NEW? Check the /sec/ Career FAQ and Cybersecurity basics links above. Learn to code, learn computer basics, learn networking THEN work on hacking. It's technical and hard, but fun. Want to hack now? Try Webgoat and use the cheats. Grab Penetration Testing A Hands On Introduction and see what you don't know enough about. Always use a virtual machine for reading PDFs.
Question - how hard would it really be to make a strap n that triggers the sexual pleasure center of your brain on for trannies to get them to shut up with their retarded self mutilation and pity parties
Angel Sullivan
Good to be back, last round was very good.
>I can't understand how anyone gets infected via the web, unless web browser devs install intentional back doors. Many programmes are networked, in particular web connected, such as PFD viewers (really bad security track record) , time sync programs (ntp had a bad bug a while ago), installation software and more. Just monitor your firewall and see the massive traffic that runs continuously. And one slip-up in these programmes will open the flood gates for malware.
Julian Gutierrez
what do you think about hackforums?
also do you know any sec forum?
also fuck those cia niggers they glow in the dark xD
Robert Russell
Not just that, but people download all kinds of stuff from the web. Any file can exploit something locally, Flash, Java, PDFs, Word, EXE, zip, etc. and lots of programs have dynamic scripting language support built in. VLC has had a bunch of serious bugs and all they have to do is backdoor some pirate copy of a popular film.
Parker Myers
Do you guys have a collection of research papers or journals stuff to read.
THE PEOPLE HAVE SPOKEN, THIS IS THE HIGH WATER MARK FOR FASCISM EXPANSION, EVEN BOJO IS ON THE ROPES
Hunter Smith
I have a library of stuff, some I have contributed to the FTP site mentioned in OP msg. If you want to trim your disks you could always go for the All Encompassing Library (AEL), at >>/t/ael, currently clocking in at 501 GB of carefully curated material. AEL-user is a regular in here too.
For anyone interested in binary exploit analysis and modern exploit kits. Google Project Zero found a dozen iOS bugs being used on a watering hole site for 2 years. How long do you think they sat on this?
Carter Perry
Longer. apple internal security policy is to force users to newer products to avoid technical debt from old bugs.
Angel Ramirez
can someone megaupload the 10gb computer bit?
Anthony Ramirez
it would be extremely painful
Charles Miller
I had to deal with a litteral " as a queer women of color blah blah" shit last night.
Grayson Flores
I’m earning an online meme degree in CybSec. Any advice for me?
Will I actually be able to get a job with it?
Adrian Mitchell
how do you make a secure lab for htb so you don't get hacked by other people in the same net?
jesus christ how horrifying! you must have been reduced to tears and clenched fists! how dare she explain her plight publicly before making a statement.
Joshua Allen
lmao thank God i live in a country where this BS doesn't exist
if htb refers to hack the box you can't (low probability) get hacked, if you keep the VM on your LAN. Even better don't give it Internet access. Even better put your lab environment behind a PFSense box
Gabriel Young
At the least I would put your virtual HTB system in its own subnet and its own VLAN, make sure you set rules on your router/fw so it can't say shit to other nets or VLANs, make sure your routing rules on your VM are set up right, etc.etc.
Josiah Powell
Assuming someone breaches your VM they can change any routing rules to get access to your internal LAN anyways.
Hudson Ward
Host-only network or firewall rules to block all traffic unless it's from your computer's IP.
Ryder Reyes
How do you set up VLAN?
If you use host-only then the VM can not connect to the internet no?
Joseph Gomez
most malware is downloaded so if it's host-only vm then even a backdoored file will only exploit the system and attempt to grab a file. if you monitor network traffic of the vm virtual interface then you'll capture the attempt and will know that an exploit occurred. should be easy to figure out what happened.
Gavin Wood
Oh come on mods
why delete the OP
Jordan Cook
throw in some certs, get an internship or two, contribute code to some open source stuff on github, write system security scripts and publich them on github, don't mention Jow Forums
Jose Perry
>don't mention Jow Forums I mentioned i posted on Jow Forums at my interview and now i'm CISO
your point is invalid, he needs to get a tshirt with obscene imagry and then cum on it to impress his employers
Ryan Thomas
post a picture of that google guy with the anime tiddies tshirt
Easton Baker
couldn't find it, take this one
Bonus points for anyone that finds one that has girls taking tentacles up the asshole graphically.
Justin Smith
>force users to newer products to avoid technical debt from old bugs But.. it's the same software.
oscp training materials, no idea, various oreilly books, humblebundle hacker 2.0 bundle
Alexander Sanchez
AM HECKERMEN, WAT DO
Adrian Davis
tell me, why are you posting this much here? are you lonely? are you dare i say the not man "i'm a man" spammer?
Asher Turner
i’m in
Joseph Perry
Thanks! That answers my question exactly!
Adrian Gomez
you guys fucking suck at hacking cucks 70.182.41.47
Logan King
Some “easy” HTB boxes I root in under 2 hours making steady progress the whole time and some I can’t root after 4 with zero progress made. What gives
Nathan Thompson
>I mentioned i posted on Jow Forums at my interview That is brave. 4ch does not have the best reputation, especially in media.
Landon Hill
Fully functioning hardware solutions for ARM and x64 against Spectre and Meltdown are still not here. The hardware solutions are probably cosmetic at best (faster, compensating for SW "fixes") and marketing (lies) at worst.
RISC-V is immune, and have used this in marketing for all it is worth. And that is a lot. When is the first RISC-V phone coming?
Owen Evans
=== /cyb/ /sec/ News: So how much data do the agencies acquire in an investigation? >The Police Chief Who Warned Against A Police State electronicsweekly.com/blogs/mannerisms/dilemmas/police-chief-warned-police-state-2019-09/ >““In 2005, following the London terrorist attacks, police investigations into the seven attacks resulted in the seizure of four terabytes of data,” says the Commissioner, “today, a current counter-terrorist investigation has 81 terabytes of data.” I doubt all countries show this much soul searching in its surveillance. >The only way of processing such huge databanks is by AI but, even so, the final judgments made on the basis of AI-processed data must always be made by a carbon-based life form. Some countries expect to automate this with silicon based judges, possibly for integration with organ harvesting operations.
Benjamin Young
Anyone on hackthebox.eu? I'm new to pentesting and trying Luke (10.10.10.137) I'm kind of learning as I go along so far I got some credentials and some login pages just trying to figure out this JWT token thing right now for one of the domains. Really want to just say fuck it and metasploit brute force them lol but I want to learn a more proper way.
Jose Thompson
How are you connecting to their network? You might already have been hacked yourself lol.
Jason Bell
im using a burner laptop connected to a neighbors wifi
Jason Morgan
>neighbor's wifi you're a fucking nigger that's what you are you fucking coward
Grayson Wright
It is of course more heroic to take the hail of lead like a real man on your own doorstep.
Mason Scott
give me back /hmg/
Eli Stewart
>i'm going to hide behind my neighbor without his approval because i'm a fucking pussy could at least have used hotspots or café/restaurant
Sebastian Edwards
Yo anyone got any sans pdfs?
Logan Foster
Just a question, I'm an engineer by education and my dad says I'm not engineer material. He recommends and wants to fund a degree in cybersecurity for me because in my country it's an up and coming thing. I do have some interest in it, what with a librebooted thinkpad without systemd and all, and I enjoy the material in these threads, but how's the job like?
James Lee
You're a big guy.
Jaxon Parker
hello pajeet >I'm an engineer by education and my dad says I'm not engineer material you either are an engineer or not
Gabriel Diaz
Retard. I graduated with an engineering diploma but my type of engineering is marine engineering. I can easily pull a few thousand in pay but I won't see my family for months at a time. I'm also not a fucking Indian.
Sure. Trouble is, these are filled with cameras, and also outside there are likely to be dozens of cameras.
Isaac Fisher
Can I get this in pdf?
Parker Morgan
are hurricanes cyb?
Ethan Fisher
bump
Kevin Ward
youtube.com/watch?v=f4rPDF993qs >that's a bitchin' physical access control system you have >hope you remembered to install a knox box >would be a shame our knox keys were copied
Kayden Kelly
For you
Mason Miller
dude, never use a wifi in your own vicinity
Asher Jenkins
Hey man with your courage in one hand and your dick in the other, which is bigger?
I'm saying i know people who used to work for apple internal security response.
The UK has a different system I hear (from a British guy I worked with during my student days). He had to disclose his orientation (no idea about level of details required and I really didn't feel like asking!) and he got the job.
Josiah Williams
>He had to disclose his orientation
thats fucking illegal in the US. you cannot ask that shit at an interview. no marital status or any of that shit
Nathaniel Kelly
yes, in fact, that would be ideal
Julian Bell
this
Ethan Wilson
hoover was a closet case and all the fbi did was blackmail him for it. go for it!
they deleted data and disabled comms equipment back in june. us still claims it's about "the big stick" theory so it's fine to waste exploits and lose operational position.
Dominic Baker
GOTTA ROID UP, KICK SOME DOORS DOWN AND ACT LIKE MY BADGE IS PROTECTION OTHERWISE YOU'LL THINK I'M A GIANT PUSSY WHO NEEDS MILLIONS OF DOLLARS AND A TON OF GUNS TO BE BRAVE
Landon Wilson
are you retarded
God says, "enmities fallacies inb4 cometh impurity temporately he review texts doesn't privacy cannot get answerest the journey terry as meme boasting "
I've heard they want people to have experience as a sysadmin first. I'm doing developer stuff right now, but when I was job hunting, there wasn't a lot of security stuff.
Camden Mitchell
hack some stuff and tell people you did :D
Caleb Thompson
Who do you think works in cybersecurity?
Andrew Smith
Sure. We just don't know what country he is in. Not all countries are like the US.
>dude, never use a wifi in your own vicinity Using a Yagi he can contact a WIFI node way outside his vicinity.
Jonathan Brooks
Time for some === /Sec/ News: >600,000 GPS Trackers Left Exposed Online With a Default Password of '123456' (zdnet.com) yro.slashdot.org/story/19/09/05/2040213/600000-gps-trackers-left-exposed-online-with-a-default-password-of-123456 >According to Avast security researchers, over 600,000 GPS trackers manufactured by a Chinese company are using the same default password of "123456. "They say that hackers can abuse this password to hijack users' accounts, from where they can spy on conversations near the GPS tracker, spoof the tracker's real location, or get the tracker's attached SIM card phone number for tracking via GSM channels," reports BleepingComputer.
An honest mistake? Or orders from Chinese intelligence agencies? Hard to tell.
Ian Foster
Is this unironically possible?
Leo Turner
Okay so one of the first things to do if you're on the lookout for unwanted or potentially malicious network traffic is to monitor DNS queries. I'm curious, is it common for things to know that and not use DNS, and just hit some hardcoded IP directly without looking up a hostname? How would you go about detecting that - look somehow for outbound traffic to $IP that wasn't preceded by a DNS query that returned $IP?
Ethan Reyes
It was just Hollywood proving hoover liked cock
Ethan Hall
I can believe Hollywood enjoyed that.
Gabriel Lopez
On the same net? So far the odds are really bad. There is a reason .mil prefers separation of nets (red vs. black)
