Skip to content

Rooms

Directory actions

More options

Directory actions

More options

Latest commit

 

History

History

Rooms

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
25daysofchristmas
25daysofchristmas
 
 
activedirectorybasics
activedirectorybasics
 
 
activerecon
activerecon
 
 
adenumeration
adenumeration
 
 
adventofcyber2
adventofcyber2
 
 
adventofcyber3
adventofcyber3
 
 
alfred
alfred
 
 
attackerkb
attackerkb
 
 
attackingkerberos
attackingkerberos
 
 
attacktivedirectory
attacktivedirectory
 
 
authenticationbypass
authenticationbypass
 
 
autopsy2ze0
autopsy2ze0
 
 
bashscripting
bashscripting
 
 
basicmalwarere
basicmalwarere
 
 
basicpentestingjt
basicpentestingjt
 
 
beginnerpathintro
beginnerpathintro
 
 
binex
binex
 
 
blaster
blaster
 
 
blog
blog
 
 
blue
blue
 
 
bof1
bof1
 
 
bpvolatility
bpvolatility
 
 
brainpan
brainpan
 
 
brainstorm
brainstorm
 
 
breachingad
breachingad
 
 
btautopsye0
btautopsye0
 
 
btredlinejoxr3d
btredlinejoxr3d
 
 
btsysinternalssg
btsysinternalssg
 
 
btwindowsinternals
btwindowsinternals
 
 
bufferoverflowprep
bufferoverflowprep
 
 
burpsuitebasics
burpsuitebasics
 
 
burpsuiteextender
burpsuiteextender
 
 
burpsuiteintruder
burpsuiteintruder
 
 
burpsuiteom
burpsuiteom
 
 
burpsuiterepeater
burpsuiterepeater
 
 
careersincyber
careersincyber
 
 
catregex
catregex
 
 
commonattacks
commonattacks
 
 
commonlinuxprivesc
commonlinuxprivesc
 
 
contentdiscovery
contentdiscovery
 
 
corp
corp
 
 
cowboyhacker
cowboyhacker
 
 
crackthehash
crackthehash
 
 
crackthehashlevel2
crackthehashlevel2
 
 
cryptographyfordummies
cryptographyfordummies
 
 
cve202226134
cve202226134
 
 
cve202226923
cve202226923
 
 
dailybugle
dailybugle
 
 
defensivesecurity
defensivesecurity
 
 
dirtypipe
dirtypipe
 
 
django
django
 
 
dnsindetail
dnsindetail
 
 
dogcat
dogcat
 
 
easyctf
easyctf
 
 
easypeasyctf
easypeasyctf
 
 
encryptioncrypto101
encryptioncrypto101
 
 
exploitingad
exploitingad
 
 
exploitingavulnerabilityv2
exploitingavulnerabilityv2
 
 
extendingyournetwork
extendingyournetwork
 
 
fileinc
fileinc
 
 
follinamsdt
follinamsdt
 
 
furthernmap
furthernmap
 
 
gamezone
gamezone
 
 
gatekeeper
gatekeeper
 
 
geolocatingimages
geolocatingimages
 
 
gettingstarted
gettingstarted
 
 
githappens
githappens
 
 
googledorking
googledorking
 
 
hackermethodology
hackermethodology
 
 
hackpark
hackpark
 
 
hashingcrypto101
hashingcrypto101
 
 
hello
hello
 
 
historyofmalware
historyofmalware
 
 
hololive
hololive
 
 
howtousetryhackme
howtousetryhackme
 
 
howwebsiteswork
howwebsiteswork
 
 
httpindetail
httpindetail
 
 
hydra
hydra
 
 
ice
ice
 
 
idor
idor
 
 
internal
internal
 
 
intro2windows
intro2windows
 
 
introdigitalforensics
introdigitalforensics
 
 
intronetworksecurity
intronetworksecurity
 
 
introtoc2
introtoc2
 
 
introtoisac
introtoisac
 
 
introtolan
introtolan
 
 
introtonetworking
introtonetworking
 
 
introtooffensivesecurity
introtooffensivesecurity
 
 
introtoresearch
introtoresearch
 
 
introtoshells
introtoshells
 
 
introwebapplicationsecurity
introwebapplicationsecurity
 
 
investigatingwindows
investigatingwindows
 
 
investigatingwindows2
investigatingwindows2
 
 
investigatingwindows3
investigatingwindows3
 
 
johntheripper0
johntheripper0
 
 
jupyter101
jupyter101
 
 
kape
kape
 
 
kenobi
kenobi
 
 
kiba
kiba
 
 

README.md

THM | TryHackMe: Rooms


TryHackMe Badge - DFTF@PConsole# (DFTFPConsole)


./

INDEX: 0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z


2

  • 25daysofchristmas/ - Advent of Cyber 1 [2019]: Get started with Cyber Security in 25 Days - Learn the basics by doing a new, beginner friendly security challenge every day leading up to Christmas (tryhackme.com)

A

  • activedirectorybasics/ - Active Directory Basics: Learn the basics of Active Directory and how it is used in the real world today (tryhackme.com)
  • activerecon/ - Active Reconnaissance: Learn how to use simple tools such as traceroute, ping, telnet, and a web browser to gather information (tryhackme.com)
  • adenumeration/ - Enumerating Active Directory: This room covers various Active Directory enumeration techniques, their use cases as well as drawbacks (tryhackme.com)
  • adventofcyber2/ - Advent of Cyber 2 [2020]: Get started with Cyber Security in 25 Days - Learn the basics by doing a new, beginner friendly security challenge every day leading up to Christmas (tryhackme.com)
  • adventofcyber3/ - Advent of Cyber 3 (2021): Get started with Cyber Security in 25 Days - Learn the basics by doing a new, beginner friendly security challenge every day leading up to Christmas (tryhackme.com)
  • alfred/ - Alfred: Exploit Jenkins to gain an initial shell, then escalate your privileges by exploiting Windows authentication tokens (tryhackme.com)
  • attackerkb/ - AttackerKB: Learn how to leverage AttackerKB and learn about exploits in your workflow (tryhackme.com)
  • attackingkerberos/ - Attacking Kerberos: Learn how to abuse the Kerberos Ticket Granting Service inside of a Windows Domain Controller (tryhackme.com)
  • attacktivedirectory/ - Attacktive Directory: 99% of Corporate networks run off of AD. But can you exploit a vulnerable Domain Controller? (tryhackme.com)
  • authenticationbypass/ - Authentication Bypass: Learn how to defeat logins and other authentication mechanisms to allow you access to unpermitted areas (tryhackme.com)
  • autopsy2ze0/ - Disk Analysis & Autopsy: Ready for a challenge? Use Autopsy to investigate artifacts from a disk image (tryhackme.com)

B

C

  • ♻️1 careersincyber/ - Careers in Cyber: Learn about the different careers in cyber security (tryhackme.com)
  • ♻️1 catregex/ - Regular expressions: Learn and practise using regular expressions (tryhackme.com)
  • commonattacks/ - Common Attacks: With practical exercises see how common attacks occur, and improve your cyber hygiene to stay safer online (tryhackme.com)
  • commonlinuxprivesc/ - Common Linux Privesc: A room explaining common Linux privilege escalation (tryhackme.com)
  • ♻️1 contentdiscovery/ - Content Discovery: Learn the various ways of discovering hidden or private content on a webserver that could lead to new vulnerabilities (tryhackme.com)
  • corp/ - Corp: Bypass Windows Applocker and escalate your privileges. You will learn about kerberoasting, evading AV, bypassing applocker and escalating your privileges on a Windows system (tryhackme.com)
  • ♻️1 cowboyhacker/ - Bounty Hacker: You talked a big game about being the most elite hacker in the solar system. Prove it and claim your right to the status of Elite Bounty Hacker (tryhackme.com)
  • ♻️1 crackthehash/ - Crack the hash: Cracking hashes challenges (tryhackme.com)
  • ♻️1 crackthehashlevel2/ - Crack The Hash Level 2: Advanced cracking hashes challenges and wordlist generation (tryhackme.com)
  • ♻️1 cryptographyfordummies/ - Cryptography for Dummies: Become familiar with cryptography (tryhackme.com)
  • cve202226134/ - Atlassian, CVE-2022-26134: An interactive lab showcasing the Confluence Server and Data Center un-authenticated RCE vulnerability (tryhackme.com)
  • cve202226923/ - CVE-2022-26923: Walkthrough on the exploitation of CVE-2022-26923, a vulnerability in AD Certificate Services (tryhackme.com)

D

  • dailybugle/ - Daily Bugle: Compromise a Joomla CMS account via SQLi, practise cracking hashes and escalate your privileges by taking advantage of yum (tryhackme.com)
  • ♻️1 defensivesecurity/ - Intro to Defensive Security: Introducing defensive security and related topics, such as threat intelligence, SOC, DFIR, and SIEM (tryhackme.com)
  • dirtypipe/ - Dirty Pipe: CVE-2022-0847: Interactive lab for exploiting Dirty Pipe (CVE-2022-0847) in the Linux Kernel (tryhackme.com)
  • ♻️1 django/ - Introduction to Django: How it works and why should I learn it? (tryhackme.com)
  • ♻️1 dnsindetail/ - DNS in detail: Learn how DNS works and how it helps you access internet services (tryhackme.com)
  • dogcat/ - dogcat: I made a website where you can look at pictures of dogs and/or cats! Exploit a PHP application via LFI and break out of a docker container (tryhackme.com)

E

  • ♻️1 easyctf/ - Simple CTF: Beginner level ctf (tryhackme.com)
  • easypeasyctf/ - Easy Peasy: Practice using tools such as Nmap and GoBuster to locate a hidden directory to get initial access to a vulnerable machine. Then escalate your privileges through a vulnerable cronjob (tryhackme.com)
  • encryptioncrypto101/ - Encryption - Crypto 101: An introduction to encryption, as part of a series on crypto (tryhackme.com)
  • exploitingad/ - Exploiting Active Directory: Learn common AD exploitation techniques that can allow you to reach your goal in an AD environment (tryhackme.com)
  • exploitingavulnerabilityv2/ - Exploit Vulnerabilities: Learn about some of the tools, techniques and resources to exploit vulnerabilities (tryhackme.com)
  • ♻️1 extendingyournetwork/ - Extending Your Network: Learn about some of the technologies used to extend networks out onto the Internet and the motivations for this (tryhackme.com)

F

  • ♻️1 fileinc/ - File Inclusion: This room introduces file inclusion vulnerabilities, including Local File Inclusion (LFI), Remote File Inclusion (RFI), and directory traversal (tryhackme.com)
  • follinamsdt/ - Follina MSDT: A walkthrough on the CVE-2022-30190, the MSDT service, exploitation of the service vulnerability, and consequent detection techniques and remediation processes (tryhackme.com)
  • ♻️1 furthernmap/ - Nmap: An in depth look at scanning with Nmap, a powerful network scanning tool (tryhackme.com)

G

  • gamezone/ - Game Zone: Learn to hack into this machine. Understand how to use SQLMap, crack some passwords, reveal services using a reverse SSH tunnel and escalate your privileges to root (tryhackme.com)
  • gatekeeper/ - Gatekeeper: Can you get past the gate and through the fire? (tryhackme.com)
  • ♻️1 geolocatingimages/ - Geolocating Images: Room to understand how to geolocate images (tryhackme.com)
  • ♻️1 gettingstarted/ - Getting Started: Get started with TryHackMe by hacking a fake social media website (tryhackme.com)
  • githappens/ - Git Happens: Boss wanted me to create a prototype, so here it is! We even used something called "version control" that made deploying this really easy (tryhackme.com)
  • ♻️1 googledorking/ - Google Dorking: Explaining how Search Engines work and leveraging them into finding hidden content (tryhackme.com)

H

  • ♻️1 hackermethodology/ - The Hacker Methodology: Introduction to the Hacker Methodology (tryhackme.com)
  • hackpark/ - HackPark: Bruteforce a websites login with Hydra, identify and use a public exploit then escalate your privileges on this Windows machine (tryhackme.com)
  • ♻️1 hashingcrypto101/ - Hashing - Crypto 101: An introduction to Hashing, as part of a series on crypto (tryhackme.com)
  • ♻️1 hello/ - Welcome: Learn how to use a TryHackMe room to start your upskilling in cyber security (tryhackme.com)
  • historyofmalware/ - History of Malware: Join this room to learn about the first forms of malware and how they turned into the malicious code we see today (tryhackme.com)
  • hololive/ - Holo: Holo is an Active Directory (AD) and Web-App attack lab that aims to teach core web attack vectors and more advanced AD attack techniques. This network simulates an external penetration test on a corporate network (tryhackme.com)
  • ♻️1 howtousetryhackme/ - How to use TryHackMe: Start and access your first machine (tryhackme.com)
  • ♻️1 howwebsiteswork/ - How websites work: To exploit a website, you first need to know how they are created (tryhackme.com)
  • ♻️1 httpindetail/ - HTTP in detail: Learn about how you request content from a web server using the HTTP protocol (tryhackme.com)
  • ♻️1 hydra/ - Hydra: Learn about and use Hydra, a fast network logon cracker, to bruteforce and obtain a website's credentials (tryhackme.com)

I

  • ice/ - Ice: Deploy & hack into a Windows machine, exploiting a very poorly secured media server (tryhackme.com)
  • ♻️1 idor/ - IDOR: Learn how to find and exploit IDOR vulnerabilities in a web application giving you access to data that you shouldn't have (tryhackme.com)
  • internal/ - Internal: Penetration Testing Challenge (tryhackme.com)
  • intro2windows/ - Intro to Windows: An introduction to Windows (tryhackme.com)
  • ♻️1 introdigitalforensics/ - Intro to Digital Forensics: Learn about digital forensics and related processes and experiment with a practical example (tryhackme.com)
  • ♻️1 intronetworksecurity/ - Network Security: Learn about network security, understand attack methodology, and practice hacking into a target server (tryhackme.com)
  • introtoc2/ - Intro to C2: Learn the essentials of Command and Control to help you become a better Red Teamer and simplify your next Red Team assessment (tryhackme.com)
  • introtoisac/ - Intro to ISAC: Learn how to utilize Information Sharing and Analysis Centers to gather threat intelligence and collect IOCs (tryhackme.com)
  • ♻️1 introtolan/ - Intro to LAN: Learn about some of the technologies and designs that power private networks (tryhackme.com)
  • ♻️1 introtonetworking/ - Introductory Networking: An introduction to networking theory and basic networking tools (tryhackme.com)
  • ♻️1 introtooffensivesecurity/ - Intro to Offensive Security: Hack your first website (legally in a safe environment) and experience an ethical hacker's job (tryhackme.com)
  • ♻️1 introtoresearch/ - Introductory Researching: A brief introduction to research skills for pentesting (tryhackme.com)
  • introtoshells/ - What the Shell?: An introduction to sending and receiving (reverse/bind) shells when exploiting target machines (tryhackme.com)
  • ♻️1 introwebapplicationsecurity/ - Web Application Security: Learn about web applications and explore some of their common security issues (tryhackme.com)
  • investigatingwindows/ - Investigating Windows: A windows machine has been hacked, its your job to go investigate this windows machine and find clues to what the hacker might have done (tryhackme.com)
  • investigatingwindows2/ - Investigating Windows 2.0: In the previous challenge you performed a brief analysis. Within this challenge, you will take a deeper dive into the attack (tryhackme.com)
  • investigatingwindows3/ - Investigating Windows 3.x: Find the artifacts resident on the endpoint and sift through captured data to determine what type attack occurred on the endpoint (tryhackme.com)

J

  • johntheripper0/ - John The Ripper: Learn how to use John the Ripper. An extremely powerful and adaptable hash cracking tool (tryhackme.com)
  • ♻️1 jupyter101/ - Jupyter 101: A friendly introduction into using the Jupyter Notebook environment. Learn to process and visualise data (tryhackme.com)

K

  • kape/ - KAPE: An introduction to Kroll Artifact Parser and Extractor (KAPE) for collecting and processing forensic artifacts (tryhackme.com)
  • kenobi/ - Kenobi: Walkthrough on exploiting a Linux machine. Enumerate Samba for shares, manipulate a vulnerable version of proftpd and escalate your privileges with path variable manipulation (tryhackme.com)
  • kiba/ - kiba: Identify the critical security flaw in the data visualization dashboard, that allows execute remote code execution (tryhackme.com)

L

  • lateralmovementandpivoting/ - Lateral Movement and Pivoting: Learn about common techniques used to move laterally across a Windows network (tryhackme.com)
  • learncyberin25days/ - 25 Days of Cyber Security: Get started with Cyber Security in 25 Days - Learn the basics by doing a new, beginner friendly security challenge every day (tryhackme.com)
  • learnowaspzap/ - Introduction to OWASP ZAP: Learn how to use OWASP ZAP from the ground up. An alternative to BurpSuite (tryhackme.com)
  • linprivesc/ - Linux PrivEsc: Learn the fundamentals of Linux privilege escalation. From enumeration to exploitation, get hands-on with over 8 different privilege escalation techniques (tryhackme.com)
  • ♻️1 linuxfundamentalspart1/ - Linux Fundamentals Part 1: Embark on the journey of learning the fundamentals of Linux. Learn to run some of the first essential commands on an interactive terminal (tryhackme.com)
  • ♻️1 linuxfundamentalspart2/ - Linux Fundamentals Part 2: Continue your learning Linux journey with part two. You will be learning how to log in to a Linux machine using SSH, how to advance your commands, file system interaction (tryhackme.com)
  • ♻️1 linuxfundamentalspart3/ - Linux Fundamentals Part 3: Power-up your Linux skills and get hands-on with some common utilities that you are likely to use day-to-day (tryhackme.com)
  • linuxmodules/ - Linux Modules: Learn linux modules in a fun way (tryhackme.com)
  • linuxprivesc/ - Linux PrivEsc: Practice your Linux Privilege Escalation skills on an intentionally misconfigured Debian VM with multiple ways to get root! SSH is available. Credentials: user:password321 (tryhackme.com)
  • lookingglass/ - Looking Glass: Step through the looking glass. A sequel to the Wonderland challenge room (tryhackme.com)

M

  • malmalintroductory/ - MAL: Malware Introductory: The start of a series of rooms covering Malware Analysis... (tryhackme.com)
  • malremnuxv2/ - MAL: REMnux - The Redux: A revitalised, hands-on showcase involving analysing malicious macro's, PDF's and Memory forensics of a victim of Jigsaw Ransomware; all done using the Linux-based REMnux toolset apart of my Malware Analysis series (tryhackme.com)
  • malstrings/ - MAL: Strings: Investigating "strings" within an application and why these values are important (tryhackme.com)
  • marketplace/ - The Marketplace: Can you take over The Marketplace's infrastructure? (tryhackme.com)
  • metasploitexploitation/ - Metasploit: Exploitation: Using Metasploit for scanning, vulnerability assessment and exploitation (tryhackme.com)
  • metasploitintro/ - Metasploit: Introduction: An introduction to the main components of the Metasploit Framework (tryhackme.com)
  • meterpreter/ - Metasploit: Meterpreter: Take a deep dive into Meterpreter, and see how in-memory payloads can be used for post-exploitation (tryhackme.com)
  • misp/ - MISP: Walkthrough on the use of MISP as a Threat Sharing Platform (tryhackme.com)
  • mitre/ - MITRE: This room will discuss the various resources MITRE has made available for the cybersecurity community (tryhackme.com)
  • ♻️1 mrrobot/ - Mr Robot CTF: Based on the Mr. Robot show, can you root this box? (tryhackme.com)

N

  • nax/ - Nax: Identify the critical security flaw in the most powerful and trusted network monitoring software on the market, that allows an user authenticated execute remote code execution (tryhackme.com)
  • netsecchallenge/ - Net Sec Challenge: Practice the skills you have learned in the Network Security module (tryhackme.com)
  • networkservices/ - Network Services: Learn about, then enumerate and exploit a variety of network services and misconfigurations (tryhackme.com)
  • networkservices2/ - Network Services 2: Enumerating and Exploiting More Common Network Services & Misconfigurations (tryhackme.com)
  • nmap01/ - Nmap Live Host Discovery: Learn how to use Nmap to discover live hosts using ARP scan, ICMP scan, and TCP/UDP ping scan (tryhackme.com)
  • nmap02/ - Nmap Basic Port Scans: Learn in-depth how nmap TCP connect scan, TCP SYN port scan, and UDP port scan work (tryhackme.com)
  • nmap03/ - Nmap Advanced Port Scans: Learn advanced techniques such as null, FIN, Xmas, and idle (zombie) scans, spoofing, in addition to FW and IDS evasion (tryhackme.com)
  • nmap04/ - Nmap Post Port Scans: Learn how to leverage Nmap for service and OS detection, use Nmap Scripting Engine (NSE), and save the results (tryhackme.com)

O

  • ♻️1 ohsint/ - OhSINT: Are you able to use open source intelligence to solve this challenge? (tryhackme.com)
  • openvas/ - OpenVAS: Learn the basics of threat and vulnerability management using Open Vulnerability Assessment Scanning (tryhackme.com)
  • ♻️1 openvpn/ - OpenVPN: A guide to connecting to our network using OpenVPN (tryhackme.com)
  • ♻️1 operatingsystemsecurity/ - Operating System Security: This room introduces users to operating system security and demonstrates SSH authentication on Linux (tryhackme.com)
  • opsec/ - Red Team OPSEC: Learn how to apply Operations Security (OPSEC) process for Red Teams (tryhackme.com)
  • ♻️1 oscommandinjection/ - Command Injection: Learn about a vulnerability allowing you to execute commands through a vulnerable app, and its remediations (tryhackme.com)
  • ♻️1 osimodelzi/ - OSI Model: Learn about the fundamental networking framework that determines the various stages in which data is handled across a network (tryhackme.com)
  • osiris/ - Osiris: Can you Quack it? (tryhackme.com)
  • osqueryf8/ - Osquery: Learn how to use this operating system instrumentation framework to explore operating system data by using SQL queries (tryhackme.com)
  • overpass/ - Overpass: What happens when some broke CompSci students make a password manager? (tryhackme.com)
  • overpass2hacked/ - Overpass 2 - Hacked: Overpass has been hacked! Can you analyse the attacker's actions and hack back in? (tryhackme.com)
  • overpass3hosting/ - Overpass 3 - Hosting: You know them, you love them, your favourite group of broke computer science students have another business venture! Show them that they probably should hire someone for security... (tryhackme.com)
  • owaspjuiceshop/ - OWASP Juice Shop: This room uses the Juice Shop vulnerable web application to learn how to identify and exploit common web application vulnerabilities (tryhackme.com)
  • owasptop10/ - OWASP Top 10: Learn about and exploit each of the OWASP Top 10 vulnerabilities; the 10 most critical web security risks (tryhackme.com)

P

  • ♻️1 packetsframes/ - Packets & Frames: Understand how data is divided into smaller pieces and transmitted across a network to another device (tryhackme.com)
  • passiverecon/ - Passive Reconnaissance: Learn about the essential tools for passive reconnaissance, such as whois, nslookup, and dig (tryhackme.com)
  • passwordattacks/ - Password Attacks: This room introduces the fundamental techniques to perform a successful password attack against various services and scenarios (tryhackme.com)
  • ♻️1 pentestingfundamentals/ - Pentesting Fundamentals: Learn the important ethics and methodologies behind every pentest (tryhackme.com)
  • persistingad/ - Persisting Active Directory: Learn about common Active Directory persistence techniques that can be used post-compromise to ensure the blue team will not be able to kick you out during a red team exercise... (tryhackme.com)
  • ♻️1 phishingemails1tryoe/ - Phishing Emails 1: Learn all the components that make up an email (tryhackme.com)
  • phishingemails2rytmuv/ - Phishing Emails 2: Learn the different indicators of phishing attempts by examining actual phishing emails (tryhackme.com)
  • phishingemails3tryoe/ - Phishing Emails 3: Learn the tools used to aid an analyst to investigate suspicious emails (tryhackme.com)
  • phishingemails4gkxh/ - Phishing Emails 4: Learn how to defend against phishing emails (tryhackme.com)
  • phishingemails5fgjlzxc/ - Phishing Emails 5: Use the knowledge attained to analyze a malicious email (tryhackme.com)
  • phishingyl/ - Phishing: Learn what phishing is and why it's important to a red team engagement. You will set up phishing infrastructure, write a convincing phishing email and try to trick your target into opening your email in a real-world simulation (tryhackme.com)
  • picklerick/ - Pickle Rick: A Rick and Morty CTF. Help turn Rick back into a human! (tryhackme.com)
  • postexploit/ - Post-Exploitation Basics: Learn the basics of post-exploitation and maintaining access with mimikatz, bloodhound, powerview and msfvenom (tryhackme.com)
  • powershell/ - Hacking with PowerShell: Learn the basics of PowerShell and PowerShell Scripting (tryhackme.com)
  • powershellforpentesters/ - PowerShell for Pentesters: This room covers the principle uses of PowerShell in Penetration Tests. Interacting with files, scanning the network and system enumeration are covered (tryhackme.com)
  • ♻️1 principlesofsecurity/ - Principles of Security: Learn the principles of information security that secures data and protects systems from abuse (tryhackme.com)
  • printnightmarehpzqlp8/ - PrintNightmare: Learn about the vulnerability known as PrintNightmare (CVE-2021-1675) and (CVE-2021-34527) (tryhackme.com)
  • protocolsandservers/ - Protocols and Servers: Learn about common protocols such as HTTP, FTP, POP3, SMTP and IMAP, along with related insecurities (tryhackme.com)
  • protocolsandservers2/ - Protocols and Servers 2: Learn about attacks against passwords and cleartext traffic; explore options for mitigation via SSH and SSL/TLS (tryhackme.com)
  • ♻️1 puttingitalltogether/ - Putting it all together: Learn how all the individual components of the web work together to bring you access to your favourite web sites (tryhackme.com)
  • pwnkit/ - Pwnkit: CVE-2021-4034: Interactive lab for exploiting and remediating Pwnkit (CVE-2021-4034) in the Polkit package (tryhackme.com)
  • ♻️1 pythonbasics/ - Python Basics: Using a web-based code editor, learn the basics of Python and put your knowledge into practice by eventually coding a short Bitcoin investment project (tryhackme.com)
  • pythonforcybersecurity/ - Python for Pentesters: Python is probably the most widely used and most convenient scripting language in cybersecurity. This room covers real examples of Python scripts including hash cracking, key logging, enumeration and scanning (tryhackme.com)

R

  • ra/ - Ra: You have found WindCorp's internal network and their Domain Controller. Can you pwn their network? (tryhackme.com)
  • ra2/ - Ra 2: Just when they thought their hashes were safe... Ra 2 - The sequel (tryhackme.com)
  • redteamengagements/ - Red Team Engagements: Learn the steps and procedures of a red team engagement, including planning, frameworks, and documentation (tryhackme.com)
  • redteamfirewalls/ - Firewalls: Learn about and experiment with various firewall evasion techniques, such as port hopping and port tunneling (tryhackme.com)
  • redteamfundamentals/ - Red Team Fundamentals: Learn about the basics of a red engagement, the main components and stakeholders involved, and how red teaming differs from other cyber security engagements (tryhackme.com)
  • redteamnetsec/ - Network Security Solutions: Learn about and experiment with various IDS/IPS evasion techniques, such as protocol and payload manipulation (tryhackme.com)
  • redteamrecon/ - Red Team Recon: Learn how to use DNS, advanced searching, Recon-ng, and Maltego to collect information about your target (tryhackme.com)
  • redteamthreatintel/ - Red Team Threat Intel: Apply threat intelligence to red team engagements and adversary emulation (tryhackme.com)
  • relevant/ - Relevant: Penetration Testing Challenge (tryhackme.com)
  • res/ - Res: Hack into a vulnerable database server with an in-memory data-structure in this semi-guided challenge (tryhackme.com)
  • retro/ - Retro: New high score (tryhackme.com)
  • ♻️1 rpmetasploit/ - Metasploit: Learn to use Metasploit, a tool to probe and exploit vulnerabilities on networks and servers (tryhackme.com)
  • rpnessusredux/ - Nessus: Learn how to set up and use Nessus, a popular vulnerability scanner (tryhackme.com)
  • ♻️1 rptmux/ - tmux: Learn to use tmux, one of the most powerful multi-tasking tools on linux (tryhackme.com)
  • rpwebscanning/ - Web Scanning: Learn the basics of automated web scanning (tryhackme.com)
  • rust/ - Learn Rust: Learn Rust for someone who knows programming but doesn't know low level programming (tryhackme.com)

S

  • sandboxevasion/ - Sandbox Evasion: Learn about active defense mechanisms Blue Teamers can deploy to identify adversaries in their environment (tryhackme.com)
  • securityawarenessintro/ - Security Awareness: An introduction to security awareness; why its important, the impact of being attacked, different threat actors and basic account security (tryhackme.com)
  • ♻️1 securityoperations/ - Security Operations: Learn about Security Operations Center (SOC): its responsibilities, services, and data sources (tryhackme.com)
  • set/ - Set: Once again you find yourself on the internal network of the Windcorp Corporation (tryhackme.com)
  • skynet/ - Skynet: A vulnerable Terminator themed Linux machine (tryhackme.com)
  • solar/ - Solar, exploiting log4j: Explore CVE-2021-44228, a vulnerability in log4j affecting almost all software under the sun (tryhackme.com)
  • ♻️ source/ - Source: Exploit a recent vulnerability and hack Webmin, a web-based system configuration tool (tryhackme.com)
  • splunk2gcd5/ - Splunk 2: Part of the Blue Primer series. This room is based on version 2 of the Boss of the SOC (BOTS) competition by Splunk (tryhackme.com)
  • splunk101/ - Splunk 101: This room will cover the basics of Splunk (tryhackme.com)
  • spring4shell/ - Spring4Shell: CVE-2022-22965: Interactive lab for exploiting Spring4Shell (CVE-2022-22965) in the Java Spring Framework (tryhackme.com)
  • ♻️1 sqlinjectionlm/ - SQL Injection: Learn how to detect and exploit SQL Injection vulnerabilities (tryhackme.com)
  • ♻️1 ssrfqi/ - SSRF: Learn how to exploit Server-Side Request Forgery (SSRF) vulnerabilities, allowing you to access internal server resources (tryhackme.com)
  • ♻️1 startingoutincybersec/ - Starting Out In Cyber Sec: Learn about the different career paths in Cyber Security and how TryHackMe can help (tryhackme.com)
  • steelmountain/ - Steel Mountain: Hack into a Mr. Robot themed Windows machine. Use metasploit for initial access, utilise powershell for Windows privilege escalation enumeration and learn a new technique to get Administrator access (tryhackme.com)
  • ♻️1 subdomainenumeration/ - Subdomain Enumeration: Learn the various ways of discovering subdomains to expand your attack surface of a target (tryhackme.com)
  • sysmon/ - Sysmon: Learn how to utilize Sysmon to monitor and log your endpoints and environments (tryhackme.com)

T

  • ♻️1 tickets2/ - Learn and win prizes #2: Complete rooms, win tickets. Get 3 of the same tickets and win a prize (tryhackme.com)
  • ♻️1 tmuxremux/ - REmux The Tmux: Updated, how to use tmux guide. Defaults and customize your workflow (tryhackme.com)
  • tomghost/ - tomghost: Identify recent vulnerabilities to try exploit the system or read files that you should not have access to (tryhackme.com)
  • toolsrus/ - ToolsRus: Practise using tools such as dirbuster, hydra, nmap, nikto and metasploit (tryhackme.com)
  • ♻️1 torforbeginners/ - Tor: A beginner orienteered guide on using the Tor network (tryhackme.com)
  • ♻️1 tutorial/ - Tutorial: Learn how to use a TryHackMe room to start your upskilling in cyber security (tryhackme.com)

U

  • uploadvulns/ - Upload Vulnerabilities: Tutorial room exploring some basic file-upload vulnerabilities in websites (tryhackme.com)

V

W

  • ♻️1 walkinganapplication/ - Walking An Application: Manually review a web application for security issues using only your browsers developer tools. Hacking with just your browser, no tools or scripts (tryhackme.com)
  • weaponization/ - Weaponization: Understand and explore common red teaming weaponization techniques. You will learn to build custom payloads using common methods seen in the industry to get initial access (tryhackme.com)
  • webenumerationv2/ - Web Enumeration: Learn the methodology of enumerating websites by using tools such as Gobuster, Nikto and WPScan (tryhackme.com)
  • ♻️1 whatisnetworking/ - What is Networking?: Begin learning the fundamentals of computer networking in this bite-sized and interactive module (tryhackme.com)
  • wifihacking101/ - Wifi Hacking 101: Learn to attack WPA(2) networks! Ideally you'll want a smartphone with you for this, preferably one that supports hosting wifi hotspots so you can follow along (tryhackme.com)
  • win64assembly/ - Windows x64 Assembly: Introduction to x64 Assembly on Windows (tryhackme.com)
  • winadbasics/ - Active Directory Basics: This room will introduce the basic concepts and functionality provided by Active Directory (tryhackme.com)
  • windowseventlogs/ - Windows Event Logs: Introduction to Windows Event Logs and the tools to query them (tryhackme.com)
  • windowsforensics1/ - Windows Forensics 1: Introduction to Windows Registry Forensics (tryhackme.com)
  • windowsforensics2/ - Windows Forensics 2: Learn about common Windows file systems and forensic artifacts in the file systems (tryhackme.com)
  • ♻️1 windowsfundamentals1xbx/ - Windows Fundamentals 1: In part 1 of the Windows Fundamentals module, we'll start our journey learning about the Windows desktop, the NTFS file system, UAC, the Control Panel, and more... (tryhackme.com)
  • ♻️1 windowsfundamentals2x0x/ - Windows Fundamentals 2: In part 2 of the Windows Fundamentals module, discover more about System Configuration, UAC Settings, Resource Monitoring, the Windows Registry and more... (tryhackme.com)
  • ♻️1 windowsfundamentals3xzx/ - Windows Fundamentals 3: In part 3 of the Windows Fundamentals module, learn about the built-in Microsoft tools that help keep the device secure, such as Windows Updates, Windows Security, BitLocker, and more... (tryhackme.com)
  • windowsprivesc20/ - Windows Privilege Escalation: Learn the fundamentals of Windows privilege escalation techniques (tryhackme.com)
  • windowsreversingintro/ - Windows Reversing Intro: Introduction to reverse engineering x64 Windows software (tryhackme.com)
  • wireshark/ - Wireshark 101: Learn the basics of Wireshark and how to analyze various protocols and PCAPs (tryhackme.com)
  • wonderland/ - Wonderland: Fall down the rabbit hole and enter wonderland (tryhackme.com)
  • wreath/ - Wreath: Learn how to pivot through a network by compromising a public facing web machine and tunnelling your traffic to access other machines in Wreath's network (tryhackme.com)

X

  • xss/ - Cross-site Scripting: Understand how cross-site scripting occurs and how to exploit it (tryhackme.com)
  • ♻️1 xssgi/ - Cross-site Scripting: Learn how to detect and exploit XSS vulnerabilities, giving you control of other visitor's browsers (tryhackme.com)

Y

Z

  • zer0logon/ - Zero Logon: Learn about and exploit the ZeroLogon vulnerability that allows an attacker to go from Zero to Domain Admin without any valid credentials (tryhackme.com)

🔙 Main

../Tools/ README.md

Compilation of tools covered along the learning paths. (🧰2)


Footnotes

  1. ♻️ Need a review (possibly unfinished or outdated). 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71

  2. 🧰 Necessary tool for room task.