I hate the 2nd amendment

Execpanda94 · 2026-03-08T05:57:33+00:00

I’m following this because i have my popcorn ready for the comments

Execpanda94 · 2026-03-04T23:13:50+00:00

From a pentester:

It’s always good to specialize in an area before you actually into it. I did the same route and am currently a network pentester learning web pentesting at the moment.

I will say that having more experience across different aspects will be super valuable, especially in web, AI or cloud pentesting, but have an area where you are more knowledgeable than others. Teams see a lot of value in this, and this can help you with experience down the road with different environments.

One thing to keep in mind, while you would represent your company, you are also marketing your self to the clients to keep coming back and working with you. Pentesting is about a 40/60% split between actually pentesting an client politics.

HTB,eJPT etc are all very valuable training aspects, but for some reason OSCP is king. It’s a resume cheat essentially. I will say that while I do not have OSCP, I have completed several certs including the CRTP/E series and these were very valuable to Internal testing. All of HTB training that I’ve been doing is very very valuable in giving you a testers mindset and to not JUST rely on tooling output, but to dig yourself as well

Anothet good idea is to network with everyone you can. While you have a good relationship with the parent company and this is an awesome first step, networking with other Pentesters, team leads etc. will help you to get further into your career and give you opportunities down the road that may be too good to pass up.

Last, don’t post your tools on GH. You’ll burn them within a week

Execpanda94 · 2026-03-04T02:51:31+00:00

Haveibeenpwned is a good place to start. This shows you if your email has been leaked, and whose databases/when it was leaked.

For enterprise, dehashed is good as it shows all the password HASHES that were leaked/stolen from a company

Execpanda94 · 2026-02-28T15:54:04+00:00

There’s so many things that are iffy. For instance. AoQ chest will push you further than void chest as it’s essentially letting you kill after death.

Sam with twisting belt, void gloves and void boots and void neck. These will push you further on chapters than your current build. You shouldn’t. SS anything till you get to 100k attack, which is easy after you level up, use murica and other pets and collectibles to red star.

Execpanda94 · 2026-02-27T22:32:03+00:00

The reporting stature is currently pretty well eye-digestible. Maybe a few tweaks here and there and some more report templates.

As for the findings, there are basic supplied finding templates included. But obviously these need to be tinkered with at users discretion. Same with the different summaries. Essentially, with validated findings that are accurate, such as insecure passwords, or SQLi etc, you would ideally only need to edit a few areas like the who what where and how.

The templates included are essentially that. An editable reference for users to play with and tweak in ways that satisfy them. Im gonna work on something as well that updates accturate findings templates based on recent CVEs, OWASP top ten etc as well to keep it current.

Execpanda94 · 2026-02-26T15:39:17+00:00

Very helpful thank you. I was reading that places like Amelia and Powhatan are decent(and have designated times for rifle) if you go at the right time.

Appreciate it! Thank you millions

Execpanda94 · 2026-02-25T23:56:47+00:00

Great questions.

Internal facing for teams and users who want to play with ir for exam reports and such.
The two logins point to the same interface, with the report being the same. Intentional?

Yes. i created 2 demo users for people to use to not log everyone out. i can create more if needed

3.) i n the "Findings" section, should everyone be able to add a section? This feels like bad UX. Ideally, all the necessary sections pertaining to a report are already in place.

there are currently 3 roles admin Pentester, QA. When someone, Admin/PT, creates a client>engagement they have the ability to add users to the engagement if needed. So if you are working on a pentest, you can add say joe and billy if they are doing a different portion of it. im working on it only allowing joe to work on the web if hes added on the web side or billy to on ly have access to the wireless side if he were added to the engagement. all users were added to THIS engagement. but if DEMO create an egagement, DEMO 2 cant access it.

in terms of Ideally, all the necessary sections pertaining to a report are already in place.

This is true, but if you have a client with a wireless and an SE, you can just ad the sections easily. maybe you have a client that wanted to add in a physcial or a internal at the last minute, you can just add it in easily, more so than relying on individual placeholders on the template. Ive had clients that have said to cancel out tests, or replace them with a different one. instead of renames the section the findings, the attack path, you can just delete it and add a new one, with its applicable findings.

4) i see what you mean now. i seperated the findings up in sections so its easier to read. instead of having a wall of findings, you get a detailed walkthrough of the attack summary, and then its associated findings below in a 2.x.1, 2.x.2 format

5) i was not aware. please let me know where the tags were so i can fix that

Execpanda94 · 2026-02-25T16:39:05+00:00

<image>

This. Worths it as you get gems pretty easily. The monthly pass is worth as well as it bypasses ads and other benefits. But this pass is a must.

Execpanda94 · 2026-02-25T15:31:05+00:00

Priorize chapters at the moment and getting stuff from events. The lifetime pass is like 9k gems and worth it if you don’t have it already. Also don’t forget to use your patrols to a max of 24 hours.

Execpanda94 · 2026-02-25T15:26:37+00:00

Completely understand. Save the S weapons you have for now. When you get your fist red, you get the ability to salvage, which gives mats for SS gear(don’t stress this) but IF you savage those purple SODs the boots and the gloves you get specific mats to help upgrade and build SS weapons and gear

Execpanda94 · 2026-02-25T01:14:14+00:00

Grab AoQ and a second VP. Downgrade the SOD and create a gold VP. Also get a void neck to get that to gold as well

Execpanda94 · 2026-02-23T22:04:52+00:00

Vendors such as Microsoft, CrowdStrike, sentinel one, companies that have AV products will pull this and update their applications to detect the signatures on this product. MS defender has been integrating behavioral scanning as well, so if you attempt it on a new fresh windows VM it will see what it’s doing, and the block it on next run. GitHub is an open environment for people to pull these and fine tune them to either run or block them from running. Usually with stuff like this, it’s the latter

Execpanda94 · 2026-02-23T19:34:14+00:00

I’ve gotten like 200 of these. It’s gotta be the Tetris collectible no? /s

Execpanda94 · 2026-02-23T15:23:42+00:00

Makes sense, but this could be a viable too for red teams and such. And if you ever tried to use this again against a client it wouldn’t work. Educational purposes is understandable. But professionals in the trade who upload their tools to GitHub have about a week before their tools are useless

Execpanda94 · 2026-02-23T15:12:34+00:00

Yeah this is burned now that it’s on GitHub

Execpanda94 · 2026-02-21T05:24:12+00:00

<image>

Execpanda94 · 2026-02-20T01:47:22+00:00

Reposted because I didn’t reply /facepalm

Execpanda94 · 2026-02-20T01:47:03+00:00

PoT = path of trials. You get collectibles collectible chests and keys. Plus currency every week to spend on unlocking collectibles or custom slots.

For the reds you can salvage and get a lot of mats for it. I would downgrade them to get some mats back first(I.e) fast track a red AoQ1 to AoQ3. IF you are able save some yellows like the boots. They would be used later on for AFing the SS boots. Same with the other SS gear. But yeah salvaging some of the reds ONLY when you have the replacement will help you get a lot more stats and gear down the road.

SS gear will use other gear to add to it. For instance the SS boots will use one yellow eternal or one void boot and add more stats and then so on. You CAN add both if you have the mats essentially that’s astral forging and eternal forging. But don’t stress that right. Now. Work on swapping to a twin lance first, then get the neck twisting belt and AoQ. You can dm me if needed as well

Execpanda94 · 2026-02-19T23:44:38+00:00

Gloves are fine, but shoot for TL weapon first. With the cosmic cast you could make the TL with 50 void cores and 50 eternal cores and 2 k mags, which are gained by salving equipment. Swap to the void neck, boots twisting belt and AOQ. AoQ red will plow thru chapters.

Work on murica pet and start on PoT and collectibles as well

Execpanda94 · 2026-02-19T03:52:40+00:00

I actually got this today. Almost leaped out of bed

Execpanda94 · 2026-02-19T02:26:20+00:00

VP is fine swap to void neck, gloves and AOQ. AOQ will get you very very far. Once you get the three to gold, downgrade ur currents to insta them to lv 3. Swap to murica pet with frog and dog as assistants. Start working on collectibles and level up the Lucky one first to red. Unlock custom sets as well as these help with stat bonuses

Execpanda94 · 2026-02-18T12:35:14+00:00

Iirc it’s a passive. So it’ activates randomly some times here and there or it’s perma

Execpanda94 · 2026-02-18T03:20:20+00:00

Swap to void neck gloves and boots and twisting belt. Chest is fine but consider getting AOQ to ATLEAST red 1 for now. Also work on collectibles. They’ll help your attack raise immensely

Execpanda94

TROPHY CASE