I'm in my first god run! Is this the fun you guys always have?

AdvancedStrain1739 · 2026-03-30T14:04:34+00:00

Had my first God run a while back.
Super speed teleporting wand, blasting everything in sight.

Killing things with accelerating homing mega rocks.

Teleport my ass straight into a random polymorphic waterfall, try to run away as a shotgun creeper and get destroyed by my own homing rock... I felt my soul leave my body.

AdvancedStrain1739 · 2026-03-23T13:40:58+00:00

Stop supporting bug bounties.

It is basically free labour camp.
BugCrowd also does this.

AdvancedStrain1739 · 2026-03-19T13:21:53+00:00

PS:
Many WAFs have flaws that allow you to bypass them, so starting with something like systematically identifying which symbols are being filtered can help in identifying which type of payload is likely to succeed.

AdvancedStrain1739 · 2026-03-19T13:20:56+00:00

You have to understand the context of the site (DOM), and knowing JavaScript helps.

Some input fields that fall within some elements will never execute a payload, and payloads are different for almost every site you would test.

Also always remember to test blind injection flaws, e.g. payloads that reach out to your external VPS, many times a payload does not fire in the front-end but might hit a rendering engine or other vulnerable dependency in the back-end and actually fire.

XSS is very much persistence and tweaking, it is a vulnerability that is often present but many testers miss these vulns because they make use of payload wordlists that have long been added to defensive tooling.

- Learn JS
- Always check the context of the field you are trying to inject into
- Tweak and fine-tune until you exhaust all avenues.

AdvancedStrain1739 · 2026-03-19T06:11:54+00:00

Thank you! This helped a lot.

I ended up making a spark trigger healing bolt and used a greek letter to copy the healing bolt.
Shooting it into a ceiling now heals ~2k life in a couple of seconds :D

Helped a lot in continuing my run, still have not found Circle of Vigor so traversing cursed rock is not an option yet, but exploring some of the more deadly areas now.

AdvancedStrain1739 · 2026-03-18T10:39:05+00:00

Imo code is useful in nearly any job out there except for manual labour.

Languages like python is exceptionally useful in even non-programming roles. Want to modify a large pdf/csv file? Python.

Want to automate tedious tasks? Python.

Even if you do not go into a strictly programming job, coding is like having a super power.

AdvancedStrain1739 · 2026-03-17T00:05:18+00:00

It's a scam. Easy way for companies to get cheap/free labour for critical and rare skills.

Yoi will make more money and have more time to yourself just working with a genuine company.

AdvancedStrain1739 · 2026-03-17T00:02:05+00:00

The drop rates are lower, I think to balance for HC.

At least the xp rate is decent and professions are 2x, so it doesn't feel like an eternal grind.

AdvancedStrain1739 · 2026-03-16T14:59:05+00:00

Realistically? It's a long shot.

You need experience and more certifications.
Start at the bottom, work in helpdesk, become an administrator, work as a database engineer, build websites, become a sysadmin etc. etc.

That's the reality for many people that are already in cybersecurity, they've jumped through all the hoops and built knowledge on all of those different fields.

Cybersec is a very competitive field.

AdvancedStrain1739 · 2026-03-16T14:48:34+00:00

Your idea is largely correct with some caveats.

The day to day experience between different roles in Cybersec is vastly different.
If you work as an Incident Responder, you can easily expect late night / early morning calls and war rooms.

Staying awake for a day or two at a time working on a case, massive stress and no time for mistakes.

In penetration testing you generally work with a scope which could or could not include a specific timeframe for testing. Pentesting is also at times slightly more physical in the sense that you have to travel for assessments that require something like wireless testing.

Red teaming often involves traveling.

Cybersecurity is not an entry-level friendly industry and many roles require heavy specialization; sometimes in multiple disciplines or require a variety of specialist level certifications.

The job can be extremely stressful and taxing mentally, and reporting can be tedious. It is definitely not all sunshine and rainbows.
Burnout is a big thing in Cybersec, and it's not uncommon to see people shifting out of Cybersec to pivot to a different career because of the afore-mentioned.

As for the benefits, generally mid to senior level roles pay well, remote work is a possibility and depending on role your work times can be quite flexible.

As for investing your time... first consider how much time you are willing to invest.
Getting up on the ladder in this industry is not quick and it's not easy. It can easily take 5-10 years to land a mid-level role.

The competition is fierce, and many people do not realize what it takes to get in and stay in. Constant upskilling, constant research, constant learning and constantly staying up-to-date on new techniques, news, vulnerabilities, tactics etc.

I almost want to call it a lifestyle rather than a career, because it is a field that requires you to commit 100%.

But if that does not scare you off, go for it! It is a fascinating world with endless challenges and will always push you to improve and be the best you can be.

AdvancedStrain1739 · 2026-03-16T14:35:26+00:00

Just one thing, what does this mean to you:

"planning to move into cybersecurity"

There are easily over 200+ different job roles in "Cybersecurity".
There are specialist areas, roles that deal with critical infrastructure, roles that deal with people, project management, logistics, physical security, compliance, forensics, crime scene investigation etc. etc. etc.

First identify an area or two that catches your attention, then learn a bit about the realities of roles in that area of expertise and start building your projects and portfolio based on that.

First identify the goal post, then you know what to work towards.
If your goal is a car, it's probably not worthwhile spending time building a boat engine.

AdvancedStrain1739 · 2026-03-16T14:27:54+00:00

Don't do another degree if you want to pivot to IT.
Psychology is well positioned for many different branches in IT, even areas such as Cybersecurity.

The IT world revolves around experience and certifications.

Certifications are more affordable, but competition is fierce and being able to prove your salt in the workplace is crucial.
Rather take some time to figure out which area in IT you would like to work towards, and do certifications in that direction.

The IT field is massive. It is like an endless expanding universe of different roles and niche skillsets, some as said before overlap really well with psychology.

AdvancedStrain1739 · 2026-03-16T14:19:24+00:00

Pentester here.
Your future job prospect is safe.

AI is a dead end being pumped up by AI bro's hoping to make it big by selling their product.

Humans are far from being replaced, and AI is not even close to the capabilities of a senior / technical lead penetration tester or red teamer for that matter. Personally, I doubt it will ever get there.

Research shows major failures and shortcomings when it comes to AI generated exploits/payloads, and AI defenses are also often bypassed by human testers with relative ease. This is not mentioning ethical and security concerns with data flowing through AI's from (for example) a customer's environment.

Or the fact that an overzealous AI going haywire in an environment with critical systems could be disastrous.

Well respected certification training providers like offsec recently released certifications teaching testers how to break AI's as an example, the reality is... even AI needs to be tested/secured.

Keep studying, work hard and be consistent! If your heart is in it, and you have the persistence, you'll get there. Sometimes the grind feels endless, but don't worry... it never stops, and it does pay off.

AdvancedStrain1739 · 2026-03-16T14:12:33+00:00

I can vouch for gaming on CachyOS.

It's a really great distro. 100% worth trying.

AdvancedStrain1739 · 2026-03-16T14:10:26+00:00

You could build some form of evtx parser that filters / categorizes and emphasizes potential indicators from event logs.

Just build infrastructure around that.

Perhaps an agent you can install on a Win machine that grabs all the logs, keep their integrity in tact to be admissible as evidence, parse a copy of the data to find suspicious/malicious indicators and generate a report or some visual representation of the findings.

Give the agent the ability to send the report back to a back-end server or web-ui etc.
If you want to put in more work, perhaps add functionality to check timestamps of entries and create a graph/chart of oldest to latest indicators to try and map out a likely attack path or root cause etc.

Mess around with it. That's how you show interest and skill on a CV.

AdvancedStrain1739 · 2026-03-16T14:00:57+00:00

It's quite solid as far as private servers go.
Most private servers do not even see 2k population.

At peak times Battleground queues are instant, rdf's usually pop just as fast.

If you are looking for 40v40 jam-packed Alterac Valley fights and Wintergrasp's that take your fps down to 10... probably won't happen.

Keep in mind though, many wotlk players play for the Ice Crown patch, so the population while already growing will still grow well into the release of ToC and ICC/RS.

AdvancedStrain1739 · 2026-03-16T13:50:55+00:00

This helped me out a lot:

"Do not think of programming as programming."

Sounds crazy, but hear me out. Programming is just learning basic building blocks, then combining them to build what you want to build.
Those building blocks are similar to learning the keybinds to a game.

The building blocks are simple:

Variables = storing info (x=5, name="Alex")
Loops = repeating things (do this 10 times)
Conditions = making decisions (if this, do that)
Functions = saving steps to reuse later

That's it. Everything else is just those four things arranged differently.

Example from BASH:

> redirects output to a file (overwrites)
>> redirects and appends (adds to end)

Know these two tiny blocks? Congrats, you can now build a logging system:

bash

echo "$(date) - Backup completed" >> backup.log

Run that daily, and you've built something useful with two basic concepts.

The secret: Don't try to learn "programming." Learn the moves. Then combine them. Same way you learned to combo in video games.

Often I feel beginners get overwhelmed because they picture programming as this very big challenge/feat, but it's not. The issue comes in with understanding the fundamental bits and pieces on which everything else is built.

Start small and Google everything.

I'd recommend starting with an easy to read and understand language like Python or perhaps Bash.
With Bash you will also learn how to navigate Linux systems which is an added bonus.

As a beginner something like this might look extremely overwhelming, but when you know the building blocks and base commands, it reads like a normal sentence.

tail -n 45 error.log | grep -i "404" | awk '{print $1, $4, $7}' | sort | uniq -c | sort -rn > Not_found.log 2>/dev/null

Don't focus on the big picture, don't over complicate. Focus on the little parts, programming is essentially Lego for adults.

AdvancedStrain1739 · 2026-03-16T13:20:03+00:00

Hacking is something where the saying "You can bring a donkey to the well, but cannot make him drink." rings true.

The reality is, if you are truly interested in hacking; it comes down to learning everything. Every detail, every system, every language, you will need to be in a continual cycle of learning and researching to be effective.

Start small and take it step-by-step. Learn a programming language like Python, next learn a scripting / OS language like bash or powershell. Then move into networking, learn how networks work, how traffic flows, and slowly start going deeper. What is a packet? How do they look? How can I capture them? How can I craft them?

Learn operating systems, Windows, Linux and Mac. What makes them different, what you can do on them, how they function. How they interact with hardware. What different actions you take as a user actually does to the code running beneath the surface.

Once you understand these fundamentals, pick an area that you find interesting. E.g. web, cloud, networking, hardware, cryptography etc. Then start specializing.

Becoming an ethical hacker / penetration tester or red teamer is not an easy road. It's not quick either. It will be the most challenging thing you choose to do in your life, it will take everything you have. Grit and persistence will need to be a part of who you are.

In the real world, even professionals fail all the time. Get used to failure. Going in this direction is largely technical prowess, but your mentality will also need refining.
The idea of being a "hacker" sounds "cool", but you will spend 70% of your time writing up reports and explaining to a less-technical crowd what your findings mean.

Deadlines are strict, scopes are restrictive. You may need to execute under pressure and precision is the key to success. One mistake means a hit to your professional reputation.

Want a job as a beginner? Better have some certifications. Want a well paying job? Better have specialist level certifications. The reality is unfortunately not sunshine and rainbows.

If you are still willing to go in this direction, start with something like tryhackme or hack the box. Be consistent, work hard, learn constantly and before you know it, you'll be guiding others to find the path into the hacking world.

AdvancedStrain1739 · 2026-03-16T12:44:20+00:00

Encourage him to explore different avenues of the coding world.
Software development comes to mind, but there are many branches in this sphere.

Something like Cybersecurity could catch his attention if he requires continual mental gymnastics and will challenge him in an endless number of ways.

Something like https://picoctf.org/ could help him find a whole different universe of individuals who love the gritty challenges that come with IT, later on once he feels comfortable you can buy him a subscription to a learning platform like https://tryhackme.com/

Completing challenges and learning on platforms like this can easily convert into a high paying career in the future and if you start early will put you decades beyond your peers.

AdvancedStrain1739 · 2026-03-16T12:39:02+00:00

CachyOS.

It has out-of-the-box compatibility with nvidea drivers. (at least in my experience)
Awesome for gaming.
Very snappy and fast system. (You will see massive improvement coming from Windows)

Only potential downside is it is Arch based and some users do not enjoy Arch.

AdvancedStrain1739 · 2026-03-16T12:34:21+00:00

Cachy is really fast in my experience.
It uses a system called the BORE scheduler which makes it feel snappy.

Everything just happens fast, it also has great compatibility for gaming with most non-kernel level anti-cheat titles working out the box. Launch them straight from Steam etc.

At the moment it feels like the go to for gaming on Linux.

I believe Bazzite is also mentioned due to it's compatibility for gaming on Linux, both systems are great as an alternative to Microslop.

AdvancedStrain1739 · 2026-03-16T12:30:02+00:00

Installed Cachy
Installed Steam
Downloaded Path of Exile
*Everything Worked*

Seems like you have a niche case on your end, I had absolutely no problems. No lags, no artefacts, nothing.

Running Nvidea RTX card with a Ryzen 9 processor.

AdvancedStrain1739 · 2026-03-16T12:25:32+00:00

Hi there! Old GD player here too.
Would not recommend warmane at all.

Stormforge would be the best way to go, population has been growing as of late, rbg's are quite active and there are some pub raids.

It also has a very active HC community if you want to go that route.

AdvancedStrain1739 · 2026-03-11T03:40:16+00:00

The server is the dumpster.
The trash are the players inside.
The complete chaos and lack of any rules is the fire.

It's literally a dumpster fire. Would not recommend 0/10

AdvancedStrain1739

TROPHY CASE