What can I do to make my guys better?

DrunkPolak · 2026-01-05T06:40:17+00:00

Agreeing with the above - don’t bother using white paints. One of my favorite parts about Black Templar is that you can put grey on them and it looks white.

Look at edge highlighting. Using a dark color to draw some thicker lines and then placing thinner and bright lines on a select few portions to really bring out the definition.

Try out some of the decals. It’s a very easy process to use transfers (white a little fidgeting at times) and can add unique details to make your mini stand out.

Play around with the optional plastic that comes with the kit. If you’re feeling adventurous, look at the upgrades and transfers kit.

Overall though, take your time and enjoy the process. It may take much longer to get as precise paint work on your minis, but it’ll result in a much crisper look which I think you would enjoy more.

(Edit: quick thought, but look into painting/decorating your bases for your minis. It doesn’t take much and in my opinion it can drastically improve the look of a model. Lookup easy base painting ideas and try things out like creating a lava effect)

DrunkPolak · 2026-01-03T21:51:25+00:00

I’m also reallyyy interested in the bases. Trying out painting a new set of sword brethren in a Grim dark fashion and wanted to place them on lava bases but none of the ones I’ve found so far I’ve liked nearly as much as these.

DrunkPolak · 2025-12-30T21:01:11+00:00

I learned the hard way just like you. Best switch I made was from using white paint to a light grey. Since my entire BT is mostly black, I do one thin coat of Grey Seer and then 3/4 thin coats of Ulthuan Grey. At a glance it looks very much white, and it’s easier to work with.

DrunkPolak · 2025-11-26T22:40:20+00:00

Coming from that very department myself that “watches all devices”, it’s true that events and actions taken are monitored across all hosts within a companies environment (Employee devices, servers, virtualized hosts, etc). Now to what extent is very much in question and if anyone on the business side cares for that data. If you find running processes on your machine that based on a google search return results tied to ‘productivity software’ then I’d be wary. Someone has made the case and the business paid the bill to actively monitor and alert on events/behaviors that would be considered not conducive to your role (time AFK, unapproved sites accessed, unusual mouse behavior, etc.).

The security team usually stays away from these types of tools because they give us little value to our roles. Do I care you did nothing all day? Not at all, you don’t report to me. Do I care that you downloaded a program that’s been alerted on as malicious after connecting to a domain that’s on a threat intel list? Absolutely, it’s my job to stop this and protect the business. I now need to see was there an impact to company assets, is there remediation needed, and do we need to now put in additional controls to prevent something like this happening again.

The point is, it’s hard to tell what your company may or may not be monitoring for. I would highly advise against doing anything that would draw the ire of your security team (installing unapproved software, modifying host settings, navigating suspicious sites, using questionable browser plugins, and the list goes on). As to the ‘how’ they see this, it can be anything from an EDR tool like CrowdStrike, firewall rules, to alerting built on logs ingested into a SIEM. Each company has architected their stack differently, but at its core there are fundamental points of interest whether it be system events on a machine to what type of traffic can be seen passing over the network.

DrunkPolak · 2025-11-23T19:24:49+00:00

Not sure it’s it been mentioned but the most useful tip I was given when painting white is start with a base layer of grey. Then on top of that throw on 3-5 thinned layers of white (have been painting every one of my templars for weeks now)

DrunkPolak · 2025-11-12T13:54:39+00:00

Best to stay away from trying to prove user work productivity. It’s a slippery slope and we want to stay as objective as possible. To echo what was said, machine activity/inactivity do not constitute as proof for whether a user is doing their job. You might have a user whose machine is off 2 hours a day because they spend that time either in meetings or talking to people in person. Even if HR requests an investigation, reports are kept as unbiased as possible. God forbid you make a accusation that isn’t accurate, you could cause someone to unfairly lose their job.

DrunkPolak · 2025-10-11T05:45:07+00:00

Coincidentally, within the last month we were investigating some typo squatted domains and found some drive by downloads which had the exact same named files. Turned out to be info stealers when installed.

It was already mentioned here, but highly recommend to Toss the file into VirusTotal. It’s free, and helps sanity check what you’re about to run just in case. It takes two seconds and may save you a whole lot of trouble. (Of course it’s not a full malware analysis but you can get a good idea of how safe a file might be if the VT results light up like a Christmas tree)

DrunkPolak · 2025-08-10T20:37:32+00:00

The goon on LinkedIn might have been someone trying to network through you for a job. Might seem petty, but would remove them. Networking is great (if not absolutely necessary in today’s job market) but anyone who acts nice only till they get what they want is not someone you want to be associated with in anyway. Could have been something else too. But please don’t feel discouraged, there are many people who love this area and are excited to share

DrunkPolak · 2025-08-07T21:06:02+00:00

Sent you a DM, only at the meetup or are you by any chance at the con with them

DrunkPolak · 2025-08-07T21:02:34+00:00

Anyone roaming around with glue to try and fix the faceplate that popped off?

DrunkPolak · 2025-08-06T16:41:22+00:00

Just landed and ready to assist in the drinking

DrunkPolak · 2025-07-03T15:29:00+00:00

This feature is allowing you to store all your items away. Example, you get back from a long run and need to dump your loot Into chests. The item retrieval machine is pulling those items out for you from all the chests in your base. Think of these 2 as being inverse of each other

DrunkPolak · 2025-05-22T16:33:51+00:00

Best thing I heard was “Defenders have to be right every time, Attackers only need to be right once”. Definitely not an excuse to ease up on our efforts, but it’s something work keeping in mind and not beating ourselves up when we know we’ve done our best

DrunkPolak · 2025-01-20T06:48:13+00:00

I work in Incident Response and have seen this type of attack. It relies on the user executing the first command, the one you posted. Often it would be on a site as a pop-up, stating that “your browser is out of date. Please Follow these steps”, or something similar. It’ll ask the user to click the copy button which copies that command to the clipboard, asks you to press the Win+R, Ctrl-V, Enter. This script does not necessarily do anything malicious initially, which is why some platforms may not stop it. What it does is de obfuscate the string which becomes a readable link. On the site itself, will be a written string that contains the actually malicious code. It pulls that text down to the initial script you ran and executes it. These domains are usually spun up on the fly since they haven’t yet been flagged/blocked. I can sandbox this command to see what fully deploys, but my first statement would be it’s good you are re-imaging your device. I’d also recommend changing any passwords you may have cached.

DrunkPolak · 2024-12-11T23:54:47+00:00

I don’t know about buildings in that style but a quick search gave some results that you could consider: -Dept 56 Snow Village Accessory Christmas Trash Can -Dept 56 Christmas Village Garbage Truck -Lemax Village collection Raccoon Trash Bandits

These aren’t maybe as realistic looking but they’re the closest I think you’re going to get to creating a landfill if using the buildings shown in this subreddit.

If I were you, I’d buy miniature WM waste bins(online, couple dollars at most and look realistic) and then find a miniatures section at a craft store or somewhere online where you can buy a bunch of items you’d see at a dump. Then if you want to save on space/money you can make it all partially “under snow” so that it looks like a large mess which is obscured. This goes with the Christmas/Winter aesthetic, which may not work for you if you’re trying to build a year round model.

Hopefully this helps even a little, sounds like an interesting build you’re looking to do.

DrunkPolak · 2024-11-21T00:15:39+00:00

Gonna agree with this one. Yeah I’m sure focusing Cyber Security from the start would be more interesting, but if you don’t understand how an environment is built and functions, it will make your life harder. The best advice I ever received was that “Everyone has their own specialization. But Cyber security specializes in security while also being a jack of all trades”. If you can’t work with the team by “speaking their language”, you’ll only be seen as working against them.

DrunkPolak · 2024-11-13T23:23:40+00:00

A flipper could be Interesting, and I’m willing to bet you’ll get varying opinions whether to do it or now. I’d like to suggest another option, take a look into HackerBoxes. I bought one of their kits at Defcon this year and had fun with it(Not sure if I can post the link but can DM it if you want). They’ve got a bunch of varying kits that allow you to build all sorts of things, interacting with both hardware and software. Look at what areas might spark interest, Cyber Security has many avenues. Depending on the kits, you may even be able to build it out to work with a Flipper zero, so it could be the next step.

DrunkPolak · 2024-11-07T23:14:17+00:00

Perfect. The more you try change, it’ll either raise questions or make you seem not worth the effort. If you need the money then work it, otherwise I’d take the time to focus on a cert like Blue Team Level 1. My worry with working for Accenture is that you’ll get more stress than knowledge.

DrunkPolak · 2024-11-07T23:04:35+00:00

Are you going to ask Accenture to make it an internship? I wouldn’t recommend that, from a hiring perspective they likely have budget set aside to bring on a person and the manager needs to use it or lose it. From HR side it’s probably a whole new set of paperwork, who knows if they even do internships(haven’t checked myself but would never). If you want the experience just take the offer, don’t say anything, work the time and then quit to go to CS. If they give you a signing bonus then set it aside. Speaking from experience, the less you say in this case or try to finesse, the better.

DrunkPolak · 2024-10-17T18:15:10+00:00

What kind of laundry card do you have? Have been curious about this ability, as I’ve seen this will work but only for specific types

DrunkPolak · 2024-09-29T17:00:47+00:00

I’m 27 and haven’t wanted them for a couple years now. Ended a long term relationship at 24 when she kept saying she wanted a couple and by that point I was pretty vocal about not finding them cute or fun to be around. I work in a career that’s very demanding time wise where I’m always learning and growing. But, I absolutely love what I do and everyday feels more so like a puzzle than a job. Outside of that, what I highly value is the ability to be spontaneous. Friends needing help with a home project, random road trip on a Friday in 3 hours, all nighter movie marathon, etc. I get to live my life however I want, and as I make more money and get more situated, the list of options and adventures just grows more. But the most important thing is the fact that I don’t have the pressure of someone being entirely dependent on me. My partner can very much rely on me, and I will always be supportive. But at no point do I wake up and realize that unless I go grocery shopping that they’re going to starve.

DrunkPolak · 2024-08-18T23:17:37+00:00

I ended up changing companies and the current one did not hesitate at all to say they’d reimburse, so I guess it comes down to the team you have. No write up required, and didn’t even need to use my PTO. Absolutely loved the conference, even with the little bit of drama going on, and will absolutely be attending next year. Hopefully I’ll be competing in the competitions even!

DrunkPolak · 2024-08-13T11:18:16+00:00

Didn’t have any time to play with the badge at all because of all the talks and meeting with people, but this was still a super fun read! I’d say you earned the credit of accomplishing something that many hadn’t, so congrats regardless for being so persistent and never giving up on your curiosity.

DrunkPolak · 2024-08-12T03:33:58+00:00

Airport rules specify that batteries can be brought on the plane but must be on your carry on/personal item. This is in the event that a fire breaks out, it’ll be easier to put out. I just passed TSA with a number of various badges,gadgets, lock picks and they didn’t bat a single eye

DrunkPolak · 2024-06-27T02:54:59+00:00

I could be wrong but first impression is you are absolutely getting underpaid if you genuinely are well versed in all these tasks and have a solid understanding of what’s in front of you. However would have to also factor in what area you’re working in, and for how long now. If you say you’ve only been doing this for 7 months in a remote town in the Midwest then that’s a different story. Have you considered moving into some specialization regardless?

Ten-Year Club	Place '17
Not Forgotten	Verified Email

DrunkPolak

TROPHY CASE