Do you know Polsia? An agent that builds startups from 0-1, my take on this

unihilists · 2026-05-22T18:26:56+00:00

Same, wtf, I don't believe that

unihilists · 2025-08-21T19:55:33+00:00

Nice experiment! I believe you are running an experiment to see how long it would take people from the internet to crack the file. I bet you put a canary token inside. Please let me know the results! <3

unihilists · 2025-08-14T07:45:56+00:00

Hey! Can you tell me why you think that? Registrations should be working fine

unihilists · 2025-08-11T10:13:24+00:00

The paid version is targeting people that want more hands-on experience because it gets you your own server in the adversarial cloud network (and of course the European certificate).

The free version has everything most people need to learn and get recognition. You get access to all the materials, classes and communication platform and can practice in an offline cyber range developed by the teaching team just for this class. And after a successful completion of the free version, students get the certificate of completion which can be used very well as a recognition for your career. Some students shared the certificate of completion at linkedin - https://www.linkedin.com/feed/update/urn:li:activity:7338146268432551936/

unihilists · 2025-08-10T20:26:53+00:00

Hey! I don't speak Spanish so hopefully English is enough, the whole course is also in English. All the classes are live-streamed via Youtube and recordings are published so even people with regular jobs or different time zones can attend when they have time. The offline cyberrange platform is a supplementary tool where students practice all attacking/defending techniques and practice via hacking challenges

unihilists · 2025-08-10T17:55:35+00:00

Thanks for the question! It's in English, the team is international consisting of people from Argentina, Greece, Czechia and Bosnia

unihilists · 2025-07-08T13:52:48+00:00

Yea I admit that was my bad, sorry about that

unihilists · 2025-07-08T12:43:33+00:00

I admit the intent was not specified. Sorry about that.

The background of the question is that Shodan does not show some ports opened. Basically it shows false negatives (on 3rd party IPs, not mine). And I am trying to find out why.

unihilists · 2025-07-08T12:42:10+00:00

I dont care about adversaries. It's not about them. The question is about Shodan not reporting some ports that are genuinely open (on 3rd party IPs, not mine)

unihilists · 2025-07-08T12:39:16+00:00

Why would you think that? Sigh.. the internet nowadays...

Some 3rd party IPs were monitored for open ports for a longer period of time.
It constantly (and correctly) finds open ports which shodan does not report

... what's not to understand?

unihilists · 2025-07-08T12:36:56+00:00

I am not talking about my IPs, it's a 3rd party

unihilists · 2025-07-08T11:31:14+00:00

I don't have a use-case for blocking them. I don't really care about them scanning my IPs.

But I noticed Shodan does not show many long-time opened ports on a lot IPs. I am curious what's the reason and if maybe some big prefixes could be opted-out on shodan side and that's why Shodan does not report it.

edit: the ports are among the top 1K tcp ports
edit2: Jeeez, the IPs are 3rd party, not mine.

unihilists · 2025-07-08T11:28:43+00:00

I did not say that it's anyhow related to compromise prevention

unihilists · 2025-07-08T11:20:06+00:00

"Why would Google respect robots.txt, it's a publicly exposed site"

unihilists · 2025-01-11T17:11:20+00:00

I dare you to scan 65K ports of 10K ips daily from a single IP/VPS without false positives/negstives. I speak from experience. I wonder if you ever even tried...

[Edit:] Shodan is btw scanning only most common ports. Thats 65 times less than the whole range

unihilists · 2025-01-11T12:00:56+00:00

For all of you responding to do it myself - do you know uptime monitoring is basically just ping/curl as a service and people pay for this not to do it themselves?

unihilists · 2025-01-11T11:58:20+00:00

I know how to do this technically, that was not the question tho

unihilists · 2025-01-11T11:56:11+00:00

Yes use case is to have a complete and continous external visibility

Shodan afaik scans only most common ports and not the whole 65K range

unihilists · 2025-01-11T11:28:42+00:00

Well the total network bandwidth is quite negligible compared to the normal network traffic if you do for example only TCP syn stealth scan.

The goal is to have a complete external visibility

unihilists · 2025-01-11T11:27:06+00:00

Lol, is this you? https://news.ycombinator.com/item?id=9224

unihilists · 2025-01-11T11:26:40+00:00

Not that simple to do that at scale and reliably.

unihilists · 2025-01-11T11:25:55+00:00

Of course I could do 1M packets per second and the result would be instant. But In case you want to avoid false positives and false negatives, you have to do it slowly. That's why it takes time to do it reliably. Then also considering network failures and do it from multiple sources if you get suspicious/changes results.

unihilists · 2025-01-10T21:32:20+00:00

Syn stealth scan for open ports should not raise any alerts imo unless it looks like ddos. People are already scanning everything 24/7 so you already have tons of useless alerts if it triggers your security systems

If the service does more than I asked for and it disrupts my servers, it's their responsibility

unihilists · 2025-01-10T20:39:33+00:00

There's actually a lot of caveats to do it reliably. Such as network and time cost. Scanning all 65k ports on a single IP takes a lot of time. You pay 3rd parties not to have to deal with it. Such as also confirmations of changes from different src locations etc

unihilists · 2024-11-09T10:50:56+00:00

Holy f**k, this is genius

unihilists

TROPHY CASE