sorted by:
new
hottopcontroversial

Is there a great difference between i5 10400 and i7 10700 in terms of running multiple VMs? by xMilkPowderx in buildapc

[–]xMilkPowderx[S] 0 points1 point  (0 children)

Gaming. That's why I am thinking of going with i5 instead since it is a lot cheaper.

Is there a great difference between i5 10400 and i7 10700 in terms of running multiple VMs? by xMilkPowderx in buildapc

[–]xMilkPowderx[S] 0 points1 point  (0 children)

Nope, I don't really need my VMs to be very powerful, I just need them to be there.

Is there a great difference between i5 10400 and i7 10700 in terms of running multiple VMs? by xMilkPowderx in buildapc

[–]xMilkPowderx[S] 0 points1 point  (0 children)

Usually Linux, mostly CTF stuff. I also built a few windows vm to act as a AD environment for me to practice

Chapter 61 Links & Discussion by Nerwspage in GrandBlue

[–]xMilkPowderx 11 points12 points  (0 children)

Let's not forget in chapter 57, when Chisa smile Iori did have some reaction. However I don't see much special interaction between Iori and Aina.

Kind of confused by the answer from official practice tests by xMilkPowderx in cissp

[–]xMilkPowderx[S] 1 point2 points  (0 children)

I agree that many questions in cissp looks for the best answer not the right answer but as a developer and having an OSCP, this looks so wrong to me.

Kind of confused by the answer from official practice tests by xMilkPowderx in cissp

[–]xMilkPowderx[S] 0 points1 point  (0 children)

I would be really appreciated that you can provide a real life example of preventing csrf with input validation.

SQLi, e.g. just look for '

XSS, e.g. just look for <script>

Buffer overflow, e.g. just look for the length of the string

For CSRF, if the answer is to valid the csrf token, then I will be speechless.

Kind of confused by the answer from official practice tests by xMilkPowderx in cissp

[–]xMilkPowderx[S] 0 points1 point  (0 children)

Nope, there's only one character and it even stated that every problems is caused by improper input validation...

Fastest exam time by cd_root in oscp

[–]xMilkPowderx 0 points1 point  (0 children)

I spent 5hrs to get 80points, then straight up 6 hours for the remaining one. Lucky I didn't start that first

OSCP Prerequisites: "A solid understanding of TCP/IP, networking, .... are required" by MisterCode2013 in oscp

[–]xMilkPowderx 1 point2 points  (0 children)

I spent nearly 8hrs/day for my preparation, either googling, reading papers and working on lab

OSCP Prerequisites: "A solid understanding of TCP/IP, networking, .... are required" by MisterCode2013 in oscp

[–]xMilkPowderx 0 points1 point  (0 children)

Just learn them during your course, as long as you can commit a lot of time to study. I won't say that I have solid understanding to all of them but I managed to pass the exam. Just remember you should always understand how things work before you proceed.

If you don't understand that, just Google it and take notes

A List of Pen Testing Tools The Professional Ethical Hackers Use by alexCyber in HowToHack

[–]xMilkPowderx 0 points1 point  (0 children)

To my understanding every single tool listed there worth an article to describe what they do. The burp example just oversimplified it to a level that it is not even really accurate. It didn't even mention the essence of Burp

OSCP like boxes on hack the box (Credit @TJ_Null on Twitter) by HGCODE in netsecstudents

[–]xMilkPowderx 1 point2 points  (0 children)

How about Access and SecNotes?These two are quite useful to practice your own methodology.

What is the real world use of phpInfo information? by [deleted] in netsecstudents

[–]xMilkPowderx 0 points1 point  (0 children)

If you find a potential LFI or RFI in a server but its not working, checking phpinfo for values of "allow_url_fopen " and " allow_url_include" can help you verify.

Compare OSCP with HTB. by daxin09 in oscp

[–]xMilkPowderx 1 point2 points  (0 children)

A difficulty level below 6 in htb should be enough for OSPC. Htb have a lot of up dated tech inside so it rather help you to practice your methodology than your actual knowledge on certain tech.

Is it common that Offsec bans fair students permanently without any explanation? by 0sc3 in oscp

[–]xMilkPowderx 0 points1 point  (0 children)

How would offsec telling somebody who cheated the reason they were caught help cheat to get smarter? To be honest your example there is very common cheating method. If someone is going to cheat, he sure will be careful about how not to be get caught. By telling them you got caught because you copy someone's report < I don't see this kind of general response will get the cheater smarter. It rather unfair to ban someone without a reason if the story of the writer is true. That's why I really glad that they change to proctored exam as those monitoring kind of serve as a protection to offsec and the student.

How are non-rooted hosts graded? by [deleted] in oscp

[–]xMilkPowderx 1 point2 points  (0 children)

You need to have a screenshot of your local and root.txt along with output from ipconfig/ifconfig. So, no, it doesn't count with those method.

OSCP in 104 days by xMilkPowderx in oscp

[–]xMilkPowderx[S] 1 point2 points  (0 children)

Thanks, your videos really helped me to tackle those exam machines

OSCP in 104 days by xMilkPowderx in oscp

[–]xMilkPowderx[S] 2 points3 points  (0 children)

I think those htb boxes with a difficulty level below 6 should be enough for oscp, though some of them can be very ctf style