#👥・help-me

Doesn't sound like it, but it might

yo

hey guys i have friend and in there is a discord bot who has taken control and it around 2k people in that server does any one know how to remove that bot

U remove the bot? From server settings

they gave the bot permission accidently and if they remove the bot from the server they said all the roles which are assigned to the people will go away with it

Okay

So ?

Make em again

i am a 3rd year Computer Science student so do you think i can do it in 2 years ?

thought that is the only field that AI can't take place of

partially yes and no AI can do some things not everything tho

are u a cybersecurity student or u are working?

yeah probably

you mean make the roles again there som emany people ?

U can make a channel where people can go and get their roles

It's better then having a bit take control of ur server

Tsk tsk

the thing si that the bot is above admin role

and my frined does not have acces to server settings

How can I install an app that is not available in my region yet

can i dm you pls

Yes I was seeking an invite anyway I got it already I emailed them and got the invite. Tq for the replies though.

can i pls dm you

then here’s nothing

there’s nothing

you can do

What's up guys

I have been using this app called HackerX to learn some beginer skills and I was just wondering if I should be sharing the certifications to LinkedIn? The app has a button for it but I think that is a bad idea.

@versed pagoda
Please ask general questions in here. That channel is not for questions.

Depends, I have seen people share every small cert they get! It is really upto you.

I unfollow those people quickly

I would personally avoid that

very personal take: use these features sparingly. Adding bigger milestones to a cert list on your profile is one thing (I do that with course SERIES for example, not individual courses), but I would only share it with the network if I have some words to say about. If it was a cert I had put a lot of effort in or want to give a shoutout to someone specifically for example

they say using people's tools won't make u a hacker is this true ?

not necessarily true

everyone has to start somewhere, no need to spin up your own OS to start learning. Using tools is fine, everybody uses tools

thank you guys

would you be able to get a job in cybersecuirty with Computer science degree with skills but not certs

?

That's essentially an "is it possible?"-question, and those always have an unhelpfully large answer-space

So "No, unless yes"

Either relevant certs, connections or incredible luck

agreed

Hello, how can i check if the breach happened within the prem?

Does it reflect on the logs?

SME. Without active directory

Its up to the company to have logs.
If you didn't set up logging, then you can check if there is anything on the firewall or event viewer, but each individual company is responsible for setting up their own OS management + logging.

Hi does anyone know any free open source virtual machines apart from vm box and VMware on windows

Well I have a question guys, do you think network attacks are still relevant? As in attackers trying to breach networks in breaking into the WiFi externally, poisoning ARP tables, doing enumeration, MiTM attacks, finding vulnerabilities, so on it seems very tedious, time consuming and noisy for network admins.

Aren’t attackers breaching organizations more and more through social engineering and phishing than actual network attacks?

It's a mix of both. A lot of times I see that attackers exploit something that is exposed to the public web. e.g. Firewall, VPN and so on.
If they have an initial foothold, then the usual stuff is happening. AD recon and trying to get domain admin as fast as possible.

So it would be from the outside in, something connected to the internet that allows to breach into their private networks. Not a guy parked outside the business with a Wireless Adapter trying to hack in and work their way up. Okay I appreciate the feedback!

Is the Mitre ATT&CK navigator the best option for focusing the matrix on your particular task 🤔

No, or it depends.

Should I just full dive into the official Mitre Docs

Most of the time, attacks happen online and not someone who is physically there. It can happen, but this is such a rare case.

vmware is not open source.
qemu should be available on windows, too - though if you are looking for one that is easier to set up and use than virtualbox, then qemu may not be what you are looking for.

Thank you!!

Has anyone here used volatility3 ? one of the labs i wanted to do needed to use this tool and from the looks of it, it does seem like a huge topic to explore....wanted to ask for some advice while learning it and if there are any good resources from which i can learn from

I need help please

the latter would more be the case yeah

with

anything in particular, or can we choose what with

I need some one to help me out on a project

help you with what

Don't make it difficult to help you, just spit it out

Can we chat privately

?

Can we

Put it out in the open or not, your choice, but I don't do DMs on a public server

I will dm

It’s not something too good

Then keep it to yourself

Please

I told you no, how hard is that to understand

and he sent a friend request

same here

I just need help

then ask here mate

It got to be private

Then you are not getting help, simple as that

your choice

Hi need an app or a website where I can enter a mobile phone number and “ping” it multiple times to cause it to freeze up, this is for educational and ethical hacking purposes only, any and all help will be greatly appreciated, Thank you very much ☺️

doesnt exist

was gonna delete it after it got answered my bad wasn't online but got 3 pings

@spiral notch did u anwser my question sorry if u did i didnt see

what question

Are kernel-level anti-cheats considered spyware

in setup and rice i dont know if u saw it was asking about vanguard

pretty sure its Chinese not that it matters

but im just wondering since i might play it

The answer is:
They get higher than SYSTEM level access. Which means they can implement spyware/malicious code, and you wouldn't have any control, or wouldn't have to re-authorize it.

So, we don't know what the proprietary code is doing. And there are tools to try and see, but those usually get flagged by the anti-cheat software. Things like Procmon i think usually get blocked.

got it

The bet is still open whether game developers will get their act together and support linux without that borderline malware, or whether one linux distro will cave in and become the solution for all the kids who want that kernel level anticheat micro transaction kiddy shooter

oh

that yes it is indeed spyware

I mean, if the games spy on you or not, they don't need kernel-level drivers to do that. And then the OS itself is also "a kernel-level driver that spies on you"

Micro-transaction games try to ensure the value of their virtual goods by trying to prevent any tool interfering with the game.. a short while ago we had a situation where two different games flagged each other as manipulation, cause they both tried to be the sole king on the hill monitoring the system ^^

I personally would trust a distro dev team more to keep an eye on malicious components, than I would trust a game company

And I guess none of us trust tpm

If it wasn't pre-loaded with a microsoft key, i would trust it

And since you can't check for yourself..

its just a crypto chip w/ storage

some TPM chips you can put your own key

and those ones, sure

but its used right now as a "Microsoft to Unique ID your machine + choose what its allowed to run" kinda donks

you can "add" your own, not make sure that those self signed certs are the only ones

its a black box for all intents and purposes

Still have an old laptop without tpm chip, just in case

install proxmox on every computer, and use vTPMs everywhere

https://github.com/stefanberger/swtpm
The code that is compatible with TPM

@lofty willow
Don't ask for unethical things here.
#📜・rules

My apologies

The phones under my name by the way

I don't care

Fully understand again my apologies

@woven anvil I'm very sorry brother.

Don't apoligize to me. Apoligize to her.

Lol

#1070121989479596086 if you need to talk about it.

Always appreciate it thank you

hey does anyone know how to pick ip over a call or track online activities/ locations if possible with just a phone number ?

not possible, also #📜・rules we do not help with stalking

okay, thanks for pointing that out

Is ccna a good cert to have if following the pentest road?

😂😂😂😂😂😂

guys

i need a lil help with thm

anyone awake?

just ask

im solving it right now lol but thanks anyways

They also have their own Discord server

Hey guys, I'm trying to get kali nethunter on this samsung s20 fe, but the OEM unlock option is not showing I've tried this for the past couple weeks, I need help

hey guys, i'm trying to turn my pic into an art or 2d for my music album cover as i'm unable to do it myself

anyone pls

So, I got fished for 500. I mean you gotta learn the hard way sometimes lol

I have recently been hearing about the eval() function in Javascript being exploited. is anyone here educated enough to take time out of their day and explain how it works 💪

Common for xss and it doesn't typically allow proper sanitization. It has a bad habit of taking user input and plugging it directly into the dom.
@coral dock

If you're evaluating web page source code its definitely a red flag.

what you're saying, is it mostly sends the user input to the console?

"Eval is evil" is the saying

https://medium.com/@zaid.zrf/how-eval-can-lead-to-xss-an-in-depth-lab-analysis-3b0d367fd480

Random medium post on it and there's articles everywhere. Probably that can all explain it better than I can.

No. We dont help with this

@fathom summit

https://tenor.com/view/gun-slinger-gun-slinging-cowboy-red-dead-gif-15753058

do you what you learn in oscp do you in the job do the same ? thing ?

Oscp is very much a practical/applied certification

What sup ppl. Hey, I need some help with an issue in the thm room "windows command line" evertime I put in ssh user@......... I get ssh: Could not resolve hostage ...............: Name or service not known. What is going on?

Thm has their own discord, js. You using your own VPN connect?

is there any powershell cmd method to get a Windows 10 home license for free?

I want to study ccsp any free resources or yt videos that would help

#👥・new-member-guide
#💕・free-resources
#🌐・iot-and-networking

Massgrave.dev

how can use this into my advantage

@wise iris hola!!

Do what

i am newbie!! here and i am taking classes on ethical hacking so i need to know everthing abt this group anybody can help me

#👥・new-member-guide

@deft violet dude it needs subscription!!

Nope, there's some free THM and HTB rooms/modules aswell

lemme check!!

Check out pre security on Tryhackme

going on that and i found it thx dude

dude is it nescary to learn reconassince and info gathering

Yes absolutely

Can't hack what you cant find.

Good recon and enumeration is huge.

hmm thx dude i will st my journey if any doubts i will take u r help

👍

Hi everyone!
I’m getting started in cybersecurity. Done with the theory part through courses, books, and blogs. Now I want to move into hands-on practice before jumping into full CTFs or projects.

Where should I actually begin? What practical labs or platforms helped you build real skills...
Also, should I really stick with HTB or THM, or do you all have better recommendations for solid, real-world practice?

Hi guys I em new

Can someone help me how to hack?

yes go with tryhackme and htb

#👥・new-member-guide

Where do I know how to hack

Alright, thanks!

on websites such as tryhackme and hackthebox

it takes years to learn

Where do one get tryhackme

https://tryhackme.com/hacktivities

Then my Computer Science degree is nothing once i graduate

https://tenor.com/view/whats-up-gif-22904841

What sup ppl! Who do I address if I have a question about the 100 day challenge?

Cool

Probs

Its technically possible to get a internship or beginner position closely related to your industry, as for directly in your industry, you might need certs and work experience

anyone in chat

they’ll often redirect you to someone else if they don’t know

I would not say "nothing", its may just not be enough to compete in cybersecurity with people that do have certs there

I told you that your vague question has a large answer-space depending on circumstances

just curious to ask is it possible to text and use apps on the darkweb?

Someone active here please tell me how to make that secure boot mode standard to enable

I tried everything

Thanks!

I have a few apps to help with learning Linux, Python, and SQL. Will screenshots of progress be sufficient for the 100 Day challenge?

yh but they’re nothing special

Hi! anyone who has taken EC-council's cnd that could help me out? I've got a few questions about it

Alright now I have been trained even more yay. Learning the hard way

htb vs tryhackme which is worth for real world experience

Aight. I need 40GB to install ParrotOs as my new main. How TF do I do this?

Since I won't be using windows anymore, I can just wipe it and boot from ext. Yeah?

Usually handle the partitions from the Linux bootable.

That said parrot, you sure?

help me with this error NSE: [ftp-bounce] PORT response: 500 Illegal PORT command.

after using nmap

I tried that. It said it didnt have the space to install. I'll boot again to show what pops up

That's a new one. You cant get to the installer partitioning tool?

There's a 99% chance I'm a potato and doing it wrong

If you go down to partitions on the left. What do you see there?

It isn't clickable. None of it is

Oh. Calamares lol. I havent messed with parrot in ages.

Would there be a better Linux daily driver?

Its fast boot in windows. Thats keeping the partitions locked.

As far as a better daily driver yeah pretty much any general use linux imo. Take that with a grain of salt. If you just really want parrot, its doable.

So back to the bios boot window we go

You need to change fast boot in windows settings

Nah shit I just want something Linux that's good for sec but not Kali. I'll VM kali

Should be under control panel->power options->

Choose what power buttons do or something similar

Thank you for your help!

Np

Just uncheck the box under there for fast boot. May be another tab under there I don't remember but that should get you close

If that doesn't work you can just boot into the parrot live and reformat from there.

Yeah it did nothing. Me and this laptop are about to fight

Id boot into the parrot live and use gparted

you need more space on your discs is that right? Cause what I can see from pic your only partition that have capacity is full

No he needs to wipe windows

well , that is easy

I'm tempted to just clear the disk. I just don't know what happens if I do 🤣

so create bootable usb windows installer , boot windows from the usb and during installation wipe all of the disc

I know internet things. Not so much CPU things

Why would you do this when you can just do it from the Linux bootable he already has.

apparently cause he can't right?

He can't from the calamares installer. He should be able to from the live environment

We havent tried it yet

Oooo , yes , I was not in the whole story ,sry

That's where we're at.

Booting back in parrot to try gparted

well it's simple if you format your C drive , you don't have OS anymore

Does that make it basically bricked or can I still get to bios? For future reference

you can go to bios and that is it

That's basically what yoire about to do with gparted. Just delete the partitions then boot back into calamares.

I ran sudo gparted. Not sure what to do from here.

Whomever helped me thank you!

Just delete that and then back to the installer

You need the correct drive from the drop down on the right

That 150g is that the flash or your main disk

Looks like the flash drive

I think it's the flash honestly. The drop down has no other options

Open a terminal and type lsblk

It says segmentation fault

Wtf lol

Right?

I'm glad it's not just me

It was the ext hd. I unplugged it and ran gparted and now it's blank

This leans me to think there's something wrong with the parrot usb. What tool did you use to make it?

Rufus

Ah ok. We probably need to redo this.

I had to do DD because the other option sent me to gnu

Did you select the right partition scheme when you flashed the usb?

Lol I honestly don't know, I just followed what Google said

Go reflash the usb and under the Rufus options make sure you select gpt under the partition scheme.

I'll have to fk with it more when I take lunch. I have to get ready for work now

Sorry bud. Don't mean to give you run around.

it’s horrible

I took note

don’t waste ur time

on any of ECC certs

Oh bro! You helped troubleshoot the hell out of this thing. I appreciate your time and help greatly brotha

yes and as resetti has said it’s nothing special. nothing “like in the movies”

yes. as long as u screenshotncompleting some course

Screenshot completing*

Just call them and ask them

😆

Also if you are asking it for tracking purpose, then we do not provide such tricks here. Make sure to read #📜・rules

hola guys actually on a bug bounty, if someone has some usefull information about CVE-2025-32101, because i dont stop getting false positive about it and i am not sure if i am doing something wrong or cannot trigger the script to make the exploit work ! really thank for you help in advance

there’s not much to it

just object injection

let’s you execute arbitrary code

that’s it, your question isn’t very clear

ok i will try to be mor specific, the object ijection work with a post request, th thing is in the template provided b nuclei there is also a get request on a sh.phtml.... which trigger the template to interprete in as a positive and i feel that either i am missing something or i am letting it pass through my nose (sorry if i am not clear in my explanation, i am on 8 hours straight into it and english isnt really my native langage)

if there isn’t any public proof of concept exploit available for it, don’t expect to be able to exploit it without patch reverse engineering the vuln

there is PoC, my point isnt about the PoC but ore about this get request that trigger a false positive on a file even though there isnt the POST request needed to make the injection

this doesn’t make sense

wdym triggered a false positive

i am just not explaiining it clearyy

if you’re getting false positives relating to exploits when testing, chances are the vuln is patched

look the nuclei template scan for this - raw:
- |
GET /cache_public/sh.phtml HTTP/1.1
Host: {{Hostname}}
X-Requested-With: XMLHttpRequest
X: {{base64(cmd)}}

and when found this kind of pattern trigger a positive result for the vulnerabilite, the thing is when i look deeper into the link i got for this, it get weird cause its a angular JS tem[plate in my bug bounty case, not at all php and i was wondering if some one had some info about it ?

chances are that’s not a vulnerable endpoint

and you’re looking at something completely different

Company's paying, but I get it. Is there any alternative you recommend?

comptia, offsec, sans

i know, i was just wondering, cause false positive is current and dont mind it, but wantd to talk to avoid a false negative ;D anyway thx for your time guys

...I'm talking network security oriented cert. Not names of cert providers 🙃

yeah go look on their sites for network related certs

???

if ur that lazy then i dont expect u to pass em anyways

What

XD

I know which ones there are, just asking for recs from ppl who've actually certs related to the topic

But alr bro

Thx

you should search for certs that are related to your job and company

not ask for recommended certs from people who do not do the same job as you

those three providers all have network related certs in some capacity, go check out their sites for them

Got it, thx

someone hacked my microsoft account with this weird email @lontano.cloud and I can't figure out what it is since I don't really know these types of stuff

reset your password etc, contact microsoft for support

Where do I purchase a licence for my application so that I get verified on mobile stores?

you can find this information on google for apple or android devices, however your application would also most likely have to be checked for malware etc

Someone tried to access my Microsoft account too 6 times today using a VPN

Chat I'm doing a degree in Networking and Cybersecurty. I've heard so many people saying degrees in this field are a scam. Anyone got any opinions?

It doesn't have any malware I learnt how to program bro two weeks ago I asked for help. Remember 😅

yeah!

comptia network+, CCNA

Hello!! Guy's I'm new here and I want to create final year project on cybersecurity can anyone help me or give me some idea about project?

CCNA is for advanced networking

CEH is a scam

that’s about it

ask chatgpt

degrees

Yooh as long as you gain the knowledge it's cool

he’s asking for uni degrees

i believe

no???

Make a virtual network. Implement security measures. Break them

good, in that case then you can check out android and apple developer posts regarding getting licenses to upload your app to their stores

degrees still help

just not much

oh ye

😅😅 they don't study in school or what

I've been studying for it and I honestly liked it a lot (I'm yet to take the actual cert because I'm a coward) but I thought the network security module was quite short ;~;

@wet gate Sir i'm asking u guys because u guys know better then chatgpt

cybersecurity is a broad subject, you should maybe focus on a specific area of it
for example crypto fraud, or nation state attacks, or advanced malware campaigns, or ddos attacks maybe

I was hoping the CND would go in more depth on secure network architecture seeing the modules it contains, but idk

Do I require some sort of background education to do network administration shiet

Can YOU explain me like ...

Well I could but it's better if you find out yourself

ideally

Yeah yeah XD exactly. For foundational stuff I think it's quite good tho

thnx

thank YOU sir

Ideally but as long as you ve got Cisco qualifications, you maybe worked in a helpdesk you can advance from there

But the foundational stuff I can teach myself right,,

Very much so, even more than that

I'd say absolutely

I'd say it depends on how hands on you are

I've been reading a bunch of research papers on bandwidth management as they tend to go quite in depth

Point me in the right direction please,,I want to learn

I love hands on stuff you know learning while making mistakes,,

https://tryhackme.com

Learn about hyper V or oracle virtual boxes. How to simulate networks. Use Microsoft tools like active directory to assign roles. Implement access layers in AD to give certain users if your network different kinds of access. Use Kali Linux virtual machines, learn to use Linux obv, read about the tools it comes with

Oh yeah and try hack me
And hack the box

Homelabbing

You can set up a few virtual machines and try to replicate projects on them

Awesome I've heard of this I'll try it out in a few hours to see how it goes,,,

If you actually need a proper guide to start from zero and wanna follow the ccna route

https://youtube.com/playlist?list=PLxbwE86jKRgMpuZuLBivzlM8s2Dk5lXBQ&si=z4tVeE2VoxtzIDlC

Check out this playlist

Jeremy's videos are rlly good for learning ccna + networking foundations

Is YouTube really a good place to learn this stuff,,,I've never tried it ,,,😅

The only downside about ccna is that it is very cisco-dependent

I don't think it's about the platform but the quality of the content you consume in it

Yeah well most people just upload to get monetized so lots of things are just junk

But THM and HTB are really good sources as well. I like their learning paths a lot, but I've only ever used them for learning ethical hacking stuff

I agree 100%

I'd say Jeremy's channel is quite good tho. I learned a lot from his ccna content

I'll check it out though if someone else learnt from there then maybe there's some good content

Not wrong but still very transferable skills. I would say it doesn't really matter because Cisco is everywhere but for the University I worked in we switched to Aruba!!

I agree on that, but at some points while studying I was like "is this a cert or an ad" (now I know it's both) lolol

But the material is good yeah

yes

so is google

Okay will check it out as well

Have you interacted with the site??

yeah good site

same with codecademy

though it would be ideal to pick a language you want to learn first(if you even want to learn to code)

Python I guess is quite easy

yeah

https://learnpython.org

html is not a coding language

Yeah I've been using HTML to create my website I didn't get a free host for a domain

it is a markup language

HyperText Markup Language

guys i changed something in registry and now my laptop has the blue error Screen how do i fix it

i need to ask about osint

who can help

Need to learn everything about mint cinnamon

I am a complete beginner

https://labex.io/linuxjourney

Thx

With the amount of info given - do something else in the registry

dont ask for "someone", ask the real question for the group here

a black metal cybersec person?? i didnt know those existed

uhhh im trying to set up burp suite again and the normal process wont work

i feel like an idiot (and probably am) but genuinely have tried setting it up normally

lmk if theres anything that i might be doing wrong

what about it isn’t working

burp has its own built in browser now so u can literally just download the community edition and hit open browser to start capturing traffic

i tried that

ill just try again

what isn’t working about it

lol i just forgot something for the built in browser. it works now.

thanks for the reminder tho

anyone here do "editor" on HTB? I am stuck on the priv esc. I am trying to use CVE-2024-32019 but I just get a shell as myself even though ndsudo runs as root.

Look for a 2025 cve for sudo

srry if this is a stupid question but how do you get the sudo version if you cant run sudo?

You cannot run sudo, but there are other binaries which might help you with exploits on sudo! You just need to find that binary

is it not ndsudo?

I might just be doing something wrong

Ya you're on the right path

ahem https://gtfobins.github.io

I think I am just doing something wronh whilst following this https://github.com/netdata/netdata/security/advisories/GHSA-pmhq-4cxq-wj93

no problem

wait

is editor a seasonal machine

like

active

yeah its active. ill f off lol was tryna see if anyone had tips

ill keep running w ndsudo

What's everyone's thoughts on the asus Tuf line?

depends

the line makes a lot of things

cannot help with that then

Laptop Ryzen 7 with 16gb RAM 6gb RTX 4050

ohh youre talking abt laptops

yeah their laptop line is amazing

Its on sale for a good price and im thinking of buying it but I don't know much about the brand

ive been running everything on an asus tuf since 2020

and have done a lot of everything on this

from pretty hardcore gaming

499

to hacktivism and attempts to prevent violence digitally

etc

its really goo, yes

good

asus itself, interesting how you odnt know thel ine

I meant to elaborate earlier but my adhd reached out to hold my hand

its a good and really popular one as well

I know the line just never used one personally

or nltot likne

i meant brand

ohh

oki

well yeah its very good

Damn it my wife is going to murder me in the morning

^

^

its very compatible

with anything

happens to the best of us

We've been sharing a dell g15 i got for her

And I saw this on sale and thought hmm

yeah

its amazing

get it forsure

Hello, I just joined and I’m having trouble with a basic ctf challenge for my Uni where I am supposed to retrieve a flag in a database but they have an input checker that checks for “SELECT”, “UNION”, “ ‘ “, “OR” and “\””. Any suggestions on what I could try?
( sorry if the English isn’t perfect) if you can’t tell I’m pretty new to this

They said it should be doable without a tool such as SQLMap

Did the restriction is only on "SELECT"? did you tried changing the case and doing something like "select" or "Select" or "sElect"?

Yes and that seemed to work but I couldn’t figure out how to start the inject without the “ ‘ “

It hard coded the restrictions

So “ SELECT” and such is only uppercase filtered

Okay if both quotes ' " are blocked then
How is the structure of Database there, if there is any numerical value which is associated with the flag part, like an id
Then you can print that particular data without quotes

Yes it’s labeled with the id of 4

Then what is blocking running select * from database where id = 4;

If you can bypass select the way I told you then this should work

For int values, you can skip quotes

id=1; select ....

or id=1 uNion ....

Ah I’m forgot “=“ is also blocked but I will try your suggestion with select * from database where Id between 4 and 4. Would this also work?

So to start the inject you can skip the “ ‘ marks?

Ya if the query is already taking an int then you can skip the quotes

Ya it will work! And if possible then just dump the whole database, no need for where or =

Thank you so much! I have been beating my head against a wall for a while now!!!! You are a life saver

Sorry last question, would I also still need a % sign or anything at the start of the inject?

sudo --version

anyone have a unlock all tool for bo7 camos and guns? please dm me

Not something we are gonna help with.

As long as you either do not plan to run linux on it, or make sure that this particular brand/models isn't known to be problematic with linux. the asus TUF usually is problematic though

Ewww bo7

bo7 why?

Oh i see

Which of the following is associated with using peer-to-peer networks?

Options:

a) Where to place the server

b) Whose computer is least busy and can act as the server

c) The security associated with such a network

d) Having enough peers to support creating such a network

Guys please help me to know which one is the answer and some reasoning behind the answer

Ummm if you think about peer to peer and its logic answer here is quite obvious isn't it

C

?

Some says C and I think D

Because the definition which I know it says security is always weaker than the client server in P2P

So for me security is never an option but it seems to be people saying this is the correct option

I think security of a network is important and it is something every network needs to be considered before getting in place or being active it is not specific to peer to peer

A) there is no central server
B) peers dynamically share responsiblility there is no designated single server
D) more peers does improve performance but it's not a defining concern of p2p

Ummm

Hmmmm

uMm for a and b I think the same but for c I expressed my views so I think it should be d

Gotcha

Cause we work directly sharing our stuff i think it is important that we have peer to keep running the network effectively

The most distinctive issue related to p2p is security for example
Lack of central control leading to risks like malware distribution

Difficulty in authentication and trust between peers

Exposure of IP addresses and potential for attacks

Challenges in enforcing content policies or preventing illegal sharing

So from the options u gave me I think its C

Arguably that is solved by hashes.. downloading the wrong files is not a technical issue

I'd go for D, if only one answer is expected

If it continues their would legitly be

Team C
Team D

lol

choosing C implies nefarious intents, and while we might go there mentally, it is not inherent to p2p network solutions

I mean even the official CompTIA and Cisco objectives list the primary concerns/disadvantages of P2P as:

Difficult to secure
Difficult to manage/enforce policy
No centralized control

But one could argue that the question is too vague in saying "having enough peers" cz obv you can't have a p2p

With just one device

Hi everyone im a student that wiling learn about hacking and cybersecurity i want to know about basic and to learn and go to the highest level in hacking and cybersecurity i would like get your guidance can you plese support me please im still a beginner and can someone tell what steps should i take to reach to that level 🙏 😊

#👥・new-member-guide

Thanks bro

D

.

Hello guys I'm a graphic designer .. am willing to work for anybody on a remote job .. kindly send a DM if you need my services

If anybody could tell me if we could bypass dep on mac

Question, what exactly is the benefit of blind sql injection? Little confused on how it would help not to have an output

Sometimes you don't have the luxury to see the output presented to you. Its not that its more beneficial, sometimes it may be necessary

It confuses me a bit because injections seem to be based on extracting data. So not having an output makes me think it would only serve to DOS the target.

Do you know any example where it would be used or is it for just interruption?

▫️ CSA ( Certified SOC Analyst)
▫️ eCIR ( Certified Incident Responder)
▫️ eCDFP ( Certified Digital Forensics Professional)
▫️ NSE4
▫️ Q-Radar
▫️ Splunk

Good enough for SOC jobs ?

https://medium.com/@soltanovkamil19/blind-sql-injection-821d9f91cc0e this is what I found with a glance

Ahhhh I get it now, it’s not that there’s no output at all, the responsiveness of the query is the output

Thank youu

yes

Anyone having issues with THM openvpn?

They updated my account to the "premium config" so I regenerated and download it start openvpn but when I check the tun0 interface my machine now lists IP's in the 192. range instead of the 10.

Their website says im connected to their network but when I start a machine in the room it's IP is a 10 range and my pings fail

hello all happy Sunday

Working fine with me

@whole patio may i ask what OS you are using on your end to run openvpn it appears to be an issue with those using Kali

The vpn is opened inside a kali VM

try the other config see what happens

@wet gate yea that will be my next step. I just wanted to get the room done so I gave in in used the attackbox 🤢

lol

I use openvpn

Send screenshot of error

don’t think there is necessarily an error, more a misconfiguration by the sounds of it

There is no error the openvpn service is starting and running perfectly fine on my machine. THM's site even shows me connected to their network. There is an issue with the connection to the Internal THM machines

@resetti I thought that so I looked at the config file didnt see anything glaring out as the problem even sent it to Gemini and was told it should still route all thm traffic through the tunnel

i'll pay anyone to help

If you can't describe your issue I'm good @mortal glacier

basically someone hacled my girlfriends discord entire computer started talking to her through a browser because her sister downloaded something from some guy named luna like a fake hello kitty miecrfaft link

thye are tryna black mail the child and her

That is 100% her fault I'll be real

for 100 crypto

hey do anyone have any drive or any blog website in which i can get all the material required form basic to addvanced?

she knows

Its nearly impossible to get ratted on windows now

Tell her not to pay and to just reimsge her laptop

ok what about the discord account

is it possible

to get it back

Contact discord support

And try a reset from email

they took the email and number off the account im assuming

cause she tried

and they said it didnt exist

Who's they

hey do anyone have any drive or any blog website in which i can get all the material required form basic to addvanced?

the person who stole

it

i mean i spoke to him in call

he is from turkey

she is willing to pay so am i

so for some reason with the new THM config it sets my wlan adapter to the 10. range and the tun0 to a 192.168 range

Can someone recommend me videos for cybersec basic fundamentals?

such an unbelievably bold claim

https://tryhackme.com and https://academy.hackthebox.com

does she still have the file or link that she downloaded

You have to be genuinely just downloading random things

Just be*

in most cases young people will sought out programs, tools, cheats, whatever for games, this leaves an easy way for any “hacker” with a github rat to target those people

yea

Yep I used to do it, miss it

Good ol nanocore

send it to me

in dms?

or can i send it here

so my point stands, it’s nowhere near “impossible” in this day and age, even not relating to rats, but cyber espionage still requires social engineering and some sort of payload to be executed on the machine

dms don’t send it here

i also have the telegram they tried to extort on

You have to be careless

this is what her sister downloaded

This is probably not how it happened

obviously, which most young people/uneducated people are

😭 I'm 20

Learned not to do those things at 13

that landing page screams malware

I wouldn't waste my time designing that for mal

likewise, as i was interested in computer security, of which i’m sure you probably were too

I wish I thought about that tactic back then

who says it isn’t AI generated/cloned off another site for ease

True, chatgpt is pretty good now

my point is not everyone grows up with this knowledge dawg

Forgot how easy It was to make a website

You're right

We are blessed with knowledge

well her sister is young

and isnt on the internet

cause her parents didnt let her have a pc yet

thats why she let her little sister try it out

Let me get this straight

We are communicating " us > you > them"?

delete this btw

That'll be counterproductive

Ok

i want time to download the payload

what

im confused by this sorry

i came here to find help cause her sister and my gf are being extorted and blackmailed

for crypto

we arent on the internet like that

i know better but

they dont

don’t pay just wait

This is a port scan

Ok thank you

Did the photo send

yes

yes

Christ discord is buggy

212.68.34.228

That's the server hosting it, appears to be a vps out of turkey

Oh also upnp

go shell it bigman

Probably want to turn that off

😭 I don't do that sht anymore

All legal, I work helpdesk

mhm

the guy was also using w okada voice changer when i was talking to him

he shared his screen

idk if it helps but i got pictures of some of the info

Is this related to some kind of vigilante stuff or just investigation? If it is an investigation then make sure not to reveal too much info here, you can take this in DMs. Everything else is good 👍

yeah

investi

i added you

Ya then not an issue! Just make sure nothing serious is dropped here! but ya investigation is fine. I just speed read things so I was just clarifying

Yo

i got an interview offer from META ∞, detection & response security engineer, Intern role.

i want to prepare for the interview.
I am very confused where to start. Interview's on 25th

very confused as in you dont even know what youre doing?

not confident enough, i have experience with Android malware analysis from my previous intern.
But this one focuses on different thing.
Idk how will I crack the interview :/

Hey fellas, I am currently trying to learn on how increase my privacy and give big tech as little data about me as possible.
I trying to reduce my browsers uniqueness to avoid fingerprinting - Therefore i started to use firefox and have the settings set to block all activity tracking and fingerprinting. I also use the firefox multi account extension, proton VPN and ublock. For research purposes I started to use the Tor browser. Now my problem is that some websites are not working anymore, or keep bugging me with captchas. I understand that VPN-IP Lists are tracked by many companies to block them but i dont realy get why others are not working at all. Are there any guides on that? I also like to watch free anime streams in embedded sites but they seem to not work anymore either.

ublock by default can block too much

Rule of thumb - if it is a free vpn server or tor connection, many sites just block you

I am trying to run a tool on my kali linux vm and it throws this error can anyone help me?? Thanks in advance

SyntaxError: Non-UTF-8 code starting with '\xcb' in file /home/rabie/Downloads/WIFI-HACKING/WIFI.py on line 1, but no encoding declared; see https://peps.python.org/pep-0263/ for details

not a kali issue

I know it is a problem in the program

How can i fix it

bro

we have no idea how considering you didnt even wesent ur py file

lol

I clone a github repo and followed the steps but it threw that error

Created:
06-Jun-2001

Look for something from this decade

When was the project last updated, according to the github page?

10 months ago

What VM-Ware are you guys recommending? Id like to experiment with linux and with googles API for gemini to work in a CLI

either virtualbox for ease of use, or qemu for a bit more options

and the word you were looking for is "hypervisor"

We don't help with account recovery, of that accounts service provider can't help you

Hello guys,so I was trying to make my pedrive persistence linux (Cinnamon Mint) the size 45 gb my pendrive is Sandisk and it is usb 3.2 gen 1 so i tried to use rufus and i tried GPT and MRB partition scheme and FAT32 file system and target system is BIOS or UEFI (this is only one available) and cluster size is 32 Kilobite ,so i made my drive persisitence using GPT but then when i installed discord and reboot again i found the file gone like it is liek it doesnot exist

Help im dm's is typically frowned on. Prefer you to ask any questions you have here.

Anyone heard of mysterium vpn?

yes what abt it

can anyone teach me the good hacking

the good hacking

#👥・new-member-guide

can some one help me with it

i ahve tried many times

If they just hacked her email, let her change the password and disconnect all devices of it. Also clean all cookies on the browser and what I woeld personally do is on each service she uses disconnect ALL devices and after that refactor the PC and/or mobile phone and trying to change password for all services she uses.

not a hacker though but i would explore the google account and look for leads

i think there is a plce not sure where but can be found inside the google account where it shows what devices it is connected

also i think you can log devices from there

Thank you

wlecome, also shift all the information of the gmail in the pendrive without using the computer and then delete things of that account i belive that will be safe using computer i am not sure but i believe is unsafe personally i would do that becuase people cannot track pendrive (up to my knowledge)

If you got an offer from Meta you should not be confused for knowing where to start

The reason your files disappeared is likely because Linux Mint booted into 'Live Mode' (RAM only) instead of mounting that 45GB partition.

• Even if Rufus creates the partition, the bootloader often forgets to tell the OS to use it. When you boot, you need to ensure you are selecting a specific "Persistent" option in the menu, or press e to edit the boot line and manually add the word persistent to the text.

• You used FAT32, which has a 4GB max file size limit. Trying to force 45GB persistence on FAT32 often causes glitches.

Since you have a fast USB 3.2 drive and want that much storage, why using 'Persistence' (which is buggy). Instead, grab a second USB stick with the installer on it and perform a Full Install onto your SanDisk (formatting it as Ext4). It will act like a real portable SSD, it won't delete your files, and it will be much faster.

can you not like

chatgpt answers for others

they come here for genuine answers from experts, not from chatgpt copy pastors

we have enough of these

So i found that my linux was using the persistence mode ,i used terminal (forgot one but asked help of ai to give me a cdoe to run on terminal) and found that it is indeed persistence ,so as you said about full installation of Sandisk can you pelase elaborate on how i should format my drive to use it also my pendrive is 128 gb (originally it is 114 gb ) so i want 45 gb to be used in linux and the rest storage as a siple drive to store my file normally

And they got the last card from my deck

hi friends does anyone know any remote internships for cybersec? i've been hunting for remote internships rn but can't find

rare

How do I reverse search an address.

What address?

Just an address in the USA.

We do not help with such things because it can be used for tracking. Please make sure to read our #📜・rules

Then where do I learn how to mostly attack (Red Hat)

I know how to defend, but I don't know how attacks work or how to attack on my own.

https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux

Please stop spiking me

Do what

can anyone give me hacking whats app

no, stop asking
#📜・rules

Also, no need to DM me

i think you meant red team

Do not DM me, if you have anything to say, say it here

illegal requests are forbiden

can anyone give me hacking whats app

Anyone please

any ssh study material plug over here ???

https://forums.linuxmint.com/viewtopic.php?f=42&t=287353 I do not know which guide you followed, but this seems to be referenced even today

Hello any wiki that talks and deepens the understanding of reverse shell?

(Educational purposes due to it being our final project where we attack another computer in the same network)

Just read up what a shell is?

google is free

I know about it... i just cant understand it

im asking for reccomendations lile theres a lot of resources in google.

But some of them are not inline

tried asking chatgpt to deepen it and it wont cause of the policy

It's very simple. Victim connects back to the attackers machine.

Else just play with a C2 framework

https://www.revshells.com/

Thank you so much

are you dyno

No... technically yes

anything more specific? there’s not much to learn abt rev shells

I don't have much knowledge of computing 😢

amy yt video you recommend

I recommend you use actual documentation, and get that knowledge of computing

Well i though rev shells are hard cause that is our final project. Ive been asking reddits what tools are used and such

thanks

thanks tooo

The basics of what a rev shell is are not hard at all. Getting one can be, depending on the exploit used.

Hmm i see. im still getting through the basics of linux and the only tool i know as of rn is nmaps and a bit of wireshark

Don't worry too much about "how tools work" then.. there are a lot more low hanging fruits to feast upon before that

hey, could someone kindly share web exploitation resources pls?

not the rev shell that’s hard

it’s just communication after an exploit so that you can do whatever you wanted to do

exploiting the thing itself

is the hardest part

great then learn en

em

any netacad networking course recommendation? beginner here

I need something to prove I'm not crazy right now brought to the house

💯 😎 😎

@crimson aspen
Firstly, there is no way to find someone’s email out of their insta until and unless you don’t have some data points, with their name it is not possible.
Lastly, we do not provide help with that so please make sure to read #📜・rules and do not pay anyone who DMs you about this, there are scammers here.

Sorry

Is the any software developers? If yes please let me know how yall be generating incomes plug a brother out

Im not able to text in #💬・old-gen-chat

getting a job

You cant post pictures there, is that what you mean?

LMAO

so first you wanna learn to exploit it

and then defend from it

lmfaooo

you can’t exploit it via metasploit

maybe don’t act as anonymous and be a skid trying to pull insta ips

disgraceful to the actual founder of anonymous who used to be here

in owlsec

exploits

that get latched

patched

fairly quick

Not for too long

I just wanna learn everything properly

https://tryhackme.com/hacktivities

Thanks

At least someone who doesn't
Makes fun of you for being a beginner but guides

Hey Guys I just completed the CEH v12 (and the graded assignment was alarmingly easy) Yeah I know v13 contains AI and much more stuff but I am confused.. Does anyone have any experience with CEH v12 or CEH in general? What do you think about it?

if your first question is "how to do carding, how to install tor and hide my IP" but after two weeks you still have not seen #👥・new-member-guide - maybe its not everyone else but you?

It's pretty much worthless

I was afraid it is xDD

not making fun of u for being a beginner

but being a cringe anon kid after seeing a tiktok edit

My school gives about 5-7 assignments a day of about 200 pages what do I even do.
So I thought of asking experienced ppl who have already read that

mhm

from anonymous

so real

So lazy and can't be bothered to find out yourself

That is going to be one short journey

watch him get scammed

by that person asking money to mentor him

or teach him to be a con kid

com kid

joke cert

Sorry if I made you angry

ask for help from ur school

thats their job

then ur school is shit

Yes

Oh, fake anon. Nice.

And I didn't said I am a real anon

I am just a beginner

The user name implies it

Be like me walking into a biker bar wearing a Mongols patch and being like "I didn't say I was a mongol"

Okh

Hi

Can anyone mentor me

This is not a line of work where private mentorship is really a thing. It is constantly evolving and you gotta get used to self learning. Only way this works.

That person played a joke on you. No one here will

☺️

any specific website you use to learn

There's loads. Hack the box, portswigger academy, tryhackme

I want to get into penetration testing but unsure what the best way is to progress skills and certs, ideally would love to have the OSCP but I’d like to build up to it if I can since that’s expensive, any advice?

Nope... I'm not able to text any message

There are several links in #👥・new-member-guide #🛠️resources-tools #💕・free-resources - no use trying to look for recommendations/shortcuts/walkthroughs to this. Just start and see where it gets you

Avoid youtube and LLMs, be prepared for this to take time.

Hello, i have a question about taking down a tiktok acc that post some inappropriate content, what's the quickest way?

Report them, get over it if nothing happens

report it

#👥・new-member-guide https://tryhackme.com/hacktivities

can someone help me with learning how to test for race conditions since i tbh have no clue

thanks

thanks

Does anyone know on how to get unbanned from Instagram, ive been banned for something i didnt even do , is it the new a.i fault?

Seriously?

🤔

Appeal or create a new account.

Yes

That is the only way unless you somehow find a 0 day in instagrams servers lmfao

You should probably remove the "Intermediate" role from your profile btw.

Already appealed

Then make a new account.

Why

I got so much memories from fam on there , damn

Because there's no way in hell you're intermediate by any standard judging by the question you asked.

Maybe don't violate the TOS. Or better yet, keep backups.

I didn't violate it

🧢

🤦

I can guarantee you either commented some racist/sexist shit, or you were pretending to be someone else.

That's the case 99% of the time.

No no no

I don't comment

Dont assume Stuff

guys how do i clean my android with linkux, its been hacked trough termux i thiink, degraded the shell and change booting

If your phone actually has a virus it would need to be factory reset. What makes you think it's hacked?

Does anyone know any glitches in credit Union

We do not assist with illegal activities #📜・rules

even if we would

we wouldnt tell you

dw

Hello all i am in need of a bit of help anyone willing thx

You need to tell us the problem first

Ok cool am sure it is fairly simple just not for me lol. i am on root me doing ctf and i cant seem to get the ssh to connect i have root username and password i think but it refuses connection

i have used sqlmap and obtained the credentials i can access the database phpmyadmin i have dumped the database and dehashed the passwords its driving me nuts

i dont want to bruteforce and i dont think it would work within the timelimit anyway

is ssh with hashing?

not sure what you mean by that mate explain please

actually what do you even need ssh for if you're root?

diffrent server?

i have root credentials obtained from the sql database but i cannot access the web server

the credentials i have should work to log me in via ssh it connects to login "ssh -o HostKeyAlgorithms=+ssh-rsa root@212.129.29.185" but refuses the passwords

You sure the root creds are usable via ssh

phpmyadmin is for web most of the time

it keeps passwords for the website not for ssh

haaha nope but they should be

Usually your initial exploit on a ctf is gonna be user level

pretty sure most ssh don't even use a DB. Just some file on the system

Yeah you'd be banking that those credentials are used twice. In the web app and also for the root account via ssh, and that ssh by root isnt pub/private key