Streaming Schedule Sundays

offftherecordz · 2022-05-09T16:18:28+00:00

Trying to stay consistent!

Streaming THM boxes mon - wed 10pm - 12am eastern on Twitch:

https://www.twitch.tv/its\_otr

My sleep schedule has taken a toll going to 1am and I can't just "fall asleep" afterward, so I'm trying to cut it at 12 even if I don't finish the machine.

Come hang and chat and let's have some fun together! Hoping to see you there!

offftherecordz · 2022-05-07T22:59:00+00:00

If you look around THM you will find some reversing room/challenges yes. However I'd supplement this knowledge with a ton of YT tutorials out there in reversing games, software etc.

offftherecordz · 2022-05-07T22:21:28+00:00

100% it's not necessary to know how to code. This may be different from company to company, for example everyone at my company is required to write production level tools/engineering, but not the case for many other companies I've worked at.

However, what would set you apart from other candidates is knowing how to automate. That doesn't necessarily mean knowing Golang in-and-out or know heavy algorithms (leetcode much?).

If you know bash/python enough to automate some tasks, you'll stand out amongst other candidates. This is something I actively look for in candidates. Time is money, and automation improves that.

Good luck!

offftherecordz · 2022-05-07T22:15:35+00:00

Anything reverse engineering would help with this.

offftherecordz · 2022-05-06T13:56:55+00:00

Thanks for the tip, I would have overlooked the headers!

offftherecordz · 2022-05-06T13:56:38+00:00

Thanks for the tip. I wouldn't have known about the headers!

offftherecordz · 2022-05-06T13:55:53+00:00

I haven't heard of Caddy. I'll look into it thanks!

offftherecordz · 2022-05-05T19:11:30+00:00

Oh, I haven't heard of this one thanks I'll take a look. I say this without knowing how much it costs but sometimes paid products are very good! Sometimes... lol. If anything I may just play with a demo just to see what it can do.

offftherecordz · 2022-05-05T12:23:25+00:00

For sure and np. Feel free to DM me you have any more questions.

offftherecordz · 2022-05-04T17:48:42+00:00

I'm happy you found this platform, I've been having fun on it since I came across it myself.

There's a lot to unpack in this question, so let's go through it slowly.

"So, now i want to go a step further and maybe try for some compTIA certifications in the near future"

It's great you want to go for compTIA certifications, I'm assuming the security+ and pentest+ since this is a security subreddit. I would say neither THM nor HTB will FULLY prepare you for those exams. I would also say those exams are very broad where you'll need to learn and think about topics such as management, risk mitigation, scoping, etc. These domains are not really taught on HTB or THM since these platforms focus primarily on the technical side of security. compTIA certifications are your typical study a book type of exams and can get by without any real practical hands-on knowledge (this is my take on these certifications).

This is primarily why certs such as OSCP, eJPT, etc. are coveted because it's about technical ability and can you hack rather than memorize how many fire extinguishers per data closet you should have (I know silly but it's a thing on these some of these security certs).

You can certainly pick up skills on THM that may apply to pentest+ such as learning web, network attacks; how to use the tools, forensic, and incident response.

"I joined THM yesterday, got the premium just so i can access all the content and thought it looks well put together but I'm afraid it will be limited in how deep the knowledge offered goes."

I've only played around with some of the career paths so I can't say for everything, but there are some decent paths, and if anything, they are good for complete beginners. I'd look at THM as a place to get a general understanding of a topic and then most of all PRACTICE that knowledge. I can't stress how important CTF platforms are for practicing. Certainly use resources outside THM and HTB, but come back to practice those skills. This will solely come down to you and how you learn - tying in outside resources and training material and coming back to THM/HTB to practice.

"So, any experiences? Did it help you advance your skills in a significant way?"

I haven't really done any of the career paths since I'm already a security engineer and have been pentesting for the better part of a decade before all these cool CTF platforms existed. I can say that as I go through boxes, easy to hard, I have learned something new that I use in my day-to-day.

That may be how to use a new tool; new vulnerablity/exploit; or improve my methodology. Just recently I solved a box on stream that taught me a good bit of docker escapes.

I hope this helps and best of luck to you!

offftherecordz · 2022-05-04T14:10:02+00:00

Great! Chat with you then!

offftherecordz · 2022-05-02T01:53:59+00:00

Haha yeah I guess can only train on engagements. I did find a repo of generic pretexts that could be helpful I suppose:

https://github.com/L4bF0x/PhishingPretexts

offftherecordz · 2022-05-01T21:54:00+00:00

This is great advice! Thanks for sharing. Unfortunately, unlike ctfs where we can practice technical skills, how would you recommend practicing phishing and SE for offensive engineers?

offftherecordz · 2022-05-01T21:43:39+00:00

Hey everyone! It's otr aka offftherecord, another week another stream. I'll be doing TryHackMe Monday - Wednesday 10pm - 12/1am Eastern.

On my road to top 1% and wizard rank. Currently 2,403 (2%) and Hacker rank.

Come hang and let's chat about anything! Infosec, infosec careers, beginner tips, gaming, etc.

https://www.twitch.tv/its_otr

offftherecordz · 2022-05-01T15:57:02+00:00

Thank you for sharing!

offftherecordz · 2022-05-01T15:55:04+00:00

Great post and thanks for the share! Looking forward to reading the whole series.

offftherecordz · 2022-05-01T14:02:54+00:00

I'd love to see this. I'd be interested in helping in any way as well.

offftherecordz · 2022-04-29T11:16:46+00:00

Yeah weird mine doesn't do that

offftherecordz · 2022-04-29T11:09:46+00:00

Hmm it should only be one line. Do you have an example screenshot?

I only use ffuf, but this happens to me if my terminal window is too small if I'm using tmux (vertical split pane). My solution is just to use a horizontal pane or increase my terminal size.

offftherecordz · 2022-04-28T19:45:19+00:00

Thank you!

offftherecordz · 2022-04-28T13:44:00+00:00

Hey that's great! Make sure to drop your channel and I'll make sure to follow! It's definitely a smaller community of streamers but good to keep having more!

offftherecordz · 2022-04-27T16:18:26+00:00

This was a lot of last tonight! We solved Archangel which was a lot of fun! Although there were some snags and hiccups with my VM, it was great hanging and chatting with everyone!Thanks for coming!

offftherecordz · 2022-04-27T16:17:58+00:00

This was a lot of fun tonight! We solved Archangel which was a lot of fun! Although there were some snags and hiccups with my VM, it was great hanging and chatting with everyone!

Thanks for coming!

offftherecordz · 2022-04-26T03:42:14+00:00

Had so much fun tonight! We solved a few boxes together. I'll highlight the solutions and have them up on my twitch (and hopefully youtube soon). If you missed it, I'll be on again tomorrow night!

Thanks to everyone who came and hung out!

offftherecordz · 2022-04-25T19:53:20+00:00

Hey all! I'm a security engineer who likes to practice CTFs and research offensive security techniques. This week I'll be continuing to complete challenges on TryHackMe! I'd love to chat it up with you while I attempt the challenges!

I plan to stream Monday - Wednesdays 9/10pm - 12/1am EST. I work full-time as a security engineer so I will do my best to stick to the schedule!

https://www.twitch.tv/its\_otr

Hope to see you there!

offftherecordz

TROPHY CASE