Because you fucktards can't keep it alive. Allegedly some anons are developing a super secret club Chan, 'Hackerchan or something'. VM/CTFs: overthewire.org/wargames/bandit/ >Start here, learn by doing.
Looking for a book on reverse engineering pref Windows OS.
Owen Cooper
Ah thanks, OP one of few real technology threads is back. Hey faggots, any of you do scripts for InfoSec?
I recently started to get more into Lisp. While doing that I stumbled upon Newlisp. Now I'm not a great programmer, but I can make shit that works for my job. I was kinda blown away by this... I rewrote few scripts in it, now I'm thinking to use it in few engagements just for a hell of it. Anyone did something similar to me?
Aiden James
Hello anons,
I was waiting for someone to remake this thread. Still very new but fast becoming a regular.
Got to level 6 on overthewire yesterday and generally learning linux and stuff.
Also studying for CompTIA Sec+, is it actually any use for applying for jobs? UK based here.
Someone needs to add to the OP that there's a HTB group for those that could actually get an account.
Xavier Reed
That infosec guide says to watch like 350 Comptia videos. Is that really necessary? I thought people say to learn hands on.
Thomas Flores
Going from contractor to full time at work and got pretty much exactly what I asked for in salary negotiations (something I know nothing about and was pretty nervous about). Soooo stuff is good right now fellahs. Also my team got first place in DefCon CTF quals (I had nothing to do with it because I was away at the time but gave morale support in the slack channel(s) hah).
Also no degree, 6 figure job doing cool stuff, have OSCP etc. etc. so ask me stuff if ya want. I'm not bragging, just putting it out there so people can ask stuff about work and life.
If you absolutely want certs then CCENT/Comptia Network+. Not because they are actually worth shit as a cert but because if you study the materials with effort you will learn about networks.
To be brutally honest (not knowing anything about you) you probably need to know MUCH more then you do now. You have to be VERY good at most things/at least know about most things on more then a superficial level. The mindset of going after certs will hinder this.
coursera.org/learn/build-a-computer Don't skip over that because you know how to 'build' a computer aka put a computer together from parts; it is a course about building a computer from literal scratch aka: starting with logic gates, not a course on how to 'build a sweet gaming rig' or something.
>Because you fucktards can't keep it alive. I refuse to be the thread at regular intervals until you include the resources I personally tracked down for this general, including OSCP/PWK materials.
>windows RE What do you want to achieve?
>CompTIA >is it actually any use for applying for jobs? No, and this needs to be an entry in the OP, because anyone whose at CompTIA level, or thinks the trash series will benefit their career clearly has nothing to offer this general.
>what are Jow Forums scrapers It will take you six seconds to find the old thread if you actually look
>most of these links contain cryptominers And? They are fun and will help people learn.
Who cares what people say. Different people learn differently. You don’t sound competent enough to even spin up a domain, let alone hack your way out of a paper bag. Go learn.
Nice, good shit. Do you have any recommendations for solo CTFs other than hackthebox? How’d you go about forming a team anyway? What was the most challenging part of the OSCP for you?
Mason Gonzalez
How many jobs did you have before getting to where you wanted to be? Did you work at a soul crushing help desk and work your way up? I enjoy this field but the bottom feels like shit.
Tyler Lopez
>Did you work at a soul crushing help desk and work your way up? Sadly this is not a realistic path for anyone.
Think of it like this;
>be good Helpdesk employee >be super valuable to company because you are good at your Helpdesk job and know the role etc >opportunity to remove one of your employees comes up >best employee asks if he can be removed to go to new role >will be down a really great employee and in worse state >never let good employee have any advancement in case he leaves Gotta learn in your own time, in a real, serious, hardcore lab. None of this shit with one windows xp box and a copy of Kali; you need to know how to spin up an exchange server, set up multiple domains with cross forest AD, you need to deploy firewalls.
You need to replicate the networks you will be REALLY touching. And then you need to tear them the fuck down again, and build them up again. Because when you understand how to build the walls, you will understand WHY you can knock them down.
You need to dedicate time and MONEY, into hardware to run this virtual DC, to learning, to certifying yourself. Because if you don’t have experience on your resume to move up into a new field as you are right now, you need to create your own experience. If you can answer the interviewer, YES, I DO know how to deploy an inline firewall and deploy AD and exchange in a domain, THIS is how you get a job.
No employer will move you up themselves. At the end of the day, they still need competent staff to do the work so THEY still have a job.
>I enjoy this field but the bottom feels like shit. It feels like shit because it is shit. I still rank level 1 work as the worst job I have ever had, and I worked retail in my early 20s.
Nathaniel Evans
> Do you have any recommendations for solo CTFs other than hackthebox?
One of the best that has challenges that start at easy and go to fairly hard is pico ctf ( picoctf.com/ ) . Another with loads of challenges of all different varieties is www.root-me.org and as mentioned in that paste www.pwnable.kr
>How’d you go about forming a team anyway? My teamleader is on Samurai and got me an invite to the team. Before that just competed by myself, or with teams thrown together from IRC pals; also we have a work-team.
>What was the most challenging part of the OSCP for you?
Hard to answer, especially in retrospect. "Hard' is realitive as well and somehow implies an aspect of discomfort/un-enjoyable/pain to me and really none of it was like that, I love this stuff so it's not a chore at all. I guess enumeration is the most annoying and can be what makes or breaks a machine and it's easy to miss things. Tiny details matter as well of course.
>How many jobs did you have before getting to where you wanted to be?
I had no tech-related jobs until this one.
>Did you work at a soul crushing help desk and work your way up?
Nope, I was an infantry Marine, then a private military contractor doing high risk personal security in Afghanistan/Iraq, then a firearms instructor, then back to PMC, then this job. But I have always done this stuff since I was kid, being part of 'hacker culture' etc. so obviously it's a passion so I just kicked it into overdrive when I decided to switch careers and do it as a job; I figured out exactly how I wanted to hone my skills and focus them into getting the job I wanted.
Just be relentless, the 'hacker mindset' is 100% the most important thing to all of this but it is also almost impossible to learn/teach if it's not already part of you (but it could be latent so don't worry if you don't feel it now).
Thanks for the advice, need to motivate myself to learn more in my free time. Help desk kills my motivation lol. Last question how do you feel about college? I have an associates but am debating on getting my OSCP instead of paying thousands for the four year degree.
Brayden Davis
>I refuse to be the thread at regular intervals until you include the resources I personally tracked down for this general, including OSCP/PWK materials.
>Last question how do you feel about college? My honest opinion is I would be much further in my career if I didn’t go to uni and just certed up
Ian Baker
>being this pissy
don't both participating in these threads if you're just going to be a drain
Benjamin Edwards
>don't both participating in these threads if you're just going to be a drain If you think I’m a drain for wanting some standard or skill level in the handsome man general, go back to cyb/sec, where your skill level will be approrpriate
And yeah, I AM pissy people keep asking about CompTIA without doing an iota of research into what the industry really thinks about their certs
Julian Evans
Add them yourself once the thread dies. Feel free to contribute if you think it's an improvement.
this might be a /sqt/-tier question but i think it's related to this thread - what do you call competition where you look for security holes or hidden shit in websites? i went to such competition because i thought it was a programming competition but was pleasantly surprised by fun tasks.
There is plenty of malware for Windows and RE'ing parts of the OS is pretty cool.
Nolan Lewis
The shellcoders handbook is full of errors.
Brody Wright
I just started bandit and I seem to be going through it without really knowing what I'm doing If I'm using google for questions (not explicitly stating bandit) am I doing it wrong? I'm up to level 16 now and I don't think I've learned much, most of it seems pretty self explanatory
That's because Bandit is a CLI tutorial with an emphasis on steganography. Unless you're batshit new to Linux, then it won't teach you much. The last level though is very clever.
>CompTIA >is it actually any use for applying for jobs? >No, and this needs to be an entry in the OP, because anyone whose at CompTIA level, or thinks the trash series will benefit their career clearly has nothing to offer this general.
Well I am just starting out, what would you suggest instead?
Luke Lewis
>There is plenty of malware for Windows and RE'ing parts of the OS is pretty cool. IVe always been told the tomes “Windows Internals” are the best ones on the architecture itself.
As for malware, I’d still recommend art of hacking
Brayden Martin
>Well I am just starting out, what would you suggest instead? Starting out in what man?
>i am starting out in sec but have a great IT backing I’d recommend you jump straight to OSCP prep and fucking gun it >I am starting out in sec and have an OK IT backing I recommend you do some sysadmin shit in your lab, get a CCNA and maybe an MCSE >I am starting out in sec and think computers run on magic I recommend you find a new field of interest. Sec is a culmination of multiple disciplines, and you need a variety of skills to keep your head above water. Try getting some experience in any field of IT that is not help desk.
Matthew Gutierrez
Do you guys have any plans to reverse engineer the Intel Management Engine that backdoors their CPU's or the equivalent backdoor on AMD's CPU's called "TrustZone"
Where can I buy your merchandise? I am particularly interested in an Acer Laptop, Some fingerless gloves, a hoodie, a guy fawkes mask or balaclava and some black paint for my hacker room
Dylan Morris
>Acer Laptop Are you trying to be a hacker or a pro gamer? Different tools for different professions, scrub
David Bennett
Acer V7 Nitro is fkin awesome with i7, 16GB DDR7 and m2.ssd for every fkin type of job
Aaron Ward
beginners.re
Logan Wilson
>hackthebox.eu/ >most of these links contain cryptominers is it true?
James Brooks
Maderas is back...
Justin Allen
Are you some sort of rainbow sock wearing tranny? I've done plenty of research and it's obvious comptias are an HR filter. Just do a job search in your area. About 2/3rds of the jobs I see require comptia.
Just deal with HR doesn't know shit about tech so they use the carts THEY are told are good to filter candidates. It still won't get you a job alone
