Greg Madison

Members
  • Content count

    11
  • Joined

  • Last visited

  • Days Won

    1

Greg Madison last won the day on July 5 2018

Greg Madison had the most liked content!

Community Reputation

1 Neutral

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Greg Madison

    IRC

    I see that a room on freenode.net exists as #hackersforcharity. I would assume that this channel is for this organization. The room is currently empty, but I'll hop into it and stay there for any who might be interested in having more active conversations. I'm sixtonspacefly
  2. Greg Madison

    What tools does everyone work with?

    So since there are tons of tools out there, all for different situations, it can be hard to know what to use. I did find this and found it to be helpful in that it also demonstrates a process: https://sparta.secforce.com/ The nice thing about it is that it no only automates things so you can be super lazy, but it also shows you a process of information gathering and different tools to use in common situations. It's a nice thing to check out and a good starting point I think in a hack.
  3. Greg Madison

    What tools does everyone work with?

    @NetWarKing I started a thread here about the issue of not being able to edit old posts. We'll see if that goes through. I guess for now, we'll just have to deal with it as is.
  4. Greg Madison

    Pentesting Labs

    @adhishri18 How do you start with what? Are you looking for help on how to get into HTB? Or just general hacking?
  5. Greg Madison

    Technical requests for this forum

    On point 4, I just attempted to edit an older post of mine. Once you post something, there is an edit link, I modified that link to match an older post and received this error: So it would seem that this is a limitation put in place by the web app.
  6. Greg Madison

    Technical requests for this forum

    Since there's no existing place for things of this nature, I'll just start a new topic here, sorry if it's not the best place for it. I have a few requests pertaining to the function and features of these forums. Please note, I bring up these issues because I think that this forum could be a really good place for the hacker community here and I'd love to see it grow. I noticed that the @ihackcharities Twitter account has around 8k followers, and yet there is very little activity here. It may not be a fair comparison since social media is a lot more popular than forums, though Reddit seems to be doing okay. Anyway, things that I would like to see fixed if broken and enabled if able: When logging in to the forum, though the web URL is HTTPS, the URL to which the login form posts is HTTP, causing the browser to report an insecure connection. Also this is a security issue since the username and password are being posted to that URL in the clear. The ability to modify ones profile. Right now, and it might just be me, I am unable to change my profile, setup a picture, or things like that. Attach files. This goes with 2. I can't attach files to posts since it requires you upload them to your profile, which cannot be done either, I get a permissions error. The ability to edit a post after someone has replied to it. I'd like to go back and edit my previous posts, but I don't see an option to do so. I don't know if that is also a permission issue, or if it is a limitation of this web app. Those are my thought right now. I'd love to hear if others agree/disagree, or if other people have other thoughts on the matter. Thank you.
  7. Greg Madison

    Pentesting Labs

    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 For Hack the Box: On the https://www.hackthebox.eu/invite page, there is a field into which you can put your invite code. The hint on that page on how to get a code is "Feel free to hack your way in :)" which means exactly what it implies, that you are to hack your way in. The hint that I can give for any who are interested is that this "hack" is purely done via the web browser with the use of the developer tools in either Firefox or Chrome. Please keep in mind that this service is a hacking lab, a place where you can VPN in and then have targets to hack. There aren't any tutorials or lessions, it assumes you know what you are doing at least on a basic level. Happy hacking. -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEe6Mc7Fd1gRWZWzn2l1N/ah0+q9AFAlr3Qz4ACgkQl1N/ah0+ q9BpThAAlBMy/452Y2z2PekvE4HD7T9bGhZ4ZdoRv71ffBN8TDW6rSrpDxgBfhKr 2fJSF9AOXjSPZq8lha/lEKgVPUA2V1+7If828trcgNZrltvlSp9QBcD39V9BVS8i Lwo5G4av74jJEsnqi3j6bTHSA/AF2BGlyIZprltPwoXtN19/EAxwjpfaXwquy3g0 Phi0ve3JCdbwD3LeVhDAjs1pBFZf6Zd2fwzjJPTw/ZW0SnrTDiIDjtkXbs709jBc U+9mAHQ04hZTCH8q91jijy3bY2h5OFWb7Nk/E2GcmK5oINc3m1p/6mj+EIQFOiC+ ZykzZVttxV3taOtgo9Ca/dnQlLDF/4kwkLr4o2rGNM+BHA92tOIUnSl3KOUxOxQV BSfoyRTzvYCDKtxtK/djfDWO366ljQEE3D5paGNECadEd4LUvTwm2b4oRf/FoQ+G /Z4sSuf9b7hVLlDp9zr4iuYk8HFtBFdLx3zTNQ9UwgIc3phpMOduqBdty5JkptNX p8KDprVQzM951kRN7knGOvPDibL+mleqFPANZQIwMmb7fzQjXfA3XZ5nh3oHuBmt NKGVSFQG+CVzicmseMuyGsJw3KRYnH8HKqgeDDuLNb3j4p9eufYkoWE1iMNBkAbO wMrsQTcz0WTCXnubSkvDrbz6JS0JXfsOoYXyQeJaKA7ShF0VfZg= =OtjC -----END PGP SIGNATURE-----
  8. Greg Madison

    Pentesting Labs

    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I had been interested in finding a lab environment for pentesting. I loved the labs by Offensive Security and I missed it and wanted something like it in order to keep learning and hacking. I found two places that offer pentesting labs. https://hackthebox.eu https://practicalpentestlabs.com/ I've started with Hack The Box and was very pleased. I haven't tried out Practical Pentesting Labs though, but it looks good. Thoughts on these, as well as other related resources would be great. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJa7KL+AAoJEJdTf2odPqvQa6oQAJbY7P3c4W6jZDbwZG1ovSz4 vm1ojHSaHLJiD8lLV6ucfMOJFucqZLDg5GtjxsegFIFmZ5u90yIEy0+wKEdR4yTG 2TMHq2xhicUR+U5aGDVlwT+v384eVN67vvXXKBG2gbCQP8fE8+UpDtvSZOhIZJQW HZw/WcOX1ozTdMvC0nUyNti2dYMNv/OfPh3bts90qo4MpSZztlSFRcdk09H/Czwe dh0l/USH8W+e1XZnZzr/L0RhbAgggmfjiWBZ+fyuChMI66Un/EonODSKQHzefbgM DhhzgxpCE4GJ0gQQq7Q3bVyUG9/7bU9IbdDKR1XoApG2AESZm1eCGn7gPyYu/Gok 5LoUlAyHOSZjsTRy60TLwwQmEMdKWEaVzqEacpXs7rhsEMgtmNwDHhWI97rBM2fK aZiIGnQaTuxcF2Cp/+WhO9mBWvANT+PSnUAWUryrTPy5WyKBbVYm/58L9lkYFV8y uI6l1DPtL3A4XbyT9jaDha9QA9z+G+DH6XubRnRmAObYTCw+Nq1mxChyaqV1qcAg 53HN9CnzGRXoXIv77yA7uDYzlinNIZdXhHEbZVaI/uU9q9wWHsxTwoB4M2KUe1KW xjp7SWBPuym7Ox20lWlNfpeK0T/1IsjBioSu+nm7dhG7nUljzIdysYTWBwlWJmje 5hGwjH5patoc5W9Pdtrh =YaR2 -----END PGP SIGNATURE-----
  9. Greg Madison

    What tools does everyone work with?

    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Nice resource link, thanks. For me, mostly the utilities on Kali, which are general across other pentesting distros like ArchStrike (https://archstrike.org/ and Parrot (https://www.parrotsec.org/download.fx). I also like to follow https://www.darknet.org.uk/category/hacking-tools/ for some good things. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJa7KG8AAoJEJdTf2odPqvQ+XMQAJVMGSZaiFPzMbe3s817T5FK 1bMppE7bo7iyMgOxq+7PTB0+w9+BJxlm8q1Z16oqf/wUNnwfXp/wlVdk8YoQqdnK /bjhRl8aOLoDv05tssLOujvhMZbjnpS11UrTaq0CUndQ2YCMUEetuOF9gCXt4mhp 0R0Bg6d5ay5ayAPPJy3RwU/eV5Np1fPLOK+VNviy4leYdjMUHv9zQEpJKArHozr7 kU2nNc94QUxGfIl54sSMdLgmt84fIXnlJhRoPidK5shPAAQfRHd5Z1UO3HcMVEBf VGH3FaNBn7TlGKuzbLJck0607EdjBDXM9cwg6TYyl4ys+rP45jyaMx/ObFLubisA 2nz36OXUY9M0F/9bgzXPJ8nbCQ77zM0ctcHWqnIZ71/e9XstDh10PVX3JCg37RHi LpfC23z+6YnOVBiKgew5YsbfDYuHuHmLYd7X/LJjkDHhy7eNZHdUk5eNTun/RyrJ NH4x/HJuuUrvA3/MvprtFo98ZUr18NuGVa6GT0TIn5PB4g6es9J/2PiAXrIQBqsz 8h2E2rhaVMdKqkTX5VTVTEEiUm/ENfGDdmSoQrPr11DXgvGvae2sq0ShLnpJQSru yr3pM24NIvUgJSyhntyL98qa/VWE6vyp5Twuk72fAoTP5tZnSOtuhxxddyA8Exhw sywQhg0kHDodkEVQj0Ba =tD77 -----END PGP SIGNATURE-----
  10. Greg Madison

    Say hello to all

    Hello all. My name is Greg. I just recently found this site and I'm very excited to start to get involved with its community.
  11. Greg Madison

    Web Design and development

    I'm not sure if this is the right place for this, but it is website related. This site, the sign in and sign up forms, are all under http instead of https by default. Is there a way you could enforce connections to upgrade to a secure connection, at least for the pages with form submission? I see that you do have an SSL cert, so I assume that's not an issue. I'm just concerned for anyone who might not be aware of this matter creating it logging in to an account in an environment that could be insecure.