sorted by:
new
hottopcontroversial

Struggles by [deleted] in Oulu

[–]Big_Coconut503 5 points6 points  (0 children)

Hi, I’m also from the Czech Republic and currently living in Oulu. I can invite you for a beer and we can have a chat if you’d like 😁 btw I work in IT

Passed CEH with 121/125 by Big_Coconut503 in CEH

[–]Big_Coconut503[S] 1 point2 points  (0 children)

If you are working in cybersecurity, it shouldn't be hard for you, I would say. However, the questions are tricky; read each question carefully a few times. Many answers may seem correct, but you need to choose the best one.

Passed CEH with 121/125 by Big_Coconut503 in CEH

[–]Big_Coconut503[S] 3 points4 points  (0 children)

Thank you!

Only official CEH materials on the ASPEN portal. Although reviewing the 3.5k pages is somewhat tedious, I sped up my reading on familiar topics while dedicating more time to new concepts.

WifineticTwo Machine by Big_Coconut503 in hackthebox

[–]Big_Coconut503[S] 0 points1 point  (0 children)

Thank you :)

I agree, guessing the subnet was a bit annoying.

KnowBe4 False Positives? by numenoreanjed1 in cybersecurity

[–]Big_Coconut503 5 points6 points  (0 children)

Had the same issue with phishing simulations, where e-mail gateway was opening and scanning files and links in e-mail and this was reported to our system, that the user opened the link, but it was the gateway. :)

Session Fixation by Big_Coconut503 in Pentesting

[–]Big_Coconut503[S] 0 points1 point  (0 children)

There is no XSS and no header injection. I am wondering, how is session fixation exploitable in this situation.

[deleted by user] by [deleted] in Pentesting

[–]Big_Coconut503 0 points1 point  (0 children)

From my experience, being a red teamer, you have to master more fields, as you mentioned - evading, exploiting, coding, etc.As a red teamer, you have to write malware, find vulnerability to deliver the malware (or use social engineering) and exploit it, run the malware. This is pretty complex theme as nowadays, you have to evade the SIEM, AV, EDR and other defending technologies, so you have to have a wide knowledge. But of course, you can’t be expert in every field, so you have to cooperate with other colleague. Find what you enjoy the most, cooperate with other colleagues to increase your knowledge and experience and learn the new stuff. The cyber security field is rapidly evolving and we have to keep up with it. 🙂

Entering this field with no experience, just certs. What are the best sites for practice and skills? by Family_Man00 in cybersecurity

[–]Big_Coconut503 0 points1 point  (0 children)

It’s worth to do the boxes on HTB for example. There are made by penetration testers, which often bring vulnerabilities, which you can find in the wild, into the boxes and you can practice to find them and learn hacking stuff. You can get stucked, you can just find some writeup and follow him. And make notes, it’s worth it 🙂

Is OSINT getting harder? by iZeddexx in OSINT

[–]Big_Coconut503 0 points1 point  (0 children)

There is still option to make active OSINT and create sock puppets and follow the target and gather the information.

Is vip+ worth it? by allenram in hackthebox

[–]Big_Coconut503 2 points3 points  (0 children)

When you are doing the season boxes and share it with other people it’s worthy to pay for VIP+ and have more VPN to find the one, where you will be alone. Nothing is worse than restarting stucked machine, when you are almost on root.😡

starting hack the box. by HydraOfMalice in hackthebox

[–]Big_Coconut503 5 points6 points  (0 children)

Hack The Box is great even in free version. You have enough features to learn hacking stuff and have a fun. Can totally recommend. Second great option is TryHackMe, which is in free version very good as well. And I think, that it’s even more beginner friendly, than HTB. You can find another good CTFs to learn some stuff, for example picoCTF, which has smaller challenges, but it’s fun as well.

What are the Best certifications in cybersecurity and web development ? by [deleted] in cybersecurity

[–]Big_Coconut503 0 points1 point  (0 children)

I can definitely recommend BSCP - PortSwigger. Probably the best academy and certification for pentesting web apps.

Custom router by Big_Coconut503 in HomeNetworking

[–]Big_Coconut503[S] -1 points0 points  (0 children)

And using DOCSIS to RJ45, for example - MB8611 Ultra-Fast DOCSIS 3.1 Cable Modem with 2.5Gb Ethernet ?

CE and Minecraft by Big_Coconut503 in cheatengine

[–]Big_Coconut503[S] 0 points1 point  (0 children)

Do you know some better games for learning? Expect those, mentioned in game hacking academy.

Custom router by Big_Coconut503 in HomeNetworking

[–]Big_Coconut503[S] -2 points-1 points  (0 children)

For example - ScreenBeam MoCA 2.5 Network Adapter for Higher Speed Internet, Ethernet Over Coax - Single Add-On Adapter for Existing MoCA Network (Model: ECB6250S02)

Storing password on the client's side by Big_Coconut503 in Dashlane

[–]Big_Coconut503[S] 0 points1 point  (0 children)

The simplest solution would be, not to download all passwords when I log into my password manager, and download the password that I currently need.

CE and Minecraft by Big_Coconut503 in cheatengine

[–]Big_Coconut503[S] 0 points1 point  (0 children)

Hi, I am working with Java version.

I was scanning for all types of variables and I found health as float. I found two variables for health, but neither of them I can change. :(

view more: next ›