/cyb/ + /sec/: Cyberpunk and Cybersecurity General:

/Cyb/er/sec/urity general is for the discussion of anything and everything related to cyberpunk and cybersecurity.

What is cyberpunk?
>pastebin.com/jS37Vu7A

Nothing to hide? - The importance of a cyberpunk mindset applied to a cybersecurity skillset.
>youtu.be/pcSlowAhvUk

Resources:
Cyberpunk:
Cyberpunk directory:
>pastebin.com/9JaJFqB2
Cyberpunk resources:
>pastebin.com/7DWCsAc8

Cybersecurity:
Cybersecurity essentials:
>pastebin.com/JWx5xeEM
Cybersecurity resources:
>pastebin.com/NaUPUDF0

Harden your OS, reroute your DNS and fire up the VPN!
Shit just got real: - Looking for more resources, help is welcomed.
>pastebin.com/JXyM4fTe

The Old Skool: - Looking for more resources, help is welcomed.
>0ld 5k00l h4ck3rz: 67.225.133.110/~gbpprorg/#40

IRC:
Join: irc://irc.rizon.net:6697
>#Sup Forumspunk - Requires SSL
>#Sup Forumssec - Requires SSL
IRC guide:
>pastebin.com/YDbEWRHV

Thread archive:
>archive.rebeccablacktech.com/g/search/subject/cyb/
>archive.rebeccablacktech.com/g/search/subject/sec/
>archive.rebeccablacktech.com/g/search/text//cyb/ /sec//

Thread backup:
>cyberpunked.org/

Previous thread:
Suggestions for new resources are welcome.
The Gentoomen /sec/ community is looking for CTF team members, contact them at the IRC channel.

OP message:
Updated resources incoming, followed by some reorganisation.
I will admit, these threads are moving faster than I thought they would.

Other urls found in this thread:

cyberadio.pw:8000/stream
pastebin.com/8JQKVaxR
privateinternetaccess.com/blog/2017/07/swedish-transport-agency-worst-known-governmental-leak-ever-is-slowly-coming-to-light/
svt.se/nyheter/inrikes/transportstyrelsens-sakerhetsskandal-detta-har-hant
svt.se/nyheter/inrikes/obehoriga-hade-atkomst-till-tva-av-polisens-hemliga-register
electrospaces.blogspot.com/2017/06/dutch-russian-cyber-crime-case-reveals.html
reddit.com/r/netsec/wiki/start
opensecuritytraining.info/Training.html
opensecuritytraining.info/External_Resources.html
owasp.org/index.php/Category:OWASP_Top_Ten_Project
youtube.com/user/DEFCONConference
pastebin.com/bh3Uyq3a
corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/
fuzzysecurity.com/tutorials/expDev/1.html
corelan.be/index.php/2011/07/14/mona-py-the-manual/
github.com/longld/peda
lcamtuf.coredump.cx/afl/
blog.talosintelligence.com/2009/07/how-do-i-become-ninja.html
myne-us.com/2010/08/from-0x90-to-0x4c454554-journey-into.html
intel.com/content/dam/www/public/us/en/documents/manuals/64-ia-32-architectures-software-developer-vol-2a-manual.pdf
mgraziano.info/docs/stsi2010.pdf
github.com/lieanu/it-sec-catalog/blob/master/Exploitation.md
safemode.org/files/zillion/shellcode/doc/Writing_shellcode.html
humblebundle.com/books/cybersecurity-wiley
imgur.com/a/xMi2Q
imgur.com/a/GmKjW
cyberpunkforums.com/viewtopic.php?id=3857
twitter.com/NSFWRedditVideo

First for i love bunkerbro

I would suggest maderas 00sec post get its own section in the OP. Its more valuable and relevant than the old school site.

Is a vpn worth it even if I'm not doing anything illegal?

3rd for this OP is very cool.

u stol eet from mi

4th for I agree on all of this!

I've got a VPN because my university and dorm networks are completely blocked. Can't access website by IP, can't access websites on specific port (cyberadio.pw:8000/stream wont work for ex), a lot of websites are blocked etc.
Also I know they are sometimes watching what you're doing and their network is not secure (they advise you not to order anything online from their network).
So it can be useful even if you're doing nothing illegal.

Bunker Bro needs to invite us all over for a party so we can get into a slap fight over some stupid topic and get arrested by the European fake-police.

So where can I learn more about what's needed to be on the CTF team? I'm at best pretty green in the whole security world and my main focus has been as a network engineer/sysadmin but it's something I'd definitely like to learn about and help with if possible. So basically I don't know if I'd be any use at it at all.

/und/ + /cringe/ : Underage and Cringe General
Fixed it for you.

Is mullvad a good vpn service? They seem reasonably priced and won't require any personal information. I don't live in a dorm or anything but I think the security a vpn provides wouldn't hurt.

whats that user
nothing to hide?

wouldnt hurt you to start using a vpn

I'm using my own VPN on a VPS. I can't recommend you any services sorry m8

yes mullvad is good
expressvpn also good
nordvpn is good
user theres a lot of good options out there

dont listen to anyone that suggests running your own vpn on a vps, thats only good for getting traffic out of the country and shit for privacy. you may not keep logs but i'm betting your host does.

cute.

>cute
why?

Thanks user.

I am glad that anons are finding my work useful.

Also, it is incredible to see what this general has grown into.

From bunkerbro's posts to one user posts on RE and exploiting the absurd privilege access given to AV/AM, I find myself lurking this place everyday, all day.

This general has great character. I have even come to appreciate Larperbro and Cybisnotsecbro's antics to some degree.

Keep it up anons and thanks OP.

Youre like a fucking wizard who comes if you chant his name.

I re-read about half of the article and something interesting stuck out to me about where you work.

How does the government value OSCP? Ive heard they want clinical CISSP, which isnt gonna fucking happen since I dont have the role to fulfill the requirements for a CISSP anyway.

I was thinking an OSCP since you and other guy you were talking about empire/ruler to a few threads ago (at least I think you recommended it. I know he did).

I want to stay inside the military circuit. I already have TS, but I know everything in this realm wants above TS, which I cant get until I get a role that requires it. Which Im sure you know.

Mostly, because private sector sounds scary. Defence contracting is secure and long term.

You're 0x00 post inspired me to really get into learning as much as I can about IT/Sec.
I am standing at the beginning though, and hearing the stories from someone was is in the Game since a long time, is motivating and inspiring.

Nice to see you hang around these threads.

I don't see any reason to seperate the General. It feels like the best of both worlds. Some people that into Cyberpunk are interested in Security and the Hacker Culture and so they start learning about it. Likewise, people coming from Cybersecurity, Hacking, Programming background, often like the cyberpunk aesthetic/stories. So why seperate them, they are connecting on more than one point.

Not to mention that we are getting ever closer - if we not already are - to living in a cyberpunk world. I still stand by the viewpoint that we are living in a cyberpunk discourse as Foucault postualted it, and I am not the only one seeing that.

Just ignore the trolls.

===========
==
==
== As promised: Version 5 preview 2 of
== the alt.cyberpunk FAQ is released
==
== pastebin.com/8JQKVaxR
==
===========


I am looking for general feedback as well as new inputs on games, music and other media. More on tech would also be useful, I am considering a bit on Electronic Warfare. Info on more Zines would be good too.

The document is big as it is (94 KB) so an in depth list of everything is not possible. The idea is to provide an introduction and answer most common questions.

To the best of my knowledge this document is clean, no links to pirated texts though we all know the net is full of copies of all main works of Cyberpunk.

Maybe something about databases. I mean there's big dumps of them it seems like every week, and everything you do is stored in a database somewhere so they are hugely important. Pretty much everything has a database backend sitting somewhere and they are hugely lucrative targets.

As for cyberpunk, a lot of these oppressive regimes are all about keeping people in the database, too (IE: SINs in Shadowrun, for instance.)

I'm half asleep so ignore me if this makes no sense.

It's difficult to say the merger was a good thing when only one person consistently seems to answer actual sec questions, while everyone else is in here to post pictures of cyberpunk and listen to "sad cyb tunes" and ask for the 10,000th time about vpns. The quality is getting more and more cyberpunk themed and it's pushing the sec onto the fringes.

I can guarantee there are a number of people here with experience in cybersecurity, however there are still not enough to sustain the activity required to compete with other more popular threads.

Be the change you seek then and post something about security.

I see your point and agree to an extent. I do sometimes post cyberpunk pictures simply to provide more "value" to my post.

But I do think we should keep this general up and running and let it develope. I am sure there will be times when it will shift more towards cybersecurity and less about cyberpunk, and at others times it will shift again. As long as we can maintain some balance, all is good.

Speaking for myself, I am currently learning much more about cybsec, and hope to contribute more to the general in that regard.

I must also admit that I have learned to simply ignore post that do not interest me or that are blatant trolls, so maybe I do not notice the lack of cybsec questions/answers/topics so much. I've been following this general for about 6 or 7 threads now, and never felt one thing was more present than the others. It feels more like a perfect hangout for those interested in the topics related to cybpunk and cybsec.

tl:dr: I like this general

My actual thougs when I said "I don't see how merging is a mad thing"

Would you rather there be a separate /sec/ general that dies after 10 posts or a /cyb/ /sec/ general that gets a few /sec/ questions here and there?

IRC guide in the op is dead and gone.

My actual thoughs when I said "I don't see how merging is a bad thing"

who sec+ here?

is it worth

any decent cybp movies? I don't really care if they are from the 90s or recent(although i'm pretty sure i've seen most of those already),i just don't want to get bored to fall asleep since i have to fix my body-clock.Thanks

> chip is still mostly intact
You doing it wrong.

Not him but if your VPS is seized / it's owners pressured you can be assured it will give up everything it has on you, which is probably a lot more than a VPN provider has on you. Likely more of a money trail to follow as well. These are generalisations however, all comes down to specifics. If you are an American and have a VPS in say Russia, you probably needn't worry about Americans seizing that server. The Russians on the other hand...
As always, know your threats and plan your security appropriately. Hiding from everyone is a lot harder than hiding from just a few.

I don't know about others but I'm still relatively new to sec and feel underqualified to discuss anything other than its most basic elements, let alone try answer most questions.

As a sec topic starter, does anyone have any stories they'd like to share about social engineering? Obviously be mindful of details and incrimination, but I'm sure even the less experienced of us here have some good examples of talking their way out of or into things.

A friend of mine one, for example, convinced security at a music festival they were press by wearing a hi-vis vest (common among event photographers), slinging two old SLR's over their shoulder and saying they were from a major publication which was reasonably sure to be on the list.

Depends on what you want to do. I don't have it, but I have considered just because it's a pretty common requirement. This is especially so if you are going to be working with the government. Sec+ satisfies some requirement they have and it's pretty much required.

I once convinced a girl to let me stick my benis in her.

Other than that I am too autistic and socially awkward to be any good at social engineering, which is sad because it seems to be one of the best things you can do.

Strange Days from '95. Near future end of millenia thriller featuring somewhat credible version of VR as recorded memories. Very 90s.

Another one I can suggest is Existenz from '99. Mixes biopunk and cyberpunk. As the in the previous film, VR too plays a large role. In this one however it's showcased through vat grown bio devices. Less 90s.

thanks for doing a much better job than i wouldve of saying what i was thinking

link this pls

Can anyone tell me if "The C Programming Language" is up to date, or is there a more modern book that I should buy?

It's still a very good basic. However, some things are not up to date.
Another user recently posted this guide, and I think it's very solid.

>Sweden’s Transport Agency moved all of its data to “the cloud”, apparently unaware that there is no cloud, only somebody else’s computer. In doing so, it exposed and leaked every conceivable top secret database: fighter pilots, SEAL team operators, police suspects, people under witness relocation. Names, photos, and home addresses: the list is just getting started. The responsible director has been found guilty in criminal court of the whole affair, and sentenced to the harshest sentence ever seen in Swedish government: she was docked half a month’s paycheck.


>privateinternetaccess.com/blog/2017/07/swedish-transport-agency-worst-known-governmental-leak-ever-is-slowly-coming-to-light/

Holy fuck Sweden what the hell is wrong with you? I just assume the Russians have access to every state secret of every major country at this point.

pretty sure this is a joke, no?

Recently finished a degree in computer engineering, and would like learn more and hopefully land a job in the cybersecurity field. Could an user recommend me any courses or literature that i could look into?

svt.se/nyheter/inrikes/transportstyrelsens-sakerhetsskandal-detta-har-hant

I don't work the the government, contracted or otherwise (though I have many friends and family who do). However, I see the OSCP coming up more and more as a "bonus" in job postings...and most f these positions are ones not specifically hiring for pentesting positions, which is interesting.

Maybe they are interested in analysts or other InfoSec/NetSec professionals that have some level of intimate knowledge concerning offensive secuirty or adversary tactics...

Empire is a great tool; I really like CrackmapExec for post exploitation lately. Powershell is and where it has been at for post ex. for awhile now, and I do not see Microsoft making a big push for consmer education in that regard...the Microsoft Rep assigned to my company is still chirpig on about classical Pass the Hash (Psexec with dumped hash) and what Microsoft is doing to protect us.../

CISSP leaves a bitter taste in mouth. I have (and do) worked/work in places where those above me had a CISSP but very little practical or current knowledge of InfoSec/NetSec (though they and most fellow employees bend to their choices as if they do, largely because of the cert).

The time of employment factor for the CISSP can be a serious pain n the ass. Sometimes they get crazy with the verification process as well as recommendations. etc.

It feels like the greybeard job security and HR vetting club.

Which sucks, but you got to do what you got to do to get where you need to get.

The Defense seems pretty sweet as long as you can get and keep TS. Seems better than most private sector gigs, best of both the civvy and Fed worlds...I have thought about going that route int he past, but I think some philosophical issues with it (which do not need discussion here).
It is a good career path though user, so if it is what you want, than go for it!
: Knowledge can be power. Cybersec knowledge is tangible power. If I have inspired you to grab some of that power for yourself, than I am happy.

Another article about related data leak from police.
svt.se/nyheter/inrikes/obehoriga-hade-atkomst-till-tva-av-polisens-hemliga-register

shut the fuck up
/sec/ on its own 404s
/cyb/ on its own 404s
merger survives, end of discussion
don't like it, fuck off to lainchan

You could have said the same thing without the first and last sentence.
Don't act like a edge teenager user, you are better than that.

the lainchan part is important, though

Fuck off.

electrospaces.blogspot.com/2017/06/dutch-russian-cyber-crime-case-reveals.html

so, since this is /sec/ ..
I suggest you add these resouces to the OP:
reddit.com/r/netsec/wiki/start
opensecuritytraining.info/Training.html
opensecuritytraining.info/External_Resources.html
owasp.org/index.php/Category:OWASP_Top_Ten_Project

>r*dd*t

these resources are already there, all of them with exception of reddit.

If you're interested in infosec, checkout defcon videos: youtube.com/user/DEFCONConference

They have a playlist per conference. if there's something in the talk that you don't understand, open a new youtube tab and search for it. There are a ton of good infosec tutorials on youtube now.

seriously, get the fuck out, you fucking retard

See and fuck off.

OP here, thank you for trying, but see:

Here's the back-up that will be added to the next OP:
>pastebin.com/bh3Uyq3a

>I don't work the the government, contracted or otherwise
thank you

the NYC district court believes that the entire planet is under its jurisdiction

i agree. proton has demonstrated the most trustworthiness i can find, based on their explicit calls for freedom and privacy, and due to their openness. i've also concluded that switzerland is optimal so that narrows down vpn provider choices to protonvpn and perfect-privacy vpn. the other is virtually unknown and more expensive. choosing a vps and living under their rule is a far less optimal under all considerations i can think of.

I started doing vuln research full time this year so, I wanted to share the steps I've taken thus far. Hopefully other anons who are on the same path can learn from my mistakes/pick up some resources they didn't have before.

I saw that a ton of software exploit development depends on you knowing what the hell software actually does at the low levels, so I resigned to finally learning x86/64 assembly and C.

To learn assembly I read the following:
>Assembly Language Step by Step
>Practical Reverse Engineering
and to learn C I read the following:
>Practical C Programming
>Hacking: The Art of Exploitation (good C programming section at the start)

In addition, I supplemented research with practice by doing the Corelan and Fuzzy Security Windows exploit dev tutorials:
>corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/
>fuzzysecurity.com/tutorials/expDev/1.html

A major mistake I made early on was doing a lot of researching and learning, with no practice. I was mistaking knowing for doing. You need to balance equal parts reading books, tuts, etc with putting that knowledge into practice.

So with practice in mind, I built a formal lab to research vulnerabilities in the wild and exploit them. My current Windows exploit dev setup is an XP and Win7 VM with Immunity Debugger (+mona.py), IDA pro and WinDbg. Linux exploit dev setup is a Debian VM with 4 cores and AFL to fuzz open source tools/libraries. I also have GDB setup with PEDA, which is awesome for exploit development/visualizing what's going on at the low levels.
>corelan.be/index.php/2011/07/14/mona-py-the-manual/
>github.com/longld/peda
>lcamtuf.coredump.cx/afl/

No luck yet finding an exploitable vuln in the wild, trying to improve my fuzzing setup. If anons have ideas for good ways to discover vulns in the wild, would love to hear about it. To any other exploit dev/vuln research anons out there, good luck.

my god, user, i've been studying really hard exploit development and vuln research this past week. i was procrastinating until now when i figured i'd close the browser and go to study (currently going through the art of exploitation) but thought i'd check the last post in the thread before. who would've thought it'd be exactly what i was expecting?

>I saw that a ton of software exploit development depends on you knowing what the hell software actually does at the low levels

i don't think i could agree more. i always had problems with pointers, until i learned how to read assembly. the day i learned how to read assembly instructions i stopped having problems understanding pointers.

now, i'll go to study. good luck to you too my friend, i hope we both (and other anons in this thread) succeed in this field. cheers

I'm interested if there is some popular industry standard study that compares the iOS security model to Android (modern AOSP or Pixel images)

Similarly, is there a conceptual breakdown of the whitepaper that Apple released by someone that explains the most important parts?

I'm specifically interested in Android answer to Apple's HSM architecture (if one exists)

Damn I want to get to that point where I can start with all this, but my general development knowledge is way too low. But I want to learn C and assembly, so that's a good thing.

Thanks for sharing anons, makes me want to learn all the stuff even more.

user, since you were kind enough to share some of your resources i figured i'd return the favor before going to study, here's a few i appreciate:

blog.talosintelligence.com/2009/07/how-do-i-become-ninja.html
myne-us.com/2010/08/from-0x90-to-0x4c454554-journey-into.html
intel.com/content/dam/www/public/us/en/documents/manuals/64-ia-32-architectures-software-developer-vol-2a-manual.pdf
mgraziano.info/docs/stsi2010.pdf
github.com/lieanu/it-sec-catalog/blob/master/Exploitation.md
safemode.org/files/zillion/shellcode/doc/Writing_shellcode.html

perhaps you would make good use of them as well, . cheers guys

Awesome stuff, thanks for sharing!

The cybersecurity humble bundle going on right now is really good if you pay and get all the books. Highly recommended.

humblebundle.com/books/cybersecurity-wiley

I'm digging into both of Schneier's crypto books and I got them through this much cheaper than individually.

Oh awesome, I didn't have a lot of this in my research collection. Will definitely check all this out, it helps a lot. Thanks so much.

am i /cyb

Anyone got tips for sorting all the potential learning material?
I have tons of bookmarks and pdf's related to cybersecurity, hacking and programming and somehow need to make sense of it all, so that I don't get information overload.
Perhaps someone here has struggled with this too, and came up with a nice hierachy.

Any tips would be much appreciated

What country is bunker bro in?

just dive right in, man

I've found and exploited a number of memory corruption and command injection vulnerabilities in proprietary enterprise software using purely static/manual dynamic analysis methods.
All I can really suggest is to stick at it. Take note of any strange or otherwise unintended behaviour in a program, do crossreferences to any addresses written to as a result. Even the most seemingly insignificant or unexploitable bugs are often big pieces in the puzzle when aiming to achieve RCE/ACE.

Also, what do you mean by full time? As in employed in the security industry? How do I get a piece of this pie?
I want in.

Sweden

I have the bundle in a mega link. Does anyone know if they have information about the owner in it?

I categorize my bookmarks into the following taxonomy:
>Helpful (anything that helped me solve a problem, like a StackOverflow post, forum post about getting something to compile, etc)
>Binary Exploitation (large resources listing methods to exploit binaries/software)
>Pwnables (resources for CTFs, vulnerable VMs for practice, etc)
>Programming (further broken down into C, Assembly, Python with resources related to them inside those folders)

That's my personal system of knowledge classification, I've found that if you want to avoid info overload then you need to identify to what end all these sources of info are for. If it's to get better at specific skill sets, then I would classify your bookmarks accordingly (all bookmarks for programming languages go here, all bookmarks for fuzzing go here, etc). Then it's pretty easy to decided where a bookmark should go.

>tfw no matter what you do everything you've done online in the last ten years is in an NSA database
>even if you started going full tinfoil and only accessing the internet through TOR, with a VPN, and encrypted everything you would still be getting spied on
Is there really any way to win besides not using the internet or processors made after 2012 at all?

>you need to identify to what end all these sources of info are for.

That's pretty solid advice. Thanks user. Going to see if that system works for me.

This is all pretty good info, but almost all of the advice I see about learning C is missing the most important part: how to write software with it and build systems.

Once you have a good grasp of the language you probably want to learn a system API (Linux API, or Windows API if that's your thing). This will teach you important things like what exactly a process is, how to interact with the file system, signals, threading, IPC, networking, terminals, interacting with devices (serial and others), and other things you need to know if you want to write real software in C.

The Linux Programming Interface is great for the Linux API (it shows you all of the above, but there are plenty of alternatives to this book too). I'm not too sure what the best resources are in the Windows API though. If anyone knows what the Win API equivalent is of The Linux Programming Interface is I would appreciate it, because I've been wanting to dig into that was well.

FAQ dud here.

>Maybe something about databases. I mean there's big dumps of them it seems like every week, and everything you do is stored in a database somewhere so they are hugely important. Pretty much everything has a database backend sitting somewhere and they are hugely lucrative targets.
Not sure I get you, is this more for the /sec/ angle?

>As for cyberpunk, a lot of these oppressive regimes are all about keeping people in the database, too (IE: SINs in Shadowrun, for instance.)
I think SIN (Single Identification Number) originated with William Gibson, probably in Mona Lisa Overdrive.

>I'm half asleep so ignore me if this makes no sense.
Hoping you are more awake now.

Tired of two lainchans? How about a third one!

p.s. this is not an advertisement

>while everyone else is in here to post pictures of cyberpunk
I had hoped someone had captured all the /cyb/ pictures. Many were rather atmospheric.

> and listen to "sad cyb tunes"
Well, if we can get a discussion going as to what *makes* a tune /cyb/ we can get it into the FAQ.

>and ask for the 10,000th time about vpns.
That is ripe for a paste. Make a list and link it for everyone who asks and dispose of the noise quickly.

By full time, I meant that I now spend the majority of my time during the day doing vulnerability research. I won't get into the specifics of my employment, but generally speaking it's to advise a client on software vulnerabilities and exploit methods.

In regards to how to get a piece of the pie, there are more and more companies/gov agencies expressing interest in people who know how to find software vulnerabilities. It seems that the job title is usually called something like Vulnerability Research Engineer, Software Vulnerability Analyst, etc. But this is constantly changing for some reason, maybe because this position is somewhat new compared to others in security. If you look for job postings with names that are similar to those I mentioned, I'm sure you could find an interested employer given you already have experience in this area.

You mentioned you have found memory corruption/command injection vulns in enterprise software, are the static/dynamic analysis tools you use things like Immunity Debugger for dynamic analysis and IDA pro for static analysis? Or are there more specialized pieces of software that you would recommend to aid in applying these methods?

I saved most of them, including the room ones (not included in the picture)

Plenty mentioned in the pasta and the new FAQ.

oh boy ANOTHER dead imageboard?!?!

>installgentoo has an expired cert

great

I was looking for comfy room ones

Maybe I can upload them somwhere

Cheers for the career advice dude; I'm actually currently employed as an apprentice, but I'm very interested in jumping into the security industry after I finish.

>are the static/dynamic analysis tools you use things like Immunity Debugger for dynamic analysis and IDA pro for static analysis?
I primarily just use GDB with peda for debugging and currently I'm using binary ninja for disassembly; however, its performance isn't great and it lacks support for many architectures right now (only basic ARM support), so I quite often fall back on radare2. I'll often automate input on the side while I'm analysing a program's behaviour with pwntools, automatically attaching and making breakpoints in GDB to save me time.

Besides that I haven't really stepped into fuzzing or symbolic execution; however the latter is probably something worth stepping into for relatively quickly decomposing complex codepaths.

I think the Windows API equivalent would probably be Windows Internals Part 1 and Part 2. These are mammoth books, but they seem to cover the Windows API and OS fairly extensively. I think they may be what you're looking for. The 7th edition just came out too.

Here you go user, and everyone else. I can keep these updated when I find new ones, or new ones are posted here.

>Cyberpunk Scenery
imgur.com/a/xMi2Q

>Cyberpunk Rooms
imgur.com/a/GmKjW

I've actually been meaning to get into radare2 since it comes up a lot in security blogs, if you're using it to successfully find vulns I think I'll put more time into learning it. I hadn't heard of pwntools, but it sounds pretty useful. I was debating buying binaryninja once I got a better handle on disassembly since there are many who swear by it.

Thanks for sharing some of the tools you use, always helpful to hear how others are getting the job done, going to look at pwntools and radare2.

That's exactly what I'm looking for, thanks.

is GNU Privacy Handbook enough to learn in-depth basics of email encryption (OpenPGP and GPG) to a completely shit beginner like me? I didn't like the recommended website for beginners (ssd.eff) in OP

>upload
There is the open FTP with a Cyberpunk folder.

Just add a Image sub folder and upload.

ftp://[email protected]:21212

Password is guest.

isnt hsts great?
the best part is the owner and administrator is away doing normie shit like having a kid

Anyone know what happened to gftp.ga? That used to be another pretty good FTP.

So as a hobby project i want to build a PC that completely has /cyb/ in mind. How do you build something that doesn't have any backdoors in it? sounds like you'd be using archaic hardware or shifty russian parts

>Perhaps someone here has struggled with this too, and came up with a nice hierachy.

Yeah. I found a good system. Sadly, you won't like it. At first I struggled with it too, when I thought the reason I wasn't learning was because I hadn't found the "right" source, or the "best information".

>put ALL your resources into one folder/file
>delete EVERYTHING you've saved to learn "after you understand x topic"
>the few remaining entry level books you have order in hard copy and delete the PDFs

Here is a link that was posted a few threads ago that made me decide to simply throw the whole fucking lot away, and instead of sampling a little bit from a lot of sources, finish ENTIRELY any source I utilise.

cyberpunkforums.com/viewtopic.php?id=3857