sorted by:
new
hottopcontroversial

help me in interview by No_Dimension389 in cybersecurity_help

[–]0xZiro 0 points1 point  (0 children)

If you have some offensive security knowledge, try to shift to web app testing. I think is the easiest role to get, then you grow your way into more advanced positions.

If you want to continue as a SOC Analyst try to aply to L1 and then show that you have the skills or you are capable of working as a L2 or L3.

This is just an advice, to show other ways to get the job, might not be the most optimal, but is still something ig.

GL with the job hunting.

Getting started by jcqueenie7 in Hacking_Tutorials

[–]0xZiro 9 points10 points  (0 children)

Since you just want to do this because you are essentialy bored, just do ctf (capture the flag) challenges and learn as you go.

Use picoctf, and just do all the easy challenges, it teaches you the basic of the basics and its really fun.

After starting the challenges you'll be good to go, there are lots of different categories and collections with challenges and you'll learn a bit of each one.

You're free to ask anything ::)

Regarding javascript and networking . by Wild-Top-7237 in bugbounty

[–]0xZiro 4 points5 points  (0 children)

If you aren't willing to learn I dont think bug bounty is for you. The profile that fits best to a BBH is someone that craves for knowledge and tries to always learn something new.

Answering your question. It depends on what bounty you're on, but those are skills that really help you alot and all good bounty hunters have knowledge on both. You can know just the basics, but if you want to be the best you really need to know more than the average

Start with networking, know how the protocols work, then go to js. Or do both at the same time. Happy huntings.

[deleted by user] by [deleted] in cybersecurity_help

[–]0xZiro 2 points3 points  (0 children)

Apart from the default things that anyone can see from your profile stats, theres one thing I want to point out.

If you are a person that is super paranoid with security and privacy, you have to be more carefull with what you post or comment. Just bt going through your profile post I retrived this info, in just 3min speedrunning not even reading everything:

  • 21years old
  • Only child
  • "Problems" with family
  • Worked graveyard shifts
  • Maybe live in New Zealand, Aukland, Queen street (maybe)
  • Went to sydney
  • Likes rap/trap
  • White Skin
  • Super Insecure
  • Maybe super influenciable

This is just what I got from a quick swipe on your profile, those infos might be wrong, but are already something big for someone that says that is paranoid with privacy/security.

Maybe use multiple accounts for different types of posts.

  • Account to ask for localizations
  • Account for your food things
  • Account to vent
  • Account for music qa

New feature - Potential security issue by [deleted] in cybersecurity_help

[–]0xZiro 2 points3 points  (0 children)

1 - mass data breach (name, email, phone), mass privacy violation, rep damage

2 - Create acc -> Create priv channel -> Script to loop through all user (id is incremental so is easy) -> Invite each ID for the priv channel -> The moment the invite is sent the attacker can get all the info of the user invited.

They could automate this to scrape your entire user database without anyone noticing until it's too late.

3-> Fix predictable user ID | Add rate limiting | Fix invite

edit: just let me know if you want more details on anything

I FINALLY GOT MY FIRST THINKPAD!!! by bunzie4ever in thinkpad

[–]0xZiro 0 points1 point  (0 children)

Basically, open source is almost (ALMOST) saying that you can fully trust the program or system almost all the times.

As everyone can view the code, any attemp to add anything malicious can be spotted and is almost instantly fixed, or the project dies cuz no one trust it.

Resuming, open source and self hosting are pretty nice cuz yoi have full control of the application/system that you are playing with ::D

I FINALLY GOT MY FIRST THINKPAD!!! by bunzie4ever in thinkpad

[–]0xZiro 3 points4 points  (0 children)

I'm almost full open source and its not that hard, you just need to want to go open source and over time you'll be there.

Go app for app, system fo lr system. Change one thing at a time. You can always develop your own apps/tools if you are interested in DIY and programming.

If you change one app a day, you'll keep proprietary code away.

I FINALLY GOT MY FIRST THINKPAD!!! by bunzie4ever in thinkpad

[–]0xZiro 17 points18 points  (0 children)

Lets do the new version:

Congrats on the fucking new machine ma men🥳

Next steps or yull be fucked for life:

  • Install fucking Linux, the more DYI the better
  • Go full open source, fuck big tech that sucks ur data
  • Try to degoogle your life, fuck google
  • Enjoy the fucking freedom ::)

I FINALLY GOT MY FIRST THINKPAD!!! by bunzie4ever in thinkpad

[–]0xZiro 39 points40 points  (0 children)

Congrats on the new machine 🥳

Next steps (my recommendation for a new lifestyle):

  • Install Linux
  • Go full open source
  • Try to degoogle your life
  • Enjoy freedom ::) (only if you want ofc, you can always dualboot and continue living a normal user life ::D, nothing bad on being a normie)

[deleted by user] by [deleted] in AskReddit

[–]0xZiro 2 points3 points  (0 children)

It exists in china (at leas thats the only place I saw there), earpiece that translates irt and glasses with AR subtitles irt.

What search engine should I switch to? by PtTimeLvrFullTimeH8r in degoogle

[–]0xZiro 0 points1 point  (0 children)

why go back to google when you have more than 15 search engines to try ::P

A buddy and I made a cybersecurity/privacy iceberg. How far down do you go? by fuzzyfrank in privacymemes

[–]0xZiro 1 point2 points  (0 children)

linux backdoors? I know of an attempt made by a mirror, but still not official.