#👥・help-me

Btw you said emulator should work right?

I would do as nurse said and root a spare phone

Okay thank you!

You could try an emulator if you wanted as I thought it would work the same, but maybe its better to use actual hardware.

Also looking at portswigger official docs will help

There is a section in the docs specifically for testing mobile applications

I guess I will try the emulator first because I dont think have a phone to root rn

I will check it out

/burp/documentation/desktop/mobile

thats where it is

on portswigger

Always check docs 😄

But most of the docs I have seen online it should work from what I did

Follow the portswigger doc

Just start with emulator and push the burp cert to system store and follow the portswigger docs

I think that will work

Yeah I see in docs it says the root is required and the emulator can be used

It should work

RTFM

Respectfully

😆

If you are going to continue down the road of pentesting you really should get a some rooted/jailbroken phones and tablets etc

Really? I didnt need it untill now, is it required for something else aswell?

If you are doing app pentesting its def useful at least one rooted android phone or something

I would say its essential to have a rooted android device. 😄

Alright i will look into it

Hello, I was wondering if anyone could point me in the direction of some beginner cybersec projects or ways to gain experience for building my resume

For context, im a first year Computer Science student with no professional work experience yet, so I’m trying to build my skills to help me land internships or some entry level opportunities.
I’m currently studying for the Comptia Security+ and so far I mainly have a few simple Python CLI projects and some homelabbing experience I have documented on github.

Any advice, resources, or project ideas would be greatly appreciated. Thanks!

I would talk with your uni and see if you can get into the student work program or something in their it/soc department. I personally would get something like CCNA before the security plus or maybe even a basic a+ so it makes it easier to get those entry level help desk internships.

A+ CCNA Sec+ would probably be the optimal path honestly in my opinion.

Especially since you are a first year. You have plenty of time and depending on where you attend the certs are heavily discounted while in uni

An important thing to remember is cybersecurity jobs are normally not entry level jobs. So working in help desk or other stuff will give you a strong baseline

That being said it's not impossible to go straight to a soc

thank you i'll definitely look into this. This path seems to make much more sense than what I was going to do

Should I be working or building anything else while I study for those certs, or should I mainly just focus on getting them one at a time?

You mentioned building IT skills, so maybe some projects along those lines?
I am pretty big on practical learning lol

You can do other stuff just don't get too scattered. Study and find some practical projects to build that shows an example of what you studied.

Create different home lab projects, see if there are any companies in your area that get rid of e waste and try to repair some laptops to give to students in need .

Be creative there are many different ways to document your learning

When you have a decent grasp on basics of IT you can even look for places to volunteer to teach people or solve issues. Be careful and don't break people's things 😂. Troubleshoot printers, update drivers, change out PSU/ram etc whatever you have gotten competent/comfortable with.

You may have other ideas and that's great just kinda think about it and ask your instructors as well.

Yeah I guess my thought process was too one dimensional about building skills lol

I appreciate the help, I was all over the place. I'll look into everything you've mentioned.

Yo guys

Can u see the Spotify followers somehow if they’re hidden?

You usually cant see hidden things ......because hidden, but anything is possible

Possible like how

Sory that is far as I go see #📜・rules 😄

Can y help me out with that

If its against the rules nobody can help you pal sorry.

Ohh is it

.....

I linked you the rules so you can read them 😄

Aight

guys i want to start cybersec can you please guide me from basic

#👥・new-member-guide #📜・rules #💕・free-resources here are some things to check out 😁.

Welcome to the server:👋 🤠

Haha hi baby owls.

sick ass display name foo

ooh nvm i thought it was "skidnapper"

probs a more witty choice

how's business?

Guys I want to learn hacking please guide me

#👥・new-member-guide #💕・free-resources

there you go. guided.

no, we're not doing that #📜・rules

anyone who knows practical labs for android penetration testing

can someone explain how dose a basic wifi attack works and what the minimum setup required?

External wifi card with a secondary mode wordlist and a lot of luck

i keep seeing these videos pop up on my social media of people making these custom boxes with antennas for "war driving" can someone explain what they are doing. are they just driving around collecting peoples wifi names?

I’m trying to install something I keep getting this error message

A referral was returned from the server.

Well pretty much yeah, wardriving is mainly driving around detecting and mapping wireless networks/APs. usually collecting stuff like ssid signal strength, encryption type, channels, sometimes GPS coords etc

It's always about luck at the end isn't it ?

Yo guys , I need help to bypass my AI ethics to develop a program for my flipper and I’m trying to develop a jammer app for educational purposes but it doesn’t seem to accept my request

I’m using cursor

that's because owning a jamming device/app is illegal in most countries

and most likely in your country as well

Makes sense

But is there a way to bypass the AI?

it's called jailbreak and you will have to do research regarding that

as every ai is different

Okay , could you give me a resource for that?

If you have one

i have no resources for jailbreaks

Okay

hey guys can someone help me out pls

https://cdn.discordapp.com/attachments/1110792603030540288/1490703345034334339/attachment-4.gif

Hmm on what bd welcome to owlsec

hey I need help

I recently downloaded tor in pendrive

how to scroll dark site

thanks

hey can u help me

in tor

bro im just like you i dont anything

me to

ask for big people

yep let me try

i have send to you friend res

ohh I received

thanks man

accept mate

Don't do anything stupid on there or find for something stupid (obviously illegal)

You can scroll using the mouse wheel.

And using dark theme

This might be a dumb question. Idk if I’ll even word it correctly but when you scan a wireless network in a business for example and your run something like nmap to scan devices for access I’ve noticed there always a good amount of security. If you were to scan a network that was hardwired through say an Ethernet port in the wall. Do they usually have the same level of security as a wireless network? Or is the fact that it’s all hardwired in the building a sense of security in itself. I didnt know if the fact that you need to get inside the building and access the Ethernet port was a big part of the security and if you were able to do that than you’d have an easier time getting access to the network. I know it’s different in every situation but I was just curious.

Its time for you to take a step back and start from the basics of networking. Also do not probe networks without permission.....and without experience/knowledge. Do whatever you want on your own network 🙂

In most places it is illegal to do any enumeration or anything other than basic agreed upon use cases aka browsing streaming or whatever without explicit permission and rules of engagement.

Oh yes I know I still have a lottttt to learn lol and no I have no intention of messing with anybodys network. I just happen to be learning about it right now and i was just checking out some gear and one of them was for plugging into ethernet to scan the LAN and for some reason that question just came into my head.

Start at the basics and move from there #👥・new-member-guide . Check out free content from portswigger Cisco Google thm etc lots of #💕・free-resources out there

WEP or WPA?

tor works by .onion sites. all the addresses are in long strings like hashes which aren't very human readable.

if you do a google search you'll find some .onion directories. you can start there.

use caution.

network security operates on both the wired and wireless levels. yes, ususally there's more security on the wireless side since it can be accessed from outside the premise.

most of the network security resides on the network equipment themselves. intrusion and enumeration attempts can be caught on both wired and wireless. most wired security controls will also effect wireless traffic. wireless securiy controls don't effect the wired network so much.

i also would like to point out that if we always ask question and expect answers, we don't learn the critical skill of researching. this is a non-negotiable skill if you want to grow in cybersecurity.

AI made this stupid easy.

skill of research aaaaaaandddd critical thinking aaaaaaandddd curiosity 🙂

A tip for anyone scrolling by is go to coursera and take the course learning how to learn. Learning is a skill and an important one in the field of cybersecurity.

Hi there, im Blaq, a student of TCM Academy and ive been trying to gain root with metasploit on kioptrix level 1. both victim and attacker machine are all same network. reading from similar ip address. but each time i try to exploit all i get is "IP:139 - Trying return address 0xbffffdfc...
[*] IP:139 - Trying return address 0xbffffcfc... in a loop with no results. i need assistance please

hey guys how do you add the 75Hard role?

I think its by reacting to #📢・announcement message

And the mods will give you the role, takes time, a lot of people, and a lot of reactions

If not, then idk, staff can correct me here

Yeah you just react to the owls post about it there from what i saw i think you right

I’m at the wrong table and triads are threatening to stab me if I don’t take the risk and steal from the one who prints my money.

react to the post. it states that in the post. read it!

larper extrordinaire

I guess WPA since it's the standard

@crisp ember https://www.nist.gov/itl/applied-cybersecurity/nice/resources/online-learning-content

Which mod is on rn

capture handshakes, run rainbow tables against the captured password hash. this only works against personal WPA, not enterprise.

i recently got a PR merged in their MacOS CIS

is this appropriate for this channel?

full stack vibe coder wanting to architect critical infra? v intredasting...

Read the #📜・rules no solicitation/self promotion

No self pro mos allowed

ok so i know no self promos, but what if someone specifically ask for help on something?

help != self promotion

What's that?

Giving extra info about like what skill level you’re at, etc is fine bc it adds context to whatever question you’re asking

At least that’s my understanding

yo everyone
Most people only learn how to use technology.
I’m trying to understand how it actually works beneath the surface.

I’m currently looking to connect with serious builders, researchers, engineers, and technically experienced people involved in areas such as:

• Artificial Intelligence & LLM architecture
• Prompt engineering & context engineering
• AI security, red teaming & adversarial research
• Prompt injection, memory poisoning & RAG security
• Model behavior analysis & jailbreak research
• Reverse engineering & software internals
• Cybersecurity, attack/defense methodologies & pentesting
• System architecture & modern infrastructure

I’m not interested in recycled tutorials, surface-level hype, or “copy/paste experts.”
I’m interested in fundamentals, systems thinking, deep technical understanding, and the reasoning behind how things actually operate.

My goal is to learn from people who genuinely know their craft — individuals willing to share insight, challenge perspectives, recommend valuable resources, or help break down complex concepts at a deeper level.

If you’re experienced in these spaces, building interesting things, conducting research, or part of communities focused on real technical growth and high-level discussions, feel free to reach out or point me in the right direction.

Always open to learning from serious minds. 👨‍💻

HTB COAE academy path

That would be this whole community.We are all here to learn and grow

Hii

Can anyone share me the link to the latest cracked version of burpsuit pro For windows

Nope, we dont share those here.

Check the #📜・rules

Idk if you would even use it anyway but still..... illegal :p. Use the free one

Hello

I want to learn soc and wants to get the job
any help???

So guys i have this question that i could not figure it out

Soc people ,how to make sure what u are invistigating is a real TP ,like ofc u saw weird behaviours that it is hard to know if it is smart attacker or a dumb user/tool behavior even after reading every log of that user ,so do u have something that help u out in these situation

Hey guys wassup. Im new to bug bounty hunting, I have worked a bit and done some machines in HTB but I want to partner with someone so maybe they can help me to get better or maybe we can learn together idk. Is anyone interested here or do you know a channel that I can find someone.

Okay where should I start...
For phishing alert it's pretty easy to find out if it's a TP or not. So I skip this one.

Now, let me introduce you to the world of XDRs. If you use XDR as a security solution, it is up to this software to detect suspicious activity.

Compared to SIEMS who just collect all logs, you have to build detections around of these logs.

In an XDR you don't have to read a lot of logs. But a lot of these detections from an XDR are black box. So you never know what the trigger is.

Also some XDR detections don't provide a lot of information and you have to dig deeper. I'm looking at you Microsoft

Hey guys, I am pretty new to discord so how do I know whether or not I was given a certain role like Hard75?

Click ur profile and see if u have it

Btw u have it

Also some alerting in SIEMS need tuning and adjusting to gather the correct connector data.

Thanks man. Now I am just trying to look for anything related to Hard75 in my profile

An XDR is behavioural driven most of the time. So if any application is accessing something like a password from a browser it's going to trigger an alarm. Doesn't matter which process it was or from where the process is being executed.

You can do this with a SIEM. But you need to build the detection and tune it.

Mm ok man thanks ,that is helpful

Pick your poison. Either let an XDR handle it, where you are restricted in modifying the detection, or pick a SIEM and build everything on your own.

Also a SIEM can get very expensive depending how much logs it has to collect and process

Well i am trying to devlope my invistigation skills for now before depending on xdr ,so yeah ,ig i will try first the seim and if i got stuck will try other options

This is going to sound weird but try learning how to read windows event logs and see how they corralate to the issue youre having. Example program tries to print but failes. Look in the windows event logs and see if you can track it down. Youll understand a good bit after a LOT of googling what each process/driver/regestry mentioned is and that will show you how to tie in the different sectors in winows event viewer. Thats almost like tying SIEM, XDR together. IDK what @crisp star thinks of that but that helped a ton before i was in the SOC. Now after that you need to move the idea from printers and hw issues to understaning the behaviors/triggers there

Yeah i heard that alot ngl ,ig i should focuse deeply on that

Tbf as long you understand the detection logic and also the alert, it's ez to investigate.

SOC is not jsut a TP, FP wolrd. Its having to understand OS, user behavior, the ecosystems that you live in (each company is different), the users (hr, tech, admin assistant, students, etc) how will they use this system and what is the baseline of normal. What programs are allowed, what schedules do the people have, How does web traffic work, what are the company SOPs, how do threatactors think, how does mitre and killchain play into this... and the list keeps going on.
TBH alot just want TP,FP and button pushing vs actuall operations executors that want to understand why and how to keep things safe

Except you get an alert related to NTLM authentication in Defender XDR. That's where every SOC analyst fail 😌

not the NTLM auth

NTLM relay attack

#👥・new-member-guide

hello, need some help here i my browser session got stolen and i quickly reset my passwords and deleted all the browser cookies

would i need to reset my pc?

I am new here can someone enlighten me please

Hello I'm new here guys

Thanks brother

#👥・new-member-guide

depends. did you run a full system scan? if there’s malware that did the token theft then you got to reset to a clean state

otherwise you don’t need to

I’m new here. Does anyone know any free emailosint that I can use to remember my old password?

Hey guys. I was told I have the 75Hard role but I am new to discord so where can I see that?

click your profile picture and see what roles you have in here

We dont help with that here read the #📜・rules

yo guys i have a question

if i bought a game of epic games i have accessiblity on it but since i bought it the lock that would be on a rented game would be removed

so the question is could i transfer or copy the files to my friends pc so he could have the game

🩴

You would need to log in on that pc too

No way

That pfp

Reminds me of @proper cloak wanting to make a startup

that was a joke

butterfly started

yoo i thought my session was only thing stolen but this account suddenly logged me out and suddenly started sending those mr beast scams to my friends, also it said a user logged into my acc from london fortunately i got my account back and changed all my passwords

so am i cooked chat?

Hey guya

Whats that challange?

I didn't understand

Nahhh

i am doing a full scan, any solutions on what i should do next?

you should first identify how your session cookie was stolen, they usually get stolen with a phishing link, when you know logging into a a fake site, it can also happen from a malicious browser extension, not common but not unlikely sessions token theft via public Wi-Fi man in the middle attack. "resetting passwords and deleting cookies is enough && REMEMBER TO STOP DOWNLOADING CRACK SOFTWARES, MODS FOR GAMES, OR WHATEVER WTF YOU ARE DOWNLOADING NEED TO STOP'"

Change all your passwords enable two factor authentication. Do this from an unaffected device.

i had 2fa already enabled

and yes i did download some mods recently like a week ago

downloading crack shit, the easies way sell your souls guys

Unplug the affected device from the Internet. Do a full reset. Scan materials that you would like to return to your device in a sandbox. Do not restore from backup

Do not use sketchy stuff on a device that has personal information or accounts

Or at least use a VM that is secured

some of the shit can spread on the the local network

Separate your personal information from any possible infection as best you can.

Research mod online or look at code yourself. Determine if that was vector off attack

i am running mrt rn it detected two infected files

so many that it would need the login with the epic acc

Also think of anytime you may have entered your information recently or maybe a friend knows your password or you use same password on multiple accounts

ohk thanks for the help

@sai try being more careful next time some things tend to be more malicious

Yooo, someone point me to a free resource to learn RE

they also tried to change my roblox password i think i might be genuinely cooked

you said tried but did they was able to do it??

i recommend you to update your password and use a new strong password

nope

FLARE Learning Hub
https://www.mandiant[.]com/resources/flare-online-training-hub

Reverse Engineering for Everyone
https://github[.]com/mytechnotalent/Reverse-Engineering

Z0FCourse
https://github[.]com/0xZ0F/Z0FCourse_Reverse_Engineering

Corelan Research Team
https://www.corelan[.]be/index.php/articles/

i did and either somehow they got my gmail password cause both dc and roblox was on that

also insta too

pwn.college
https://pwn[.]college
PicoCTF
https://picoctf[.]org
pwnable.kr
https://pwnable[.]kr
Crackmes.one
https://crackmes[.]one
Ghidra
https://ghidra-sre[.]org
IDA Free
https://hex-rays[.]com/ida-free
x64dbg
https://x64dbg[.]com
REMnux
https://remnux[.]org

Radare2
https://rada[.]re/n
Reverse Engineering for Beginners (book)
https://beginners[.]re
Reversing Bits Cheatsheets
https://github[.]com/reversinghub/reversing-bits-cheatsheets
Anuj Soni (YouTube)
https://youtube[.]com/@AnujSoni
John Hammond (YouTube)

https://youtube[.]com/c/JohnHammond010
OALabs (YouTube)
https://youtube[.]com/c/OALabs
LiveOverflow (YouTube)
https://youtube[.]com/c/LiveOverflow
Awesome-Reversing (curated list)
https://github[.]com/tylerha97/awesome-reversing
Reverse Engineering Stack Exchange
https://reverseengineering.stackexchange[.]com

you could have just linked to the place recommending all that

Don't spam the chat

If it's your personal list then throw it in a GitHub throwaway account or something 😂 to post it.

someone of this people move fast because they use automation to test credentials, try calling google and see if they give access to your account again also put 2fa

@ocean relic like your work 🤗

i really should do that i just be kinda busy must of the time

yep so cooked my minecraft also gone

thanks man it means a lot bro

alright think and relax just analyze where else in your personal life do you use the same password and try to change it before they do any personal of things

Burn it all change everything 😂

well good way to put it we all know he gonna recycle the same password for a few years again

Bro really gave me everything he knows regarding RE on the internet...
Thanks man, great help!!

Let me cook rq

Put those in #👥・github-and-projects thanks doesn't belong here :p

Whatever u say boss i got u

I dont got perm to text there

Hii

I should've been here contributing to the community seven years ago but that I just been here doing me watching and studying

well I think I have something approved to myself so I'm here to help you all

Nobody do anything with this 😆

Okkk I'll see something useful and I'll try creating one

later guys join

Does anyone know where to submit the documentations for the challenge (75 hard:road to defcon)

Been workingon how to start and now idk where to submit all of it tomorrow onwards

You submit in #1507843213011058819 , more specific rules on the submission is in #💬・chat-75days . The threads haven’t opened up yet though so you can’t submit yet

Thanks miss!

Bro is fine lol

Didn't see you were a girl and been calling you bro since morning😅
It feels strange to call a girl bro

Idk to me it’s gender neutral, but I get some people are weird about it

Gender neutral as in?
Sorry i don't get much about these internet stuff consider me living under a rock

All good lol. Gender neutral means like it can be used for men or women or anything in between

Bro has transcended

Ohhhhk
So you mean casual frnds is the meaning for bro

Yeah exactly!

You get it

Thanks for the new info bro

I get stuff fast 😁

You enrolled for 75 hard?

Oh yeah Fs. I’ve been meaning to get my CCNA for years, figured this was the perfect opportunity

Damn i was also thinking of starting to learn i'll start it with this challenge lol
Best of luck then
Cya later

Don't go there people 😆

I'm lost here, don't even know what everyone here's talking about

Thats ok one step at a time

#👥・new-member-guide

I think all the mods are asleep😭

Dissonance is def sleeping

Yorji isnt

Yeah thats fine for later

@midnight osprey he sent one here as well

Oh we actually got 2 here

yeah i got them out

hello all! I had a question if anyone minds?

Whats up?

I got a googlepixel from a storage locker I purchased and can't get past the googl FYP lock is that something anyone can help me with? or is that something against any rules?

I've tried everything I know how to do. Like trying to reprogram it with a bootloader etc but nothings worked

Unfortunately not, its against the rules :((

You may have to contact google or the person you got it from..

Oh ok my bad don't want to break any just didn't know if it was

since it's sorta a gray area cause I got it legally but its someone elses account type-a thing

I was mainly hoping for help reprogramming cause I thought that could not have to access anybodys accounts so I thought I'd ask but I understand either way lol

<.< you are screwed unless you have the owner of the phone to fix it

dang was hoping since they have programs that can do it, something would be possible but oh well lol

it's cause it's newer isn't it?

cause I have the dr. fone wondershare program to remove them but it doesn't do the google pixels

Those are kinda bs ngl...

it actually worked for me for what I bought it for so I wasn't dissapointed, it did take a few attempts but at least it meant I didn't waste money lol

maybe thats just me trying to see the silver lining though

for recovery sure, but theres def better tools

Breaking into phones.. not so much..

yeah I didn't know that at the time hind sight is 20-20 I guess

But yeah, you go to is contact the original owner/person u got phone from, or contact google and se eif they can help

I might try google cause when you get one of those storage units they don't give out peoples information that owned it so idk who it belonged to

unrelated note does anyone know a good site to get keys for a hp pavillion laptop? I'm missing a few XD

like.....keyboard keys? 😆

yes XD

Buy a donor off ebay for a couple bucks

I didnt think of that thanks!

Guys I recently got a Flipper Zero any idea on what to do with it

im new to cybersecurity

Install dif firmware first of all. But more than anything just play around and see how it works. There are plenty of guides online :)

Welcome #👥・new-member-guide https://www.nist.gov/itl/applied-cybersecurity/nice/resources/online-learning-content

i completed networking basics from cisco now what should i study next for pentesting /bug bounty
i was thinking to follow nahamsec's github and first complete these and then jump to burp suite and start learning single vulnerabilities and practising them
or should i do htb path or thm path as thm now revamped its jr pentesting path

thanks to @woven anvil for recommending the cisco networking basics course it was good

DNS enumeration would be a good next step, then HTTP basics + Burp Suite, and after that practicing single web vulnerabilities one by one.

hello all, I was curious as to if there is an index or database of lessons discussed on the server. I'm coming with a question about Android Auto in a car but don't want to ask if its stupid or has been talked about before.

We dont bypass the paywalls here. Gotta stay ethical and within the #📜・rules

Absolutely not trying to bypass anything. It's just that the 'marketing' of this training claims that it's free and yet I've paid for several subs already lol

ahh gotcha. THM does that with the Premium stuff sadly

Is it something you went through? Worth it?

already a full stack. Just trying to lvl up in OwlSec and Hack Smarter.

The Premium isint bad. Worth it in different aspects. Im doing HTB Academy for the CPTS instead of the PT1 path with THM.
To each their own

I think I like HTB better anyways. Going to go that route. Thanks for the help.

so i reset my whole pc installed new windows enabled 2fa on everything changed passwords, should be good right?

my degree comes with exam vouchers for

CompTIA A+
• CompTIA Network+
• CompTIA Security+
• CompTIA Project+
• CompTIA CySA+
• CompTIA PenTest+
• CompTIA Data+
• Linux Essentials (LPI)
• SSCP
• CCSP (Managing Cloud Security course)
• ITIL Foundation

is that most of the certs i’ll need in the future?

That's a wonderful list of vouchers. Should get you a decent amount into your career and then you can have your work pay for the others as you gain skills and knowledge 😂.

To answer your question directly, it depends on you. There are other certs that may or may not be useful for you to have as you progress in your career.

Yo wsg

Heller

Anyone need help?

make sure that your offerings for help are within the #📜・rules

Also I would only help people here don't go to DMs it's better for everyone 🙂

Hello guys I just needed some help with a game of Roblox I had my old acc hacked a while back and my mail and number was removed I tried to reach support but they always tell me to enter a mail to send a verification code that never comes to me I was stupid and due to a phishing link how to recover that acc does anyone have any idea ?

Well we won't help you here
#📜・rules

?

Sorry I didn't get it??

We won't help you recover the account since we do not know and cannot verify that it actually is your account

Oh the acc name my irl gov certificate name is same

I have old mails in that acc

I can share u mails on that acc

don't share any personal information on discord or online to someone you don't know
Like your emails, name etc

Yea have not done so far

Ok

Contact the vendor support. If they cant help move on. Our #📜・rules say that we cant help you out

I see ok np

Thankyou guys

Btw

If I want to work on making an llm an agent how to get on it

I had recently come across a webcourse i attended for it but it was for advanced lvl coders

Understand how machine learning works. And then start deving after that. Its a ton to learn/build with the right data set

I see okay well I am still new to coding I would to learn more thankss

Dont post this again plz. We cant help with this

Read our #📜・rules

Sure

But what am i supposed to do how can i enter my bios now😭

What's the issue?

Dm??

I made a cybersecurity roadmap focused on fundamentals (Linux → Networking → OS internals → scripting → security fundamentals → web security/labs). I’m not trying to learn everything at once — I’ll only move to the next topic after becoming comfortable with the current one. Does this seem like a good approach, or am I trying to cover too many things before web security? Any suggestions on what to change or prioritize?

Can anyone help me with smth

If yall down dm?

well bypassing us is not a good idea either

you will get scammed and nobody will help you with that for free

Yk what im talkin ab😭😭

Im stuck in it😭

well you're on your own g

Any idea on this guys

What's popping men

@manic plinth xūp Dude

Really wanna ɓuy new laptop on Amazon ɓt the promo code ain't coping

😭😭😭😭😭

.

1. Network Fundamentals first, the OSI model and basic protocols.
2. Security Fundamentals.
3. Linux OS then scripting.
4. Move to web security after you understand how web servers and HTTP work.

can i cover all these structured wise through thm pre security path and then cybersecurity 101

In my opinion, HTB's material is more understandable.

but i don t have enough money to invest in that if its free then i can go for it HTB has any structured path or not can you suggest me

you have free modules, all fundamentals are free

use chatGPT too.

do HTB have any structured material and can you suggest me modules by modules roadmap

they have "Paths" as a structured material. Create an account there, you will like the platform.

“Hi, I wanted to ask you about something related to mobile money security. An agent gave someone cash after receiving what looked like a real withdrawal message for 20 million, but later it turned out the transaction was fake. I’m trying to understand how scams like that work technically — fake SMS, spoofing, reversals, or other methods. Since you know a lot about cybersecurity/hacking topics, could you explain how this kind of fraud usually happens?

What can I do?
Someone is trying to access my apple account, the email from Apple provided the phone number they wanted the security code to be sent to but I canceled the request. Can I do anything to scare them off? And is this okay to post here? Please advise. Thankyou.

Hi guys, I just finished building a custom automation script using the Grok AI API. Its working really well for handling[quick code analysis/OSINT lookups/automation workflows]. i need a few people to test it out and get some feedback. If you wants to see how it works, drop me a DM and a small fee is added to cover development costs.

Do not give them the security code. If you already get a security code, your password is probably compromised, so you better change it.
Hope your Pc is not infected

I didnt i canceled it but I was worried theyd keep trying. I was dm'd by a few people who are willing to help but I cant afford it. But will just shut down any accounts I feel might be compromised. Thankyou all for your advise and offers.

Dude don't fall for scams via DMs.

Hello everyone, on my widnows 11 laptop I installed a second SSD and formatted it with NTFS. When I download a big game (150gb) on it, all of the suddon the SSD disconnected and I checked and it basically switched alone from NTFS to RAW. Which is really annoying because if I want to reformat it, it deletes everything on that disk and now I need to redownload 150gb. Does someone know why this happened. I checked the health status of that SSD using CrystalDiskInfo and it says good. And it is sitting at 45°C.

I have evn tried it formatting it to EXT4 and doing a dualboot with linux but after one day, the same problem appears which breaks ths linux OS.

Bad SSD connection, Fake or dying SSD, power delivery issue, SSD overheating internally

either one of those

probably bad SSD connection

could be:
loose M.2 seating
bad M.2 adapter/caddy
thermal expansion causing disconnects
faulty SATA flex cable (if SATA SSD)
motherboard slot issue

Oh ok I'll see that later one. Thank you

Any sites to get past patreon paywalls?

Please see the #📜・rules thank you. The answer for this would be no. Pay for the content or find an alternative that does not cost.

Something for nothing should always be suspicious coming from the standpoint of a business

please i need help, do any one have latest phoenix arizona utility bill in digital pdf

Ummm talk to your utilities department(s) / service provider 😂

Does anyone here know how to do Reverse Engineerringg!!!!!

does anyone know whats a good laptop for ethical hacking?

Any laptop will do as long as it has decent specs

Completely anecdotally the dell xps 9520 is a good option

A bunch of people ik got it and it has decent compute, you can virtualize pretty well

can we chat priv i need help to check my specs if they're good enough

Nah it’d be the blind leading the blind lowkey 😭

Good luck tho

oh

Get any decent ThinkPad if you want something budget friendly

Yeap ,what's up?

"Anyone wanna dox themselves"

I wanted Book suggestion on Reverse Engineering

reversing: secrets of reverse engineering Eldad Eilam

Hey bros my server firewall configraturion get broken how to configure it

Talk nicely to it

Sorry now plese any one can help me

First what is the firewall and how did it break.

Bro you did not know about firewall

how broken is it? can u access something?

dude

he's asking genuine ques so he can help you lol

he gotta ask what's the issue before helping you solve

Oh soory bro soory pelse forgive me

There are different firewalls bro 😂

Yeah I know bro iam not that tech guy I will give you info can you be my friend

I will help you here I don't do DMs

Ok bro

Host based firewall and waf

There are many offerings for both of those things I need some specifics. As well as specifically why it broke to begin with.

Bro thank you for helping me my dad is telling that he can configure that and he telling you thank you for helping me

Alrighty then. Have a good one.

Again thank you 😊

Is I advisable for me to change my network settings on kali Linux

You can do whatever you want it's your machine. Just make sure you understand what you are changing

Thanks

depends on what you are changing and you are aware of the changes so you dont put yourself in trouble in the future, but viceversa you learn by breaking things so feel free to tweak anything

goodluck

https://tenor.com/view/sweating-nervous-wreck-gif-12986085083782148824

thanks anyway 🙂

Just remember: it’s always recoverable with a clean install lol

That just steals your time and local data

yeh

didnt tried to make to sweat bro

😂

When I lunched my PC a window appeared for a split second. I'm panicking. Did I get hacked? Please help.
I did a full scan with Microsoft defender and Malewarebytes and they found nothing. There's ni suspicious CPU usage and no unknown running applications. What should I do??

You should be fine, that happens sometimes on startup when CMD flashes onscreen

Windows moment

not a serious issue but good to check the logs if it shows anything suspicious, use an ai chatbot to find the severity

Any recommendations?

but its more of a usual window behavior so nothing to worry about much but try to look up if you curious

for chatbots?

Yes

you can use any but if i were in your place i'd use either claude or copilot

Thx

no worries

ask them how to find logs and copy/paste the log descriptions to the chatbots of some of the recent logs

you can use event viewer or if you want detailed logs you can use sysmon, but you have to set it up so a little lengthy but worthy to learn along the way @noble moon

I'm suspecting a file that might me the malware. I want to delete it and delete anything related to it. Any other files it might have downloaded and everything. I have an App that do this but it's paid and my subscription has ended. Is there any similar free apps? Or can I do it manually?

do you suspect your system to be vulnerable? or did you installed any suspicious file or something?

Yes I downloaded a mod for a game and I think it might be the problem

I deleted the files. But I'm not sure if there's anything related left on my device

might be the thing

delete the exe and check task manager and event manager and end its task

Quick question.If wanted to major in cybersecurity between a diploma in Computer Science and a diploma in cybersecurity.Which is the best to do??

Everything seems good

go for computer science

learn coding languages too

cybersec can be done along with it and you'd do fine

I think I'm safe for now. I'll check again with another anti-virus. Thank you for helping

Okay.Thank you

but still

check the addendum or course delivery for the diploma

if they have coding langs in cybersec go for that

dont install extra antiviruses

Why?

windows defender is good enough to protect you

Oh

third party antiviruses are not safe

go with default windows

I have windows 10. Does it affect anything?

it wont

Thanks for the advice👍🏾

just set it up for the highest security and you'll be good

What about MalwareBytes?

thats what i use

Some1 recommended that for me

they are trusted but still a thirdparrty

i personally avoid third party

I would really recommend CS as well. Cybersecurity is only good if you really understand the systems and code

rest is your choice if you wanna use an external av its your choice

Ok done. Malwarebytes was set as the default. I will change it back to windows defender

just uninstall Mb

and install a uninstaller like revo uninstaller or similar

Ok

they look out every sort of file attached for you

easy for you to delete stuff

Link?

lemme

https://www.revouninstaller.com/
That one?

https://www.revouninstaller.com/start-freeware-download/

use this

direct install on this lin

Thx

no worries

yes knowledge of related stuff is very necessary, specially coding languages if you aim for red teaming or pentesting

Yeah I’m in a cybersec degree rn where they go surface level into a bunch of different things, but never deep enough. That’s why I yap about cybersecurity shouldn’t be a college degree

You need the underlying knowledge to defend something. Just learning about an SQL injection will do nothing if you don’t know how a database works

yeah real

they dont know how to organize a cybersec degree

they should start with operating systems then internals then networks and then should should to injection and toolmapping

but they skip the most part assuminng we know everything

The issue with my degree is that we have a really robust program for network and systems administration. So they just took that and added a couple cyber classes. Most of my degree has been networking and systems, but nothing about cloud, pentesting, digital forensics, RE, etc

ohh

Does the ps5 need to be jailbroken to browse it's directories?

You are back at it again 😂

Seems like you might have an answer

i need help.

can someone give me like some general steps of hacking the boxes? (i do htb)

cause i get really confused when the instrcutions are gone. i tried the s11 box (for example)

all it wanted at the start was the flag. so from the lessons i did, i connected it with open vpn and the basic config

then i used curl to get all the code and also visited the site, scanned using nmap and found the ports. used -sC -sV too for maybe some detailed information.

AND AFTER THAT. I WAS LOST.

like i didnt know what to do or where to begin stuff with.

the first problem i ran into was the source code was all weird. (like it was all in a horizontal line)

i also tried using 'grep' on source code to find 'flag'

but nothing.

like am not asking for a solution but what are the general steps i need to keep in mind or follow?

not just for this but like for any box or whatever this stuff is called.
spent 45 mins looking around and my head is heavy T_T

help

If it's a web based box, you should probably add the hostname (usually (box name).htb), then do some fuzzing such as gobuster dir -u http://box.htb -w /usr/share/wordlists/dirbuster/(pick some txt) and gobuster vhost -u http://box.htb -w /usr/share/seclists/Discovery/DNS/(some subdomain txt) --append-domain

If there are particular interesting ports open like SMB, check service version. If it's a windows 7 or xp machine for example, you may want to check if eternalblue works.

It's also helpful to get the firefox extension that tells you what web technologies are used such as php version, etc. There may be CVEs associated with these.

If you indeed find a CVE that applies, you may be able to find proof of concept code on github.

It sort of depends on the box itself what the workflow would be. Some are way more straightforward such as Local File Inclusion, SQLi, weak credentials, etc. Once you gain an initial foothold, you may want to extract ssh credentials (sometimes in /home/username/.ssh) and crack the private key with john/hashcat). You also will want to priv escalate. You can get a sense of the vectors possible with sudo -l, ss (then port forward via ssh -L), linpeas or winpeas, etc.

Thank you @digital solstice
You helped me 🥂

Got that figured out? I could walk you through it

@distant trout if you send me the link to the particular box I can try it myself and explain my process

If by s11 you mean "Reactor" (the first for season 11), I did that one in about 40 ish minutes after it released. It was pretty straightforward if you look at what Wappalyzer (the firefox extension I mentioned earlier) says

Im convinced im unhelpable but i'll give it one more shot. I have been doing security for about a year and have been stuck on the same thing forever. I have not gained a single skill since that thing. 3 people i have met in security discords say they dont know what do to either to help me. The worst part i dont even know what the thing is that i am stuck on. please dm or reach out if you think you can help me

Sounds like you need to spend more efffort on documenting your progress/methods of study. You need more data to figure out why exactly you are stagnating.

hi can someone help me how do i hack into someones instagram ?

or just like tell how to or what app or website do i use?

That’s illegal, please read the #📜・rules . We don’t assist with such activities

on tiktok yall said here they gon help me

Womp womp

Not to hack into someone else’s instragram

If you want to learn how to hack that’s different

bruh im tryna get my ig back

bc sum indain hacked it

indian*

Contact ig support

There’s nothing you can do about it

https://vm.tiktok.com/ZNRntttF2/

yall yall would help

they aint helping mee thoo

it doesnt say help in illegal activities

Literally in the video he says not to join and be acting a fool…

arent hacking is illegal in it self?

No

It depends on the situation

Especially if it’s in a learning environment

no

If you want to learn how to hack, I suggest you check out #👥・new-member-guide

kay

hey I have an unique situation that I could use some new perspective on if anybody is willing to help.

Just say what you need help with and make sure it's not against the #📜・rules 😂

it's my windows, it saying I need to activate it but I've already activated it.

Contact windows customer support 🙂

tried that, they didn't give me a response

Well try again call em up.

If you are having issues with your copy of windows they will assist you. This isn't a very unique situation for them at all.

ight\

Hello everyone, I am new to this platform. Can someone teach me how to hack?

Come chat here #💬・chat

Hello guys, I'm a newbie here can anyone teach me the basics ?

Hello 👋 welcome. Most members start here #👥・new-member-guide

@pale crest @onyx sedge https://www.nist.gov/itl/applied-cybersecurity/nice/resources/online-learning-content here are some free and low cost resources along with the #👥・new-member-guide that just got posted

Come back here anytime with specific questions 😄

Hey anyone got any good foss vpns

slmgr /ato

Try running that command

Is IT technician high school useful for starting in cyber without expierience? I have 2 international internships in IT not connected to cybersecurity, should I put them on cv?

Yeah, if you are not occupied by other things, you can start the Internship, nothing is useless in the cyber world

Yes because in a company that doesnt need that much cyber monitoring you can work IT Support and Analyst

We dont help with thins like this read our #📜・rules

I'm trying to delete MalwareBytes but it's still in my device and it's still on as the defuse anti-virus. I tried using Revo uninstaller but that didn't work.

Can anyone help?

We wont be able to help as the ones that try to RDP or have you download anyting will prob scam you. Did you reboot after you had revo remove it?

No

Should i?

try and see if its gone

So you have any good Uninstaller app?

Revo is solid and should work along side with the malwarebytes uninstaller

I found BCU recently, seems to be a good alternative: https://github.com/Klocman/Bulk-Crap-Uninstaller

Very useful in environments with licensing restrictions (like using on corporate devices in a small company if you're part of the IT team and some employee "accidentally" installed Roblox in their corp laptop)

I'm using both on my personal desktop, just sharing if it helps someone

No

I logged into replit browser (on tab) yesterday i tried creating a repl like typing the code on my own and stuff but i couldn't find how to do it (had to use github codespace later)
Does anyone know where to create a new repl?
Also which is better "codespace vs replit"?
Pls lmk

Any tips on how to find if I have a rat on my pc since my pc jas been lagging alot more lately

Check your traffic

Windows event viewer

Ngl I’m 99% sure there’s a YouTube video on this…

Or like docs from replit

https://docs.replit.com/build/use-the-docs

all good buddy

Thanks

Hi guys , I recently passed my ccna with flying colours. However I am struggling to find a company that will take me on due to my experience. I am very passionate about networking & want to land my first position as a NOC / junior network engineer / network engineer. I am in the Uk and need some guidance. I have recently been building my portfolio and documenting a little project on eve-ng. Some guidance would be nice. Thanks guys

go to the website and look for the create repl button.. um or maybe a bug + symbol?? choose a template and boom start it ig, hit create repl and it throws u to the browser IDE

if u are in the replit ui, they must have it there as +New in the sidebar or something

Nope not there at all they changed the ui and now i can't find it

give me an ss

create something new...

left sidebar..

Doesn't work
Just refreshes my page

tis a bug mate

imo

if a hard refresh doesn't work, try the direct url

@forest quail try not using brave asw

Restarted the site many times even cleared cache of browser still not working guess i'll try removing filters today

Why?
I tried on chrome still same issue

Tried typing the url and got to home screen again😮‍💨

Uhhh

Idk then 😭

Try asking claude maybe

Lol i asked gemini it suggested me to just use codespace instead
Nvm though i found vs code web version to run on my browser seems good just gotta figure out the repository stuff

@broken fox No, we do not help with that. Read the #📜・rules and #📢・announcement message

Hey guys can someone guide me or give me some roadmap for the defensive

and kindly those paid course sellers don't come in my dm i am a broke guy seeking for some help

roadmap.sh is a good place to start, I struggled with it at first because it’s kind of vague but it’ll set you on the right path

Also there’s one in #👥・new-member-guide

its like currently i am doing bachelors in cyber security but like i know how to use some tools but i still don't know the working mechanisms and also with linux i got arch but when got some error i can't do a thing and need help from AI so any idea what i should do like where to start from ?

Start reading stuff. Hack the box is also great for learning practical stuff

Also if you’re learning I would strongly suggest to not rely on AI

The struggle sucks but it’s necessary

thats where i got stuck like i want to study and learn but don't know what to read

where to get resources from what to do

and if i tried to do some boxes then i always got stuck and ended up with writeups

Ok so I think the biggest thing for you is to just start somewhere and persist through challenges. You’re not gonna know everything but pick resources from the #👥・new-member-guide , look on Reddit for a good textbook, and if you don’t vibe with it pick another

You learn through failure

mainly i am litrally lost and dk what to do like i have curosity and urge to learn but don't know where to start from what to do like when i tried something then i feel like another is also imp and got to another and like that kinda in loop

Exactly you gotta choose something and commit to it

like everything seems imp and got confused what to do

and main problem is i ended up forgetting the learned things like i did solved the labs from portswigger sql and now i am blank like what to do i mean when i jump on another topic i got blank about the first one

is there any way or idea to get the rid of it ?

Commit to something lol

And don’t be afraid of failing over and over again

Yes it was reactor only

I decided to try some other rooms (old ones) and before that do the "Basic Toolset" skill path

Thanks so much for replying man

guys I'm doing a little personal project trying to connect to a old chinese access point that I had (I opened it and soldered a UART to usb port so I could connect it to my pc)

but the problem is

that it doesn't let me in (I don't have the login credentials)

Can someone suggest me some good cybersecurity projects that should I work on

Alright, 👍. So how does one get YouTube premium but for free. Asking for a friend🤔

dont they like give out offers for 1-3 months free? '

My friend already used his 1-3 month

do u have google one? like the subscription?

He does

google one gives u free youtube premium

that's how i am using

hey guys is there anyone here who can help me bypass the Google authentication thing after doing a factory reset to my old phone I forgot the Gmail I used and I didn't have a recovery gmail

or u can downloaded those MODs but it's always a bit risky

High risk high rewards

https://tenor.com/view/okay-sounds-good-jim-halpert-the-office-good-point-gif-15818320620194911396

No #📜・rules

How can remove frp in my phone

Has anyone watched the big lez show

My friend got leaked on tiktok can somebody get that off tiktok

Report it to tiktok

Nope, report to the platform please

alr

The best thing to do is report and move on with your life

any suggestions for ai chat claude code vs deepseek api which is best??

Locally hosted if you can 😂 . It depends on your criteria but I currently use Claude(please don't vibe code 😔). Different LLM are better for certain things.

Not rich enough for local hosting

you can host for free too

Hey guys 👋,
Can anyone tell me what doing the Junior Cyber Security path on HTB is like?

And this is basic right? So, why it isn't mentioned in #👥・new-member-guide ?

Just a question no arguements though...

How to set up a vpn or proxy to get onto onion browser

You don’t really need a VPN or proxy to access onion sites — just download and use Tor Browser, connect, and open the .onion link.

https://www.torproject.org

Will I get tracked tho

I mean it’s designed to make tracking much harder by hiding his IP through multiple relays. But nothing online is 100% anonymous logging into personal accounts, downloading random files, or using sketchy extensions can still expose you.

You might have to ask someone more experienced then I am.

My apologies.

@prime plover can give you a nodge in the right direction.

I use Kali Linux on a VM so if my machine gets hacked I can restart it and thank you sm

for tor connection you dont need any vpn

and either way using a vpn over a vpn will make things worse

i recommend you to use it as is out of the box with tor installed and that's all

and another thing use I2P more relieable and secured

😄

There is always a layer of trust for the exit nodes. For example the NSA owns a bunch of tor exit nodes. Also there is always some trust involved and if an individual has enough knowledge and resources they will find you eventually. You can only obfuscate.

and if you really want to get off the "DarkNet" stuff out of your personal computer make a USB stick using Tails it's an OS that is used by news reporter they use it to go on tor and share information from inside a censored country

so china afghanistan ect ect

and to avoid getting exposed just dont download something from there nor go on sketchy thing

you'll be good to go

If you want to get deep into this kinda thing I suggest you read hitchhikers guide by anonymous planet and take some notes. There is all kinds of things that can be used to track you. If you live in the united states just know you can be tracked much easier.

Anyways if you arent doing illegal stuff and just wanna explore use a disposable vm like lain was saying. Use a new instance for each project you wanna do.

Then again all this should be judged based upon your threat model.

Essentially the basics of it is you have different online identities and they never mix with each other. There is alot to consider. Everything about a device can be tracked and devices next to other devices leave a trace. For example if you are trying to track someone irl you look for identifiers like fingerprints, birthmarks, tatoos etc. You also try and find where they frequent, where they have been, see where they are going. Then there is just random passerbys that might be able to id you. For the last example one digital variant of that is something like BLE(bluetooth low energy). It can essential be like a a passerby just noticing you as going about the day. It is how airtags work.

Thank you guys so much for always being helpful ❤️

Another useful book is Extreme Privacy: What It Takes to Disappear by Michael Bazzell it really shows the amount of effort that goes into trying to remain anonymous and/or keep your privacy(different things). I would say the only way to actually achieve 100% online security is to not go online at all 😆 . You can do well enough though.

i got your back

https://cdn.discordapp.com/attachments/1012079751445352518/1501017194484600984/owlsec_intro.gif

Also one last thing. Sometimes connecting to a vpn first then from there connecting to tor has merit. For example ISPs dont like when people use tor and they do things such as throttle tor traffic. If you dont trust your isp as much as your vpn provider etc. It doesnt improve anonymity it just shifts who you trust. Tor to vpn is the worst option overall dont ever connect to tor then vpn ha. It essentially defeats the whole purpose of tor and is worse than just a vpn.

Uhhh thats all I can think to offer have fun and stay safe.

guys i need some help with this cause im confused

which cert should i go for, cdsa and then start mass applying to soc jobs while still working for that msp, or do i go for ccna and stay a little longer in that msp?

U can apply for the jobs u already have sec+

im working already but its mostly IT

so im trying to get into something thats more in depth with security

Keep working and upskilling and apply for jobs get CCNA is valuable even in soc . Stay there for a bit and see if they will pay for the CCNA cert.

so you'd say ccna then cdsa then apply for soc jobs?

Just ccna it will give you some general networking knowledge. And as you are doing that no harm in applying for soc jobs. I would stay MSP for a bit to gain some general it and customer relations experience imo.

but damn man i hate speaking to clients lol

You can even pivot to an mssp

Managed Security Service Provider

if thats the case then i'd speedrun ccna tbh cause i wanna get into the fun cyber stuff

Cyber is a lot of paperwork and dealing with people just fyi

how long would you suggest i stay in an msp?

true, but your more respected there

Nah regular it deserves respect as well.

Idk if clients respect cyber people more 😂.

It's all it to most people.

some of them be arrogant and ignorant for no reason tbh

atleast in a security enviornment id be dealing with less clients and smarter people i guess

what xd

Sorry to burst your bubble. You will still deal with headaches from people at any job 😂.

damn

no escape then

I would say to stay at MSP as long as you don't need an immediate raise until you learn all you can there and then move on. Depends on your specific plans though. Don't hop jobs to fast though as employers consider that a red flag.

how long would you suggest i stay in an msp?

That depends on your plans. I usually try to stick with a specific employer for at least a year.

Unless I need to get out for whatever reason it's not a hard rule 😂

hmm, yeaa to be honest i want to get out of there quickly, cause i fear getting stuck in IT

but yea you'd say i go for ccna, then apply for soc jobs as well, correct

i dont know if i'd have sufficient soc skills though, would i? or would i have to supplement with something else before applying?

Don't be scared of getting stuck in IT. Just apply until you get into cyber 😂.

I know people who got a soc job with just sec+ so it's possible, but don't think it's the norm. Just network as you work at the msp until you get in.

THe best moment to look for a job is when u are already employed.

Do projects in your lab familiarize yourself with the various things used in a soc. SIEM, IDS, IPS, etc etc. Build a soc in your own home network whatever. Just get some reps in 😂.

network as in networking with people or IT networking xD

true true

Both, but I was talking about people 😂

xD

alright thanks for your time man

No problem

Good luck, just keep gaining knowledge. It's necessary to be successful 😁

it is indeed

So help desk is the play?

Its a good option to start for sure. Dont let that stop you from applying to other stuff. If you are capable and have done some networking with people you can go straight to cyber possibly.

Just dont let that be your only plan. Get any job and start pivoting until you get to where you wanna be.

What about CS grad with 0 Cyber experience but but mostly swe exp

👉 👈

You could look around at software security engineer stuff or you could go work as an ISP installer and work your way to NOC and then SOC.....or you can go help desk.....

My point is there are many paths just find one that works for you and pivot as you go 😄

very wise

Lowkey thought help desk was the only way or system admin with certs

How do you get on the dark web can someone teach me

scroll up a bit

To what point

#👥・help-me message

I was a software engineer

And studying all the hack stuff I was able to move into cybersec

does anyone know about tails, its a OS that is supposedly the most secure to browse through onion links bc it routes all internet traffic through Tor, so i was wondering if It was a necessity or just good measures ?

Depends on your threat model, but sure you can tails on a USB drive.

It's probably best to do so honestly

This might be a stupid question, but do you guys actually use VPN 24/7? I mean I only use it if I wanna switch my algorithm to Indonesia sometimes

see I could use tails and buy a USB but I was thinking of just using a VNP and Windows but at the same time its risky

Depends on your use case. If you are just trying to change your cdn to get different regional content in Indonesia or wherever. I always have mine on.

Please see an earlier conversation #👥・help-me message

Definitely recommend reading up a bit before you decide to venture off.

Guys, I’m someone who wishes to become a web application pentester.

And maybe in future someday i could become part of red team.

My question is:
Do yall have any advice for me?
And do yall recommend anything:
books
youtube channels that I can learn from.
Something else.

I would appreciate it.

https://portswigger.net/web-security give this a go

Also scrol through the help channel and check out other stuff people have provided

Always have mine on .

I also have premium subscription on Tryhackme, yesterday I finished pre-security I’ll start with cybersecurity now

Get Tor ... pick some good bridges
Don't use tor and a VPN at the same time.

I don't think surfing the DW is illegal,but what you do over there might be .

will HTB academy pentester path make me hacker?

yes

it'll give you the foundation for it

I heard it gives knowledge equivalent to taking Offsec's OSCP labs but idk how true that is

If I the whole course would I be maybe 80%~ ish of the way to taking the OSCP?

What about the tryhackme full roadmap

that as well

it is true, i also heard that the cpts (htb's cert) is harder than oscp to a degree

but, more affordable

so i'd rather work towards having that

What do you advice and recommend me to do in my journey to be successful and have a higher potential to become a web app pentester and future part of red team

i'd recommend working with what you have, so if it's tryhackme, work with that

but if you have hackthebox, work with it as well

i would personally route to htb whenever i need knowledge regarding cybersec because i have a membership there

I have that and I also bought couple of books, I’m trying to do as much as I can

I’m thinking to build my foundation in tryhack me and then go HTB and then do rooms or smth

makes sense

do that then

Thank you dissonance

Where do I learn?

The #👥・new-member-guide is a great starting point

Thanks

Hi do anybody no a good and free humanizer cuz I need to do something with it I'm lazy to write a finish an assignment and I'm dead locked in for Thursday cuz I've been busy doing other stuff like writing scripts with python cuz it was more interesting so of anynody know a good humanizer please share 😅

Please read our #📜・rules very carefully, we don't deal in vigilantism here. Also, while you are timed out please change your bio or you will be quarantined.

Start hunting on vdp's immediately and watch lostsec on YouTube

Oh and use this

Its rly good give it a try its made by nahemsec

https://www.hackinghub.io/

I'd say learn all the server side bugs on portswigger academy ( cuz u don't wanna fuck up on accident on a real target ) and do some hackinghub labs to give u a motivational boost when u solve a lab and actually learn non outdated stuff ( everything there comes from a real bug bounty write-up so you can do what the pros do ) and go crazy with learning client side bugs on real targs ( vdps ) and maybe even find a valid bug to report and brag about online

That's my opinion tho have fun bruh

What is vdp? Can you pls explain it?

unpaid bug bounties basically

Bigger scopes and less competition might I add

Usually

Trapnatized put me on to this like a year ago

Ahaaa okay okay

I’m at work now if I’m home I’ll look the the YouTube channel you sent and the link you sent

Thank you very much

@sand gust

Type shi

hey everyone, I just got started in cyber security and I am taking the junior pen expert course in HTB....thing is I am getting tired of only the theoreticals, is there any where I can start practicals from the start instead?

You could probably do easy HTB boxes alongside doing the course

Oh I'll check those out, thanks.

hi

Welcome

hey guys, how would i get started for getting into cloud security? I'm a college student atm studying computer science, and I want to head into this field - I'd love any pointers you all have!

I'm not too sure about getting started in cloudsec as I don't have much experience in it, but both the AZ-900 and AWS CCP are good beginner level certifications that give a good overall introduction to cloud & cloud security and usually take 2 - 4 weeks~ to study for and pass

I'm personally going to take the CCP as AWS naming conventions can be confusing

is the training for these certifications free? currently, I'm on a pretty limited budget so I'd prefer not to spend any money on learning .. also, what entry roles do you think would be better to get into for cloud sec?

I'm not too sure about entry level roles, I assume that most entry level IT roles would be okay as you can then pivot into cloudsec later on. AZ-900 has free training via MS Learn and the AWS CCP has free resources although they aren't as readily available as the guided learning provided through MS Learn

right right, thank you so much!

hi i am a father and want to place spyware on his new pc butt i dont't know how to code and i dont't want to spend any money can somebody help me

If you are a father then just install something like a parental control software

its on a pc and and he wants linux on his pc i dont know what that is tho?

Question, does anyone have any opinions on OT security and how you would get started in it? Seems under staffed and it's something I'm looking forward to.

I am having such a hard time with my laptop getting super hot and the fan wants to constantly run. I thought I fixed this several times but it keeps happening. Especially when I'm working on THM and HTB projects (as well as other projects I shant disclose here). Any suggestions?

I mean, I do have 8 others but this one is my favorite. 🙁

I suppose what are your specs and what are your background processes when running it?

OT u can find this in HTB some starter things

I'm sure I just need to build a better computer lol

@flat thorn thanks

i hear you on that, I am the same way with my stuff, I need more has ended with me buying an old dell server lol

Yeah. I'm working reconfiguring my entire setup all the way from my ISP to my machines.

be back in a bit. Have to run some updates.

catch you later

get a used computer with certain specs

Anyone knows what might be the reason someone sees https://discord.com/channels/990435451334688768/1508342420348080249 channel as #no access?

Those are private channels
Can't be viewed by regular members

Chat is pvt? I was just talking to you there

A frnd of mine joined the server few minutes ago and said they can't access the https://discord.com/channels/990435451334688768/1508342420348080249 channel

Well that's weird
Send ss in dms

Yeah lemme ask them for

someone here who has done the LogForge sherlock on HTB willing to give me a hand for the last question i cant answer? (i can't find the name of the "attack type" it wants)

Hii everyone can anybody help me

How can I help you?

who are you tracking?

i am asking who you gonna track

What's good y'all

this is not the chat

Hello everyone I'm new here.

#💬・chat