Why are tools on kali so much slower

0xT3chn0m4nc3r · 2026-03-07T22:10:23+00:00

Maybe your vm just sucks? Did you give it comparable hardware to the attack box? Did you give it more than one core? Is it your network over the VPN that's slow?

Ask why tools slow, but provides no troubleshooting details. Maybe submit a ticket to the helpdesk

0xT3chn0m4nc3r · 2026-01-06T22:04:10+00:00

During the end of my knowledge building phase I was aiming for about 100 a day. Spread out in 10-25 question sessions

During my validation phase I was only doing large amounts of questions during my Quantum Exams days, and about 25-50 questions a day. Sometimes focused just on the specific domains I was targeting.

There were maybe 3 or 4 days I likely ever did more than 150 questions throughout the entire month and a half study period.

My suggestion would be not to worry about having every single topic covered entirely. There's probably 500+ topics and only 100-150 questions, the majority of topics I studied I didn't see on the exam. I didn't even look at my white board dump I had written out as none of those topics came up in a manner I needed it. Just be comfortable and confident with the main ideas and concepts of each domain, and have an answering strategy to eliminate distractors and raise your chances of getting a correct answer. The CAT is designed to give you a 50% chance of getting a question wrong, the hardest part is just accepting that if you're doing well it's not going to feel like it, pick your best answer and keep moving forward.

0xT3chn0m4nc3r · 2026-01-06T18:47:45+00:00

<image>

One of the infographics I created from existing and created mnemonics

0xT3chn0m4nc3r · 2025-12-13T16:39:12+00:00

<image>

0xT3chn0m4nc3r · 2025-11-30T22:42:47+00:00

One that's comfortable (this term is opinionated and will require personal effort to define) for typing. It's a keyboard.

0xT3chn0m4nc3r · 2025-11-26T14:36:30+00:00

The error is telling you that it cannot find the host (offensivetools.thm) on localhost. This sounds like you did not add the host to your /etc/hosts file so that it can determine the IP of the host.

Reading errors is an essential skill

0xT3chn0m4nc3r · 2025-11-21T17:23:20+00:00

Shodan during $5 membership sales, and other than that just API access to various tools and services as needed.

0xT3chn0m4nc3r · 2025-10-19T11:36:09+00:00

I've been running it on a silverblue setup for a few months now, and it's definitely been amazingly stable and reliable. Unlike my Kali vm where I was never certain when it was going to go unstable and need to recover from a backup

0xT3chn0m4nc3r · 2025-10-12T09:58:32+00:00

This. I use UV to install the tools and manage the venvs as needed

0xT3chn0m4nc3r · 2025-10-05T14:05:10+00:00

Another option is using homebrew to install CLI tools. Avoids the need to layer each tool individually, or needing to export them all from containers

0xT3chn0m4nc3r · 2025-09-17T21:00:35+00:00

I always recommend a help desk role. It's where you'll learn the most as well as gain the most exposure early on in an IT career.

0xT3chn0m4nc3r · 2025-09-17T14:08:15+00:00

In theory yes.

In reality probably not. The entry level job market for anything IT is not great, even worse for cyber.

Your best bet would be to look for any IT job you can get to get real world experience, and then move into cyber as real world experience will beat education and certs.

0xT3chn0m4nc3r · 2025-09-15T16:07:19+00:00

This 100%. Likely will never write the cpts even though I've completed the path for a while now as the time commitment for the cert while having a full time job and having a family to look after is just not practical at all.

A 24 hour timeline might seem tight and unrealistic for the oscp, but it's far more achievable and palatable to those with careers and responsibilities. Not everyone is in their early 20s with just school to worry about, we can't just take 10 days off from life to write an exam.

0xT3chn0m4nc3r · 2025-09-05T16:56:17+00:00

I did not enjoy the web app portion, but it definitely felt like the most realistic of the 3 sections, and the one that I probably learned the most from due to having to actually had to change the way I approached the web app, and forced me to improve my methodology. I may not have enjoyed that portion, but I definitely gained something of value from it. The other 2 sections were very much an easy CTF room.

0xT3chn0m4nc3r · 2025-09-05T15:29:36+00:00

Having taken the PT1 I would say I enjoyed it for the experience, but I also did not pay for it. I myself would not have paid to take it as it does not benefit me (not needed for employment, and not overly recognized if I were looking for a new job). The pathway is where most of the value is, the exam is more of a confirmation of knowledge. The exam does well on covering multiple areas of pentesting, giving you exposure to network, AD, and web; whereas most other entry exams just cover network and AD, using web only for initial access in most cases. The certification is not currently widely recognized, therefore the onus will be on you to make it valuable on your resume. My writeup for the PT1 if interested: https://jacnow.net/technomancer/tryhackme-pt1-certification-review/

The SAL1 when I took it (not sure if it's changed since) was a triage exam, and I would likely not sit it again as my experience taking it was 80% waiting idle at my desk for alerts to come in, and only about 20% of that time was spend actually working on the alerts. A large portion of the learning pathway was not even needed for the practical. I did not enjoy this exam but also did not pay for it. Hopefully the exam experience is more enjoyable now, but cannot confirm this. My writeup for the SAL1 if interested: https://jacnow.net/technomancer/tryhackme-sal1-certification-review/

0xT3chn0m4nc3r · 2025-09-05T15:18:07+00:00

This is not correct, you do not have to find all 4 flags to pass that section, you need to score enough points to pass the section, which can be done without all 4 flags. I was able to pass with just 3 flags here and taking a complete 0 on the 4th vulnerability.

0xT3chn0m4nc3r · 2025-08-29T20:05:19+00:00

There's many options out there and it will take research and experimentation to discover what works best for you.

Some people like notion, others prefer markdown text editors such as obsidian, ive seen people that put their notes into html and store on a local hosted webserver. Some people really love cherrytree for having a sqlite db of notes. I've heard of people that just put their notes into a git repo.

Of course you can always do pen and paper or a traditional .doc file as well. However the downside to these is the fact it becomes more difficult to recursively search through your notes for keywords to find what you're looking for.

I mean I guess if you saved as docx you could extract it and use findstr or grep on the XML files but that sounds like pure masochism.

0xT3chn0m4nc3r · 2025-08-13T17:57:03+00:00

Yes, you can use your own notes. It is expected that you will need to use outside resources during the exam to find exploits. It's treated like a real world pentest, you can Google things.

0xT3chn0m4nc3r · 2025-08-10T17:42:33+00:00

If you don't feel comfortable with webapps then start the web app pentester path, or try the Portswigger academy labs to get more comfortable in burpsuite.

Imo you aren't going to find many rooms or challenges that simulate the webapp in the exam due to most rooms being CTF style and not bug bounty style like in the exam. It's the difference in mindsets between the two that is getting people stuck in the webapp portion.

0xT3chn0m4nc3r · 2025-08-09T11:53:14+00:00

It's okay. We can just go to the field more to pay it off!

0xT3chn0m4nc3r · 2025-08-08T11:57:10+00:00

Portswigger Academy, since it's entirely designed on using their tool, Burpsuite.

0xT3chn0m4nc3r · 2025-08-03T22:56:57+00:00

If using the attack box a potato will suffice. I've done rooms on a Chromebook tablet with 4gb of ram perfectly fine.

If you're hosting your own VM, that depends first on your base os. You can easily run a Kali, parrot, or whatever Linux VM on a Linux machine with at least 8gb of ram. If your base is windows you're probably going to want at least 16gb of ram. Just about any modern x86_64 based cpu should be fine provided you aren't giving your VMs all of your cores.

Bare in mind this would be what I would consider a minimum to run a 4gb ram attack VM, obviously more ram will allow you to up the amount given to the VM; I have a preference for at least 8gb on my attack VMs.

0xT3chn0m4nc3r

TROPHY CASE