Hackerman - /hmg/ - Hackerman General

In /hmg/ we discuss pentesting, hardware hacking, exploits, and general being a hackerman.

- CTFs and competitive events belongs in /ctf/ -

Resources:

VMs
overthewire.org/wargames/bandit/
>easy beginner bullshit

vulnhub.com/
>prebroken images to work on.

hackthebox.eu/
>super secret club

Tools:
kali.org/
>meme dragon distro but it just werks

metasploit.com/
>scriptkiddie starting point and swiss army knife

Tutorials/Guides:
abatchy.com/2017/03/how-to-prepare-for-pwkoscp-noob
s3ctur.wordpress.com/2017/06/19/breaking-into-infosec-a-beginners-curriculum/
>From zero to OSCP-hero rough outline, and how to infosec.

youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA
>IppSec, video guides for retired HTB VMs.

Certs:
eccouncil.org/programs/certified-ethical-hacker-ceh/
>CEH, only looks good a resume to non-technical in HR

offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/
>OSCP, the big dick swinging exam, 24 hours to own 5 machines and a further 24 hours to write up a report detailing your methods.

*UNAFFILIATED TRASH - AS LULZEC TAUGHT US - TRUST NO ONE!*
Community:
IRC: #Jow Forumssec @ rizon.net
Discord: discord.gg/3Y7Mr52
Matrix/Riot: riot.im/app/#/group/ hmg:matrix.org
anonops.com/

Attached: Hackerspace_billboard.jpg (1859x1194, 649K)

Other urls found in this thread:

attrition.org/security/conferences/why_you_should_not_get_a_CISSP-public.pdf
bugcrowd.com/bug-bounty-list/
youtube.com/watch?v=RfiQYRn7fBg
twitter.com/AnonBabble

I think this would work better by merging with /ctf/, unless you start nitpicking with the hacking definition.

No we don't discuss these things in here.
/g is a certified board for discussing apple vs android, amd vs intel

Can you do CEH without 2 year work experience?

If true
How?

>not listing CISSP
a connection of mine, executive director of a big govt. contracting company called it the gold standard. Said it drastically increases your salary

attrition.org/security/conferences/why_you_should_not_get_a_CISSP-public.pdf

It can't increase my salary if I don't have one. Give me a job please.

bugcrowd.com/bug-bounty-list/

How hard is it to go from Arduino to straight up AVR programming?

How viable is that if you are not constantly checking for new programs?
When I see a program with 4k rewards it makes me believe that it's too crowded and that you have to be quite fast to find something to report.

this powerpoint starts slow, but gets kind of funny halfway

welp, he literally hires people directly. This is not a small company. And he hires the people who hires people directly, and tells them to look for CISSP.

not saying this PDF is entirely wrong but, it's pretty sloppy.

If you have the skillset required, you might aswell just try it and see for yourself.

Computer security is fun. Rewards are optional.

>WWYD?

Attached: usb-deaddrops.png (1674x867, 1.79M)

>If you have the skillset required
That's actually what I don't know but I guess I'll try some of them.
>Computer security is fun. Rewards are optional.
Tell that to my mother.

You pay big money for course that will show you how to use few tools. You can do the same in one evening while reading man pages for 15 min than practicing rest of the night.

no hackthebox
:(

with a spoon and enough water I'd turn it into a convenient glory hole.

gibs OSCP

youtube.com/watch?v=RfiQYRn7fBg

HACK

WHACK

CHOPPING THAT MEAT

Metasploit Park, System Security Interface
Version 4.0.5, Alpha E
Ready...
> access security
access: PERMISSION DENIED.
> access security grid
access: PERMISSION DENIED.
> access main security grid
access: PERMISSION DENIED....and...
YOU DIDN'T SAY THE MAGIC WORD!
YOU DIDN'T SAY THE MAGIC WORD!
YOU DIDN'T SAY THE MAGIC WORD!

CEH is not difficult,
But do you know the costs of CEH + those courses and some checks they claim you have to pay for