everyones favourite thread is back for another round!
Dylan Price
what are we all working on this weekend?
Hudson Sanchez
Why learn assembly and c?
Brayden Reed
>Why learn assembly and c? its a link to a book so you can learn assembly and c
Alexander Cooper
So you can reverse engineer malware
Camden Mitchell
Been refreshing my memory of Python lately. It's been awhile since did anything with it. Been going through Black Hat Python and Violent Python and a few other books i dont wanna be a script kiddie
Kevin Wood
>Black Hat Python and Violent Python and a few other books Nice one mate, keep at it
Logan Wilson
Any books like this but in Python 3? The reason I’ve been avoiding it is because it’s written in Python 2
Josiah Carter
>Any books like this but in Python 3? theres a few repos with the code from violent python converted to p3
Sebastian Watson
Links pls
Jeremiah Johnson
Messing around on htb. Working on Node right now. Just finished the easy mode boxes, having a bit of a challenge on node, but I’m making solid progress. My copy of advanced pen testing just came in the mail. Might start reading that in my downtime.
I don't think there's much of a difference between Python 2 and Python 3 I think it's mainly just the input and print functions and that's about it
Jacob Perry
Just finished Bandit. The last two levels were pretty tricky, especially the one where you had to trick More into showing more than a single page with your terminal size.
Also fuck *nix permissions.
Andrew Murphy
>Hacked CSGO skin faucet app with an easy ram editor like a years ago >Withdrawed the most Expensive skin >I still have it
Jaxon Jackson
>last two the ones that really spun me out were the FINAL one with the shell, and the setuid one. I was over thinking it hardcore, and had to look at a walkthrough to realise how fucking simple it was.
Owen Gomez
have you tried selling it yet?
Hudson Rivera
>CSGO skin faucet app what
is this external to csgo?
Andrew Sanders
This. Some networking libs and path handling etc have changed somewhat for the better but if you can into Python 3 you can Python 2 with ease.
Blake Long
Any other interesting certification to have apart from OSCP or CEH?
Alexander Torres
Dragon lore? How many years ago is this?
Jaxson Kelly
జ్ఞాజ్ఞాజ్ఞ Can Apple ever recover?
Parker James
>Can Apple ever recover? the update to fix this dropped before the exploit became public
Mason Mitchell
Which level was that?
Charles Butler
>Which level was that? 19
i kept trying to feed it other shit not necessary to run the tool
Gavin James
It can be still widely used though.
Nolan Bailey
>girl from berlin i feel like saying L O N D O N would be a bit redundant, wouldnt it
Sebastian Cruz
a dude on the other thread said, vuln research / RE is the only real security.
Josiah Rogers
depends on your "interesting" mean. these days, people like to have CISSP, because yeah you know, first you have over 5 years experience. second widely known by HR and easily invited to interview
Lucas Diaz
>CISSP you know its a management cert, right
Robert Lopez
Making a video on Shocker for when it goes retired and then hopefully getting User and Root on it's replacement today.
Andrew Parker
Not exactly management, you can stay in technical but you have a point plus for that, because you understand high level "company security".
Jace Hughes
oscp is still the better techincal choice
Juan Rogers
if you already on technical side, why the heck you have to take an OSCP?
people take an OSCP, they want to go to pentesting side, OSCP 75+% focus on web-apps pentesting.
Or just have fun, to trying to explore their technical knowledge.
There's available another cert for another field, of course its "practical exam".
stop spread frigging OSCP if people don't want to focus on web-app.
You can't explain technical on people who don't understand technical..
Even it's "practical exam" how many people take another script just to pass an exam? I give an example for that, take a look at securityshift he provide script for that.
Lincoln Rodriguez
Not hard to adapt to python 3, in fact it would be a great exercise adapting the methodologies into python3 or even another language entirely
Nathaniel Harris
Some functions have changed. Range is a generator now instead of making a list.
Hudson Perry
>why the heck you have to take an OSCP? Because the lab is worth it’s weight in gold. Clearly you haven’t taken it if you can’t see the attraction
Asher Reyes
read a whole point you faggot.
Evan Cox
I don't need an OSCP because I already on the field.
what an OSCP can do, if they instructed to pentest except web-app?
Liam Mitchell
>read a whole point Fucking what
Benjamin Cooper
How good is microcorruption.com/ for someone that never doing CTF and interested in trying it? Also any good beginner resource?
does india have its own local certs you could take?
Nathan Hernandez
not pajeet. and the answer is no.
Jayden Rivera
kekd
William Garcia
Nice writeup (and wallpape). I just finished this one a few days ago, just in the knick of time, it seems. For some reason, I had a shit ton of trouble getting the intial curl method to work. I must've spent an hour running various forms of it through curl and Burp before I called it quits. When I woke up the next day, I ran the last curl request I tried once and got through. On a side note, is there a schedule to view for machines? I'd like to know which are close to retirement.
Cameron Baker
What are the prerequisites for doing something like OSCP. I have no knowledge in pentesting and the likes. Would it be overkill to start with it?
I also started a very well rated Udemy Course today which goes into this direction.
(It's getting a bit voring with my Front-End Web Dev Job with some Salesforce in it..)
Christian Bailey
WHY IS HE SO FUCKING UGLY!?
John Turner
There is a link in the op that answers this question
You’re gonna decide what to study based on what people on the internet tell you to do?
Justin Sanders
idk who else to ask kev
Logan Jenkins
>idk who else to ask
Colton Ramirez
>black hat python lmao
Colton Campbell
Not the guy you're replying to, but have you actually coded in python? I bet you code in visual basics.
Brandon Perez
>idk who else to ask kev
if you don't know how you study most effectively, then why are you entering a master's program?
Brody Powell
bc it's a prestigious school and they're offering me a load of money
Jack Richardson
So what?
Do you even have any skills or knowledge of the field? How can you expect to pump out a research paper if you don’t know any anything?
It seems like you don’t know anything if the first choice in your poll is attend a course to learn industry skills!
Alexander Perez
>Do you even have any skills or knowledge of the field? some >How can you expect to pump out a research paper if you don’t know any anything? by learning >It seems like you don’t know anything if the first choice in your poll is attend a course to learn industry skills! i didn't write the blurb, it's from their website
David Cooper
because real hacking consists of creating your own 0day exploits and not just downloading dogshit w32 "tools" and scanners and using other peoples exploit kits.
ASM and C are essential in binary exploitation.
Joseph Ward
>by learning masters is not for learning, its for refining.
Logan Morris
if you think you can't learn anything more after an undergrad, you're probably wrong
Liam Campbell
i have no idea where you got that impression. but if you read what ti says it says research. youre expected to have the skills and knowledge to be able to do the post research yourself.
how are you offered a masters without a bachelor anyway? you already got one?
Ayden Bennett
i'm graduating this semester
Christian Jenkins
what in?
Nathaniel Perez
comp sci
Christian Campbell
heres the real steps, i think this would serve you better
>follow the links in the op post to learn more about infosec >do most of your learning on this topic yourself >do the masters to make your resume tighter and to say youve got a masters
if you struggled scraped and starved through a compsci degree, youve got the ability to learn the shit you need on your own
personally i think a masters is more good than two bachelors
Carter Jackson
i should have been clearer, the masters degree can be obtained 3 ways: a thesis track, a development track, and a coursework track. another bachelors isn't on the table
Ian Cruz
>i should have been clearer holy fucking shit yes you should have.
development sounds like it can lead to a job if its doing real shit for actual companies.
Sebastian Wood
i doubt it's developing in tandem with a company, it's probably just developing a toolkit that implements an exploit. but it would be fun to develop a spectre/meltdown kit even though i know nothing about them now. my gambit would be that a degree for CMU would be enough to get a job regardless, though, and i could pick the less risky coursework option, and rely on internships during the summer
Benjamin Phillips
I must be fucking retarded.
Literally copying an pasting solutions for overthewire level 0 (i did figure it out but didntk now why it wasnt working) and still says password is incorrect.
What the fuck?
Charles Miller
>i doubt it's developing in tandem with a company im going off the wording written on your poll mate, if you dont know things about the degree, then go ask your uni
type man ls, read that page type man cat, read that page then you'll know how to get the password
save yourself some time and read a short beginner linux book before doing bandit
Gabriel Sullivan
>coded >visual basics >visual basic(s) Holy shit There truly are pajeets in here. Go back to your Indian pooping forum fag
Michael Butler
youre using port 22
use port 2220
Logan Young
Anybody tried OpenSecurityTrainings?
Currently doing the Intro to x86 series and it seems pretty legit, but also outdated
Should I continue with it?
Adrian Thomas
>Go back to your Indian pooping forum fag Top zoz
Eli Anderson
can't follow them, too tired to listen their voice.. confusing AF. since then I stop watching them.
Mason Powell
I want to be a scriptkiddie. Where do I start, coming from a complete beginner.
>inb4 fuck off newfag
Jose Robinson
the resources in the op
Do you think I added all that shit for fun? Do you think I added the magnet to the oscp videos, or the web app hackers book because it was enjoyable for me to find resources?
Fuck no. It was so you fucking people can stop asking this question! The resources are RIGHT THERE! In order from beginners onwards!
Ian Davis
What he said.
Seriously I put good links in the original OP and people expanded on it to make it even better. Follow and you'll find the path to your answers.
Carson Ross
Python is pretty great for scripts, don't think you know what you're talking about
Liam White
Fuck off brainlet. If you haven't the minimum capacity of READING links in a post how do you think you can be even a scriptkiddie?
Matthew Gomez
not even close to being true.
Owen Wilson
I started recently trying to use HSS on the Overthewire site and got to level 5 in maybe 5 or 6 hours and i got interested on entering hackthebox. Even though i know i'm a beginner and everything, what do i need to know to hack my invite in?
Christopher Lewis
>what do i need to know to hack my invite in? if you cant get your invite yourself, you wont be able to pop any of the boxes.
Luke Morris
Hey there genius, i'm not asking what i need to do. I'm asking which knowledge i need to have so i can hack myself into it
Xavier Jackson
bringing down e-corp
Jayden Cox
>I'm asking which knowledge i need to have so i can hack myself into it all of it
nigger just fucking try
Tyler Brown
because it's relatively easy? good bang for buck ratio
Matthew Stewart
this is your chance to make something that proves yourself to a company like ForAllSecure
don't fuck it up.
Colton Butler
Why is the US so shit at cybersecurity/cyberwarfare compared to Russia and China? Obviously the US excels at global intel collection through the NSA, but why can't US agencies/military keep up in anything else? Stricter hiring practices for TS/SCI clearance in the US while Russia lets Dmitri's hackforums botnet participate in state sponsored cyber operations?
Robert Gonzalez
You joking? Have you read Vault 7/8 by WL? CIA uses Russian shells on their exploits that leave behind the trace of a Kremlin... They employ these tools Internationally for who-knows what purpose?