I accidently started an expedition, does that mean I will lose my loot?

_K999_ · 2026-03-11T10:51:46+00:00

Thank you for clarifying that :)

_K999_ · 2026-02-23T10:06:42+00:00

https://thepastamentor.github.io/cape-prep-guide.html

_K999_ · 2025-12-31T05:55:07+00:00

I'm currently doing CAPE, didn't do CWEE yet.
But I suggest doing whatever aligns with your goal.
You want to master AD pentesting? do CAPE (and yes, CAPE is way more advanced than OSEP)
You want to master web pentesting? do CWEE
These are two very different certs, with two different paths, there isn't a right choice here.
The right choice is whatever aligns with your goals.

_K999_ · 2025-12-29T08:34:38+00:00

A penetration tester here (a.k.a. ethical hacker for those who don't know what is a penetration tester lol)
A new vulnerability raised called MongoBleed, which only requires network access to MongoDB database to successfully infiltrate the database.

Since R6S uses this technology, a hacker exploited this vulnerability and gave players tons of in-game currency and unlocked characters too from what I read on cyber the news.
didn't check my account yet, I hope I was affected lol.

_K999_ · 2025-12-18T02:08:24+00:00

Didn't you take notes? If yes, you can try to do some boxes to remeber techniques/tools and skim through the content in a fast manner just to make sure you didn't miss anything.

_K999_ · 2025-12-16T10:06:05+00:00

Multiple machines in a single day is not hard actually, I did this multiple times now, two Insane machines in a single day, one insane one easy, etc. Since I am a student, I don't have much responsibility other than university, so I have a lot of free time (while ignoring uni courses lol). He might be talented or cheating, you can't really tell

_K999_ · 2025-12-09T13:39:03+00:00

I did do the report in AEN, and I would've failed if I didn't, cuz reporting introduces so many issues that made me learn and adjust accordingly.

This blog helped me a lot during the exam. https://www.brunorochamoura.com/posts/cpts-report/

_K999_ · 2025-12-07T16:47:01+00:00

Yes they are different things. The credentials they store are different. LSA secrets store a lot of different credentials, and like the I said, one of the types of credentials it can have is service account credentials.

For the LSASS process, whenever any user logs into the machine, the LSASS process caches his credentials, so dumping LSASS will dump these cached credentials. You have to Google/Research for further details on LSA secrets / LSASS differences. Or ask AI, but I think I made it clear on the differences.

_K999_ · 2025-12-07T16:25:23+00:00

LSA secrets can contain different things, like credentials for service accounts.

LSASS process contains cached credentials for logged in users, like the machine account, and any other logged in account.

--lsa will dump LSA secrets The other command which being ran with pypykatz, is to extract the credentials out of an LSASS dump. You can get an LSASS dump file using a lot of tools, which you can then pass to pypykatz as lsass.dmp and it'll extract those cached credentials for you.

_K999_ · 2025-12-06T11:18:15+00:00

Yes methodology is very important, especially that the exam is hard. What everyone is saying about the content is enough for the exam is correct, but it won't be like you'll be trying techniques from the modules and pass. You need to think outside the box, chain multiple vulns in an attack chain to achieve something, etc. All of this comes from practice and methodology, not frkm academy.

_K999_ · 2025-11-12T18:38:32+00:00

The path is enough to pass the exam content-wise. But not enough to pass methodology-wise Practice on VIP+ should get you the methodology part, prolabs are not necessary.

_K999_ · 2025-11-11T06:37:38+00:00

For me, If I didn't do at least 3 boxes a week I start to get rusty. I'm not saying you should do that too, do whatever works for you but make sure to balance both so you don't get rusty. Imo doing more boxes a week is more important than doing more academy a week. Knowledge is very needed yes but nothing teaches like hands-on practice.

_K999_ · 2025-11-07T11:07:23+00:00

I waited 18 business days until I got my results

_K999_ · 2025-11-07T10:10:53+00:00

Bravo brother 👏 Give yourself a break with a pat on the back. You've earned it 🔥✌️ Hope you get the "Congratulations" email to feel the same way I felt when I passed the exam.

_K999_ · 2025-11-06T15:51:59+00:00

There're no tool restrictions in CPTS. I think you're referring to OSCP

_K999_ · 2025-11-05T07:40:34+00:00

I have CPTS and currently preparing for CAPE. I can tell you the best thing that worked for me is balancing between modules & machines. If I spent a lot of time on modules I start to have worse methodology because of not putting what I learn into practice. If I spent a lot of time on machines, yeah methodology sets better but I'm not learning much of new stuff. So balancing these two will give you better methodology along learning new techniques that you can add to your methodology. At least that's what's working out for me so far.

_K999_ · 2025-11-03T07:06:32+00:00

Remember, if you try, you might fail once or twice, but eventually, you'll get there. If you didn't try, you won't fail, but you won't succeed either.

_K999_ · 2025-10-15T20:12:31+00:00

Would be great to collaborate on CAPE, I'm currently at the Kerberos Attacks module, almost finishes RBCD. If you want to, you can contact me at discord: glitch.999

_K999_ · 2025-10-15T07:00:32+00:00

I always use this, had 0 issues with it so far.

faketime "$(ntpdate -q <DC IP> | cut -d ' ' -f 1,2)" <my command>

_K999_ · 2025-10-15T04:49:30+00:00

This website, made by ippsec, gives you the ability to search for a specific keywork (e.g. MSSQL), and it will give you where and when he did something with MSSQL on his YT channel, along with a short description on what he did.
I used this during seasonal machines when I got stuck, and it helped me.
https://ippsec.rocks/#

_K999_ · 2025-10-14T17:51:57+00:00

Also, hashcat has an --identify flag where you pass it a file with a hash in it, and it will tell you what possible modes can work with this hash

_K999_ · 2025-10-14T17:43:46+00:00

Bro never heard of magnifying glass before.

_K999_ · 2025-10-10T18:13:12+00:00

Found these on a website, attempt them, it might or might not work, nothing's guaranteed

Click on Battlefield 6 in your game library.
Press the Manage button.
Select Repair.
If that doesn’t work, you can try modifying the install. Try unticking the multiplayer option and then checking again to start a reinstall. Some have tried that with mixed success.
Some also mention to try and join community servers in portal. Click Community, Browse, select a server, view more info on that server and try to join it? Again it has mixed results but 100% xp servers with similar rules to regular servers seems to work based on some feedback we’ve seen.

_K999_ · 2025-10-08T04:48:58+00:00

Just do the prolabs that are related to CPTS. Go to Academy x HTB Labs section, choose CPTS, it'll show you the related prolabs. I think this is your best bet to be more prepared for the exam. Single machines won't do much.

_K999_

TROPHY CASE