| x8664arch |
x86 Architecture Overview |
true |
2 |
walkthrough |
A crash course in x86 architecture to enable us in malware reverse engineering. |
| wreath |
Wreath |
true |
2 |
walkthrough |
Learn how to pivot through a network by compromising a public facing web machine and tunnelling your traffic to access other machines in Wreath's network. (Streak limitation only for non-subscribed users) |
| winincidentsurface |
Windows Incident Surface |
true |
2 |
walkthrough |
Learn how to implement DFIR techniques to explore the Windows incident surface. |
| windowsreversingintro |
Windows Reversing Intro |
true |
3 |
walkthrough |
Introduction to reverse engineering x64 Windows software. |
| windowsprivescarena |
Windows PrivEsc Arena |
true |
3 |
walkthrough |
Students will learn how to escalate privileges using a very vulnerable Windows 7 VM. RDP is open. Your credentials are user:password321 |
| windowsfundamentals3xzx |
Windows Fundamentals 3 |
true |
1 |
walkthrough |
In part 3 of the Windows Fundamentals module, learn about the built-in Microsoft tools that help keep the device secure, such as Windows Updates, Windows Security, BitLocker, and more... |
| windowsfundamentals2x0x |
Windows Fundamentals 2 |
true |
1 |
walkthrough |
In part 2 of the Windows Fundamentals module, discover more about System Configuration, UAC Settings, Resource Monitoring, the Windows Registry and more.. |
| windowsforensics1 |
Windows Forensics 1 |
true |
3 |
walkthrough |
Introduction to Windows Registry Forensics |
| windowsapi |
Introduction to Windows API |
true |
2 |
walkthrough |
Learn how to interact with the win32 API and understand its wide range of use cases |
| windows10privesc |
Windows PrivEsc |
true |
3 |
walkthrough |
Practice your Windows Privilege Escalation skills on an intentionally misconfigured Windows VM with multiple ways to get admin/SYSTEM! RDP is available. Credentials: user:password321 |
| winadbasics |
Active Directory Basics |
true |
2 |
walkthrough |
This room will introduce the basic concepts and functionality provided by Active Directory. |
| win64assembly |
Windows x64 Assembly |
true |
3 |
walkthrough |
Introduction to x64 Assembly on Windows. |
| whatisnetworking |
What is Networking? |
true |
1 |
walkthrough |
Begin learning the fundamentals of computer networking in this bite-sized and interactive module. |
| wazuhct |
Wazuh |
true |
3 |
walkthrough |
Wazuh is a free, open source and enterprise-ready security monitoring solution for threat detection, integrity monitoring. |
| vulnversity |
Vulnversity |
true |
2 |
walkthrough |
Learn about active recon, web app attacks and privilege escalation. |
| vulnerabilities101 |
Vulnerabilities 101 |
true |
2 |
walkthrough |
Understand the flaws of an application and apply your researching skills on some vulnerability databases. |
| unifiedkillchain |
Unified Kill Chain |
true |
2 |
walkthrough |
The Unified Kill Chain is a framework which establishes the phases of an attack, and a means of identifying and mitigating risk to IT assets. |
| unattended |
Unattended |
true |
3 |
walkthrough |
Use your Windows forensics knowledge to investigate an incident. |
| tutorial |
Tutorial |
true |
2 |
walkthrough |
Learn how to use a TryHackMe room to start your upskilling in cyber security. |
| tshark |
TShark |
true |
3 |
walkthrough |
Learn how to use TShark to accelerate your pcap analysis! |
| trafficanalysisessentials |
Traffic Analysis Essentials |
true |
2 |
walkthrough |
Learn Network Security and Traffic Analysis foundations and take a step into probing network anomalies. |
| tmuxremux |
REmux The Tmux |
true |
1 |
walkthrough |
Updated, how to use tmux guide. Defaults and customize your workflow. |
| tickets4 |
Win Prizes and Learn - 2023! |
true |
1 |
walkthrough |
Earn tickets by completing rooms. You only need three of the same ticket type to win a prize - let’s go! |
| tickets3 |
Learn & win prizes - Fall 2022 |
true |
1 |
walkthrough |
Upskill with our rooms and earn tickets. You need three of the same ticket type to win a prize - let’s go! |
| tickets2 |
Learn and win prizes #2 |
true |
1 |
walkthrough |
Complete rooms, win tickets. Get 3 of the same tickets and win a prize. |
| tickets1 |
Learn and win prizes |
true |
1 |
walkthrough |
Complete rooms, win tickets. Get 3 of the same tickets and win a prize. |
| threatinteltools |
Threat Intelligence Tools |
true |
2 |
walkthrough |
Explore different OSINT tools used to conduct security threat assessments and investigations. |
| threatintelligenceforsoc |
Threat Intelligence for SOC |
true |
3 |
walkthrough |
Learn how to utilise Threat Intelligence to improve the Security Operations pipeline. |
| threathuntingfoothold |
Threat Hunting: Foothold |
true |
3 |
walkthrough |
Hunting suspicious activities indicating initial user or host compromise. |
| threatemulationintro |
Intro to Threat Emulation |
true |
3 |
walkthrough |
A look into threat emulation practices as a means of cyber security assessment. |
| thequestforleastprivilege |
The Quest for Least Privilege |
true |
3 |
walkthrough |
Learn how to scope an IAM Policy down to only the necessary actions. |
| thecodcaper |
The Cod Caper |
true |
2 |
walkthrough |
A guided room taking you through infiltrating and exploiting a Linux system. |
| sudovulnssamedit |
Baron Samedit |
true |
1 |
walkthrough |
A tutorial room exploring CVE-2021-3156 in the Unix Sudo Program. Room Three in the SudoVulns Series |
| stscredentialslab |
STS Credentials Lab |
true |
3 |
walkthrough |
Learn how to assume roles and get temporary credentials. |
| startingoutincybersec |
Starting Out In Cyber Sec |
true |
2 |
walkthrough |
Learn about the different career paths in Cyber Security and how TryHackMe can help! |
| ssrfhr |
SSRF |
true |
3 |
walkthrough |
Discover the inner workings of SSRF and explore multiple exploitation techniques. |
| sqlmap |
SQLMAP |
true |
2 |
walkthrough |
Learn about and use Sqlmap to exploit the web application |
| sqlinjectionlm |
SQL Injection |
true |
3 |
walkthrough |
Learn how to detect and exploit SQL Injection vulnerabilities |
| sqlilab |
SQL Injection Lab |
true |
2 |
walkthrough |
Understand how SQL injection attacks work and how to exploit this vulnerability. |
| spring4shell |
Spring4Shell: CVE-2022-22965 |
true |
1 |
walkthrough |
Interactive lab for exploiting Spring4Shell (CVE-2022-22965) in the Java Spring Framework |
| splunkexploringspl |
Splunk: Exploring SPL |
true |
3 |
walkthrough |
Learn and explore the basics of the Search Processing Language. |
| somesint |
KaffeeSec - SoMeSINT |
true |
3 |
walkthrough |
An intro to SOCMINT (Social Media Intelligence/Investigation) techniques and tooling. Use your awesome OSINT skills to perform an online investigation of a mysterious husband! |
| solar |
Solar, exploiting log4j |
true |
3 |
walkthrough |
Explore CVE-2021-44228, a vulnerability in log4j affecting almost all software under the sun. |
| snykopensource |
Snyk Open Source |
true |
2 |
walkthrough |
Securing open-source dependencies with Snyk - a junior application security engineer's journey. |
| snykcode |
Snyk Code |
true |
2 |
walkthrough |
Securing code with Snyk - a junior application security engineer's journey. |
| snort |
Snort |
true |
3 |
walkthrough |
Learn how to use Snort to detect real-time threats, analyse recorded traffic files and identify anomalies. |
| servidae |
Servidae: Log Analysis in ELK |
true |
2 |
walkthrough |
Analyze the logs of an affected workstation to determine the attacker's indicators of compromise. |
| securityprinciples |
Security Principles |
true |
2 |
walkthrough |
Learn about the security triad and common security models and principles. |
| securityengineerintro |
Security Engineer Intro |
true |
2 |
walkthrough |
What does a day in the life of a security engineer look like? |
| securityawarenessintro |
Security Awareness |
true |
1 |
walkthrough |
An introduction to security awareness; why its important, the impact of being attacked, different threat actors and basic account security. |
| securesdlc |
SSDLC |
true |
3 |
walkthrough |
This room focuses on the Secure Software Development Lifecycle (S-SDLC), its processes, and methodologies. |
| sdlc |
SDLC |
true |
2 |
walkthrough |
An introduction to the Software Development Lifecycle. |
| sch3mad3mon |
TryHack3M: Sch3Ma D3Mon |
true |
3 |
walkthrough |
A guided challenge to learn about SQL injection exploits. |
| rustscan |
RustScan |
true |
2 |
walkthrough |
Learn how to use RustScan. |
| rust |
Learn Rust |
true |
2 |
walkthrough |
Learn Rust for someone who knows programming but doesn't know low level programming |
| rpnessusredux |
Nessus |
true |
2 |
walkthrough |
Learn how to set up and use Nessus, a popular vulnerability scanner. |
| rfirmware |
Dumping Router Firmware |
true |
3 |
walkthrough |
Have you ever been curious about how your router works? What OS it runs? What makes it tick? |
| ret2libc |
ret2libc |
true |
3 |
walkthrough |
This room teaches basic return-oriented programming (ROP), exploitation of binaries and an ASLR bypass. |
| registrypersistencedetection |
Registry Persistence Detection |
true |
2 |
walkthrough |
Learn to use the AutoRuns PowerShell module to detect persistence mechanisms that use the Registry. |
| redteamthreatintel |
Red Team Threat Intel |
true |
3 |
walkthrough |
Apply threat intelligence to red team engagements and adversary emulation. |
| redteamfundamentals |
Red Team Fundamentals |
true |
2 |
walkthrough |
Learn about the basics of a red engagement, the main components and stakeholders involved, and how red teaming differs from other cyber security engagements. |
| redteamengagements |
Red Team Engagements |
true |
2 |
walkthrough |
Learn the steps and procedures of a red team engagement, including planning, frameworks, and documentation. |
| pythonbasics |
Python Basics |
true |
2 |
walkthrough |
Using a web-based code editor, learn the basics of Python and put your knowledge into practice by eventually coding a short Bitcoin investment project. |
| pyramidofpainax |
Pyramid Of Pain |
true |
2 |
walkthrough |
Learn what is the Pyramid of Pain and how to utilize this model to determine the level of difficulty it will cause for an adversary to change the indicators associated with them, and their campaign. |
| pwnkit |
Pwnkit: CVE-2021-4034 |
true |
1 |
walkthrough |
Interactive lab for exploiting and remediating Pwnkit (CVE-2021-4034) in the Polkit package |
| puttingitalltogether |
Putting it all together |
true |
2 |
walkthrough |
Learn how all the individual components of the web work together to bring you access to your favourite web sites. |
| psychobreak |
Psycho Break |
true |
2 |
walkthrough |
Help Sebastian and his team of investigators to withstand the dangers that come ahead. |
| printnightmarehpzqlp8 |
PrintNightmare |
true |
3 |
walkthrough |
Learn about the vulnerability known as PrintNightmare (CVE-2021-1675) and (CVE-2021-34527). |
| printerhacking101 |
Printer Hacking 101 |
true |
2 |
walkthrough |
Learn about (and get hands on with) printer hacking and understand the basics of IPP. |
| preparation |
Preparation |
true |
3 |
walkthrough |
A look into the Preparation phase of the Incident Response. |
| postexploit |
Post-Exploitation Basics |
true |
2 |
walkthrough |
Learn the basics of post-exploitation and maintaining access with mimikatz, bloodhound, powerview and msfvenom |
| polkit |
Polkit: CVE-2021-3560 |
true |
1 |
walkthrough |
Walkthrough room for CVE-2021-3560 |
| physicalsecurityintro |
Physical Security Intro |
true |
2 |
walkthrough |
This room is an introduction to physical security methods to bypass locks, doors and other physical barriers. |
| phishingemails2rytmuv |
Phishing Emails in Action |
true |
2 |
walkthrough |
Learn the different indicators of phishing attempts by examining actual phishing emails. |
| phishingemails1tryoe |
Phishing Analysis Fundamentals |
true |
2 |
walkthrough |
Learn all the components that make up an email. |
| pentestingfundamentals |
Pentesting Fundamentals |
true |
2 |
walkthrough |
Learn the important ethics and methodologies behind every pentest. |
| passiverecon |
Passive Reconnaissance |
true |
2 |
walkthrough |
Learn about the essential tools for passive reconnaissance, such as whois, nslookup, and dig. |
| parrotpost |
ParrotPost: Phishing Analysis |
true |
2 |
walkthrough |
Reveal how attackers can craft client-side credential-stealing webpages that evade detection by security tools. |
| papercut |
PaperCut: CVE-2023-27350 |
true |
1 |
walkthrough |
Authorisation bypass (CVE-2023-27350) in PaperCut Print Management software leading to remote code execution. |
| owasptop102021 |
OWASP Top 10 - 2021 |
true |
2 |
walkthrough |
Learn about and exploit each of the OWASP Top 10 vulnerabilities |
| owasptop10 |
OWASP Top 10 |
true |
2 |
walkthrough |
Learn about and exploit each of the OWASP Top 10 vulnerabilities |
| owaspmutillidae |
OWASP Mutillidae II |
true |
2 |
walkthrough |
Mutillidae II is a free, open source, deliberately vulnerable web-application providing a target for web-security enthusiast. |
| owaspjuiceshop |
OWASP Juice Shop |
true |
2 |
walkthrough |
This room uses the Juice Shop vulnerable web application to learn how to identify and exploit common web application vulnerabilities. |
| owaspbrokenaccesscontrol |
OWASP Broken Access Control |
true |
2 |
walkthrough |
Exploit Broken Access Control: Number 1 of the Top 10 web security risks. |
| overpass2hacked |
Overpass 2 - Hacked |
true |
2 |
walkthrough |
Overpass has been hacked! Can you analyse the attacker's actions and hack back in? |
| overlayfs |
OverlayFS - CVE-2021-3493 |
true |
1 |
walkthrough |
Exploit a 2021 Kernel vulnerability in Ubuntu to become root almost instantly! |
| outlookntlmleak |
Outlook NTLM Leak |
true |
2 |
walkthrough |
Leak password hashes from a user by sending them an email by abusing CVE-2023-23397. |
| opsec |
Red Team OPSEC |
true |
3 |
walkthrough |
Learn how to apply Operations Security (OPSEC) process for Red Teams. |
| openvas |
OpenVAS |
true |
2 |
walkthrough |
Learn the basics of threat and vulnerability management using Open Vulnerability Assessment Scanning |
| nosqlinjectiontutorial |
NoSQL Injection |
true |
2 |
walkthrough |
A walkthrough depicting basic NoSQL injections on MongoDB. |
| nosqlinjectiontutorial |
NoSQL injection Basics |
true |
2 |
walkthrough |
A walkthrough depicting basic NoSQL injections on MongoDB. |
| nmap01 |
Nmap Live Host Discovery |
true |
3 |
walkthrough |
Learn how to use Nmap to discover live hosts using ARP scan, ICMP scan, and TCP/UDP ping scan. |
| networkservices2 |
Network Services 2 |
true |
2 |
walkthrough |
Enumerating and Exploiting More Common Network Services & Misconfigurations |
| networkservices |
Network Services |
true |
2 |
walkthrough |
Learn about, then enumerate and exploit a variety of network services and misconfigurations. |
| monikerlink |
Moniker Link (CVE-2024-21413) |
true |
2 |
walkthrough |
Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. |
| mma |
Mobile Malware Analysis |
true |
2 |
walkthrough |
Learn and practice mobile malware analysis. |
| microservicearchitectures |
Microservices Architectures |
true |
2 |
walkthrough |
Explore the problems associated with building a Microservice Architecture and how to overcome these to build a secure environment. |
| metasploitintro |
Metasploit: Introduction |
true |
2 |
walkthrough |
An introduction to the main components of the Metasploit Framework. |
| malresearching |
MAL: Researching |
true |
2 |
walkthrough |
Understanding checksums, how to generate them and their use throughout malware analysis with online sandboxing & reporting services |
| malmalintroductory |
MAL: Malware Introductory |
true |
2 |
walkthrough |
The start of a series of rooms covering Malware Analysis... |
| looneytunes |
Looney Tunables |
true |
3 |
walkthrough |
CVE-2023-4911: That's all Sec-Folks! |
| logoperations |
Log Operations |
true |
2 |
walkthrough |
Learn the operation process details. |
| localpotato |
LocalPotato |
true |
3 |
walkthrough |
Learn how to elevate your privileges on Windows using LocalPotato (CVE-2023-21746). |
| linuxstrengthtraining |
Linux Strength Training |
true |
2 |
walkthrough |
Guided room for beginners to learn/reinforce linux command line skills |
| linuxserverforensics |
Linux Server Forensics |
true |
3 |
walkthrough |
Learn about digital forensics artefacts found on Linux servers by analysing a compromised server |
| linuxprocessanalysis |
Linux Process Analysis |
true |
2 |
walkthrough |
Perform thorough process and application analysis to identify an attacker's persistence methods. |
| linuxprivescarena |
Linux PrivEsc Arena |
true |
3 |
walkthrough |
Students will learn how to escalate privileges using a very vulnerable Linux VM. SSH is open. Your credentials are TCM:Hacker123 |
| linuxprivesc |
Linux PrivEsc |
true |
3 |
walkthrough |
Practice your Linux Privilege Escalation skills on an intentionally misconfigured Debian VM with multiple ways to get root! SSH is available. Credentials: user:password321 |
| linuxmodules |
Linux Modules |
true |
2 |
walkthrough |
Learn linux modules in a fun way |
| linuxincidentsurface |
Linux Incident Surface |
true |
2 |
walkthrough |
Explore various areas of Incident Surface in Linux and how to identify the footprints of the incident. |
| linuxfundamentalspart1 |
Linux Fundamentals Part 1 |
true |
1 |
walkthrough |
Embark on the journey of learning the fundamentals of Linux. Learn to run some of the first essential commands on an interactive terminal. |
| linuxfunctionhooking |
Linux Function Hooking |
true |
3 |
walkthrough |
Learn about function hooking in Linux and have fun hooking functions |
| linuxfilesystemanalysis |
Linux File System Analysis |
true |
2 |
walkthrough |
Perform real-time file system analysis on a Linux system to identify an attacker's artefacts. |
| linuxbackdoors |
Linux Backdoors |
true |
2 |
walkthrough |
Learn all the different techniques used to backdoor a linux machine! |
| linuxagency |
Linux Agency |
true |
3 |
walkthrough |
This Room will help you to sharpen your Linux Skills and help you to learn basic privilege escalation in a HITMAN theme. So, pack your briefcase and grab your SilverBallers as its gonna be a tough ride. |
| linprivesc |
Linux Privilege Escalation |
true |
3 |
walkthrough |
Learn the fundamentals of Linux privilege escalation. From enumeration to exploitation, get hands-on with over 8 different privilege escalation techniques. |
| learnssti |
SSTI |
true |
3 |
walkthrough |
Learn what Server Side Template Injection is and how to exploit it! |
| learnowaspzap |
Introduction to OWASP ZAP |
true |
2 |
walkthrough |
Learn how to use OWASP ZAP from the ground up. An alternative to BurpSuite. |
| learncyberin25days |
25 Days of Cyber Security |
true |
2 |
walkthrough |
Get started with Cyber Security in 25 Days - Learn the basics by doing a new, beginner friendly security challenge every day. |
| layer2 |
L2 MAC Flooding & ARP Spoofing |
true |
2 |
walkthrough |
Learn how to use MAC Flooding to sniff traffic and ARP Cache Poisoning to manipulate network traffic as a MITM. |
| lambdadataexfiltration |
Lambda - Data Exfiltration |
true |
3 |
walkthrough |
Try your hand and compromising Lambda functions to access secret data. |
| kenobi |
Kenobi |
true |
2 |
walkthrough |
Walkthrough on exploiting a Linux machine. Enumerate Samba for shares, manipulate a vulnerable version of proftpd and escalate your privileges with path variable manipulation. |
| kape |
KAPE |
true |
3 |
walkthrough |
An introduction to Kroll Artifact Parser and Extractor (KAPE) for collecting and processing forensic artifacts |
| k8sruntimesecurity |
K8s Runtime Security |
true |
3 |
walkthrough |
Secure a Kubernetes environment using in-house offerings and runtime security tools like Falco. |
| k8sbestsecuritypractices |
K8s Best Security Practices |
true |
3 |
walkthrough |
Best Kubernetes security practices at a cluster level. |
| jrsecanalystintrouxo |
Junior Security Analyst Intro |
true |
2 |
walkthrough |
Play through a day in the life of a Junior Security Analyst, their responsibilities and qualifications needed to land a role as an analyst. |
| joomify |
Joomify: CVE-2023-23752 |
true |
3 |
walkthrough |
Learn how to exploit a Joomla CMS using CVE-2023-23752 and understand various mitigation techniques. |
| javascriptbasics |
JavaScript Basics |
true |
2 |
walkthrough |
Learn JavaScript, the high-level, multi-paradigm language of the web. |
| iso27001 |
ISO27001 |
true |
2 |
walkthrough |
Introduction to ISO/ISO27001 |
| irplaybooks |
IR Playbooks |
true |
2 |
walkthrough |
Learn the basics of creating and using IR playbooks. |
| irphilosophyethics |
IR Philosophy and Ethics |
true |
2 |
walkthrough |
Addressing the Incident Response philosophy. |
| iotintro |
Intro to IoT Pentesting |
true |
2 |
walkthrough |
A beginner friendly walkthrough for internet of things (IoT) pentesting. |
| introwebapplicationsecurity |
Web Application Security |
true |
2 |
walkthrough |
Learn about web applications and explore some of their common security issues. |
| introtosiem |
Introduction to SIEM |
true |
2 |
walkthrough |
An introduction to Security Information and Event Management. |
| introtosecurityarchitecture |
Secure Network Architecture |
true |
3 |
walkthrough |
Learn about and implement security best practices for network environments. |
| introtoresearch |
Introductory Researching |
true |
2 |
walkthrough |
A brief introduction to research skills for pentesting. |
| introtopwntools |
Intro To Pwntools |
true |
2 |
walkthrough |
An introductory room for the binary exploit toolkit Pwntools. |
| introtopipelineautomation |
Intro to Pipeline Automation |
true |
2 |
walkthrough |
This room provides an introduction to DevOps pipeline automation and the potential security concerns. |
| introtooffensivesecurity |
Intro to Offensive Security |
true |
2 |
walkthrough |
Hack your first website (legally in a safe environment) and experience an ethical hacker's job. |
| introtonetworking |
Introductory Networking |
true |
2 |
walkthrough |
An introduction to networking theory and basic networking tools |
| introtologs |
Intro to Logs |
true |
2 |
walkthrough |
Learn the fundamentals of logging, data sources, collection methods and principles to step into the log analysis world. |
| introtologanalysis |
Intro to Log Analysis |
true |
2 |
walkthrough |
An intro to log analysis, best practices, and essential tools for effective detection and response. |
| introtoirandim |
Intro to IR and IM |
true |
2 |
walkthrough |
An introduction to Incident Response and Incident Management. |
| introtoiac |
Intro to IaC |
true |
2 |
walkthrough |
An introduction to infrastructure as code. |
| introtoendpointsecurity |
Intro to Endpoint Security |
true |
2 |
walkthrough |
Learn about fundamentals, methodology, and tooling for endpoint security monitoring. |
| introtodockerk8pdqk |
Intro to Docker |
true |
2 |
walkthrough |
Learn to create, build and deploy Docker containers! |
| introtodetectionengineering |
Intro to Detection Engineering |
true |
2 |
walkthrough |
Introduce the concept of detection engineering and the frameworks used towards crafting effective threat detection strategies. |
| introtocontainerisation |
Intro to Containerisation |
true |
2 |
walkthrough |
Learn about the technologies and benefits of containerisation. |
| introtocoldsystemforensics |
Intro to Cold System Forensics |
true |
2 |
walkthrough |
A look into the concepts of cold system forensics and how DFIR teams examine offline systems. |
| introtoav |
Introduction to Antivirus |
true |
2 |
walkthrough |
Understand how antivirus software works and what detection techniques are used to bypass malicious file checks. |
| intropocscripting |
Intro PoC Scripting |
true |
2 |
walkthrough |
Learn the importance and beginner skills of crafting custom proof of concept (PoC) exploit scripts from many different sources. |
| introductoryroomdfirmodule |
DFIR: An Introduction |
true |
2 |
walkthrough |
Introductory room for the DFIR module |
| introductiontothreathunting |
Threat Hunting: Introduction |
true |
2 |
walkthrough |
Behind the scenes of Threat Hunting - mindset, process, and goals. |
| introductiontohoneypots |
Introduction To Honeypots |
true |
3 |
walkthrough |
A guided room covering the deployment of honeypots and analysis of botnet activities |
| introductiontodevsecops |
Introduction to DevSecOps |
true |
3 |
walkthrough |
Learn about the story of DevSecOps, Software Development Models & Shifting Left. |
| introductiontocryptops |
Introduction to CryptOps |
true |
2 |
walkthrough |
Key management strategies for DevSecOps. |
| introductiontoawsiam |
Introduction to AWS IAM |
true |
2 |
walkthrough |
A Brief introduction to the importance of IAM and the IAM Module |
| introdigitalforensics |
Intro to Digital Forensics |
true |
2 |
walkthrough |
Learn about digital forensics and related processes and experiment with a practical example. |
| insekube |
Insekube |
true |
2 |
walkthrough |
Exploiting Kubernetes by leveraging a Grafana LFI vulnerability |
| insecuredeserialisation |
Insecure Deserialisation |
true |
3 |
walkthrough |
Get in-depth knowledge of the deserialisation process and how it poses a vulnerability in a web app. |
| idsevasion |
Intrusion Detection |
true |
3 |
walkthrough |
Learn cyber evasion techniques and put them to the test against two IDS |
| identificationandscoping |
Identification & Scoping |
true |
3 |
walkthrough |
A look into the second phase of the Incident Response Framework, Identification & Scoping. |
| iamprincipals |
IAM Principals |
true |
3 |
walkthrough |
An overview of the different types of actors in IAM |
| iaaaidm |
Identity and Access Management |
true |
2 |
walkthrough |
Learn about identification, authentication, authorisation, accounting, and identity management. |
| hypervisorinternals |
Hypervisor Internals |
true |
2 |
walkthrough |
An introduction to the use of Hypervisors and their internal components. |
| httprequestsmuggling |
HTTP Request Smuggling |
true |
2 |
walkthrough |
Learn about HTTP Request Smuggling and its different techniques. |
| httpindetail |
HTTP in Detail |
true |
2 |
walkthrough |
Learn about how you request content from a web server using the HTTP protocol |
| http2requestsmuggling |
HTTP/2 Request Smuggling |
true |
4 |
walkthrough |
Exploit HTTP Request Smuggling in HTTP/2 environments. |
| howwebsiteswork |
How Websites Work |
true |
2 |
walkthrough |
To exploit a website, you first need to know how they are created. |
| howtousetryhackme |
How to use TryHackMe |
true |
2 |
walkthrough |
Start and access your first machine! |
| hostedhypervisors |
Hosted Hypervisors |
true |
2 |
walkthrough |
Learn about Hosted Hypervisors, how to investigate them, and more. |
| historyofmalware |
History of Malware |
true |
1 |
walkthrough |
Join this room to learn about the first forms of malware and how they turned into the malicious code we see today. |
| hipflask |
Hip Flask |
true |
3 |
walkthrough |
An in-depth walkthrough covering pentest methodology against a vulnerable server |
| hello |
Welcome |
true |
2 |
walkthrough |
Learn how to use a TryHackMe room to start your upskilling in cyber security. |
| hackinghadoop |
Hacking Hadoop |
true |
4 |
walkthrough |
Learning about the security failings commonly seen in Hadoop |
| hackermethodology |
The Hacker Methodology |
true |
2 |
walkthrough |
Introduction to the Hacker Methodology |
| googledorking |
Google Dorking |
true |
2 |
walkthrough |
Explaining how Search Engines work and leveraging them into finding hidden content! |
| gitlabcve20237028 |
GitLab CVE-2023-7028 |
true |
3 |
walkthrough |
Learn to exploit a GitLab instance using CVE-2023-7028 and understand various mitigation techniques. |
| gettingstarted |
Getting Started |
true |
2 |
walkthrough |
Get started with TryHackMe by hacking a fake social media website! |
| furthernmap |
Nmap |
true |
2 |
walkthrough |
An in depth look at scanning with Nmap, a powerful network scanning tool. |
| forensicimaging |
Forensic Imaging |
true |
2 |
walkthrough |
Learn the basic concepts of forensic imaging. |
| follinamsdt |
Follina MSDT |
true |
3 |
walkthrough |
A walkthrough on the CVE-2022-30190, the MSDT service, exploitation of the service vulnerability, and consequent detection techniques and remediation processes |
| flask |
Introduction to Flask |
true |
2 |
walkthrough |
How it works and how can I exploit it? |
| ffuf |
ffuf |
true |
2 |
walkthrough |
Enumeration, fuzzing, and directory brute forcing using ffuf |
| expregistryforensics |
Expediting Registry Analysis |
true |
3 |
walkthrough |
This room explores different tools used to expedite analysis of registry data during investigation. |
| enumerationbruteforce |
Enumeration & Brute Force |
true |
2 |
walkthrough |
Enumerate and brute force authentication mechanisms. |
| encryptioncrypto101 |
Encryption - Crypto 101 |
true |
3 |
walkthrough |
An introduction to encryption, as part of a series on crypto |
| dnsmanipulation |
DNS Manipulation |
true |
2 |
walkthrough |
Manipulating DNS queries to our advantage |
| dnsindetail |
DNS in detail |
true |
2 |
walkthrough |
Learn how DNS works and how it helps you access internet services. |
| dllhijacking |
DLL HIJACKING |
true |
3 |
walkthrough |
DLL HIJACKING with Invoke-PrintDemon |
| django |
Introduction to Django |
true |
2 |
walkthrough |
How it works and why should I learn it? |
| dissectingpeheaders |
Dissecting PE Headers |
true |
3 |
walkthrough |
Learn about Portable Executable files and how their headers work. |
| dirtypipe |
Dirty Pipe: CVE-2022-0847 |
true |
1 |
walkthrough |
Interactive lab for exploiting Dirty Pipe (CVE-2022-0847) in the Linux Kernel |
| dfirprocesslegalconsiderations |
Legal Considerations in DFIR |
true |
3 |
walkthrough |
Understand the processes involved in DFIR and the legal considerations that guide them. |
| dejavu |
Deja Vu |
true |
2 |
walkthrough |
Exploit a recent code injection vulnerability to take over a website full of cute dog pictures! |
| defensivesecurity |
Intro to Defensive Security |
true |
2 |
walkthrough |
Introducing defensive security and related topics, such as threat intelligence, SOC, DFIR, and SIEM. |
| cyberweek2021 |
Cyber Scotland 2021 |
true |
2 |
walkthrough |
Follow along tutorials for Scottish Cyberweek Demos |
| cyberthreatintel |
Intro to Cyber Threat Intel |
true |
2 |
walkthrough |
Introducing cyber threat intelligence and related topics, such as relevant standards and frameworks. |
| cyberkillchainzmt |
Cyber Kill Chain |
true |
2 |
walkthrough |
The Cyber Kill Chain framework is designed for identification and prevention of the network intrusions. You will learn what the adversaries need to do in order to achieve their goals. |
| cybergovernanceregulation |
Governance & Regulation |
true |
2 |
walkthrough |
Explore policies and frameworks vital for regulating cyber security in an organisation. |
| cve202338408 |
CVE-2023-38408 |
true |
3 |
walkthrough |
Learn how to move laterally abusing libraries' side effects in Ubuntu (CVE-2023-38408). |
| cve202226923 |
CVE-2022-26923 |
true |
2 |
walkthrough |
Walkthrough on the exploitation of CVE-2022-26923, a vulnerability in AD Certificate Services. |
| cve202226134 |
Atlassian CVE-2022-26134 |
true |
2 |
walkthrough |
An interactive lab showcasing the Confluence Server and Data Center un-authenticated RCE vulnerability. |
| cve202141773 |
CVE-2021-41773/42013 |
true |
1 |
walkthrough |
A small explanation of an Apache path traversal bug and an incomplete fix |
| csrfV2 |
CSRF |
true |
3 |
walkthrough |
Learn how a CSRF vulnerability works and methods to exploit and defend against CSRF vulnerabilities. |
| cryptographyintro |
Introduction to Cryptography |
true |
3 |
walkthrough |
Learn about encryption algorithms such as AES, Diffie-Hellman key exchange, hashing, PKI, and TLS. |
| cryptographyfordummies |
Cryptography for Dummies |
true |
2 |
walkthrough |
Become familiar with cryptography |
| crylo4a |
Crylo |
true |
3 |
walkthrough |
Learn about the CryptoJS library and JavaScript-based client-side encryption and decryption. |
| critical |
Critical |
true |
2 |
walkthrough |
Acquire the basic skills to analyze a memory dump in a practical scenario. |
| confluence202322515 |
Confluence CVE-2023-22515 |
true |
2 |
walkthrough |
Exploit CVE-2023-22515 to get admin access to Confluence Server and Data Center editions. |
| commonattacks |
Common Attacks |
true |
2 |
walkthrough |
With practical exercises see how common attacks occur, and improve your cyber hygiene to stay safer online. |
| clusterhardening |
Cluster Hardening |
true |
3 |
walkthrough |
Learn initial security considerations when creating a Kubernetes cluster. |
| cloud101aws |
AWS: Cloud 101 |
true |
1 |
walkthrough |
An introduction to AWS and how cloud has changed computing. |
| cicada3301vol1 |
Cicada-3301 Vol:1 |
true |
3 |
walkthrough |
A basic steganography and cryptography challenge room based on the Cicada 3301 challenges |
| catregex |
Regular expressions |
true |
3 |
walkthrough |
Learn and practise using regular expressions |
| caseb4dm755 |
Digital Forensics Case B4DM755 |
true |
2 |
walkthrough |
Acquire the critical skills of evidence preservation, disk imaging, and artefact analysis for use in court. |
| careersincyber |
Careers in Cyber |
true |
1 |
walkthrough |
Learn about the different careers in cyber security. |
| cactus |
Cactus |
true |
3 |
walkthrough |
Bypass authentication and execute commands remotely on Cacti using CVE-2022-46169. |
| bypassinguac |
Bypassing UAC |
true |
3 |
walkthrough |
Learn common ways to bypass User Account Control (UAC) in Windows hosts. |
| burpsuiterepeater |
Burp Suite: Repeater |
true |
1 |
walkthrough |
Learn how to use Repeater to duplicate requests in Burp Suite. |
| bufferoverflowprep |
Buffer Overflow Prep |
true |
2 |
walkthrough |
Practice stack based buffer overflows! |
| btredlinejoxr3d |
Redline |
true |
3 |
walkthrough |
Learn how to use Redline to perform memory analysis and to scan for IOCs on an endpoint. |
| bruteforceheroes |
Brute Force Heroes |
true |
2 |
walkthrough |
Walkthrough room to look at the different tools that can be used when brute forcing, as well as the different situations that might favour one tool over another |
| breachingad |
Breaching Active Directory |
true |
3 |
walkthrough |
This network covers techniques and tools that can be used to acquire that first set of AD credentials that can then be used to enumerate AD. |
| bolt |
Bolt |
true |
2 |
walkthrough |
A hero is unleashed |
| blaster |
Blaster |
true |
2 |
walkthrough |
A blast from the past! |
| beginnerpathintro |
Learning Cyber Security |
true |
2 |
walkthrough |
Get a short introduction to a few of the security topics you'll be learning about. |
| becomeahackeroa |
Become a Hacker |
true |
2 |
walkthrough |
Learn how TryHackMe can help you become a hacker. |
| bashscripting |
Bash Scripting |
true |
2 |
walkthrough |
A Walkthrough room to teach you the basics of bash scripting |
| badbyte |
Badbyte |
true |
2 |
walkthrough |
Infiltrate BadByte and help us to take over root. |
| axss |
XSS |
true |
2 |
walkthrough |
Explore in-depth the different types of XSS and their root causes. |
| awss3service |
AWS S3 - Attack and Defense |
true |
3 |
walkthrough |
An overview of security features and common attacks for the AWS S3 service. |
| awslambda |
AWS Lambda |
true |
3 |
walkthrough |
Learn the security aspects of Amazon's serverless service |
| awsiaminitialaccess |
AWS IAM Initial Access |
true |
3 |
walkthrough |
Gaining Initial Access to AWS IAM Principals. |
| awsiamenumeration |
AWS IAM Enumeration |
true |
3 |
walkthrough |
Learn enumerating IAM Principals and implemented services. |
| awsbasicconcepts |
AWS Basic Concepts |
true |
2 |
walkthrough |
Learn basic concepts relevant to Amazon Web Services (AWS). |
| awsapigateway |
AWS API Gateway |
true |
3 |
walkthrough |
An overview of security features and common attacks for the AWS API Gateway service. |
| attackingics1 |
Attacking ICS Plant #1 |
true |
2 |
walkthrough |
Learn how to discover and attack ICS plants using modbus protocol (Modicon / Schneider Electric). |
| attackerkb |
AttackerKB |
true |
2 |
walkthrough |
Learn how to leverage AttackerKB and learn about exploits in your workflow! |
| atlas |
Atlas |
true |
2 |
walkthrough |
Hack the Atlas server in this beginner room covering Windows attack methodology! |
| apiwizardsbreach |
APIWizards Breach |
true |
3 |
walkthrough |
Investigate a security breach at APIWizards Inc. |
| androidmalwareanalysis |
Android Malware Analysis |
true |
2 |
walkthrough |
Android malware analysis with Pithus (static and hunting) |
| androidhacking101 |
Android Hacking 101 |
true |
3 |
walkthrough |
Android Mobile Application Penetration Testing |
| amazonec2attackdefense |
Amazon EC2 - Attack & Defense |
true |
3 |
walkthrough |
Learn about EC2 and how to compromise an EC2 Instance. |
| adventofcyber4 |
Advent of Cyber 2022 |
true |
2 |
walkthrough |
Get started with Cyber Security in 24 Days - learn the basics by doing a new, beginner-friendly security challenge every day leading up to Christmas. |
| adventofcyber3 |
Advent of Cyber 3 (2021) |
true |
2 |
walkthrough |
Get started with Cyber Security in 25 Days - Learn the basics by doing a new, beginner friendly security challenge every day leading up to Christmas. |
| adventofcyber2023 |
Advent of Cyber 2023 |
true |
2 |
walkthrough |
Get started with Cyber Security in 24 Days - Learn the basics by doing a new, beginner friendly security challenge every day leading up to Christmas. |
| adventofcyber2 |
Advent of Cyber 2 [2020] |
true |
2 |
walkthrough |
Get started with Cyber Security in 25 Days - Learn the basics by doing a new, beginner friendly security challenge every day leading up to Christmas. |
| advancedsqlinjection |
Advanced SQL Injection |
true |
3 |
walkthrough |
Learn advanced injection techniques to exploit a web app. |
| adenumeration |
Enumerating Active Directory |
true |
3 |
walkthrough |
This room covers various Active Directory enumeration techniques, their use cases as well as drawbacks. |
| adcertificatetemplates |
AD Certificate Templates |
true |
3 |
walkthrough |
Walkthrough on the exploitation of misconfigured AD certificate templates |
| activerecon |
Active Reconnaissance |
true |
2 |
walkthrough |
Learn how to use simple tools such as traceroute, ping, telnet, and a web browser to gather information. |
| activedirectoryhardening |
Active Directory Hardening |
true |
3 |
walkthrough |
To learn basic concepts regarding Active Directory attacks and mitigation measures. |
| zer0logon |
Zero Logon |
false |
4 |
walkthrough |
Learn about and exploit the ZeroLogon vulnerability that allows an attacker to go from Zero to Domain Admin without any valid credentials. |
| zeekbro |
Zeek |
false |
3 |
walkthrough |
Introduction to hands-on network monitoring and threat detection with Zeek (formerly Bro). |
| yara |
Yara |
false |
2 |
walkthrough |
Learn the applications and language that is Yara for everything threat intelligence, forensics, and threat hunting! |
| xxeinjection |
XXE Injection |
false |
3 |
walkthrough |
Exploiting XML External Entities. |
| xss |
Intro to Cross-site Scripting |
false |
2 |
walkthrough |
Learn how to detect and exploit XSS vulnerabilities, giving you control of other visitor's browsers. |
| x86assemblycrashcourse |
x86 Assembly Crash Course |
false |
3 |
walkthrough |
A crash course in x86 assembly to enable us in malware reverse engineering. |
| wsrequestsmuggling |
Request Smuggling: WebSockets |
false |
3 |
walkthrough |
Exploit HTTP Request Smuggling through WebSockets. |
| wiresharktrafficanalysis |
Wireshark: Traffic Analysis |
false |
3 |
walkthrough |
Learn the basics of traffic analysis with Wireshark and how to find anomalies on your network! |
| wiresharkthebasics |
Wireshark: The Basics |
false |
2 |
walkthrough |
Learn the basics of Wireshark and how to analyse protocols and PCAPs. |
| wiresharkpacketoperations |
Wireshark: Packet Operations |
false |
2 |
walkthrough |
Learn the fundamentals of packet analysis with Wireshark and how to find the needle in the haystack! |
| wireshark |
Wireshark 101 |
false |
2 |
walkthrough |
Learn the basics of Wireshark and how to analyze various protocols and PCAPs |
| windowsuseractivity |
Windows User Activity Analysis |
false |
3 |
walkthrough |
What happened in those 36 hours? A forensics case to solve. |
| windowsuseraccountforensics |
Windows User Account Forensics |
false |
2 |
walkthrough |
Learn where to search for artefacts associated with users and accounts. |
| windowsprivesc20 |
Windows Privilege Escalation |
false |
3 |
walkthrough |
Learn the fundamentals of Windows privilege escalation techniques. |
| windowsnetworkanalysis |
Windows Network Analysis |
false |
2 |
walkthrough |
Discover networking artefacts using internal tooling on Windows. |
| windowslocalpersistence |
Windows Local Persistence |
false |
3 |
walkthrough |
Learn the most common persistence techniques used on Windows machines. |
| windowsinternals |
Windows Internals |
false |
3 |
walkthrough |
Learn and understand the fundamentals of how Windows operates at its core. |
| windowsfundamentals1xbx |
Windows Fundamentals 1 |
false |
1 |
walkthrough |
In part 1 of the Windows Fundamentals module, we'll start our journey learning about the Windows desktop, the NTFS file system, UAC, the Control Panel, and more.. |
| windowsforensics2 |
Windows Forensics 2 |
false |
3 |
walkthrough |
Learn about common Windows file systems and forensic artifacts in the file systems. |
| windowseventlogs |
Windows Event Logs |
false |
3 |
walkthrough |
Introduction to Windows Event Logs and the tools to query them. |
| windowsapplications |
Windows Applications Forensics |
false |
3 |
walkthrough |
Perform a live analysis on Windows systems, focused on determining the outliers based on known behaviour of scheduled tasks, services, and installed applications. |
| webenumerationv2 |
Web Enumeration |
false |
2 |
walkthrough |
Learn the methodology of enumerating websites by using tools such as Gobuster, Nikto and WPScan |
| weaponizingvulnerabilities |
Weaponizing Vulnerabilities |
false |
3 |
walkthrough |
Learn how a vulnerability evolves and methods to weaponize multiple vulnerabilities leading to RCE. |
| weaponization |
Weaponization |
false |
3 |
walkthrough |
Understand and explore common red teaming weaponization techniques. You will learn to build custom payloads using common methods seen in the industry to get initial access. |
| walkinganapplication |
Walking An Application |
false |
2 |
walkthrough |
Manually review a web application for security issues using only your browsers developer tools. Hacking with just your browser, no tools or scripts. |
| vulnerabilitymanagementkj |
Vulnerability Management |
false |
3 |
walkthrough |
Learn how to identify, detect, mitigate and report a vulnerability effectively. |
| volatility |
Volatility |
false |
3 |
walkthrough |
Learn how to perform memory forensics with Volatility! |
| virtualizationandcontainers |
Virtualization and Containers |
false |
2 |
walkthrough |
Introduction to common virtualization technologies and applications. |
| velociraptorhp |
Velociraptor |
false |
3 |
walkthrough |
Learn Velociraptor, an advanced open-source endpoint monitoring, digital forensic and cyber response platform. |
| uploadvulns |
Upload Vulnerabilities |
false |
2 |
walkthrough |
Tutorial room exploring some basic file-upload vulnerabilities in websites |
| typosquatters |
Hunt Me II: Typo Squatters |
false |
3 |
walkthrough |
One of your software developers unknowingly installed a malicious software. Can you trace back the root cause? |
| tsharkthebasics |
TShark: The Basics |
false |
2 |
walkthrough |
Learn the basics of TShark and take your protocol and PCAP analysis skills a step further. |
| tsharkcliwiresharkfeatures |
TShark: CLI Wireshark Features |
false |
3 |
walkthrough |
Take your TShark skills to the next level by implementing Wireshark functionalities in the CLI. |
| trooper |
Trooper |
false |
2 |
walkthrough |
Use Cyber Threat Intelligence knowledge and skills to identify a threat based on a report. |
| traverse |
Traverse |
false |
2 |
walkthrough |
Challenge your secure coding skills to restore a compromised website. |
| threatmodelling |
Threat Modelling |
false |
3 |
walkthrough |
Building cyber resiliency and emulation capabilities through threat modelling. |
| threathuntingpivoting |
Threat Hunting: Pivoting |
false |
3 |
walkthrough |
Hunting suspicious activities indicating threat propagation across the infrastructure. |
| threathuntingendgame |
Threat Hunting: Endgame |
false |
3 |
walkthrough |
Learn how to hunt and discover suspicious activities indicating actions on objectives. |
| thelayoftheland |
The Lay of the Land |
false |
2 |
walkthrough |
Learn about and get hands-on with common technologies and security products used in corporate environments |
| thehiveproject |
TheHive Project |
false |
3 |
walkthrough |
Learn how to use TheHive, a Security Incident Response Platform, to report investigation findings |
| tempestincident |
Tempest |
false |
3 |
walkthrough |
You are tasked to conduct an investigation from a workstation affected by a full attack chain. |
| tardigrade |
Tardigrade |
false |
3 |
walkthrough |
Can you find all the basic persistence mechanisms in this Linux endpoint? |
| tacticaldetection |
Tactical Detection |
false |
3 |
walkthrough |
Establish a baseline knowledge of tactical detection, leveraging efficient techniques to bolster your security posture. |
| sysmon |
Sysmon |
false |
2 |
walkthrough |
Learn how to utilize Sysmon to monitor and log your endpoints and environments. |
| subdomainenumeration |
Subdomain Enumeration |
false |
2 |
walkthrough |
Learn the various ways of discovering subdomains to expand your attack surface of a target. |
| steelmountain |
Steel Mountain |
false |
2 |
walkthrough |
Hack into a Mr. Robot themed Windows machine. Use metasploit for initial access, utilise powershell for Windows privilege escalation enumeration and learn a new technique to get Administrator access. |
| staticanalysis1 |
Basic Static Analysis |
false |
3 |
walkthrough |
Learn basic malware analysis techniques without running the malware. |
| ssrfqi |
Intro to SSRF |
false |
2 |
walkthrough |
Learn how to exploit Server-Side Request Forgery (SSRF) vulnerabilities, allowing you to access internal server resources. |
| splunklab |
Splunk: Setting up a SOC Lab |
false |
3 |
walkthrough |
Explore Splunk beyond basics. |
| splunkdatamanipulation |
Splunk: Data Manipulation |
false |
3 |
walkthrough |
Learn how to parse and manipulate data in Splunk. |
| splunkdashboardsandreports |
Splunk: Dashboards and Reports |
false |
2 |
walkthrough |
Creating Dashboards and Reports in Splunk. |
| splunk3zs |
Splunk 3 |
false |
3 |
walkthrough |
Part of the Blue Primer series. This room is based on version 3 of the Boss of the SOC (BOTS) competition by Splunk. |
| splunk2gcd5 |
Splunk 2 |
false |
3 |
walkthrough |
Part of the Blue Primer series. This room is based on version 2 of the Boss of the SOC (BOTS) competition by Splunk. |
| splunk201 |
Incident handling with Splunk |
false |
3 |
walkthrough |
Learn to use Splunk for incident handling through interactive scenarios. |
| splunk101 |
Splunk: Basics |
false |
2 |
walkthrough |
Learn the basics of Splunk. |
| sourcecodesecurity |
Source Code Security |
false |
3 |
walkthrough |
Learn how to keep your source code secure using credential hygiene practices. |
| soar |
SOAR |
false |
3 |
walkthrough |
Learn the concepts and methodology surrounding security orchestration, automation and response. |
| slingshot |
Slingshot |
false |
2 |
walkthrough |
Can you retrace an attacker's steps after they enumerate and compromise a web server? |
| signatureevasion |
Signature Evasion |
false |
3 |
walkthrough |
Learn how to break signatures and evade common AV, using modern tool-agnostic approaches. |
| sigma |
Sigma |
false |
3 |
walkthrough |
Provide understanding to Sigma, a Generic Signature Format for SIEM Systems. |
| sessionmanagement |
Session Management |
false |
2 |
walkthrough |
Learn about session management and the different attacks that can be performed against insecure implementations. |
| serversidetemplateinjection |
Server-side Template Injection |
false |
3 |
walkthrough |
Exploit various templating engines that lead to SSTI vulnerability. |
| seriskmanagement |
Risk Management |
false |
2 |
walkthrough |
Learn about framing, assessing, responding, and monitoring risk. |
| securityoperations |
Security Operations |
false |
2 |
walkthrough |
Learn about Security Operations Center (SOC): its responsibilities, services, and data sources. |
| securegitops |
Secure GitOps |
false |
2 |
walkthrough |
Learn how to secure the GitOps framework. |
| sast |
SAST |
false |
3 |
walkthrough |
Learn about Static Application Security Testing. |
| sandboxevasion |
Sandbox Evasion |
false |
4 |
walkthrough |
Learn about active defense mechanisms Blue Teamers can deploy to identify adversaries in their environment. |
| runtimedetectionevasion |
Runtime Detection Evasion |
false |
4 |
walkthrough |
Learn how to bypass common runtime detection measures, such as AMSI, using modern tool-agnostic approaches. |
| retracted |
Retracted |
false |
2 |
walkthrough |
Investigate the case of the missing ransomware. |
| requestsmugglingbrowserdesync |
HTTP Browser Desync |
false |
4 |
walkthrough |
Learn about Request Smuggling Browser Desync. |
| registry4n6 |
Secret Recipe |
false |
3 |
walkthrough |
Perform Registry Forensics to Investigate a case. |
| redteamrecon |
Red Team Recon |
false |
2 |
walkthrough |
Learn how to use DNS, advanced searching, Recon-ng, and Maltego to collect information about your target. |
| redteamnetsec |
Network Security Solutions |
false |
3 |
walkthrough |
Learn about and experiment with various IDS/IPS evasion techniques, such as protocol and payload manipulation. |
| redteamfirewalls |
Firewalls |
false |
3 |
walkthrough |
Learn about and experiment with various firewall evasion techniques, such as port hopping and port tunneling. |
| recoveringactivedirectory |
Recovering Active Directory |
false |
3 |
walkthrough |
Learn basic techniques to recover an AD in case of compromise. |
| raceconditionsattacks |
Race Conditions |
false |
3 |
walkthrough |
Learn about race conditions and how they affect web application security. |
| pythonforcybersecurity |
Python for Pentesters |
false |
2 |
walkthrough |
Python is probably the most widely used and most convenient scripting language in cybersecurity. This room covers real examples of Python scripts including hash cracking, key logging, enumeration and scanning. |
| prototypepollution |
Prototype Pollution |
false |
3 |
walkthrough |
Explore the concept of prototype pollution and its implications during pentesting. |
| protocolsandservers2 |
Protocols and Servers 2 |
false |
3 |
walkthrough |
Learn about attacks against passwords and cleartext traffic |
| protocolsandservers |
Protocols and Servers |
false |
2 |
walkthrough |
Learn about common protocols such as HTTP, FTP, POP3, SMTP and IMAP, along with related insecurities. |
| probe |
Probe |
false |
2 |
walkthrough |
Use your baseline scanning skills to enumerate a secure network. |
| principlesofsecurity |
Principles of Security |
false |
1 |
walkthrough |
Learn the principles of information security that secures data and protects systems from abuse |
| powershellforpentesters |
PowerShell for Pentesters |
false |
3 |
walkthrough |
This room covers the principle uses of PowerShell in Penetration Tests. Interacting with files, scanning the network and system enumeration are covered. |
| powershell |
Hacking with PowerShell |
false |
2 |
walkthrough |
Learn the basics of PowerShell and PowerShell Scripting |
| phishingyl |
Phishing |
false |
3 |
walkthrough |
Learn what phishing is and why it's important to a red team engagement. You will set up phishing infrastructure, write a convincing phishing email and try to trick your target into opening your email in a real-world simulation. |
| phishingemails4gkxh |
Phishing Prevention |
false |
2 |
walkthrough |
Learn how to defend against phishing emails. |
| phishingemails3tryoe |
Phishing Analysis Tools |
false |
2 |
walkthrough |
Learn the tools used to aid an analyst to investigate suspicious emails. |
| persistingad |
Persisting Active Directory |
false |
3 |
walkthrough |
Learn about common Active Directory persistence techniques that can be used post-compromise to ensure the blue team will not be able to kick you out during a red team exercise. |
| paymentcollectors |
Hunt Me I: Payment Collectors |
false |
3 |
walkthrough |
A Finance Director was recently phished. Can you hunt the logs and determine what damage was done? |
| passwordattacks |
Password Attacks |
false |
4 |
walkthrough |
This room introduces the fundamental techniques to perform a successful password attack against various services and scenarios. |
| packetsframes |
Packets & Frames |
false |
1 |
walkthrough |
Understand how data is divided into smaller pieces and transmitted across a network to another device |
| owaspapisecuritytop10d0 |
OWASP API Security Top 10 - 2 |
false |
3 |
walkthrough |
Learn the basic concepts for secure API development (Part 2). |
| owaspapisecuritytop105w |
OWASP API Security Top 10 - 1 |
false |
3 |
walkthrough |
Learn the basic concepts for secure API development (Part 1). |
| osqueryf8 |
Osquery: The Basics |
false |
2 |
walkthrough |
Let's cover the basics of Osquery. |
| osimodelzi |
OSI Model |
false |
1 |
walkthrough |
Learn about the fundamental networking framework that determines the various stages in which data is handled across a network |
| oscommandinjection |
Command Injection |
false |
2 |
walkthrough |
Learn about a vulnerability allowing you to execute commands through a vulnerable app, and its remediations. |
| orminjection |
ORM Injection |
false |
3 |
walkthrough |
Learn how to exploit injection vulnerabilities in an ORM-based web app. |
| operatingsystemsecurity |
Operating System Security |
false |
2 |
walkthrough |
This room introduces users to operating system security and demonstrates SSH authentication on Linux. |
| opencti |
OpenCTI |
false |
3 |
walkthrough |
Provide an understanding of the OpenCTI Project |
| onpremisesiac |
On-Premises IaC |
false |
3 |
walkthrough |
This room provides security guidance for on-premises infrastructure as code deployments. |
| obfuscationprinciples |
Obfuscation Principles |
false |
3 |
walkthrough |
Leverage tool-agnostic software obfuscation practices to hide malicious functions and create unique code. |
| oauthvulnerabilities |
OAuth Vulnerabilities |
false |
3 |
walkthrough |
Learn how the OAuth protocol works and master techniques to exploit it. |
| nmap04 |
Nmap Post Port Scans |
false |
3 |
walkthrough |
Learn how to leverage Nmap for service and OS detection, use Nmap Scripting Engine (NSE), and save the results. |
| nmap03 |
Nmap Advanced Port Scans |
false |
3 |
walkthrough |
Learn advanced techniques such as null, FIN, Xmas, and idle (zombie) scans, spoofing, in addition to FW and IDS evasion. |
| nmap02 |
Nmap Basic Port Scans |
false |
2 |
walkthrough |
Learn in-depth how nmap TCP connect scan, TCP SYN port scan, and UDP port scan work. |
| nislinuxone |
NIS - Linux Part I |
false |
2 |
walkthrough |
Enhance your Linux knowledge with this beginner friendly room! |
| networksecurityprotocols |
Network Security Protocols |
false |
3 |
walkthrough |
Learn about secure network protocols at the different layers of the OSI model. |
| networkminer |
NetworkMiner |
false |
2 |
walkthrough |
Learn how to use NetworkMiner to analyse recorded traffic files and practice network forensics activities. |
| networkdevicehardening |
Network Device Hardening |
false |
3 |
walkthrough |
Learn techniques for securing and protecting network devices from potential threats and attacks. |
| multifactorauthentications |
Multi-Factor Authentication |
false |
2 |
walkthrough |
Exploiting Multi-Factor Authentication. |
| monitoringevasion |
Evading Logging and Monitoring |
false |
3 |
walkthrough |
Learn how to bypass common logging and system monitoring, such as ETW, using modern tool-agnostic approaches. |
| mitre |
MITRE |
false |
3 |
walkthrough |
This room will discuss the various resources MITRE has made available for the cybersecurity community. |
| misp |
MISP |
false |
3 |
walkthrough |
Walkthrough on the use of MISP as a Threat Sharing Platform |
| microsoftwindowshardening |
Microsoft Windows Hardening |
false |
2 |
walkthrough |
To learn key attack vectors used by hackers and how to protect yourself using different hardening techniques. |
| meterpreter |
Metasploit: Meterpreter |
false |
2 |
walkthrough |
Take a deep dive into Meterpreter, and see how in-memory payloads can be used for post-exploitation. |
| metasploitexploitation |
Metasploit: Exploitation |
false |
2 |
walkthrough |
Using Metasploit for scanning, vulnerability assessment and exploitation. |
| malstrings |
MAL: Strings |
false |
2 |
walkthrough |
Investigating "strings" within an application and why these values are important! |
| malremnuxv2 |
MAL: REMnux - The Redux |
false |
2 |
walkthrough |
A revitalised, hands-on showcase involving analysing malicious macro's, PDF's and Memory forensics of a victim of Jigsaw Ransomware; all done using the Linux-based REMnux toolset apart of my Malware Analysis series |
| maldoc |
MalDoc: Static Analysis |
false |
3 |
walkthrough |
Perform detailed Static Analysis on malicious documents. |
| malbuster |
MalBuster |
false |
3 |
walkthrough |
You are tasked to analyse unknown malware samples detected by your SOC team. |
| loguniverse |
Log Universe |
false |
2 |
walkthrough |
Explore log files from various systems and learn how to carve data to adopt a course of action! |
| logstash |
Logstash: Data Processing Unit |
false |
3 |
walkthrough |
Learn how to collect, process and transform data with Logstash. |
| loggingforaccountability |
Logging for Accountability |
false |
2 |
walkthrough |
Learn about the role accountability plays in logging and incident response. |
| lle |
Linux: Local Enumeration |
false |
2 |
walkthrough |
Learn to efficiently enumerate a linux machine and identify possible weaknesses |
| livingofftheland |
Living Off the Land |
false |
3 |
walkthrough |
Learn the essential concept of "Living Off the Land" in Red Team engagements. |
| linuxsystemhardening |
Linux System Hardening |
false |
3 |
walkthrough |
Learn how to improve the security posture of your Linux systems. |
| linuxlogsinvestigations |
Linux Logs Investigations |
false |
3 |
walkthrough |
Explore Linux system logs for effective incident response. |
| linuxliveanalysis |
Linux Live Analysis |
false |
3 |
walkthrough |
Learn how to perform live forensics on a Linux host. |
| linuxfundamentalspart3 |
Linux Fundamentals Part 3 |
false |
1 |
walkthrough |
Power-up your Linux skills and get hands-on with some common utilities that you are likely to use day-to-day! |
| linuxfundamentalspart2 |
Linux Fundamentals Part 2 |
false |
1 |
walkthrough |
Continue your learning Linux journey with part two. You will be learning how to log in to a Linux machine using SSH, how to advance your commands, file system interaction. |
| linuxforensics |
Linux Forensics |
false |
3 |
walkthrough |
Learn about the common forensic artifacts found in the file system of Linux Operating System |
| lessonslearned |
Lessons Learned |
false |
2 |
walkthrough |
A look into the fifth phase of the Incident Response framework: Lessons Learned. |
| ldapinjection |
LDAP Injection |
false |
2 |
walkthrough |
Exploiting Lightweight Directory Access Protocol. |
| lateralmovementandpivoting |
Lateral Movement and Pivoting |
false |
2 |
walkthrough |
Learn about common techniques used to move laterally across a Windows network. |
| jwtsecurity |
JWT Security |
false |
2 |
walkthrough |
Learn about JWTs, where they are used, and how they need to be secured. |
| johntheripper0 |
John The Ripper |
false |
2 |
walkthrough |
Learn how to use John the Ripper - An extremely powerful and adaptable hash cracking tool |
| irdifficultiesandchallenges |
IR Difficulties and Challenges |
false |
2 |
walkthrough |
Explore common DFIR obstacles and learn strategies for overcoming these challenges effectively. |
| iosforensics |
iOS Forensics |
false |
2 |
walkthrough |
Learn about the data acquisition techniques and tools used in iOS device digital forensics! |
| iosanalysis |
iOS Analysis |
false |
2 |
walkthrough |
Discover the forensic artefacts present within iOS. |
| investigatingwithelk101 |
Investigating with ELK 101 |
false |
3 |
walkthrough |
Investigate VPN logs through ELK. |
| introtoshells |
What the Shell? |
false |
2 |
walkthrough |
An introduction to sending and receiving (reverse/bind) shells when exploiting target machines. |
| introtolan |
Intro to LAN |
false |
1 |
walkthrough |
Learn about some of the technologies and designs that power private networks |
| introtok8s |
Intro to Kubernetes |
false |
2 |
walkthrough |
An introduction to Kubernetes covering the basics of cluster creation and hardening. |
| introtoc2 |
Intro to C2 |
false |
3 |
walkthrough |
Learn the essentials of Command and Control to help you become a better Red Teamer and simplify your next Red Team assessment! |
| intronetworksecurity |
Network Security |
false |
2 |
walkthrough |
Learn about network security, understand attack methodology, and practice hacking into a target server. |
| intromalwareanalysis |
Intro to Malware Analysis |
false |
3 |
walkthrough |
What to do when you run into a suspected malware |
| introductiontocloudsecurityc6 |
Intro to Cloud Security |
false |
2 |
walkthrough |
Learn fundamental concepts regarding securing a cloud environment. |
| intelcreationandcontainment |
Threat Intel & Containment |
false |
2 |
walkthrough |
Learn what threat intelligence looks like, and some containment strategies used in the IR process. |
| idor |
IDOR |
false |
2 |
walkthrough |
Learn how to find and exploit IDOR vulnerabilities in a web application giving you access to data that you shouldn't have. |
| hololive |
Holo |
false |
4 |
walkthrough |
Holo is an Active Directory (AD) and Web-App attack lab that aims to teach core web attack vectors and more advanced AD attack techniques. This network simulates an external penetration test on a corporate network. |
| hashingcrypto101 |
Hashing - Crypto 101 |
false |
3 |
walkthrough |
An introduction to Hashing, as part of a series on crypto |
| hardeningbasicspart2 |
Hardening Basics Part 2 |
false |
2 |
walkthrough |
Continue learning about hardening |
| hardeningbasicspart1 |
Hardening Basics Part 1 |
false |
2 |
walkthrough |
Learn how to harden an Ubuntu Server! Covers a wide range of topics (Part 1) |
| hackpark |
HackPark |
false |
3 |
walkthrough |
Bruteforce a websites login with Hydra, identify and use a public exploit then escalate your privileges on this Windows machine! |
| fixit |
Fixit |
false |
3 |
walkthrough |
Fix the log parsing issue and analyze the logs in Splunk. |
| filepathtraversal |
File Inclusion, Path Traversal |
false |
3 |
walkthrough |
Exploit File Inclusion and Path Traversal vulnerabilities. |
| fileinc |
File Inclusion |
false |
3 |
walkthrough |
This room introduces file inclusion vulnerabilities, including Local File Inclusion (LFI), Remote File Inclusion (RFI), and directory traversal. |
| extendingyournetwork |
Extending Your Network |
false |
1 |
walkthrough |
Learn about some of the technologies used to extend networks out onto the Internet and the motivations for this. |
| exploitingavulnerabilityv2 |
Exploit Vulnerabilities |
false |
2 |
walkthrough |
Learn about some of the tools, techniques and resources to exploit vulnerabilities |
| exploitingad |
Exploiting Active Directory |
false |
3 |
walkthrough |
Learn common AD exploitation techniques that can allow you to reach your goal in an AD environment. |
| eviction |
Eviction |
false |
2 |
walkthrough |
Unearth the monster from under your bed. |
| eritsecurusi |
Erit Securus I |
false |
2 |
walkthrough |
Learn to exploit the BoltCMS software by researching exploit-db. |
| eradicationandremediation |
Eradication & Remediation |
false |
2 |
walkthrough |
A look into the fourth phase of the Incident Response framework: Eradication, Remediation, and Recovery. |
| enumerationpe |
Enumeration |
false |
2 |
walkthrough |
This room is an introduction to enumeration when approaching an unknown corporate environment. |
| dombasedattacks |
DOM-Based Attacks |
false |
2 |
walkthrough |
Learn about DOM-based vulnerabilities that can be leveraged to stage client-side attacks! |
| dockerrodeo |
The Docker Rodeo |
false |
3 |
walkthrough |
Learn a wide variety of Docker vulnerabilities in this guided showcase. |
| diamondmodelrmuwwg42 |
Diamond Model |
false |
2 |
walkthrough |
Learn about the four core features of the Diamond Model of Intrusion Analysis: adversary, infrastructure, capability, and victim. |
| dfirtimelineanalysis |
IR Timeline Analysis |
false |
3 |
walkthrough |
Learn about timeline analysis using various tools and scenarios. |
| dependencymanagement |
Dependency Management |
false |
2 |
walkthrough |
Learn about the security concerns regarding dependency management in the automated DevOps pipeline. |
| dataxexfilt |
Data Exfiltration |
false |
4 |
walkthrough |
An introduction to Data Exfiltration and Tunneling techniques over various protocols. |
| dastzap |
DAST |
false |
3 |
walkthrough |
Learn about Dynamic Application Security Testing. |
| cybercrisismanagement |
Cyber Crisis Management |
false |
2 |
walkthrough |
An introduction into cyber crisis management and how a CMT works. |
| customalertrulesinwazuh |
Custom Alert Rules in Wazuh |
false |
2 |
walkthrough |
Learn how to create rules in Wazuh for your environment. |
| csp |
Content Security Policy |
false |
3 |
walkthrough |
In this room you'll learn what CSP is, what it's used for and how to recognize vulnerabilities in a CSP header. |
| credharvesting |
Credentials Harvesting |
false |
3 |
walkthrough |
Apply current authentication models employed in modern environments to a red team approach. |
| corsandsop |
CORS & SOP |
false |
2 |
walkthrough |
Cross-Origin Resource Sharing and Same-Origin Policy. |
| corp |
Corp |
false |
2 |
walkthrough |
Bypass Windows Applocker and escalate your privileges. You will learn about kerberoasting, evading AV, bypassing applocker and escalating your privileges on a Windows system. |
| contentdiscovery |
Content Discovery |
false |
2 |
walkthrough |
Learn the various ways of discovering hidden or private content on a webserver that could lead to new vulnerabilities. |
| containervulnerabilitiesDG |
Container Vulnerabilities |
false |
2 |
walkthrough |
Learn how some of the common vulnerabilities found within Docker containers can be exploited. |
| containerhardening |
Container Hardening |
false |
2 |
walkthrough |
Learn how to implement the mechanisms designed to secure your Docker containers. |
| commonlinuxprivesc |
Common Linux Privesc |
false |
2 |
walkthrough |
A room explaining common Linux privilege escalation |
| cloudbasediac |
Cloud-based IaC |
false |
3 |
walkthrough |
Learn about infrastructure as code (IaC) using tools for cloud deployment. |
| cauldron |
The Witch's Cauldron |
false |
2 |
walkthrough |
Can you share Bob's secret recipe with Alice without Eve finding out? |
| caldera |
CALDERA |
false |
4 |
walkthrough |
Leveraging CALDERA to emulate various adversarial activities for detection capability testing. |
| bypass |
Bypass |
false |
3 |
walkthrough |
Use your defence evasion skills to take control of a secure network. |
| burpsuiteom |
Burp Suite: Other Modules |
false |
2 |
walkthrough |
Take a dive into some of Burp Suite's lesser-known modules. |
| burpsuiteintruder |
Burp Suite: Intruder |
false |
3 |
walkthrough |
Learn how to use Intruder to automate requests in Burp Suite. |
| burpsuiteextensions |
Burp Suite: Extensions |
false |
2 |
walkthrough |
Learn how to use Extensions to broaden the functionality of Burp Suite. |
| burpsuitebasics |
Burp Suite: The Basics |
false |
1 |
walkthrough |
An introduction to using Burp Suite for web application pentesting. |
| btwindowsinternals |
Core Windows Processes |
false |
2 |
walkthrough |
Explore the core processes within a Windows operating system and understand what normal behaviour is. This foundational knowledge will help you identify malicious processes running on an endpoint! |
| btsysinternalssg |
Sysinternals |
false |
2 |
walkthrough |
Learn to use the Sysinternals tools to analyze Windows systems or applications. |
| btautopsye0 |
Autopsy |
false |
2 |
walkthrough |
Learn how to use Autopsy to investigate artefacts from a disk image. Use your knowledge to investigate an employee who is being accused of leaking private company data. |
| brim |
Brim |
false |
3 |
walkthrough |
Learn and practice log investigation, pcap analysis and threat hunting with Brim. |
| bppenguin |
Bulletproof Penguin |
false |
2 |
walkthrough |
Can you harden this Linux server? |
| boogeyman1 |
Boogeyman 1 |
false |
3 |
walkthrough |
A new threat actor emerges from the wild using the name Boogeyman. Are you afraid of the Boogeyman? |
| blizzard |
Blizzard |
false |
3 |
walkthrough |
A critical alert was triggered from a sensitive server. You are tasked to perform a live investigation on multiple machines to determine the root cause of the incident. |
| becomingafirstresponder |
Becoming a First Responder |
false |
1 |
walkthrough |
Explaining how first responders work and what to do if you are a first responder to a cyber incident. |
| basicdynamicanalysis |
Basic Dynamic Analysis |
false |
3 |
walkthrough |
Learn how to analyze malware Dynamically by running them in a Virtual Machine. |
| avevasionshellcode |
AV Evasion: Shellcode |
false |
3 |
walkthrough |
Learn shellcode encoding, packing, binders, and crypters. |
| authenticationbypass |
Authentication Bypass |
false |
2 |
walkthrough |
Learn how to defeat logins and other authentication mechanisms to allow you access to unpermitted areas. |
| auroraedr |
Aurora EDR |
false |
3 |
walkthrough |
Familiarise with the use of a Sigma-based EDR tool, Aurora. |
| auditingandmonitoringse |
Auditing and Monitoring |
false |
2 |
walkthrough |
Learn about auditing, monitoring, logging, and SIEM. |
| attackingkerberos |
Attacking Kerberos |
false |
2 |
walkthrough |
Learn how to abuse the Kerberos Ticket Granting Service inside of a Windows Domain Controller |
| atomicredteam |
Atomic Red Team |
false |
3 |
walkthrough |
Leveraging the Atomic Red Team Framework to strengthen the Security Operations' detection capabilities. |
| atomicbirdtwo |
Atomic Bird Goes Purple #2 |
false |
3 |
walkthrough |
Time to simulate hunting and detecting activities to sharpen your purple teaming skills. |
| atomicbirdone |
Atomic Bird Goes Purple #1 |
false |
3 |
walkthrough |
Time to simulate hunting and detecting activities to sharpen your purple teaming skills. |
| antireverseengineering |
Anti-Reverse Engineering |
false |
3 |
walkthrough |
Learn the techniques used by malware authors to bypass detection. |
| analysingvolatilememory |
Analysing Volatile Memory |
false |
3 |
walkthrough |
Learn how the Windows OS manages volatile data in different files on disk. Explore how to extract and analyse volatile data from those artefacts. |
| advancedstaticanalysis |
Advanced Static Analysis |
false |
3 |
walkthrough |
Learn how to identify code constructs and examine the assembly code of malware. |
| advancedelkqueries |
Advanced ELK Queries |
false |
2 |
walkthrough |
Search large datasets efficiently with advanced queries in Kibana. |
| advanceddynamicanalysis |
Dynamic Analysis: Debugging |
false |
3 |
walkthrough |
Learn more advanced techniques of dynamic malware analysis. |
| adtiermodel |
AD Tier Model |
false |
3 |
walkthrough |
Learn how to create administrative tiers in Active Directory. |
| abusingwindowsinternals |
Abusing Windows Internals |
false |
4 |
walkthrough |
Leverage windows internals components to evade common detection solutions, using modern tool-agnostic approaches. |