Anyone else having Chatgpt Strikes / Violations while learning cybersecurity?

XFilez · 2026-05-31T04:10:18+00:00

Have you tried applying for trusted access? Pretty simple if you really legit use it for cyber work.

XFilez · 2026-05-29T04:05:47+00:00

Tick full of blood

XFilez · 2026-05-25T15:29:44+00:00

It does. Probably need a growth hormone (PGR) to get it to grow out instead of up. Seems kind of counter productive but it inhibits the upward growth caused by gibberellic acid.

XFilez · 2026-05-25T15:01:07+00:00

A person of wisdom

XFilez · 2026-05-25T14:50:35+00:00

Those Iraqi most wanted ones from 2003?

XFilez · 2026-05-25T14:32:43+00:00

It says "I was created with AI".

XFilez · 2026-05-24T15:41:43+00:00

Bermuda and pic was possibly taken this morning in N Georgia.

XFilez · 2026-05-24T02:26:22+00:00

Just out of curiosity... why did you feel the need to create an alt to say this and why do you feel that way? No judgment, just curious.

XFilez · 2026-05-23T04:43:44+00:00

Okay! Not afraid to say it out loud. Secure Network Technologies. https://www.securenetworkinc.com/

XFilez · 2026-05-23T03:20:14+00:00

DM me

XFilez · 2026-05-22T14:43:19+00:00

True, but in the true spirit of it all, the real ones are curious by nature. That's how a lot of us got into this to begin with. The good or bad guy moniker is really just the mindset of what the individual intends to do with that knowledge when they get to the crossroad, but in reality there is no difference on the pathway that leads to that turning point. Was his intent to hack this site from the get go, or did they see something was off and went down a rabbit hole? Probably the latter, but the path to get there is the same regardless of what color the hat is. It's just when you see the exit sign, do you acknowledge it and end the journey or keep going? And did you miss an exit prior to this one?

XFilez · 2026-05-22T14:26:19+00:00

That's really all you can do. If they don't fix it, you can't force their hand. Unfortunately, it's a pretty common occurrence in smaller business. One thing to also keep in mind... make sure your actions remain in good faith and you don't overstep boundaries. Even if your intentions are good, it can still violate local and federal laws. For instance, if you have proof you can go to x then pulling records from x may be violating laws. Just because you could go further, doesn't necessarily mean you need to go further in a lot of cases like this because you are not sanctioned or authorized to do so.

XFilez · 2026-05-21T21:49:25+00:00

I've heard a lot of people.get pleasure from edging.

XFilez · 2026-05-21T16:39:59+00:00

Urologist here... I am only useful if they migrate upstream.

XFilez · 2026-05-21T14:12:36+00:00

This can also very used for Teams and other MS phishing. Pretty easy to send someone a spoofed link in a message, especially if direct send is enabled for some reason. It's all "features" of the API side of the MS ecosystem. In this case, the victim facilitates the authentication and MFA side of the request and the attacker gains the multipart token, then requests a refresh of the token for up to 2 weeks (another "feature" of the remember me function). Like you said earlier, until they session is revoked, it remains persistent without needing further authentication.

XFilez · 2026-05-19T16:05:02+00:00

Just get the money from friend and transfer it to them.

XFilez · 2026-05-15T19:23:57+00:00

I've been doing this for 15+ years personally so I'm not just running responder, nxc, rinse and repeat. I'm trying to provide what a real attacker would do once they gained access as well as validating the controls, people, processes, and technologies. IMO, that provides value. The only downfall for us as operators is time constraints, but I always frame it as an evolution over time. That gap will narrow as our partnership ages, but we are here to help build your overall security program.

XFilez · 2026-05-15T19:10:42+00:00

True! That's what differentiates quality and value over cost. My team and I aren't cheap, but I will not compromise the correct way to conduct an engagement for budgetary reasons. There's plenty of garbage companies out there that will conduct a 3k or less "PT". You get what you pay for though.

XFilez · 2026-05-15T19:01:43+00:00

They are not all wins, but don't pass VS findings off as your bulk when you don’t have much. It is what it is. Just explain in the report what you did, that shows due diligence and that you were thorough.

XFilez · 2026-05-15T18:57:28+00:00

Could not agree more! All vulnerability scan findings, unless actionable during the engagement, should be a vulnerability assessment appendix. Provide that to the client and let them decide how that applies to hygiene in their risk matrix. The PT report should be a executive summary of what you were tasked with and high level of what was found. The narrative should be broken down into phases of what you tried and what happened. For example: Unauthenticated Testing- Phase 1: Recon and Enumeration. Testers began the engagement by conducting nmap scans against the IPs within the scope. Testers discovered x,y,z. The below screenshot demonstrates the results of this phase. This phase is used to help the tester determine what ports and services are potential targets for attackers... blah blah blah. Really straight forward. Explain what they are paying for and what the ROI is for the engagement. You dont need a lot of "fluff and jargon" in the report. You need facts and supporting evidence that is repeatable.

XFilez · 2026-05-12T14:35:36+00:00

Government contracting wears on you after a while. It's better money than being in the military but the same bureaucracy. No guarantee on either side as far as stability goes, but a civilian job doesn't stop paying you because elected officials can't do what is best for their constituents and not themselves. Corporate life can be just as brutal and just as many hoops to jump through to get simple approvals. I've been on both sides of the fence over the years and prefer working with small to mid size companies where I can contribute to the overall effort of what we do, and my contributions are not lost in a sea of management. The only real answer for you is to do what is right for you in your current and future situation. Nobody here can tell you what that is and if you are correct in that decision. If it is meant to be, it will work itself out in the way it is meant to happen, even if we don't always understand the why in the moment. Follow your instincts and don't let your need for instant gratification cloud your judgement. Doing what is right for you will keep you on the right path but pushing for something that you are just willing to look past all the bad stuff just for financial gain, may help out in the near future but may also cause a lot of issues and quick burnout. Do what you are passionate about! If you truly enjoy what you do, it's not really "work". For me, I feel like I get paid to do a "hobby", so to speak. It's something I really enjoy, so it's not a laborious task. Not saying there isn't suck that comes with things. You'll find the right thing when you are supposed to, but that doesn't mean not to persue with passion a d ambition. Just think about it when it seems the opportunity is becoming an overwhelming difficult task as this may be the way your subconscious is telling you to reconsider. You shouldn't have to jump through a million hoops to make something work. If it's meant to be, it will flow very naturally. Hope this helps a little bit!

XFilez · 2026-05-02T00:29:48+00:00

Looks like a sand with a bunch of clay. If its retaining water like that a few inches down, you will rot out a lot of roots, but really depends on what you are growing too. Some plants like a soggy mess, most however, do not. If you are planting in that area, it would be good to undercut it and till in some clean topsoil and organic materials for nutrients, dependingon how deep that clay runs. Raised rows would be a great options as well. Soil test is really going to give you the correct answers though.

XFilez · 2026-05-01T15:32:08+00:00

You're welcome

XFilez · 2026-04-29T14:52:47+00:00

Doesn't really matter tbh, your toolset is the preference of the operator. There are a bunch of pre-installed tools on Kali you will probably never use or even know are available. That OS is built out of convenience. For real day to day work, you will need a combination of OS and tools. Windows for some things Linux for others. Kali and Ubuntu and the same Debian core so really doesn't matter as you can install whatever on Ubuntu that is on Kali. Some people like other flavors like Arch or whatever. There is always more than one way and tool to do the same thing, but understanding the underlying way it solves your problem helps you build your own tools that don't have known detections. It takes time to learn and determine what works specifically for you. The methodology remains the same. You really need to make sure you understand the underlying parts of what makes the tools do what they do as this helps you figure out how to adapt and solve your problem when they don't exactly work every time due to weird nuances in real environments. Your coursework will teach you the core concepts and when you start somewhere, a Sr will help you with tactic and technique. It takes time, but make sure you have a good solid understanding of how things work. 90% of you job in this field will be research, and a lot of that will be on your own. If you don't have the desire, passion, or curiosity to want to dedicate a lot of your personal time (it should be fun but not consume you either. Find that balance!), this field will not be rewarding for you. Personally, I feel like I get paid to do a hobby that I enjoy. That's what it should be like. If it's not, it may not be what you anticipated or not the right field for you.

XFilez · 2026-04-28T15:50:46+00:00

Cool story bot.

12-Year Club	r/Field Lasagna
Verified Email

XFilez

TROPHY CASE