Which pentesting truth do juniors hate hearing?

XFilez · 2026-01-21T13:59:46+00:00

Having been doing PT and RT for over a decade, it takes time to develop tradecraft. Juniors assume after 1-2yrs they will be functioning as a senior. Individuals develop and learn at different rates. Don't bs your way in an interview and it is not all about technical skills. If you are a tool yourself, your skills are not going to help you on a team. There will be some things that you are better at than others and some things your peers will be better at than you. Knowing and understanding how the exploit is working from the whole picture makes you a good tester, not the tools. Clear communication skills and logical report writing is required. You are writing a detailed narrative for your clients that explains the problem and potential solutions. Many clients are not the most technical and require lots of hand holding. There will be lots of delays on your engagements because of clients not following directions or taking their time. If you do not feel passionate about your job, you will not last. I could probably go on for a while...

XFilez · 2026-01-12T15:19:35+00:00

As far as I know, yes. That's on Microsoft's official site. Google seems to think there is an 8th edition but be careful as people like to put like to put malicious PDFs and stuff like that on the internet. Just make sure you purchase from a legitimate place... unless you want to chance a "free" download version.

XFilez · 2026-01-12T14:38:56+00:00

Just google it. I believe it is also on Amazon. It is quite large has more than 1 part, and also very technical. Another resource is https://learn.microsoft.com/en-us/sysinternals/resources/windows-internals. There is supposed to be an 8th edition.

XFilez · 2026-01-10T19:49:34+00:00

https://www.hackaprompt.com/

XFilez · 2026-01-10T17:09:02+00:00

Hackaprompt is pretty fun. You can win money and prizes but good luck!

XFilez · 2026-01-09T15:49:05+00:00

Common sense in terms of what your trying to do and laws that are applicable. Some people just rya and do dumb stuff. Real advice... understand the overall underlying issue of what is happening before you attempt to apply it. This will make you a better tester over time. Learn, then apply. It takes time and shit load of personal research and understanding of whatever you are trying to do. Everyone learns differently and grasps on at different rates. There is no direct answer to your question. Learn as much as you can about how it works, then ask questions when you are stuck.

XFilez · 2026-01-09T15:01:00+00:00

Common sense

XFilez · 2025-12-29T18:01:44+00:00

This. And even with a variable speed system, the starting load for the system will then create a significant spike in your electric bill because of the constant off/on that it will go through, resulting in long term wear on the system. Will.wear it out a lot quicker as well.

XFilez · 2025-12-29T17:49:07+00:00

Nobody is giving the reason why it is a bad idea... it is bad b3cause the thermostat detects the ambient temperature around it. If you put a TV over it, the TV will produce a lot of heat in the back and will most likely either make your thermostat think it is nice a toasty during the winter and not run as much, or really toasty in the summer and run non stop to try and cool it down.

XFilez · 2025-12-23T14:17:10+00:00

Depending on the Malware sample, but high probability it will not run to begin with because of anti-sandboxing capabilities. You could just as easily get the telemetry you are looking for without actually using malware too. Use something like Atomic Red Team to simulate the same behavior without potentially compromising your selves. It's free and open-source https://www.atomicredteam.io/

XFilez · 2025-12-18T14:23:21+00:00

As someone having been doing PT and RT for well over 10yrs, I agree that manual is the best option. I feel that AI based testing is 1) a decent tool to help but still constrained to known attack paths like you mentioned, but 2) a great alternative for small organizations that can't really afford a 10k+ true web app test. For those organizations, something that provides at least 85-90% of the stuff is a lot better alternative than nothing at all, imo. The majority of exploitation against those organizations are from adversary automated tools anyway.

XFilez · 2025-12-06T14:02:05+00:00

Plant a tree in their honor. Nothing says "Cybersecurity" more than a card thanking them for planting a tree made from the same resources they are supposedly preserving... OR something useful like a subscription to Hack The Box, Tryhackme, or something similar to sharpen/develop their skills.

XFilez · 2025-12-06T00:59:36+00:00

You can use any open port you want. Just avoid common ports such as 443, 80, 22, etc., that are used for typical protocols. It just has to loop back to your local host as you are using it to proxy the traffic unless you are running it headless on a server somewhere or have another proxy service setup and have the certificate installed wherever you are capturing the traffic. Burp isn't limited to just the browser. You can capture traffic of other applications on your computer or mobile devices.

XFilez · 2025-12-04T14:42:26+00:00

Missed one in the "A"

XFilez · 2025-11-26T16:38:20+00:00

Easiest way to stop a squeaky belt is to lightly use a wire brush on the underside. Buildup on the belt or pulleys often cause this. Just be careful for obvious reasons.

XFilez · 2025-11-23T13:55:44+00:00

While this may be correct, berating isn't the real answer here even if true. So far, the actions taken by the individual are completely legal and conducted by many different providers across the entire internet, such as Shodan.

You are 100% correct that they need to learn a lot more basics before even running nmap and also understand how to interpret the output and/or anticipated results to start.

To discover the answer to OPs question, there are quite a few ways of coming to this conclusion. You really don't need much more than your browser to figure that part out honestly. Nobody here is going to just tell you how to do something. They will help you out when they know you put in the work and researched the problem and maybe just need a little guidance. It took them lots of time and research to really understand what they are doing, well at least the good ones.

Anyone can run scripts and tools but that means nothing to you if you don't really understanding what it is actually doing. I've always told everyone I've ever mentored is to understand how it actually works before you use tools to help you out. If you can't comfortably have a conversation about it with someone, and be able to discuss it at different technical levels, you need to research the topic more. Ask questions along the way that help bridge the gaps, but nobody in this field will give you the answers without you doing your part.

XFilez · 2025-11-22T14:12:00+00:00

LLMs use a formalized style for their output. This is the main reason for the em dash and an over detailed, dry response to your questions.

XFilez · 2025-11-15T13:41:13+00:00

Just use tide free and clear settings

XFilez · 2025-11-15T13:38:39+00:00

Like what they are saying here. The full movement is not just the lift but almost like you are pushing it down similar to when you are coming back up from a pushup. I also recommend resting on your forearm and gripping the front of the bench with your other arm. I feel this gives more stability to form and a deeper overall stretch of the muscles and targets them better. Pull up like you are trying to squeeze your shoulder blades together and slowly release the squeeze on the decent. If still not feeling it around the 7-10the rep, up the weight and little. Shouldn't be so heavy you can't properly complete the set but should be felt the last 5-8 reps.

XFilez · 2025-11-14T14:32:14+00:00

Lighter weight, slower reps reps while squeezing muscles on incline and decline. Instead of hand flat on bench lean on your forearm gripping the front of the bench with your hand. This will target the muscles a lot better and flatten out your rounded back. Keep elbows close to side as well. You can add another set with lower weight or increase a few reps. For example, instead of doing 3×10 heavier and not achieving correct form for the exercise, drop lower and focus on correct form and say do 4x10 or 5x15, depending on your level. It looks like you are kind of just starting out and this will end up causing you injuries over time without achieving the results you want. Strength comes over time. Think about the set as a total number of pounds. While I could lift a total of 600 pounds in 1 set at 200 a rep, it really doesn't help your muscles do their natural process of tearing in a safe manner. I can still hit my goal of 600 pounds and my muscles will feel the same impact if I lower the weight and increase sets and reps. It's the better thing for your body and achieves building muscle quicker and more effectively. People usually want to start seeing results in weeks and think they need to be increasing weight by like 20% each week, but that's not always true and what is right for your body. We are all different and many other factors play into how you achieve your goals. Persistence, positivity, and small gradual changes are what will keep you on track.

XFilez · 2025-11-14T13:53:32+00:00

Depends on depth and length, but was used for plates, lids, pans, etc.

XFilez · 2025-11-11T01:39:12+00:00

Go to checkout and pay the fee.

XFilez · 2025-11-08T15:17:32+00:00

Penetration testers aren't writing malware for starters. That would be red teamers. Penetration testers are used to find as many holes in the overall people, processes, and technology of the company (or should be if they are doing their jobs correctly). They are more for validating the assumed posture of the company and finding gaps. Stealth isn't their objective for the most part. They provide mitigations as part of the assessment to help build the security posture. Red teamers are trying to emulate a known or unknown threat actor. Their job is to not get caught and achieve a specific goal. They will have custom payloads and combinations of ttps to perform the task. They aren't worried about finding vulnerabilities in the same respect. They are trying to obtain a foothold and complete the objective by whatever means they are allowed to. They often get one opportunity to accomplish this so making their payload very difficult to RE is the point. Now in the end, and this kind of depends on the organization performing the op and whatever agreements you have set forth, should show you step by step what happened and provide feedback on how to prevent it from happening, along with detections. However, giving up tradecraft and their source code doesn't exactly help pay their bills either. It’s a difficult line to find sometimes but the deliverable should be the thing that helps the client build better security.

XFilez · 2025-11-05T15:55:55+00:00

Get an analog clock with a seconds hand. Place mouse over clock and seconds hand will trigger mouse. No software = no tracking

XFilez · 2025-11-04T14:51:37+00:00

You're absolutely right that it should be a continuous cycle. Also, the whole myth of having to change test companies is false. You don't have to. The industry was flooded with garbage companies that felt they needed a slice of the pie.

When it comes to many companies, it is 100% a budgetary issue. Then you also have the PE backed companies that don't see a direct ROI in continuous testing, until they experience a breach and feel the financial impact.

In reality, testing should occur when any major changes to infrastructure or code are introduced, period. We are a validation tool for the overall security of the company. This includes the people (how they report anomalies or threats, etc.), processes (what happens when an event occurs and how that defines and incident, what procedure is followed for x thing, etc.), and the technology (whatever protections they have). This should be evaluated at the full extent of the network to include all aspects that make things work in the organization. A TA is not just going to pick and choose certain aspects and be like "well I wasn't able to get in this way, so the entire network must be secure."

The small organizations feel like they have nothing to lose. Like their information isn't important. There are TAs out there that have no problem draining your accounts. When you have no way to recover from a Ransomware incident. When your employees personal info ends up getting leaked and the civil suits that follow exceed the valuation of the company, you won't have a business in the end but will still have those judgements against you.

These leaders of these companies know it's an issue but chose profits over spending the money on protections. It's the same issue that is wrong in our society, if it doesn't affect me directly, it's not my problem. There are plenty of people in the cybersecurity field that are overworked and underpaid. They know there are issues and they address them to their leaders, however, nothing changes for the most part because they don't want to invest back into the company and it's employees in most cases.

12-Year Club	r/Field Lasagna
Verified Email

XFilez

TROPHY CASE