

and i just

switch-a-roo

This is the unofficial cooking channel

sounds like a lot of extra work

And this is the unofficial official cooking challenge https://www.reddit.com/r/tryhackme/comments/l4asnx/tryhackmes_unofficial_cookoff/

Supported by the official TryHackMe recipe site http://tryroast.me/

Yeah well I need to find something decent

I don't have any fancy food pics

And mine ain't fancy

Although I think I have some chicken nuggets planned this week

always thought it weird to have a contest and not be able to test, that is half the fun

the Guys Grocery Games Delivery Edition is like that, "let me tell you how good my food is"

Has someone tried to make the eternal blue cocktail ?

It has a lot of things inside

a few of those and your down for a few hours

4 oz of booze is...reasonably strong...

that's the equivalent of 2 beers

That looks great

1lb ribeye, butter basted. Half served up with half for later

meanwhile i'm eating leftover pizza from yesterday

That's some good looking steak

Microwaved leftover pizza ? It's not that bad.

no just cold

The pan wasn't quite hot enough because I used the small burner, left it for a tiny bit too long so there's a lil grey.

Not a lot but not quite perfect

what are the things between the fries and the onion rings ?

mushrooms

Oven baked

I only cooked the steak, my dad cooked the rest

Stuck at home

steak looks good

Fries look bog standard

oh well, submitted some reading material for you, James

They're pretty standard yeah

Nothing to write home about

StegoSuite perhaps? @rich oriole

curl or wget?

python -m http.server

wget

That, uh, wasn't a question 😆

the question mark throws them off, @quaint basin

Guys How can I share Webbed badge to my LinkedIn profile?

Have you tried clicking the share button?

Where I could find that,
Last night I was able to see it! Now it's gone

So whenever I go here I just see my badges

/badges

but I can not see share button :/

I coudn't find this one this morning xD

on your public profile

Found it!

I appriciate it Hydragyrum 😄

Congrats to @cinder spoke for winning the THM cookoff with over double the amount of upvotes as anyone else! https://www.reddit.com/r/tryhackme/comments/l4asnx/tryhackmes_unofficial_cookoff/

yeah those pizzas looked good

Oh nice! 🙂

Congrats!

This where we post food? I love cooking.

My first attempt at homemade Tonkotsu Ramen.

well it doesn't look like sundip

Wow, looks great!
What is dark red grains? 辣油(Chili oil)?

I just did red pepper seasoning. Chili oil is a better idea though!

Damn

Looks great

Took me 2 days to find all the ingredients and make it. The pork belly cooked for 24 hours and the broth simmered for 12.

that looks good

nice

how can i join to voice channels? there are locked

!docs verify

@pearl bone ^^

tnx

@undone fractal 👋

hai

hiii oriiii

I love to cook ramen
Have a few recipes

I like poached eggs in my noodles

Hey guys, help on a machine?

@gentle tinsel please respect rule 3

@radiant jacinth Please respect Rule 1 of the server, and don't DM anyone without asking permission 1st. #rules

Yep

There might be a room on it at some point

Yes, a lot of them will be. Once a working exploit is released we're gonna have fun patching them

Not least because AWS doesn't convert anything higher than Ubuntu 18.04, so if that doesn't get patched we're basically gonna be deleting sudo

Also, there's another BoF in sudo that was discovered last year. 18467, from memory?

I think 1804 should still be getting patches

I used to know that by heart

18634

634, thanks James

Either way,
https://tryhackme.com/room/sudovulnsbof

1804 should normally have a patch out already

Yep

I'd hope so

looks like kali got a patch

@terse gorge if you're around, do you know if it's possible for us to get the room image with internet connectivity so we can patch them live for this sudo vuln?

i got the first name as root . how to change the second name (DESKTOP -66????) as something else ? is it possible

umm, what?

Change your hostname

That's what you're asking

is that your local system?

ah hope you patch it soon

It has to be patched one box at a time

Whoever is patching it, I can spin up a machine with internet access and reclone it once complete:)

Great ok

If you're around next week I wanna sort out a couple of mine?

Yeah no worries, just give me a ping with the rooms upload titles and I'll get that done for you

Great

I think I'm safe for the time being, none of my boxes have direct access to the Host OS

yea

yeah that word "hostname"

it's in WSL or a VM?

if it's WSL, then it gets the hostname from Windows

if its a VM you can use hostnamectl

anyone not subbed

i need u

I have an alt that isn't subbed?

plss

how much is an annual sub

hoow much is 6 months

Lemme check rq

I can't find how to do 6mo anymore

Other than vouchers

oooof

hmm so subbing for a whole year at 6gbp/month is less than being a monthly sub with the student discount

New room?

If it is a walkthrough please use the appropriate chats, if it is a challenge, please wait 72 hours :)

Mhm, there are two types of rooms on the site:
Challenges and walkthroughs.

It is not a challenge

Still need me?

is posible hacking twiiter acount with doble verification ?¿

@odd acorn want to handle this?

Thanks for the ping :p

Gone

https://tenor.com/view/elmo-shrug-不造-i-dont-know-gif-5094560

oh well

Looks like they are also on the htb discord as well lol

Haha

Why am I not surprised?

hey guys whats the best way to mess around with my teacher on google meet

Ya yeet

James you should have replied with "Be a great student and get A's in all your exams"

That'll show 'em

I like Jabba's positivity

do you guys hack snapchat?

@patent gate

no we don't

okok

@violet burrow Did you read the rules when you signed up to the server?

particularly

!rule 9

Rule 9: No discussion of illegal/unethical topics or actions. If the target device doesn't belong to you, and you don't have specific permission to perform an attack from the owner of the target: you don't do it, and we don't talk about it. This also applies to software licenses / copyright violations. If in doubt, please ask a moderator before posting your message -- preferably without breaking rule 1. Whether an action is illegal or not is at the sole discretion of the moderation team.

well its from the latest room think about it

Mmmm

Did you make that?

Duck?

Duck is one of the animals I will not eat if I am aware.

Duck and yes I made that, thanks automodbot and autocorrect

Did you mistype that? lol

I saw that

I was going to edit

lemme remove that warning rq because it 100% wasn't your fault

Mobile keyboards are silly sometimes

Duck is one of those animals in France that is super common...and relatively cheap

I think it is canard if I remember correctly.

Yes

So I don't know where this would go, but can we please interdict unsolicited friend requests as well in rule 1?

Explicitly I mean

I'm sure it's implied though

You're French?

not yet, but living in France

Fair one.

I mailed in the paperwork to ask for citizenship

hoping they get back to me before my visa expires...

I don't exactly want to get deported

Usually good to avoid

Is it a straightforward application/requirements for French Citizenship?

depends, but I have like 3 valid reasons to stay...

3 baguettes in one minute is the general rule

the application itself wasn't too complicated, just had to get all the proper documents from everyone

So, my wife has stopped wearing ratty old t-shirts (she threw them all out) and started putting on nicer clothes and lots of things with collars and buttons. She looks so wonderful and I have to keep remembering to tell her. For women who are curious, men do care.

Whats folks dinner plans for this evening?

Haggis

carbonara.

brown rice, some time of bean, sauteed greens, guacamole

lunch is leftover soup and some nice olive bread

Zojja - what is time of bean?

cool, good luck

oh type of bean

duck pancakes 😈

That could be good tbh

I'm making chicken nuggets

there is a pizza place that does a duck and fig pizza - I would not have expected it to be good, but it's pretty amazing

Duck in a pizza sounds a bit heavy to me, but I could give it a try

Duck and fig works very well

This guy know's what's up

They have this thing in the southwest of France they call "grattons de canard" which is basically fried duck skin with all the fat bits. It's so good.

But that would work really well in pancakes

Duck is amazing if you smoke it (in a smoker, not in a pipe)

I had this veggie stuff called 'Mock Duck' with hoisin and noodles a while back. Was pretty nice

hoisin makes everything nice

Agreed

Firecracker duck is one of my favourite meals

When I was younger I loved a type of cooked duck but now I feel that it is morally wrong to eat duck.

Jabba, Muir will be happy to hear that 🙂

its morally wrong to eat all meat

except

gimme a sec

i forgot what its called

Except when you accidently bite the inside of your cheek

human?

Esqy when I first joined the discord I was a vegetarian, Muirland and Bee both gave me recipes on what to cook (I still cannot cook to this day).

https://www.youtube.com/watch?v=nfIWNf42hJE

you can eat this

for sure

that things a monster

what about meat that is considered waste like livers and such? thats not really unethical

define waste

how do you procure it?

I didn't think people actually happily ate tongue until my Grandfather walked in with a bag of it.

i mean butchers typically throw them away

insects can be viable too

He was a Chef and used to cook all sorts, he even said his favourite meat to cook was pony.

after they slaughter an innocent animal?

sounds ethical to me 😄 👍

you still kill them for the "waste"

I love animals, but I also really like the taste and the feeling the serotonin it gives me when I eat them

This is where I leave because this topic is super touchy for me, one wrong thing said and I'll just stop eating haha

its less about the act of killing and making due with the fact that we waste insane amounts of food, thats not changing. killing animals is immoral but wasting food is unethical

You can do that!

Aye, but Jabba is right. This is kindof a charged subject for a lot of people

Yeah, I'm about to start banning

I think every industry is filled with waste tbh

Like plastic

and so much pollution from factories

Bee - I'm actually trying to reduce my plastic waste 🙂

Individually we can't do much, its the big corps that are causing 99% of the problems 😦

I have rubber straws, I have a Sodastream instead of buying bottles of fizzy water, cloth shoping bags etc

its very hard for me :((

tell that to the pile of scrap PLA I have from my 3D printer

definitely have made a bigger effort to "buy things for life" in most aspects of my life - way too much disposable crap

What I will say - Metal straws are not worth it. They make everything taste metallic 😄

but yeah even the whole concept of "carbon footprint" was a manufactured PR campaign to make it seem like these mega-corps give a hoot

They look cool, but thats about it

theres a coffee shop near me that uses these hay straws that are pretty darn good, no weird taste and disposable/compostable

I bought these straws for my mum, sister and my friend:

They are actually pretty good. was £10 for 3, and they are still using them a year on

smart, re-usable straws tend to get really gross quickly and are annoying to clean with that stupid little brush

Thats why these ones split 😄

Been a while since i popped here

🤯

what's everyone's favourite show then

Its Always Sunny probs

Buzz Lightyear of Star Command, or the Lilo & Stitch TV show (not the anime)

Peep Show is also a banger

interesting choices

didn't know buzz had his own show

favorite favorite show? thats a tough one

favorite current (still running) may be American Horror Story

favorite show of all time is probably Twilight Zone

but Bridgerton is an amazing emerging show especially at someone who normally would be bored to death of 19th century Britain (it just isn't my genre)

Whats yours?

i haven't got around to it's always sunny yet

and i didn't really like peep show the little i watched of it

i prefer david and richard on gameshows

but uh i have no idea what my fave is, probably a mix between suits, prison break and lost lol

Yeah David is great on Would I Lie To You

yesssss

Does anyone know when the advent of cyber ends? Been working through it as fast as I can and only got a couple days left

It won't be made private @timid peak

It's not going away

The event itself ended on Christmas day.

Aw perfect. Yeah I knew it had ended but just still really enjoying it and was hoping I wasn't going to not be able to finish it. Thanks a lot!

Yeah, the room will always be up (except maybe over Christmas time to avoid detracting from the next ones), but the AoC2 chat will be archived tomorrow.

Which is probably now my job. Wonderful

Not this chat

#778305825797177374 might be

But not this one @quaint basin

Oh, I thought we were in #778305825797177374 -- oops

hey

hi

hi

hi

hi there isn't any room for chat whit people?

You can chat here, #general or #infosec-general <- (make sure it is infosec related)

any vocal chat?

Yes, scroll down in the chats. You need to verify to access them.

!docs verify

My first ever on-site incident response engagement is done 🥳 What an experience

I never saw myself becoming a blue teamer / responder but it's a blast

gj

Probably a bizarre question but can't seem to find a specific answer on the web lol - see if I'm accessing a Kali box CLI on AWS, how do I connect to the THM OpenVPN? New to Linux so it's all a bit over my head, trying my best to learn though!

like you would do in a vm

!vpn

You'll just need to background it or use tmux or something

Tmux works beautifully for it

dtach is one I got recommended the other day as well which might be fun

Thanks guys 🙂

today i got to do a ppt and i didnt make it

and it is for english

Is Wireguard any better?

You can't use it for THM

Oh Okay

hi

Having a lot of loose end tech projects at any given moment is common, right? Right now I have Arduino code untangling, burp research and learning, and delayed project follow ups.

as long as you manage your time to progress on them all its really no problem

hi

h

h

i

Typing scarcity commencing.

a

b

c

z

<ö>

d

x65

hi
what room should i do first? advent of cyber 1 or 25 days of cyber

AoC 2 is a lot more 'Guided'.

noice

aren't both same?

no there's three different rooms
advent of cyber 1
advent of cyber 2
and 25 days of cyber security

advent of cyber 2 and 25 days are the same thing

i thought they are different cuz when i search "25 days of cyber" three rooms show up

yeah, 2019 aoc

& 2020 aoc / 25 days of cyber

I'm late to the party and you already got answers, but I recently tackled this, too. Getting OpenVPN to background was a pain. I run Tmux locally and didn't want to use Tmux in my SSH session to my Kali VM, so I set OpenVPN to just run as a service on my Kali box, since it's currently dedicated to THM anyway.
Here are my notes (hopefully Discord doesn't freak out on my markdown)

[[OpenVPN]]

Linux

Service Configuration

• https://guldberglab.info/run_openvpn_in_the_background/

Create a service config

sudo vim /lib/systemd/system/OpenVPN-Connection_Name.service

Edit the config with these settings

[Unit]
Description= VPN Connection to my home
After=multi-user.target

[Service]
Type=idle
ExecStart=/usr/sbin/openvpn --config <Path to your ovpn file> 

[Install]
WantedBy=multi-user.target

Reload the systemctl daemon to pick up the new service

sudo systemctl daemon-reload

Enable and start the new service

sudo systemctl enable OpenVPN-Connection_Name.service # sets to auto start
sudo systemctl start OpenVPN-Connection_Name.service # starts now

There's a specific thing for running openvpn on boot as a service, rather than making that just use execstart

I believe you just put your config file in a specific location

Yeah, I did see something about that, too. I started out with this path thinking it would work for an on-demand connection, but realized later there wasn't really a reason to not just have this VPN running whenever the VM was up anyway.

Thanks a lot! Not managed to really get into it yet, still running the AttackBox in the browser, it would just be cool to use my Kali box in the cloud for it. Perhaps this is a bit beyond my skills for now lol, totally new to CLI and Linux 😅 Thanks a lot dude!

I've got an alias for it that's, uh, rather a lot quicker 😆

alias thmvpn="tmux new -s THMVPN  \"sudo openvpn ~/Downloads/MuirlandOracle-THM.ovpn \""

Stick that in ~/.bash_aliases, then you can start it with thmvpn. Ctrl + D to detach and leave it backgrounded

'didn't want ro use tmux in my ssh session to my kali vm'

Muir

Bad

Oh, oops 😆

What's wrong with nested tmux?

I suppose that works

That probably would have worked fine, and maybe nested tmux is a non-issue, just use a different leader? I'm using a tiling window manager as my top layer, and tmux in my terminal as a second layer already, with vi type key bindings and just using different leaders for context. I think I'd need more coffee to add nested tmux as another context layer. Just using it as a detached session to squelch OpenVPN spamming logs to stdout would have worked for me though.

That is a lot of multiplexing. I love it 🤣

But yeah, I keep Ctrl + A as my tmux prefix locally, then the default Ctrl + B when I'm working remotely

All through Tilix as well -- so also with a multiplexing terminal

ha! Yeah, I didn't try nested tmux at all. Good to know that it doesn't inception implode if you just use logical prefixes like that.

Hehe, yeah, most I've got is about 6 deep, just for the kicks

A-F prefixes. Worked a charm

hI

Hey

hiii

Hey

ok so what's the difference between 25 days of cyber and advent of cyber 2?? Coz same rooms... with same tasks... doesn't seemed right to me... is that a bug or something else is added?

Hey

Hey

What’s your id on tryhackme

Blackout

why?

For invite

invite to what?

Friend

Oh

May I?

Sure

aye add me to while your at it @crimson prawn

i need friends for motivation lol

The Day tasks are identical. The Introduction tasks are not. Hope that clears that up.

hey

Can anyone teach me some hacking stuffs!

https://tryhackme.com

Sign up here if you haven't already.

sure got it.

Hlw

I think I have met my match. Analysing a particular strain of ransomeware completely destroyed my isolated VM, to the point where snapshots won't load and it's totally dead

oof

F

Last year in February, I visited Berlin... to attend OffensiveCon.
https://www.offensivecon.org/
I wonder when can I visit Berlin again? I miss Germany. 🇩🇪

Quick STUPID question: What if someone solved all the rooms on tryhackme and he/she has got nothing to solve any more, until the next room comes up... What will happen to THE STREAKS then? Will the koth activity matter?

Feel free to ew me but I genuinely wonder that 😅

KOTH counts towards streaks I think

tbh just email support you'd get your streak

at least one room is released a week

meaning you can always maintain a streak under the premise of "i've done everything lol"

lmao alright thanks... I am on my 80th day soo uk... kinda worried 😅

oh dont be

im incredibly generous with streaks lol

you could literally take an entire week off and come back with an 87 day streak 😄

🆒

Eh, I am fine with a regular streak 😄

https://media.discordapp.net/attachments/804196724230979595/806607065799589908/image0.gif

tag yourself

@odd acorn

Jabba the Hut

Jake brought the band. 🥳

the whole squad vibing

i made them their own website so you can book them

http://178.79.159.23/

lol yeah people in an infosec Discord are gonna go to your http IP address link

your loss

I mean I can grab a domain and https it rq, doesn't change the content

^

I wouldn't follow any random link here tbh, but this one looks almost deliberately sketch, lol

I literally set up a random https site five minutes ago 🤷‍♂️
It's really easy to do, and free.

In short, don't trust links just because they have https. Trust that the information is secured, but don't necessarily trust the destination.

Read my last message - I wasn't saying "I would trust this with a domain and https", I know how easy that is to set up. My point was that I definitely wouldn't trust a link to an IP

why

i just can't be arsed to buy a domain for a joke website

I still wouldn't go there - the domain wasn't my point in the end

(You use IPs all the time to connect to THM)

are you being deliberately obstinate for the sake of it orrrrr

THM isn't "a random link"

I trust THM machines

let me re-write my initial statement since I realize it was definitely misleading:

lol yeah people in an infosec Discord are gonna visit random links

There we go 😁

Now how awesome is that!

Do they do songs on request?

unfortunately not :( they are limited to one song at the moment

alpha release v0.02

it's something i'm working with them on 🙌

hehehe. Things to do while not trying to fall asleep in front of a SIEM. 😉

ahaha that will be the case tomorrow

night shifts starting tomorrow, just staying up late tonight so i can sleep for the whole day

.

is tryhackme.com down ?? for everyone or it just me ??

working fine for me

It's not working fine for me.

working here

loaded now, took a good while.

I have seen it slow behind the cloudflare setup, just need to refresh a few times from time to time

yeah sure

give me a call on 1-800-CALLFBI and give me the details and i'll help you out

lol

now my message makes no sense 😔

Haha

idk

Happy weekend folks! 😀🤙🏼

Oh, I meant to say(!) - unfortunately my work basically said to us they're paying off 30% of the workforce, which isn't ideal, so I decided to apply to some unis in case, not expecting much, and I got an unconditional for Abertay in Dundee for ethical hacking which is super cool 😀 I'm doing an undergrad in cyber sec at Open Uni part time at the moment but only been doing it since October, so in a way it'd be cool to do it full time! Heard good things about that course too!

Sick one!!!! 😄

Muir studies at Abertay

👀

Congratulations 🎊

hi

Congratulations, rossmitchell!

I only just saw the undergrad degree on the OU now - looks tempting. If I may ask, how are you finding it?

i'm at OU as well

I'm OU as well 🙂

Oh cool!

the first year is quite basic, however second and third are a bit better

you will be studying stuff such as maths and basic IT really, and i mean i have been doing it for a while and just part time, no full time commitment

I was quite surprised it didn’t need any formal qualifications beforehand - but at the same time, I’m glad.

I think I’ll keep it in mind, so it’s great to get other’s opinion on it.

If you work full-time, how are you finding that to work with studying? A few hours a day?

Nope, I work in the industry mostly and just invest 4-5 days before exams, but on the other hand i've also done an apprenticeship at the same time as working and doing the degree. It's hard, but manageable 🙂

I think the degree is good, however i've told them that some of the courses are not about right for cybersecurity

r60 is the degree i am on

http://www.open.ac.uk/courses/computing-it/degrees/bsc-cyber-security-r60

Ah, fancy!

I have no actual work experience in IT, so I’m trying to weigh up either keeping my hopes up and getting a job in the IT department where I work, or trying to go down the degree route

(Personally I’m just tired of failing and paying to retake my A+ exam, but that’s a small vent)

you can do the degree part time while finding a job in IT, there's nothing stopping you to be fair. A+ is a good starting certification, try investing more time strengthening your weak areas and revise with some online preps and question dumps. That's how i've passed my ones 🙂

Thanks, I’ve noticed my main weaknesses are mostly in networking and troubleshooting, so I have a starting point (again).

I just need to persevere

I know you can do it, it's just a matter of time until you get there, don't lose hope in yourself!

Aww, thank you!
I do have an exam voucher ready to go, so I just need to book a date when I’m ready
I am happier they’re offering the exams online though, I was not looking forward to travelling to take an exam

oh, also, being a uni student you get a ton of perks such as exam discounts for comptia (50% off), you get unidays, github pro and a LOT OF BENEFITS

(student in general, in UK i mean, not particularly OU)

I’m in the UK, so that’s really useful!

Just got to find a way to learn that’s not just watching videos or reading. I’d love something that’s more hands-on

Apprenticeships are hands on :), if you don't mind me asking where about are you based

Hereford, just south of Birmingham

i know a few people that deal with apprenticeships around London, but if it's somewhere else i may be able to find someone to put you in touch with if you are interested

Oh that’s kind of you, thank you.

Where I live is a bit “out in the sticks”

you could possibly check with QA, they have some really darn good teachers like: https://twitter.com/APT1337

i know a few other ones but he stands out the most

Oh thank you, I’ll have a look

Nay worries. If you need more help let me know

Do you mind if I DM you?

Feel free to do so

Wonderful, thanks

anytime

But uni expensive

Yup, it is.

I’d need to save up a bit more

Uni was alright in Canada

Certs >>>>>>>> uni

Certs are also expensive

More worth it then uni

I don't think you can make such broad generalizations

Uni was good, also for building networks, and not at all expensive. But that varies a lot between countries.

It's pretty bad in the US

yep. A coworker said he had paid something like three quarters of a million for his kids' education.

Ouch

But that's California, and it's steep even in US terms.

I think I paid about 55k in tuition overall

But I was out of province though

I paid 0€ for my degree, and lived mostly by state grant.

I was able to pay off my student loans in under a year though

And that's the way it is for all the students, not just a chosen few. I had prolly 5k student loan after graduating.

I had about 20k

Hi

IMHO both uni and certs give you proof of worth - degree and certification - but uni gives you more options because you're likely going to learn a breadth of useful things and have a good place to network as well as someone else mentioned.

Sorry if this is off topic, but has anyone completed the OSCP? if so, how long did it take you from starting to learn to completing it?

Just I am trying to get into the field, dabbled a bit and a really enjoy it. But I am going to put my notice in at work to leave (in a year) and was wondering if its achievable to get before I leave.

I am curious as to the answer to that question as well, Gent.

it's definitely doable, i failed my first attempt but i really didn't do as much towards it as i should have

but don't be fooled by the 'entry level' tag that comes with it, it is a very difficult exam

Thanks for the info!

Thank you, its re-assuring, I know its not an easy task. Just wanted to know if it was even possible.

Although there's some truth in the statement, it's just the tip of an iceberg

yeah i know someone that bought it without any prior infosec knowledge and passed it first time, if you're dedicated anything is possible ;)

Two most important things:

1. Don't rush to the labs if you're a beginner
2. Have every command and program prepared and tested prior to the exam

Thank you for the help I really appreciate you taking the time to answer

No problemo, I also really liked John Hammonds and DarkSecs videos on YouTube about OSCP, you should check them out

Thanks, I will bookmark them for when I can watch them 🙂

It's good! I'd recommend it. Although the CS course isn't accredited yet which is a bummer, I'm gonna chase them up to see if that's changing though. I'm studying AI and robotics at the moment which is cool, programming them using a python environment

Awesome, glad you’re enjoying it so far!

Thanks by the way for the congrats! 😀

You’re very welcome!

i just think that everyone should watch this if they haven't already
https://www.youtube.com/watch?v=B94q7gUu75k

honourable mention
https://www.youtube.com/watch?v=MsuuiVzS6Js

sssssssssssshhhhhhhhhhh

@celest cairn why metasplot is windows defender detected???

Hey guys. I would like to have a cert to increase my chances of getting a job in security. I already have 3 years of experience as IT administrator.

Do you think that it is better to pass Security+ or Pentest+ (which would take less time to learn, like one month maybe) and then while having one (and potentially job), aim for OSCP?

Maybe it is better not to waste time for CompTIAs but prepare longer instead and try OSCP directly?

Anyone has JNCIA-SEC and can write more how long he spent to learn and pass? Is it doable like in couple of days?

Sec+ is more wide than OSCP or PT+

I've realized it has more theory though, and is not "ctf-like" as OSCP. I know a person who passed Security+ and now plans to do OSCP.

I am wondering if it is worth doing anything before OSCP or try hard and hit it 🙂

If you take your time with the material, OSCP isn't that hard

I'm going straight for OSCP... though I've heard oppinions that I should even skip that.. go figure

Still gonna do it, and then start my job search

I found the materials pretty cool, they make you understand the basics and it's your job to expand your knowledge from there

sure, I understand that. And you get nifty piece of paper saying you can hold out on your own

And most importantly... a business card

Yeh. I hear OSWE is pretty neat, other than the lackluster lab performance

OSEE also looks great

You get a business card OwO?

like that

purchases OSCP instantly

Oh wow.

Sec + is pretty basic i would say, i mean it covers a quite good deal of items that are quite important, the exam is rather lacking but exam prep book was hands on good

Is that the "Exam Objectives" pdf?

no, like the exam prep book from amazon lol

i implemented a few things from it in my workplace

but the most i got out of CySA+, not gonna lie, if you want to go down SOC route or management path, CySA+ provides quite a lot of content

what os do you all use

Arch

Gentoo

Hey! guys, I have just stared learning about cyber security, I am thinking to prepare for ceh. Is it a good idea?

Most people seem to agree there are better certs than CEH, unless you're looking at a position that expects it

eJPT, OSCP, etc.

@wispy moss ceh is a joke

Why so?

It's only theory, kind of outdated

Only worth it if you're in India, because they require it in many jobs

I have some sort of expectations for CEHv11 ok?

sort of

The content seems reasonable and up to date

I can only give my opinion based on actual things that I can see right now 😄

It's too expensive imo

Compared to eLearn

Agreed. I've done the exam and finished it in 30 mins

Yeah. But you have the practical ceh too which is dirt cheap

But theory is more recognizable

I'd do CEH just for the clout

Have you actually done it yet?...

OSCP is the hardest one in the series what?

Offsec is the hardest in general unless you're onto some obscure exams

(The material)

It's nothing you won't understand, the exam is hard ofc

Material ain't the exam kiddo 😆

When are you booked in for?

April

I'm trying to do school at the same time :/

Your "review" was very motivating btw 😄

Good luck!
Glad it was useful :)

glhfdd

That's what I thought finally. Instead of preparing for Sec+ or Pt+, it is better to use this time for OSCP

Every cert is worth it in my opinion, but if you don't want to waste time just go for it

(I don't know about every cert...)

True, but isn't knowledge always good?

it is but certs take time and often money, sometimes your time is spent learning a subject vs getting a cert that isn't good (e, g, CEH) or may be a repeat/too much overlap of other certs you have, there are plenty of subjects worth learning that don't have a cert or maybe a cert is a heavy investment, best to learn the subject

certs are really mostly to be a checkbox on a resume, to help your resume look good

like I can tell you, for me, a Sec+, Net+, other various certs would be useless

I agree, that's why I wrote that if he doesn't want to waste his time focus on more important things

But some people just have the time/money

but again it depends on your goals, if a cert doesn't align with your goals, you probably should spend time on certs that do

or I should say certs or learning

Are you planning on doing any in the near future?

see I don't think people should take advice from me 🙂 because there aren't really any certs that line with my goals... I am studying for OSCP BUT its for 'fun'

I have a warp sense of fun

or people shouldn't follow my lead that is

morning zojj

hey hey

it's still great to consider the words of someone experienced 😄

we talking about certs?

I am considering getting an agile certification too... I have to look into it a bit more, but seems SAFe may be another goal this year

you got any cloud ones?

AWS

ok

APMP for agile

I haven't even heard of that one

prince 2 is ok as well

they're for project management

any reason is good 🙂

would a cloud cert be considered in a CV for a security job?

yup

probably tbh

yup

which one would you advise (I never had any experience with cloud)

at least for an ops side, no?

its one of our struggles is finding people who know cloud

AWS is most popular, followed by Azure

nah engineering/architecture too

I'd say*

get one from the cloud providers like AWS

gonna do that after oscp (if I pass), thanks 🙂

I know a guy who knows a few guys 😉 😛

pretty sure Azure is more popular with the really big boxes

ha ha

AWS is most popular, Azure has gained some

but you learn one, you can easily learn the other

yeah they're mostly transferrable outside tooling

Azure is only really popular for their AD stuff

ok the really big companies like it

Their logic app is v/ v/ v/ v/ nice

probably the best II've used

Also they have some great AI stuff 😄

yo does anyone here use nootropics or have any experience with them?

@minor nymph Random question, but yes

Curious of what people think of Kali vs Parrot. I’ve never played around with parrot but I think I’m going to for a couple of weeks and see what I think

how did they impact your learning/general hacking?

They are placebos for the most part. You are better to focus on your lifestyle and general diet

I drink vitamin water
It makes my taste buds happy

I don't know depends on the flavor

Mostly placebo I mean some of them have some effects but nothing compared to the simplest of things like sleep, food, caffeine, etc.

i mean fair enough

Parrots UI is a little different than kali's but I would put them on the same level for ease of use

I feel discouraged recently. Spent some time looking at a site, discovered issues that need action, and their teams are not seeing my email request to forward information about these issues.

Wondering how I should go about this

Attach monetary value to this issues not getting fixed, if you can

Hi All, is anyone with tryhackme experience free to answer a question or two on how to navigate the website?

How would you recommend to a new user, navigating around the site? How do you find rooms and where to start

!docs free-path

If you are subscribed you can try learning paths from site.

the first few courses on the free path linked above will teach you about the site, after you have done a few rooms, either continue that path or pick something of interest, some rooms require more prior knowledge than others though so the free path is good for this

(as is complete beginner path if you have subscription).

thank you all this is valuable info. really appreciate it

My homemade pizza

Damn son! Looks great, love a square pie.

Rectangle even...

Maximises the square meterage of pizza

The base is premade from Tesco's but yeah

gj

the base is dead simple to make yourself though.
I use ~300g flour, 180mL water, a packet of dry yeast, a bit of olive oil, and about 5-6g of salt.

you basically mix everything together, let it rise for about an hour (or more). Dough should be only slightly sticky, add flour or water to rectify (a pinch at a time)

I don't think I've ever read a more beautiful sentence in my entire life

spread it out by hand (dust your hands in some flour to prevent sticking)

pizza dough is really easy to over-proof if you are going to hand toss

I've found a 5:3 flour:water ratio works best, more flour makes it denser, more water makes it too sticky

if the dough feels like a cloud, it's going to be really tough to size correctly

you can roll it out but it's better by hand

the dough should be somewhat elastic

that is why you punch your dough during proofing

the hardest part about hand tossing is the reps needed to not punch big holes in your dough skin

you want to get that gluten going

Aww. This is cute 🙂

but hey, figure out what works for you 🙂

😄 i was a pro once, esqy... decided to give that life up and do IT stuff

hydra's gotta get his gluten

I let it proof in an oven I've warmed up a bit

@steel plover that's what gives the dough its elasticity 🙂

I know that, but you can do gluten free as well

haven't tried a gluten-free pizza, but I can't see it working well

or go with a more cracker crust type

gluten free pizzas never taste right - and the crust comes out like a brick more often than not

my sister and several family members have celiac disease - pizza night with them is the worst

😦

#tryhackme: come for the hacking, stay for the pizza dough tips

I have a few family members there as well, makes somethings hard

there is a special flour (i think it's made from beans?) that gets the taste right, but after 30 minutes out of hte oven, it turns into concrete

eat fresh

part of the fun of family pizza night is grazing while playing board games or doing a puzzle

the beans might be able to impart the proteins...

I wonder if adding an egg would help?

the dough itself is crumbly when you are forming the crust

or egg white mostly

it doesn't quite fall apart, but you can't roll the crust edge or toss it.

using rice or corn flour

that sounds like a depressing pizza

IIRC rice has gluten in it

does it?

everything related to grass does, i think

I often see rice flour as a gluten-free alternate

Thank you :) I much prefer making the base as well. We usually make our own like that, sometimes with a hint of oregano mixed in

@patent gate how do you guys do gluten free pizza

it's generally wheat, barley, and rye and stuff that has the gluten

all i know, my sister can't have rice-based food because of her gluten sensitivity

fair enough

Bases are pre-made, and theres a whole procedure - Seperate sauce, spoodle (spreader). We don't allow Gluten toppings at all, and we don't even cut the pizza to avid cross contamination

The member of staff is assigned to that 1 pizza all the way through

And it's sealed with a GF sticker before it leaves the shop

yeah it's no joke

cross contamination can really put the hurt on - like any allergy

I have been to several places that do the same process, seems like the pre-made dough is a good method even for home cooks that I have heard

I think it freezes fairly well

could be wrong, never tried it

We don't have them right now though, cos of Covid and a reduced menu

That being said, I did order a box of the bases in to buy myself for my Niece

Same for the vegan ones I hope 👀

Esqy!

I managed to get a kilo of 00 flour at Tesco today for 50p

We're doing pizza

:o

What's 00 in the french system...

Ah T45 yeah that's super finely ground

zéro zéro

It's the protein content

Yeah but the french measure it differently

Yes, James 😄

Muir - There are procedures in place, but not as extreme as the GF ones. GF ones have unused utensils cleaned after each pizza. Basically, people can get really really sick if there's Gluten on the pizza. The vegan ones do have seperate utensils like cutters and stuff though

It's awesome seeing Bee's "Name That Hash" program in REMnux I used it for the first time today whilst working on a case, and it just works

Glad you liked it!!! ❤️ 😄

I released 1.0.0 today so theoretically there no are bugs (or no one has reported any bugs to me hahahaha)

Everything worked perfectly for me, so fingers crossed!

@lunar verge I have another app that's in super early beta if you wanted to test it? I wrote my own hash lookup DB for it 😄 https://github.com/HashPals/Search-That-Hash

Ooooo, I'm down for that. It could be handy for some of our IR automation tools

I'll check it out 👍🏼

The API i wrote is stable, it's the CLI that's being worked on rn 😅

helloo i'm new and i wanna know the basics of hacking

where do i start?

!website

thank youu very much

no problem, happy hacking!

If you prefer a video on getting started https://youtu.be/ROO2pDPgja4

anyone here use/tried plum?

Guys it’s free real estate

Hey @quaint basin I've just finished your room - introductory networking - and found it very interesting and well explained. Great job and good quality content. I don't DM you cause it is not allowed 🙂

yee

this a very quiet conversation

Hehe, Its a good channel to be in when general goes mad 🙂

🙃

indeed

@red veldt Please don't Friend request people without asking first (Rule 1)

My bad😶

how do you find it 👀 i’m looking into using it

the money saving app? honestly I'm hardcore and do it by hand now but it looks really good

i was mostly looking into it for its investment feature

Just go with Vanguard's LS80 if ya lazy 😄

@short elk I would just be wary. There's a substantial difference between "making a plan for your retirement" and "thinking you made a plan for your retirement" Sometimes, tools like plum can give you the latter when their goal is to get you to think about the former.

oh yeah definitely, it's not so much a retirement plan for me, just a way to make some extra money from the rounded up excess from purchases

personally, I use etfs or just index funds for that kind of thing

in terms of "making extra money on chump change"

which is probably what the LS80 is

ye i just don't really know much about da stock market

that Bee recommends

index funds are the way to go

a well-diversified portfolio is the way to go

Ls80 is an ETF

some stocks, some bonds, some mutual funds, some ETFs, etc

It's a Vanguard low-cost ETF consisting of 80% stocks and 20% bonds, people like it as it has growth with stocks but stability with bonds. Although it has a major UK tilt, some investors likes that so they can see how well their portfolio is performing relative to their country

https://www.vanguardinvestor.co.uk/what-we-offer/life-strategy-products

my wife and I are bigtime Dave Ramsey fans, so we follow his 4 types of Mutual Funds. My main goal is to beat the market, if only just and I seem to be doing that.

I personally like ETFs but I have a mix, ETFs, managed stock funds and Mutual funds

I personally like my tendies

I actually used to invest a lot, but I'm far too poor to do that. It negatively effected my life very badly and since I stopped I've managed to invest in myself (books, courses etc) which rn, in this stage of my career, is probably a much wiser investment than my yearly +7% on my minimal investments

voice to text?

yeah, investing is important but should never take away from your needs, including self-care and self-improvement

that being said, 7% a year really isn't bad gains. Not great, but not bad, and even starting with a few hundred and contributing slowly, the earlier you start saving for retirement the better.

compound interest is the long game

@patent gate pizza

My GF got her dough stretched better, but I used my cast iron like a pizza stone so I got a nice crispy bottom and sides

mmmmm pizza

Minus the onions, then Nom!

Onions are love

It's a preference :p

gotta caramelize them onions first 🙂

of course

Hey guys! Im new to this server

How is everyone?

Good, how are you?

good

Damn I missed the discussion about ETFs

why the badges in the public profile is not showing correctly?

I think they're revamping part of how those work at the moment

Apparently someone hasn't gotten enough attention today, so now my lap has been commandeered.

you are not allowed to move.

Wasn't sure where to post, just wanted to say I absolutely love the attack box! I wish ya'll had a downloadable vm of that! ❤️

You can just download all of the tools for it and add to your own

Yea that's true xD

It's ubuntu with a bit of customisation 🙂 pretty sure cmnatic made it

Yea, I love it ❤️

Also in that time, you also levelled up! Nice one, Ry 🙂

Thank you!

Can anyone please help me out with conversion of modules from drupal 7 to 8

I made it originally, but CMN maintains it.
It's an Ubuntu 18.04.5 server with MATE installed over LightDM, iirc.
Unfortunately there aren't actually any ISOs available now @𝚁̲𝚢̲#1337. I have the original, but it's very outdated now.

https://twitter.com/gabsmashh/status/1360937686710763520?s=20

👀

Does anyone know if a Volatility profile for Server 2019 is available / in the works?

Pretty sure there’s already one out? I just push my profiles automatically I don’t really pay attention to them

Just 2016 😦

It can probably work with 2012 or 2016

pretty positive most of the backend stuff is built off 2016 anyways

I'll give it a shot later. Fingers crossed 🤞🏻

I gave the 2016 plugin a shot and it was a bit hit and miss. Volatility didn't complain, but it didn't parse as much data as expected

Nevermind then 😄 It wouldn't be fun if it was easy

Thank you

You can try making your own profile I don’t believe it’s super hard but not sure for Windows

yesterday i killed my whole network while failing at implementing VLANs (i didnt make backups for firewall configuration)

fml

oof

I need help i don t know how reinstall windows. I know that it seems stupid but i can not format the hard disk in a secure way how can help me?

who can help me?

Disk based forensics is pretty tough, even on a wiped disk with a new OS living on it. Any particular reason you need it securely wiped?

If you need to 'clean' the disk, look up DoD 3-pass using an ubuntu live USB. Can you define what you mean by 'secure'? Is there a list of requirements you have, or is this more abstract?

DBAN is also a very simple bootable option with secure wipe capabilities.

I've had... odd experiences with the last few versions of DBAN. Like UEFI/MBR not writing correctly, even with dd. For me, it's simpler to just make a bootable USB of some flavor and make a enough passes with dd to be confident the data is not recoverable

I think you mean this

https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase

Good luck

You can use sanitize as well for SSD's usually sufficient.

😔

Oh you wanna see a panic at the cisco?

Take a look at any ASA 😉

please no

used acs with a bajillion devices and it took no joke about 10 minutes to update a device's mac

sh int ip brief!

@vital glacier I deleted your last post as it hits on rule 2

It's not really a drama but whatever

Hey all - I'm looking for some advice on how to proceed / what to do next. I've completed AoC2 and just finished the Complete Beginner Path 😅
...
My goal is to work up to the OSCP eventually; and I'm not quite sure where to go next. I was looking at the Offensive Cyber Path, but was thinking I might want to learn some more python / webexploitation first --- or maybe that would be covered in there.

I'm at a loss - any advice from some more experienced folk?

Get on the offensive path, I'd say.

I went for web first and then offensive once I got more knowledge on what to look and how to explore them