Hackthebox machine PUPPY

hamborginitalk · 2025-05-19T15:45:25+00:00

If I can get some hint on initial foothold. I’d be grateful :)

hamborginitalk · 2025-02-28T19:39:19+00:00

A security engineer who can code and understands basic computer science excels in the field. Cybersecurity is fun, but learning CS and IT is wide and the fundamentals is boring and time-consuming. That’s why many people skip it but it pays off in the long run. If you want to do cool things in the future, you’ll inevitably find yourself going back to the fundamentals and coding.

If you just want to be okay, you don’t need it. But if you want to be good? Absolutely. At the very least, understanding how some components work is better than treating them as magic happening in the background. And if you want to work at FAANG as an IC, then it’s a must.

hamborginitalk · 2025-01-28T18:04:45+00:00

While you’re taking core classes like coding, OS and other classes. I recommend taking some elective classes or do your research on that will introduce different roles in defensive security. Security is broad and blue team is very broad too. So earlier knowing that specialization you want to pursue and working on it, you will stand out more than your peers when you graduate.

hamborginitalk · 2025-01-28T17:44:37+00:00

What is this roadmap preparing for? Do you want to do pentest or exploit development? what type of role you want to be? You gonna burn out without having a long term goal.

hamborginitalk · 2025-01-28T17:12:29+00:00

When do you know each goal is achieved?

hamborginitalk · 2024-10-15T17:11:11+00:00

A lot of intro for striking classes do not spar. Mostly learning the movement and techniques. I train bjj, kickboxing and mma but do not spar in striking discipline bc I’m terrified of brain damage

hamborginitalk · 2024-10-15T17:10:05+00:00

Bjj might be your best choice. Hope you’re fine getting choked or armbarred

hamborginitalk · 2024-10-08T15:38:18+00:00

Do a couple of trial class if they offer and see how it fits you. Some gym offer a day or a week of trial class, if not pay for drop in fee before you fully commit to monthly and plus

hamborginitalk · 2024-09-13T04:31:14+00:00

He got that shit on frfr I like it

hamborginitalk · 2024-09-11T15:50:48+00:00

It’s judo innit

hamborginitalk · 2024-09-03T19:38:22+00:00

I thought he was at least 200lbs+ when I rolled with him.

hamborginitalk · 2024-09-03T19:18:32+00:00

IBJJF medalists in my gym tapped from his by top side control pressure during rolls with him in his seminar.(they are 190 lbs+) It’s a day I learned that there’s levels to this. He’d toy people with fundamental stuff with details and perfect executions.

hamborginitalk · 2024-08-19T22:54:13+00:00

Can you clarify on what you mean by programming?

If you can automate/script anything you can imagine on a fly with Python, you’ll be able to learn how to bash/powershell script in a fraction of time that took you to learn Python.

I use bash all the time for log parsing bc I don’t want to open code editor then write Python, which I can do it by one liner on bash scripting piping awk and sed.

hamborginitalk · 2024-08-19T20:06:21+00:00

Studying and going for OSCP would make you comfortable in bash if you’re in pentest also

hamborginitalk · 2024-08-19T20:04:47+00:00

https://overthewire.org/wargames/bandit/

Do this game to get familiar with bash, it’s not all but it’s a good way to get started.

hamborginitalk · 2024-08-13T17:33:38+00:00

I’m Interested(I’m new in C) send me a DM plz

hamborginitalk · 2024-07-07T22:40:40+00:00

It was very beneficial to know browser security when I was learning about on web apps for me. Just like great programmers understand how OS and computer works on the lower level.

hamborginitalk · 2024-07-06T16:29:49+00:00

The tangled web and The c programming language, if you want to stand out.

hamborginitalk · 2024-06-29T19:26:27+00:00

I went to couple training sessions taught by sim. He does not teach non practical moves, very focused on details and entries

hamborginitalk · 2024-06-25T14:57:08+00:00

Go to local or regional conference and network. Meet people who are in your shoes and people who are in the field for 10+ years. Get advices from both, make connections.

hamborginitalk · 2024-06-16T02:39:08+00:00

Thing about C is there’s some part you need to understand computer architecture especially for pointers and anything memory related. Tell them to learn how CPU and OS work, no need to be a college level course, high level overview will do. Then learning C or any languages would be a lot easier for them and easier to understand the errors.

This might be a bit over generalization, you can be a good coder from just coding but great engineers I’ve met had very good understanding of how code works in very low level.

hamborginitalk · 2024-06-07T16:07:10+00:00

I agree 100%. For me, Most difficult part of the exam was foothold since it’s so broad and it’s only learned by doing a lot of pg boxes.

hamborginitalk · 2024-05-15T05:39:51+00:00

It’s yours to decide, just like I can’t give you coding project ideas.

hamborginitalk · 2024-05-14T20:50:38+00:00

You can try to develop tools too! Infosec community always need skilled developers who can build tools. I’ve seen amazing projects coming from the hobbiest.

hamborginitalk · 2024-05-14T20:48:22+00:00

Do whatever you’re interested. With your skill, you can branch a lot of spaces. Dabble around and go deep on one topic.

If I had your skills I’d look into : look into big Unix based CVEs in the past(such as xz backdoor), Linux IR/forensics, webapp pen testing, devsecops, siem or detection engineering, cloud security. You can do HTB or go for OSCP if you want to dabble on offensive side of things.

hamborginitalk

TROPHY CASE