#👥・help-me

Hi guys, I am currently using Owasp Zap to pentest a web app. So far I have done recon with some tools like whatweb, amass, wapplyzer, and crt. And I captured the traffic currently using manual explore because I am not trying to spook cloudflare with the automatic scan.

I am trying to find the pentest channel but I guess here will do

I changed all my passwords. Shit! I am so screwed

My question will be, I have to know what I am looking for in the chunks and request and response, is there possibly a framework or guideline to follow for ease.

Searching through a series of chunks can be annoying. Although zap will give some alerts but you still have to dig.

wipe that machine, and any that has the credentials saved

there is no cookie cutter way, but several pentesters wrote their personal playbook down

yeah that's the only option

#🚩・offensive-security

Anyone you could refer? I beat myself up literally when I follow a wrong lead

I would have to consult a search engine to answer that - as most people do over time, I wrote my own

and you can surely google that yourself 😉

Anybody know how to make some money im broke and it suck

Listen Check notes "Scamlikely" - your best bet is to go look for a different server

Chat I’m really talking to a hacker that’s cool af😭

I’m on discord offf my phone so It’s harder to find things which folder has the blueprint to learning cs

lol

ur not

Please make sure that you also read #📢・announcement message

Good morning

Quiet here today

I have done Android Development and Backend Developer and I am in my 4th year of college
I wanted to start with some fun Cyber Security stuff like Capture the flag and all things

Can anyone suggest me how to start with it
I know Cpp, Java and Kotlin well and beginner in python

I know next to nothing, and i want to try instailling linux onto a chromebook that is EOL. What would be a good distro to install (for the sake of learning)?

OS Management + Networking are good to have as well.
TryHackMe has some introductions to those topics, as well as the topics of the tools and concepts used in a lot of CTFs.

So..i nedd some openions 🫶🏻

I need to plug in a pendrive into my lap but need to avoid getting infected if the pendrive is infected...what can i do

I have tried CTFs for fun with my friend
And for OS and Networking like I have done in my college
Can u tell me say a playlist or from where to do it

As I know the things I learnt in college are just basic

Is just turning of the usb autoplay n opening the pendrive in a vm enough for saftey?

guys i have 2 raspberri PI 5 + 1 laptop as servers, what security measures can i apply to them? i have auto updates i have configured ufw so that only connections through my websites wich are routed through cloudflare are allowed and i have closed all ports like ssh to work only through tailscale, anything else i can apply?

Currently in my 2nd year of college and i wanna be in cyber security, especially in reverse engineering and/or pentesting, anyone got a roadmap for me?

For OS management, best is if you have a way to spin up VMs, then just start practicing setting up different servers for things. How does the OS interact with it? How would you better manage the OS to protect it?

From there, you understand what to look for with other people's setups like in CTFs to be able to figure out what are the ways that you can can into the environment.

But some CTFs are going to be based off nuances of things like Bash and what not, so official documentation for things like Bash are required reading.

For networking Cisco has their Network Academy that offers a free course along with Cisco Packet Tracer, a network emulator to practice with. You can also practice networking concepts in VMs though.

ARM cpu?

i tried breaking through a VM yesterday.. windows 10 through msfconsole... Didnt go as plan.. using hydra

i wasnt in so the meterpreter couldnt read anything, well not read antyhing sorry

it wasnt there. seems like the command doesnt exist

Not plug it in.

Something like that(an unknown infected USB), one would have a separate dedicated environment with no network access and log collection to see what the USB is doing when plugged in on various OSes.

hydra doesnt seem to exist neither

Practice managing them as a fleet so that you can keep all their configurations "in sync".
Ansible would be a good way to start that.

okay ty

how, idk. cuz when you try the psexec.py, that doesnt seem to exist

theyre all running stuff on bare metal, no containers cuz networking gets messy and hard and im using ubuntu server on all of them

Not ideal, but booting from a live usb stick in forensic mode and then plugging in the other usb stick to look whats inside should be

Also look at SSH key-based authentication, and AppArmor

you probably have to install it, look for a guide online

i have ssh key based auth yeah

But yeah, ideally you want a dedicated, airgapped laptop

hmmm... oh and im just beginning out with cyber.. The vm doesnt seem to pick up any vunrabilities somehow. i assume Vm doesnt have a TCP, but how.. It claims theres no tcp i assume thats just VM things

I have an usb stick with hardware write protection switch for stuff like that

is there any way i can test the security? like a website where u give the link to your website and it does many pen tests?

so is the Transmission control protocol just not visible cuz of the option i chose.. the adapter or?

cuz its on bridge adapter rn

In my college we have tried the Cisco Packet Tracer for building the networks for sending and receiving messages the flow with wires and all

Maybe Cisco Network Academy for some networking stuff first.
"vm doesn't have a TCP" doesn't make sense.

thats what im saying. it doesnt make sense

Several. They are mostly marketing devices to make you pay for the commercial product though

Like, the actual sentence doesn't make sense.
Unless you mean "there are no TCP ports open"

Or "The VM doesn't get an IP"

basically

doesnt every VM include the IP address if you choose an adapter to use?

i don't know anything about the VM or where you got it

its supposed i assume

can you recommend me one?

Its VirtualBox Jeevis

No, the VM includes a piece of virtual hardware, and a driver for the OS + Applications to interact with it.

An IP is a separate layer/concept.

mhm... Should still allow me then to break through

Can anyone say what's blue name mean ?

idk.. I dont feel like going through the basics of cybersecurity.. its just a burnout

Not if there are chunks of information that you are misunderstanding :/

unlike this

its just how i like doing things, going into the things and doing it. not learning bar by bar

imma just find out what it is then

Right, but the "thing" you are doing is like practicing surgery when you haven't put a bandaid on a cut before

i know... Honestly wish there was an alternative yk... ;/

Cyber is a branch of regular IT

Which is why it seems too difficult. It assumes you already know basic IT stuff first.

Mh...so there is no way for a guy with just a single lap to check it out?

You don't have to go through the TryHackMe or any of that stuff if you dislike that way of learning.
Grab debian netboot, install without a gui, and start learning how to set up different servers and stuff to play around with "what am i doing when i set these up, what are ways people could screw with my setup if they had local network access".

Eventually, move onto the OS itself. How can you set up the OS better to protect against people doing weird/malicious things from the local network. Arch is great for that, because its a great wiki.

If you can't think of something to host, here is a bunch of applications that are self-hosted you can play around with.

https://github.com/awesome-selfhosted/awesome-selfhosted#table-of-contents

Can anyone share the icon that the bingo aap has
I can't find the one that was made in the announcements

well i made it to bronze now an expert answer me please, is is real and possible to learn cybersecurity from internet free without university ?
as a someone who wanna be a red team

🫂 🌸 THANK YOU SM!!, il take a look

Yes, but it will be difficult unless you can keep yourself on-task, and you almost require at some point a way to run VMs so you can practice things.

For networking, you can do the same. Grab opnsense/pfsense, or even just take linux and turn it into a router(heck, you can even turn windows into a router if you hate yourself enough).

Once those things start to make sense, then move onto "what tools can i use to better test the security on these machines". Think of "TryHackMe" as an "introduction" to those tools, and then the official training or documentation for something like Burp Suite for example is where you get elbow deep in things that would lead to pentesting/redteaming.

Yes, half the red team I was on didn't have degrees

New members just joined now
And I want to learn here

Welcome. Check out #👥・new-member-guide

lmao, yeah.. il try burp suite, i already did some stuff on tryHackMe for pentesting but its limited

thanks it means much

Looks like this app is not available in my country

hey im trying to get into cyber scurity and self teach myself so im kind of new to this and need a little help

what are they asking me in this: "What is the netstat parameter in MS Windows that displays the executable associated with each active connection and listening port?"

gosh theres alot of people who seem interested in cybersecurity... competition is growing thick

i ran the netstat command in the terminal but im not understanding what im looking for

Is that the search skills room in THM?

yes

you can run man netstat to get a manual on how to use netstat

then search for the relevant parameter to answer your question

I just told you how..

Check out #👥・new-member-guide and if you have any questions you can ask them here

Flash a live image with forensic mode onto one of your usb sticks, so it does not mount the hard drives.. boot from it.. then plug in the other stick

Its not "ideal" but highly unlikely to be dangerous

Look at the notes it gives you. It lists out an image showing you the parameters and what they do

use a data blocker USB, apart from that if you know its not a USB rubber ducky or HID keyboard USB, then you can just plug it in, USB autoruns dont exist anymore since Windows 7

and what is a data blocker going to tell you about the content then

okay thank yal

depends what type of one you get

there are both data blockers for blocking charge, and there are data blockers for blocking HID/CDC etc

If you dont mean a data blocker, but a forensic usb data bridge.. yeah those are not cheap enough to have them lying around

you want to buy the one that blocks HID

i mean a USB that blocks HID input

you can still see content, but no HID keyboard inside the drive will be able to run any commands

there is no such thing.. it either has data lanes, or it doesnt

protection measures against HID devices are software

So like a software that permits only data to be sent from lap to usb stick n not vice versa...does that work?

Yeh its just a usb stick am sure of that ...just afraid if its unknowingly infected

pretty much

chances are it isnt a rubber ducky or HID implemented

there "are" devices that check whether an usb devices announces itself as HID, but again.. those are not lying around everywhere

they are on the net but ok

anyways

if it was me id just plug it in

...

Well I told Sarang what to do. Twice. Up to them now

And...thanks for the info a🫶🏻

W8 a sec w8 a sec i didnt notice 😭

-.-

#👥・help-me message #👥・help-me message

Nop nop ...u said about using another usb stick to dual boot or something like that?but i got no extra things apart from this laptop

No I didn't

Flash a live image with forensic mode onto one of your usb sticks
(so it does not mount the hard drives)

boot from it

then plug in the other stick

nothing about dual boot anywhere

If its not something you have at least a little practice in (booting from USB linux distros), I would just not plug it in. Keep it around as a future goal.

Learn how to boot from live linux USB distros, and play around with things at least a few times

and yeah, if you do not even have a single usb stick on your own, or that you can borrow, I wouldn't go further

Any recommendations for forensic linux? SIFT?

or does kali have a forensics mode

Honestly I think about every live linux system has a forensic boot mode.. it really just means "Do not touch any drives on your own"

kali does, too

its not really "forensic" in terms of being able to do stuff.. just "not touch the evidence"

If you need to run forensics on a hard drive, how do you go about it without mounting the drives? I don’t know if there’s a way to stream data from the drive without mounting, declaring myself ignorant in that subject.

So Arch's forensic boot mode would just be the regular live arch iso then

because it doesn't auto-mount anything by default

Mmm....okeyy

Typically you make a forensic image off of the drive. Either with a hardware bridge, or with a forensic mode live usb.

no need to mount it and flip some bits in the process

Can someone help I just like joined and I want to learn about cyber security and hacking and allat but I don’t know where I can get started is there like an Info channel or something

something like?

dd if=/dev/sda of=~/WorkingDisk.img

Sounds like it? Sometimes the mode is hidden behind some "advanced boot" menu item

#👥・new-member-guide

Alr Ty

thats not quite a forensic image, but yeah

forensic image would do the whole hashing of the process too

data bridge - live usb

ok, and there seems to also be 2 other versions of dd specifically for forensics. Cool.

thats my personal forensic kit

that stupid forensic data bridge alone goes for something like 700 EUR new... its madness

Nice thanks for explaining

well if the defense claims you altered the evidence, you need to be able to show that the image you made is an exact copy of the original.. so no "was last accessed today"

I am actually secure erasing a 16 TB external hard drive I use for hard drive images as we speak.. been at it for 5 days.. 2 more to go

well. 1 day and 15 hours left..

Can you do that without mounting? I genuinely don’t know since I’ve never tried, lol

you "cant" do it while its mounted 😉

Oh, wait, really? My bad. I’ve not used that in a while.

is that you on the camera?

it is

gosh...

well eris... il have more respect then

lol. He’s one of the most knowledgeable people here, I’ve noticed.

well if it takes that.. 😉

lies and slander

haha definitely!

just one of the more active ones - doesnt mean all that much

I am surounded by people with way more indepth knowledge.. maybe not always in the #👥・help-me channel, but thats the territory

better than having no one around. still thankful for the help either way..

So...can i ask a last dumb question 😭🌝

Is it possible to start cyber forensics without knowing cyber sec or hacking or something...will be it be like trying to find and protect things but idk what am trying to find?...or can i learn them along the way with cyber forensics

There is always the compliance side of cybersecurity.. or information security as would be more accurate there

knowing regulations, being responsible for documentation, etc

its not technically needed to have technical knowledge there.. though it sure helps, and people regularly use it as a starting point into the career

its just.. its usually not a job given to the younglings

Uhuh...

In your experience, is it easy to pivot to InfoSec from a vanilla engineering job? I’m learning this for fun, but I wonder if I’m too far down my career path to make pivoting easy (without having to take an entry level job and corresponding pay cut).

everything is easy if you know what you are doing.. if you are confident to pass the smelling test for potential clients or employers.. sure

many people in this fields did not have a straight career path

Yeah, well. I suppose if I were to do this seriously, I’d have to pursue a masters, or something of the sort.

My usual advice is.. don't rush it, have a plan b in case this takes longer, and if in doubt.. look around you.. and see that other people aren't superheroes either

that really depends on the region of the world.. the more people live in your region, the harder it is to get the good jobs

Here in germany, no once cares about or expects a master degree

Yeah. I have a good friend at work, he’s staff-level now, but he pivoted to our internal InfoSec team when he was a lead. I’m pursuing a Lead position right now, which will open up a bunch of options for me, so it makes me think it’s feasible.

I hear that in other regions, like india/pakistan, it is next to impossible to get a job in the industry without it

let me tell you this.. from all I've seen from you, I am confident you can do what you set your mind at

you have a confident attitude, communicate honestly.. now maybe develop a bit of a suspicious eye every now and then, and.. 😉

I used to sit with the daughter in the city center every now and then and we played a little game "What wrong with them", where we looked at people milling around and see if we can figure out what they do or who they are 😉

Thanks a lot, man, that means a lot

As eris said, it is meant for use while the partitions are not mounted.
You can even use the command to move from one disk to another (looking up dd in man to find the parameters you want to use)
But it is missing things that dcfldd and dc3dd include.
As well as actual hardware that prevents reading at all.

Nice, thanks! I’ll need to read up on that. I’ve only used it when flashing USBs and SD cards, so I’m not 100% familiar with the usage, capabilities, etc.

So my friend checked a text message last night and now his iPhone and insta got hacked. What should he do?

Its probably not hacked - what are the indicators it was hacked?

the phone, I mean

One sec let me ask him

insta? Yeah maybe.. contact insta support about it, as usual

He said that when he got it the phone reset and it wasn’t an update

Unless you friend can be considered a person of interest for nation state actors.. it is highly unlikely their iphone got hacked

His phone number isn’t on his phone, and he tried to login but there was a protected number that got on his iCloud account

contact apple and instagram support

Case for apple support then

He said he’ll ask go to the phone carrier service and then contact Apple

Thanks

Eng XP will make it easier to pivot into certain subfields for sure. Appsec / prodsec, devsecops, app-focused pen testing, etc. What kind of eng work have you focused on?

Mobile at the beginning of my career, then backend, and now distributed systems.

ICS maybe.. the world is your hardshelled seafood

somehow when I hear engineer I still think building large machinery first

I like to distinguish between a programmer and an engineer because there’s a lot more to building reliable systems than just writing code. And the further you advance, the further away you are from the machine 😭

What’s ICS? if you don’t mind explaining.

Industrial Control Systems - just ignore me, was still thinking machines

Ah, well, not that kind of distributed system, lol. I deal with more abstract things.

k8s?

We run our infra on K8s, yeah.

But I’m mostly on the business domain, not really on platform engineering. So I write the code that runs on that infra.

still a big jump from regular programming to have it all work properly together. The configs for k8s is like its own job Q.Q

Oh, for sure. It’s a different beast. Gotta think of data races, identity across nodes, traceability, etc.

Hey guys
I hope I am using the right channel xD
Basically I want to learn OSINT and hopefully start a career in it
But I don't have a clear roadmap in mind and I don't know where to start and what certifications I need...
I do have some experience and I know the basics of cybersecurity

OSINT alone doesn't give you a career.

Decide at the beginning wihch path you wan't to learn. You can have a look at #👥・new-member-guide

Oh okay thank uuu

I’m taking the Security+ in a couple of hours, what are some good pre-exam tips?

@jolly path Now.. please don't make this weird, but.. I already might up my mind not to be friends with you, so no friend requests anymore, okay?

@sharp rock
Do not ask for unethical things here.

Z

Don't spam please.

hey i just join this server i want some help i've been working as SOC L2 and Senior GRC for last 3 years now i've moved towards VAPT/Bug bounty but im clue less where as i just started doing some VAPT on wordpress websites using WP scan and a little bit of burpsuite can any of you guide me or teach me. I've no timing issue totally depends on the person who'll help me learn VAPT/Bug bounty

tryhackme has some rooms about the tools, and burpsuit also has a training thing that is good.

Ideally, you also want to have strong knowledge of networking.

port swagger academy ig

thankyou for replying @woven anvil i've looked after it and i also try portswigger but there's a huge difference in doing real bounty vs doing these types of labs im stucked here actually

Try as in completed portswigger? Or did a little bit, and gave up because you don't find it "realistic" enough.

i completed all SQL labs TBH but not giving up this easily so im continuously doing the labs and also trying open bounties

Do you have a homelab yet? (Somewhere to run VMs to practice the things you learn online internally)

yeah i've just deployed kali linux is there anything else i should also deploy?? which will help me to progress further

If the idea is to attack web, then also learn some programming, html/css/javascript, and spin up an nginx/apache server to run it on a VM. Then see how you attack stuff that you make. Come at it from both angles. How would you protect against that? How would you try to get around that protection?

So "anything" that you put into VMs will help with that. Learning how to install linux so it becomes easier to install next time you go to do another test. Learning how package management and updates work.

Docker is also a really "nice to learn" for deploying applications onto servers.

Essentially, TryHackMe should give you a summary of something, then you should look for more information on official documentation, and trying it yourself on VMs

and not just TryHackMe, any online free resource >:D

thanks jeevis as per my past exprerince i've worked in soc using mutiple SIEM EPP ERD XDR and ive also worked as devops engineer so ik how docker works so i wana ask will the experince of mine gonna help me in red team?? and the last thing there a channel of bug bounty its lock how can i join it?

people usually go with metasploitable (i guess there are 3 versions)
there is also "OWASP juice shop" but it's just a broken website but jeevis' plan is way more practical... or you can do both

It will for sure help. Someone who is "looking for a way to exploit something" is going to have a very hard time if they don't understand how that "something" works, and is generally protected.

thankyou soo much brother your guidance and experince helped me alot now my path is more clear im gonna deployed the lab and gonna start working now

Hey I have a question, is there any way I can defend my laptop or any device from being on a botnet??

Understand what the OS is, and how to monitor its connections and logs.
Its easier to do on something like Linux than it is to do on Windows.

If I’m infected is there any way to fight it off?

Well yes and no. I assume you consulted a search with the question already?

Wdym??

Have You Googled That?

No but I looked into botnets and if they run in the background using a tiny percentage of my cpu how would I know

That has to be illegal right?

If you understand the OS(I will use Windows as an example), you can go through and remove all unwanted files, all unwanted registry edits, check the file size of every file to ensure that it has not been tampered with, and check if the computer is reaching out to any malicious IPs.

The problem is I am assuming if you are asking this, you don't already know the OS, where registry keys are suppose to be and their default values, what files go in system32, how big they are suppose to be and a bunch of other stuff that is "useless to memorize".

Spam what?

And thats not even getting into Currently running processes, which is the bulk of things.

sent by mistake

Quite illegal, yes

A random Z in this help chat.

Saw any other text rather than that?

(you really shouldn't do this, just say sorry and nothing happens, but it's up to you i don't care)

Honestly? You should use any search engine beforehand on how to secure/harden your system, all in your own pace with all the infos you have but didn't share with us

The reason - your question is too vague and your situation too unclear

Get the basics down first

Ok thank you

But if it’s that hard to know, why would I not just try to create my own botnet from a burner laptop and crypto mine

How would anyone know??

Please don't make me answer that

I don’t really see how this relates to what Eris has said so far. If it’s that hard to know how to secure your laptop? Or what are you asking?

How would anyone know? People would know because law enforcement in many countries have branches dedicated to pursue this type of criminal activity.

I was just curious because it seems like it’s very hard to catch someone with a botnet since most people would not realise that their computer is infected that’s it.

I’m just worried that I’m a part of a botnet also

Yeah we get that clearly

That's also the reason I suggested what I did. To help you get a little bit more clarity about your attack surface and typical measures

"Is it possible ..." and "I am worried that... " is too big an area to address. You need to narrow that down by getting more basic infos and standard behavior nailed down

Ok thank you anyways

Can I ask a question? Can anyone explain what samba is for me?

thanks

how do I learn to use samba?

Take a step back.. whats the base task you want to achieve

just learn the basics of it

you woke up and thought.. "need to learn samba.. no reason why"

Just now you didn't even know what it is

I just want to learn the basics of file sharing and bridges between linux and windows

Oh well

@whole patio @turbid glacier thanks

What does enumaration mean?

Find out "what you can find out with what you already know" - then do it again

Hi guys

Does anyone know about some endeavour tips

I just installed it and i was wondering if someone has smth useful to share

endeavor OS?

Yup

and tipps as in... anything specific?

Well, I'm a college student, studying software development. So smth that can help me with it

Tools

any experience with linux?

Maybe

Neither

Alright.. my advice would be.. take your time to get comfortable with the OS, learn basic linux commands.. install stuff you would normally use, etc.. with an arch based distro, this will keep you busy for a few weeks and also teach you to consult the distros documentation

https://labex.io/linuxjourney thats usually a good starting point, unless your college offers its own resources

Great

Thanks man

I appreciate you

Appreciate you saying that

Can someone put me through,I love coding so much but don’t know where to start 😔

Start by choosing a beginner-friendly language like Python or JavaScript. Set up a simple coding environment (like VS Code or an online platform such as Repl.it). Begin with small projects, for example, printing text, basic calculators, or mini games. Learn by following tutorials and then tweaking them yourself. Practice a little every day, and join coding communities for support and guidance.

@distant swallow

Fair. Im not a pro at programming. And its seems that you have mor experience

Maybe C is better to learn as a first language.

But what is the best way to learn C in your opinion?

Who here knows about capital one take over ??

I've tried to learn C but I gave up because of hard concepts and I didn't know what to build.

Who knows about capital one take over ??

Do not spam please

What can I do to get money online? I don’t know what to do .

wow

?? What can I do to get money online?? Tried out a lot of stuff but nothing seems to work for me .. I don’t know what to do

please go to another server

Bucket list project, for me.

this is not for making money

you have repeated the same question over and over again, i understand you may be in a rush but this is no place where you can rush things
if you need money asap get out of your house and go look for a job

What server.. can you recommend any ?

Whatever

I dont even know what fuzzing is. 😢

time to get into fundamentals first

have you gone through networking/linux/windows/AD/python fundamentals?

networking, linux and python. But not super deep @lost vapor

if i ask you what are cronjobs, could you provide an answer for me without looking it up?

nope

be honest with me, that way i can pinpoint you in the right direction

ok, so time to dive in a bit deeper

okay

i would recommend you to start with networking first, as it's the core and where everything starts

you could learn networking for free in netacad

Okay

should i start with networking basics?

yes

documentation is also important in the field

so make sure you document things you're not sure you'll remember

thanks

for the tips

you're welcome, if you stumble again feel free to reach out here

should I go with "self paced online" or "instructor led"

what fits you most?

yep, you need to discover for your own
i know it can be a bit overwhelming as there are lots of different informations you can learn about

many tasks to complete

but you gotta train your mindset to try and go through some of the decision on your own

I think i will choose to learn myself

How be a good cyber security 🤔 😕

that's the spirit

#👥・new-member-guide

can you ask me a question about networking to see how much i know?

what's STP?

?

that's the question

udp? tcp=transmission control protocol

i dont know the answer

tcp can be used for datastreams like http, ftp or smtp

and udp idk

@turbid glacier

well, yes, there's a lot to cover

hop on netacad and learn:)

thanks. I know basically nothing about networking

fairs bro it’s okay just use pocket tracer

its like a mind map to help u figure how to a network works

kinda

Packet* tracer

this comes after some more theory in my opinion

fairs but it’s fun to mess around with for a beginner

I rather him get a taste then get bored at least he can see the big picture

Ive recently made a virtual machine and kali linux and want to switch to either Ubuntu or possibly parrot or mint would i have to download everything else and delete it to redo the process?

depends what you have installed

but yes, you would start fresh

Can someone help me get my MLBB account because it was stolen from me but I still have my gmail connected to it

we cannot help you with account restoration services, anyone dming you about it is trying to scam you

Okay

Make sure you also check out #📢・announcement message
Be careful of scammers.

Need help with mobile cellular network. Old device on my account still receives incoming sms. Have a few questions for the right person.

appsec would probably be a good entry point. a coworker of mine was a dev for ~10yrs (with security as a side interest), then appsec for ~1.5yrs, now security engineering

Hey there ! I have an .enc wireshark capture file but how do I open it

Guys I've been doing some HTB for the past few week, and I've documented the process but often times i notice that it wasn't fluid enough, are there any tips or tricks for documenting the process and make it more clear and easier to understand?

Look up "Effective notekeeping" online - it is easily one of the most useful skills for life

There are some notekeeping apps that will make the process way easier, too

I have a phone with a shattered screen and a tablet that is new I have them connected using a c to c cord is there anyway to view the and use the tablet to use the phone

have you entered the problem into a search engine yet?

Hello, guys

Can some1 help me with some hard CTF?

Forensics, hard

Hidden text, my attempts were unsuccessful

Analyzed a 32-bit BMP (BITMAPV5HEADER, BI_BITFIELDS), confirmed no appended data via binwalk, manually extracted raw pixel data, performed extensive LSB steganography extraction (all bytes and per-channel, varying bit depth, bit order, and bit shifts), but no valid file signatures were recovered yet; investigation currently paused at the candidate-generation stage

@restive patio
No self-promotion here.

Jeevis, are u strong in forensics?

🥺

Sorry. I dont have option.

Can i share text only.

Nope. Im strong in networking.

A bunch of people also don't like doing CTFs for other people. Its better to take some steps back, and re-go over the fundamentals.

But if someone can answer, im sure they will.

You can send in a #📩┃ticket if you want to share anything, and get it approved first.

It's not that I'm asking for all the work to be done for me, but that I'm just tired of dealing with all this nonsense when nothing works out for me, so I'm just asking for some easy help - what to do, how to get it

Anyone help me with cybersecurity courses as a beginner?

This is absolutely the wrong way to learn if you are just starting out, and are only putting yourself in a position to get scammed or in trouble.

ik

but

i have my finals

cant do it

i just need someone to do it for me man

Don't ask for this here.

and the offline one is after my finals

man just telling em

if someone wants to help it would be good

No, it would be bad.
They should get the recognition if they did the job CTF, not you for what sounds like school?

Don't get others to do your schoolwork for you.

.

alr man was jus looking for someone who could help bec i couldnt miss this one

If it is a live CTF, it is supposed to show what you are capable of on your own. If it is not a live CTF, there are usually writeups to look up. On the off chance that this is somehow job-interview related, or connected to some price money, people consider it cheating.. and no one here wants a new colleague who cheated on their test

The usual advice though, as always.. do not go down rabbit holes unless you are absolutely, 100% sure this is the next step and you did not overlook something else somewhere else. Take breaks. Check your documentation again if you missed a lead somewhere.. enumerate more

I'd like to start with CTFs, but it seems like you need some prior knowledge, even for beginners. When I searched, the information was a bit indirect for CTFs like the HTB academy or TryHackMe learning paths. It made me bored. If I just learn by copying writeup then build understanding from that, it feels like the learning flow isn't linear and kinda confusing. I wish there was a CTF guide with a workflow like this:

A little theory -> related CTF -> repeat

Is there something like that?

Well what is "a little theory" to one person can be very different to the next person.. so the HTB/THM boxes, individually, can be considered tiny, personal CTFs

Thats also the reason THM names the stuff you need to find "flags"

your best bet would be.. do the theory, take it slow.. otherwise this is like saying "I want to get my bachelor by only doing the exams and not the learning inbetween"

Let me reiterate, I mentioned below that I wanted help with the solution, not that it was completely done for me. The only thing this would give me is winner role in a specific CTF from some CTFs on the Discord server, nothing more. Based on the fact that I'm asking for help, it will help me learn more methods and information, which will allow me to get even more familiar with forensics

We are not doubting your motivation here. We are "explaining" to you why no one is helping

Im jew

your motivation <> our motivation .. this isn't me trying to argue.. this is me letting you know the situation

Seems unrelated, but okay

I need to learn RAT someone put me on

no need to crosspost the same stuff all over the place.. its childish behavior

Sorry man just desperate

Then I ask you here
And why is it your "trynna learn RAT"? - feel free to skip the usual "oh just without reason" or "just for learning"

Just for learning

So you are desperate.. but its basically just "for no reason"

you see how this sounds made up? So be honest.. what for

Yeah man amma be honest I’m just trynna make a living I’m from Nigeria I know lotta guys earning from it and making good bread but refuse to teach or put any one on all cause of greed

Stop

@slow edge

@frail jolt We don't give our rats directly for some illegal cause! We gave you what to learn and how to start, stop asking for direct answers!
Read #📜・rules it clearly mentions no illegal discussions! Please follow them to stay here

Thanks

Ohhk

Ohk thanks mate

i want to get into cybersecurity, where should i learn from?

That depends on your starting position. #👥・new-member-guide is a safe first orientation

thank you

I just downloaded a bloated 3GB worth of kali linux

ah, one of the "bloated" guys

Are there any ways to put movies on firestick?

Guys I need some help with a flag capturing

I got a ctf challenge from a github post it contains a gif file and the flag is hidden inside it
I tried everything but its not working
Went with HTML code
PIL but nothing seems to be working
Please help me out
Anyone

If I am creating a TCP server interface how can I make or use a unique listening IP and port? Please help 🫨

what does that even mean

just

open a socket and bind it to an ip and a port

can i post the questions and the zip here so ppl can help me instead?

Anyone help me out jeez
Stuck with the challenge since yesterday

same

;-;

i cant post pictures wow

not even zips

;-;

Can you find a hidden flag in a gif file ??(

this ctf ends in a hour help gng

idk maybe

try some exif tools ig

I got this challenge from a senior from github but couldn't make it

Wanna try the challenge?
I have the github repo so you can check it out
I am hopeless 😭

i am stuck w mine rn would love to try urs but i have exams and this challenge is pmo

Being a beginner sucks 💀

Nice to meet ya

fr

for a beginner to intermediate, parrot or kali ?

It doesn't matter actually that much

You can choose which one you like

I prefer to use kali

I have used parrot but it was one or two years ago

You will use the same tools you will use the same things so it doesn't matter actually

But for me it is kali

I don't have any specific reason for it

both of them based on ubuntu ?

i would like to use a distro that's based on arch but i only found blackarch and i heard it's not for beginners

Debian

Blackarch is too much

U don't need it

I tried to use it but kali is enough

which one of them do you think it's more friendly to a beginner

You know how can u use linux yeah?

Are u familiar with terminal commands?

yes i use endeavourOS now

Okay just use kali

And you can try parrot as well

They don't have big differences

okay ty

Ur welcome

it sucks when u are a beginner like someone said here

Oy guys

I need some help

fair enough

Can you guys help me

drop your problem and wait for an expert to help you

Okay

I feel u

It's about my account

I did same things in the past

I asked a lot things to a lot of people

Even about distros

My computer it broken

And I forgot the password

They just said just start to use one of them then u will be able to choose just start

I'm suck

You can find a lot of videos on YouTube which show practically try them then come back here

Okay

If I wanna get into cyber security do I need a proper pc or can a laptop work?

Sup guys I need your help in understanding how to document and maintain writeups and reports of all the challenges, machines, vulnerability discovery consistently as a habit cause I sense it's really vital to document everything but I find it quite tedious to jot down contents and now at work maintaining documentation is difficult for me

You try like recording yourself and then putting the recordings into files?

Look up pentest methodology.
When you do a pentest you have methods and documentation you need to write. Even for blue team this can be useful. I struggle with this still too so youre not alone

ur a beginner, use the laptop. in the future tho u def need a proper pc

Yo mr white

hi guys i am new here ,i am interested in learning cyber secuirty ,any mentor please .Thanks

didnt we already go over the whole "not helping with ctfs part"?

Im looking some basic help/advice. I am wondering what the differences are between Kali Installer and VMware? I have an old laptop and another thats already running dual boot windows....what would be the best stack for me to explore pentesting my own stuff?

and what are the advantages and disadvantages of both TIA

Any device is fine, that meets your individual requirements. We don't know your specific requirements, nor do we know the specs of the laptop or desktop.

You can make either laptop or desktop work

they are virtuall identical. I think the vmware premade image still comes with a setting that currently bugs with vmware cursor display, and you would need to set the hardware compatibility to 17.5+ .. but essentially both are the same

the premade image just uses fewer clicks and gives you the default user and password

no one is "pentesting their own stuff".. either you know the credentials or not

hi guys i am new here ,i am interested in learning cyber secuirty ,any mentor please .Thanks

We don't do mentoring here, we do however collect resources you can use #👥・new-member-guide

Thanks man, would it work on an old vista lifetime laptop: system: 2.5ghz, 1gb ram, built-in gpu...real basic or should i upgrade

These resources are so educational

1 gb ram is too little, if you want a graphical user interface .. as for the CPU, at least 2 threads are recommended

is this an endorsement like "Yeah they are so educational, great!" or "meh.. educational... no thnanks"

My pc crashed while i was working and i had to flip the main switch, after that it won’t boot at all. on power on it does one long beep then a bunch of short beeps, fan spins during beeping, stops for a few seconds, then repeats in a loop. no display or bios. tried reseating ram, clearing cmos, reseating cpu; if anyone experienced this issue and resolved it, lmk. Weried issue tho

those beeps tell you whats wrong.. how does it beep exactly

They are top educational tools! - education = knowledge = power in life = a good life

Thanks alot cheers !!

Well it beeps like

Beeeep beep beep beep beep (a little more beep, i didn't count them) <pauses for some seconds> and loop starts again

First beep is long

https://en.wikipedia.org/wiki/Power-on_self-test so 1 long and 4 short

do you happen to know the manufacturer of your motherboard?

Nope, I only know it's gigabyte motherboard

More than 4

Alas every manufacturer has its own code for that which beep sequence is trying to tell the user - if you know its gigabyte, then try to determine the exact sequence by ear, and check with gigabyte documentation what it means.. it usually tells you stuff like "ram error" "not enough power to cpu", "graphics card failed", etc.. stuff you would have to know to troubleshoot it

Alright, thanks for letting me know!

I will update you if I successfully troubleshooted it

No need to tell me specifically

Feel free to just address the channel

No problem

Still appreciate ya

My psu is cooked

why

It's leaking current

Oh

@next bough

yeah

at least thats easily fixable

@pale hull sorry to hear that

Fr 🙏

But you can't fix me when my dad will found about this

@pale hull what is going to happen?

I am also unaware lol

But I have a bad feeling about this

Gotta fix it before he get to know about this

@pale hull hope u fix it

Mhm

@mellow spindle I signeduped to the cisco acadamy

now what to do

there is no way you caused this, unless it was a cheap, used PSU with defects already

Nice. Choose what career path you want. Whether junior cyber security analyst, networking

I want to red team

you may have a whole diffferent problem though ^^

start with networking

like now hwo to get the lessons

P.O.S.T. codes have a hierarchy .. it is likely that the PSU is faulty now.. but it is not guaranteed that it didn't damage other components in the process, too

Go to learning catalog and click get a free course

ohh okay now Im in lessosns.it says intro to cs and ,attack concepts and techniques

am I in the right path

how to get other lessons unlocked.will it automatically unlocks?

Is there any cookie brute like tool to random guess cookies?

You can unlock it anytime. But there's no career path in ethical hacking.

no

how

to unlock

maybe he should start with networking?

Just click it then you can access

can u come to vc so I can share my screen .

Also my advice is, do hands-on practice like go to THM are lots of free rooms to practice

thms isnt free

I wish I could but I have asthma and difficult to breathe right now

no but theere are foree

there are like 500+ free thm rooms

what?

why is that

you dont need to talk

a medical condition

what happens?

you have trouble breathing

will it cure?

what have you never heard of asthma?

LMAO

no

no

dont judge

For example site has no redirect from http to https can it be manipulated with cookie poisoning?

what 😭

you cant cure asthma

Select what course you want to learn

you cant bruteforce a cookie, thats that

or "guess it"

I searched it up in google and it says its dangerous

is it?

LMFAO

lmfao

it says managable through medications

?

yes

why laughing

like an inhaler

because how do you go through this world and you've never heard of something like asthma

its funny

are u good buddy?

Im in a something like .introduction to cyber security

Not really just taking my meds. Anyway try to explore and select what course you want to learn

stop talking about asthma

Yes you may start

https://tryhackme.com/path/outline/presecurity
https://tryhackme.com/path/outline/cybersecurity101

the pre security is paid

just start with netcad

https://www.cisco.com/site/us/en/learn/training-certifications/training/netacad/index.html

👍

no, not all of it

Hey wanna have an idea on IT any leads?

is this a way to ask for a job, without asking for a job directly?

whats that

hello

why did u sent me a fr bro

@crimson harness I just want to help u

@next bough @crimson harness
Keep vigilant, report suspicious DMs in a ticket.
#📢・announcement message

ofc I will

ohh sure

okay sure

@mellow spindle the cisco is really hard to operate bruh

Hard? Why is that?

Hey can anyone guide me how to exploit WordPress websites like with commands or tools I've used WPscan perviously and got to know about XML-RPC is enabled and publicly accessable, directory listing is enabled and Rest API user is exposed where i got the username of the WordPress login now can anyone help me to login into it cant find the password

Helping someone log into or exploit a real WordPress website without explicit permission is illegal and cannot be assisted, even if XML RPC is enabled, directory listing is open, or usernames are exposed through the REST API, because none of those issues alone provide legitimate access; exposed usernames are common, XML RPC mainly increases attack surface but does not bypass authentication, and directory listing rarely leads to credential compromise, so the correct and legal approach is to learn these techniques by setting up a personal WordPress lab locally or by using authorized platforms like TryHackMe, Hack The Box, or PortSwigger Academy, where WordPress style vulnerabilities are intentionally included, allowing study of authentication mechanisms, common misconfigurations, and defensive controls without breaking the law, and guidance can be given on understanding vulnerabilities conceptually, building a practice environment, or securing WordPress sites against these issues.

i have question how hackers even get Cobalt Strike tool if:

1. Legitimate Cobalt Strike is only given to company that exists and trusted
2. From my research it is very hard to find even cracked version
3. Company's or people who downloaded this tool don't post any link to downloaded file.

Cobalt Strike ends up in criminal hands mainly through leaks and misuse rather than easy public downloads: some companies or contractors buy legitimate licenses and then an employee intentionally or accidentally leaks the installer, cracked versions usually come from old leaked builds that circulate privately in underground forums and are reshared quietly to avoid takedowns, some threat actors steal copies from compromised red team servers or build systems, others reverse engineer older versions to remove license checks which is hard and why cracked releases are rare, and in many cases attackers are not even using full Cobalt Strike but modified beacons or open source frameworks that imitate its network patterns, which is why you see Cobalt Strike like traffic even when the real tool is tightly controlled, and because law enforcement and security vendors actively monitor public links, anyone who has access avoids posting files openly and instead shares them through invite only communities, direct exchanges, or private infrastructure.

Is Cobalt Strike so powerful that even FBI is controlling it? from what i seen it is just metasploit with GUI, am i right?

Cobalt Strike is not something the FBI secretly controls, but it is closely monitored by law enforcement because it is heavily abused by criminal groups, and that sometimes creates the impression that it is “controlled”; it is powerful, but not magical, and you are partly right that at a technical level it overlaps with Metasploit, however the difference is not raw exploits but how it is designed for real world operations: Cobalt Strike focuses on post exploitation, stealthy command and control, payload staging, lateral movement, and team operations in a way Metasploit does not prioritize, it provides polished workflows for long term access, evasion, and coordination that red teams and attackers care about, which is why it became so popular; the FBI and other agencies track it because leaked and cracked versions are used in ransomware and espionage campaigns, so they monitor infrastructure, signatures, and license abuse rather than “running” the tool itself; many attackers are also not using full Cobalt Strike but modified beacons or clone frameworks that reuse its techniques, which makes it look everywhere; so the short reality is that it is not just Metasploit with a GUI, but it is also not some unbeatable superweapon, it is a well engineered post exploitation framework whose power comes from tradecraft, stealth, and operational maturity rather than new exploits.

thank you

I will blame the psu then

It was old tho

Im still semi new to cyber security does anyone have any places to start i want to learn both sides blue and red teaming always had a love for tech and cybersecurity has been calling to me I already know the basics of Linux and have started hack the box and try hack me but want to build a home lab but don't know where to start on that

#👥・new-member-guide

Please check this out

Ok will do thank you

ohh nono .now its okay .ty for the source its really helpful

1. leaks
2. easy to find cracked versions
3. mistakes can always be made

Help help… I need help to recover my account back

Can't help u would need to contact the support team of the company

hey guys, i am building my own game and i am in the early stages of development. i have heard in games that people are able to change things in the coding and hack in the game to give them unlimited health, damage increase, resource limit etc. i want to be able to stop this from happening and deter people from doing it. i want it to like kick them from the game when they change these types of things. could anyone help me out and tell me how they would be able to bypass the game from kicking them? i really want to make sure its a cheat free game.

look into anticheat development or using some other anticheat for your game

i would like to use easy anti cheat but i have heard people can bypass that and i want to build off of that and make sure they cant but my first step is finding out how they bypass it

Trying to find out if my girlfriend is cheating

look into unknowncheats

you wont be able to always stop cheaters

then talk to her about it

ok

lol come on bro

ur not gonna be able to do anything else so

ok thank you

hey everyone im looking for someone that can make a scraperbot for me for twitter and tiktok (catcihn upcoming trends early for more info dm) im willing to pay good money. @ me if you can help

I got some roadmap from those ai, but they dont work for me
they're too, weird for me
so I was wondering did any "expert" shared theirs that I can use

leave it to law enforcement

and spare us the sermon about how they do not do anything.. we know why you joined a cybersecurity/hacking discord, and the answer is no - we do not help you stalk someone else, on the pinky promise that it would be okay cause you have a whole story around it

This gets asked "all-the-time"

If the story should be true, and it does not matter to us if it is, take comfort in knowing that we wouldnt help your arch nemesis either to identify you by your handle, when they tell us a different sob story

roadmap for what? this server has a place to start #👥・new-member-guide

from like what to study when
kinda like a walkthrough? but i want it well into expert level, advanced knowledge

i already did a few of those htb, try hack me
i was thinking maybe a little advanced

I want to start learn Kali Linux but have no idea what’s so ever what route should I take,do you guys have any idea?(I finished my electrical engineering license and currently at my master and have been coding in python/c++ for 4 years)

What you're asking for doesn't really exist since there are a whole lot of different paths you could take based on what you are actually trying to accomplish

download a VM with Kali installed and use TryHackMe as a learning resources to discover different functionalities within Kali, but also just explore and get use to the VM

I already did that sir

so then you know how to use Kali linux, great!

Yeah but it’s with a payed plan so I can’t progress how I want without paying

You got any workflows in mind that can help?

then read the kali documentation and explore on your own or be more specific about what you are looking for

there really is no learning "kali". Its just linux. Tools each have their own documentation, and are best learned along the way as soon as you need them

Has anyone been able to successfully boot Debian on an HP laptop with emmc storage

new to the channel, thought this would be the right place to ask, is there a single place to go to that is a strong guide on how to restrict windows updates to avoid all the new AI skimming coming out from microsoft that I have recently heard about? or is it better to change operating systems entirely and learn something new? Like linux or something else.

First version always carries the risk to either not get any updates at all anymore, or new updates re-enabling them, or microso|t harassing you about it. Either way it is going to be something you have to monitor and maintain (assuming we are not talking about an enterpise scenario here, ofc)

And as for linux.. seen lots of people make the switch last year and so far no one who regretted it.

Well, apart from kids missing roblox

no just the personal microsoft operating system.
Maybe I will have to check out how to best install and run linux then. As many creators I have seen have constant windows warnings recently.

Content creation is great on linux

Sure, may need to adjust a bit. New tools perhaps

can someone tech me how to build a ai bot to tell me when to buy or sell on pocket option cryto

u can probably set this up with openclaw

Salutations fellow humans! Glad to join ya'll 🙂 Has anyone re-programmed embedded devices like, power steering control modules to perform another function? trying to convert my module into a shop grinder, i wonder what you think..

hey yall i’m super new to cyber but know a bit of networking because of my job. i’m already watching professor messers’ sec+ videos but i know i’ll be unprepared for free response questions. what resources do you recommend?

ill dm you

Grow up

#📜・rules

@spiral wagon
Be careful of scammers who will attempt to use the information you give them to also blackmail you, as they will see you as an easy target.

Do not talk to people on discord about this. Get legal help if you need to.
Read through this please. #📢・announcement message

oh sorry

What channel should I direct drone questions/help? does that exist here?

This would be the general help channel here.
Make sure to read through our #📜・rules to make sure you aren't asking something that will be breaking them.

Discord scrubs metadata

Had no idea. Thanks!

The random scammers you give your data to don't

Well obviously but I’m saying that if you’re sending pics through discord they scrub metadata

Unfortunately, scammers don’t show up as “scammers”

Well you kinda have to not be dumb. Most scammers use the normal “send me money and I’ll give you answers” approach

Thats why you have to stay vigilant, and reduce the amount of information about yourself that you put on the internet.

Including DMs. A DM is just data on someone else's server that you don't control. Nothing you put into a DM on any of these platforms are "private".

Pay for some extra computers to set up a homelab instead.

Then use the monstrous amounts of free information online alongside your THM premium (Use THM as an introduction to the subject and a "guide on what order to learn things", then look for official training/documentation for that subject/tool/concept).

Hii guys I have a little knowledge about commands in kali linux any tips for the other common commands to use for educational purposes?

Do you mean linux/bash commands? Or parameters for specific tools.

Any will do that helps me from my education we'll have ethical hacking contest at school

Get familiar with Bash.
There are tons of resources that can help, including bandit's "overthewire" is a nice fun test once you get a few commands figured out, like cat, cd and ls.
There is also the official bash manual.

And bash stands for? And yes i knew a bit cat,cd and ls

bash is the most common shell/script interpreter that is used.
It stands for "Bourne Again SHell", and it is important to learn how it works, and also how sh works, which is fallback shell that exists on almost every linux system.

Become friends with the person?

No, and stop trying before she goes to the cops about it.

Ohhh i get it now one last thing is it possible to retrieve someones lost password on fb? My gf tried to ask me but i dont know to answer

Ask facebook support.

They can assist with recovering access to the account.

She is not going to police but thanks 👍

Well the thing is she didn't have the email because the email is at her old phone and the old phone is gone like misplaced somewhere else

Sooooo contact the email company to recover the email? An email account isn't "on a phone", so if you lose the phone, you just sign in somewhere else.

Got it, also very one last thing is there any ai that helps you ethical hacking learning stuffs etc..?

Avoid anything that claims it.

The way LLMs work, if you do not feed it all the information it needs, it will hallucinate information that could be unrelated or flat out incorrect.

As a learning tool, where you can't be the one to double-check its answers, all its really good for is telling you about a subject. Reading official documentation about those subjects will tell you more, without giving you bad information because the LLM is taking its "best response" from a reddit post 5 years ago using an oudated version of a tool or language or whatever.

Hmmm thankss

np

Should I be concerned if I see a kernel security check failure and restarting for windows 10

Anybody know anything about dormakaba Saflok doors?

Check out the free book "the Linux command line" I am going through that now it is free in the author's website

Hi, my crypto wallet got recently hacked although the amount was 14$ it’s my first time seeing this is their any way or guidance to recover my funds

Idk and also check out #📜・rules

You are not going to recover anything

My phone got stolen about 15min ago I know the number and imei but they have changed my login info as I am not able to login anymore to find my device is there away I can find my phone with the imei or phone number

Contact apple support

who knows matrix pdf?

And if you have "find my iphone" on a different device, might be able to use that

Its android but besides the point lol

alright "And if you have set up any "find my phone" service beforehand, might be able to use that"

You are not going to locate any phone on earth simply by knowing its imei and phone number, if that more closely matches your original question

@whole patio

Can you help me with sm

Need an advice in fat

Fact

It’s about a roadmap that i found but idk if it’s good enough or not

Tried to send u dm but couldnt add me when u see this

Sure won't add you - if you have a question, just ask it here or in #📜・certs-and-career

hey this site is real ?

or aybe google account ?

or email login ? or if you on social media it can lead you there?

I think they already said their credentials got changed

yo what you guys do on here im new to this site ?

move chitchat to #💬・old-gen-chat

if you need help with anything specific, this right here would be the channel for it

splitting networks ? assinging Ips?

Hello guys am new here and i would love to learn cyber security from scratch....am a newbie

welcome - start here #👥・new-member-guide

What can I learn right now ? \

We dont know what your starting position is

What can you show me ?\

If you want to be entertained or led by the hand for the dog and pony show, I can give you a website where you can look up which movies gets screened in which cinema. For everthing else infosec/cybersec related, its mostly on you what you can do with the resources provided

Im a cis major

Thats not a bad starting position - I'd suggest you take a look at the new member guide and see whether there are some links that seem like natural next steps

lol havent finished school bruh but Im Down to learn some stuff

I need help where can I see my codm account??

Is there anyway to get products on Amazon at lowest price or free? If there is then tell me

yo guys someone made a fake instagram id on my name i need help if someone can please do let me know

guys is it possible to hack a website without having admin panel in it

i mean get acces

only for education purposes

just to know if its possible

bruh

...maybe you should do fundamentals first if you're asking questions like that.

wym

just say yes or no

admin panels aren't the only thing ever with high privilege. and they also aren't the server

ergo yes

there are quite a lot of ways, hence you should do fundamentals first.

hmm

I thought beside an admin panel we should hack into their cmputer

An admin panel is just one interface, not the source of power.
Websites have:
Server-side logic
Databases
APIs
Authentication systems
File systems
Permissions & roles

If any of those are flawed, access can be gained without ever touching an admin panel.

Guys I need help

I ordered laptop Lenovo ThinkPad E14 i7 10th gen 16GB Ram DDR4 256GB
But I don't know if it's good I mean it can be shit when it comes but found one
LENOVO
14-inch FULL HD 1920 / 1080
INTEL CORE i7-8550U 2.0 GHZ
16 GB DDR
256 GB
INTEL UHD 620
it comes with warranty should I cancel the order and get that one?

High privilege lives in backend logic, not URLs @crimson harness

wym

hmmm

I ordered laptop cuz I need new one but the laptop can be trash cuz I don't know who sends it I can cancel it and get another one same with warranty should I cancel the one I have ordered but the one I have ordered is thinkpad e14 i7 10th and the one with warranty is thinkpad t480

If the CPU is actually i7-8550U, that’s 8th gen, not 10th.
Double-check the exact processor model before cancelling or buying.
If it’s really 10th gen, it should say something like i7-10510U / 10610U.
Specs matter more than just “i7” in the name.

Hold on imma copy it this is the one I have ordered

Lenovo ThinkPad E14 i7 10th gen 16GB Ram DDR4 256GB
No warranty or anything

And this is the another one I'm thinking to get

LENOVO thinkpad t480
14-inch FULL HD 1920 / 1080
INTEL CORE i7-8550U 2.0 GHZ
16 GB DDR
256 GB
INTEL UHD 620

u dont know whom u bought?

Yeah there was some guy

the last line 💯 correct

what

But the t480 is shop

The first one is some guy I texted I wanted to buy cuz I liked it I ordered now I can cancel cuz I don't know if his saying the truth

They are different laptops

If the E14 has no warranty and the seller is unknown, that’s a risk.
The T480 is older (i7-8550U = 8th gen), but it’s a proven model and safer if it comes with warranty.
Personally, I’d avoid no-warranty deals unless the CPU model and seller are fully verified.

Alright I mean all I need is Linux 😂 it will run good right?

linux will run on anything that isn't utterly ancient, just make sure to keep it lightweight

Bro it can't the laptop I'm using now has 100% CPU usage only when I go into website 😂

I need help people some one made my fake instagram

?

someone made my fake instagram id and is texting all my followers

I dont really understand what do you mean

can u dm me

For what do you need help?

so this guy he know my friends seems like he someone i know

so if m able to get a name i will know who it is

so a fake account is texting ur friends=

?

and you need help to get his name?

Just tell ur friends that is a Fake account, or post a story and write it and report this account. make screenshots and tell your friends and family to block and report this account too.

Its not legal to get some IP, name etc. from fake Profiles on Instagram

Hey dear, anything interesting or new happening in AI? Something revolutionary?

32 bit CPU have gone out of support of current operating systems, but other than that -yeah

the bubble burst seems to get nearer, if that is what you mean

Yo, im tryna get into cyber sec, not exactly an ethical hacker, but something that allows me to work remote to carry on with my seclusive lifestyle...
Im broke so anyone have free resources that i can use to learn how to become a Security Analyst, with pratical tasks as well

Depending on your current background it is rather safe to start with #👥・new-member-guide

Hey guys, I’m building a personal recon framework for web VAPT/pentesting and I want your input. Any tool suggestions, workflows, or resources I should check out?

If anyone’s down to help or share ideas while I build it, I’d really appreciate it.

HELLO

hhi

Hi bro 🤗

#👥・new-member-guide
If your question is just "how do i learn web/pentesting", then it's the same path, regardless of if you are building a framework for it.

@woven anvil ohh Okies

Could u guys give me some knowledge from your experience in cybersecurity

Like the mistake u guys did when u started cybersecurity

I can tell you one mistake that people do all the time.

Jumping to trying to learn cybersecurity concepts before learning regular IT concepts, like Networking + Operating Systems.

@open crown
Do not post things like that in here.
Contact the platform support if you have a problem with it.