Skip to content

Latest commit

 

History

History
64 lines (46 loc) · 4.86 KB

Roominfo.md

File metadata and controls

64 lines (46 loc) · 4.86 KB

1. Beginner Level Rooms

Perfect for those new to cybersecurity, these rooms help users understand foundational concepts in a hands-on environment. They introduce tools and methods without overwhelming technical depth.

  • Introduction to Cyber Security: Offers a beginner-friendly introduction to cybersecurity, covering key principles, attack types, and security practices.
  • Linux Fundamentals (Part 1, 2, 3): These rooms focus on the essential commands and functions of Linux, the core operating system for cybersecurity work.
  • Intro to Defensive Security: Explores basic defensive measures and how to set up a secure environment.
  • Phishing Emails: A practical guide to identifying phishing attacks, showing how to detect malicious emails and links.
  • Network Fundamentals: Introduces users to the basics of networking, IP addresses, protocols, and subnets.

2. Intermediate Level Rooms

After understanding the basics, these rooms help build essential skills for ethical hacking and network security.

  • Pre-Security Path: A collection of rooms like "Intro to Offensive Security," "Windows Fundamentals," and "Network Fundamentals." This path guides users through the foundational layers before tackling more in-depth content.
  • Introduction to Web Hacking: Covers basic web vulnerabilities such as SQL Injection, Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF).
  • OWASP Top 10: A room dedicated to exploring the most common web application vulnerabilities, based on the OWASP Top 10 list.
  • Hash Cracking: Guides users through the fundamentals of password and hash cracking, covering tools like Hashcat and John the Ripper.
  • File Inclusion: An introduction to file inclusion vulnerabilities, often found in web applications, with hands-on practice on spotting and exploiting them.

3. Advanced Level Rooms

These rooms are suited for those ready to tackle more complex vulnerabilities and develop comprehensive penetration testing skills.

  • Red Teaming Fundamentals: Focuses on the basics of red teaming—emulating adversary tactics to test defenses.
  • Pivoting: Teaches the art of lateral movement within networks, crucial for advanced penetration testing and red teaming exercises.
  • Privilege Escalation: Several rooms on Linux and Windows privilege escalation, helping users understand how to exploit vulnerabilities and escalate privileges on compromised systems.
  • Active Directory Basics: Covers Active Directory (AD) environments and the methods used to attack and secure AD infrastructures.
  • Binary Exploitation: Introduces techniques like buffer overflow, allowing users to gain a foothold in binary exploitation and reverse engineering.

4. Capture the Flag (CTF) Challenges

Capture the Flag rooms provide a gamified approach to learning cybersecurity. They present challenges to "capture" flags by exploiting specific vulnerabilities.

  • Pickle Rick: Based on the popular show "Rick and Morty," this room requires exploiting web vulnerabilities to capture flags.
  • RootMe: A beginner-friendly CTF challenge where users gain initial access, escalate privileges, and capture flags.
  • Blue: A challenge on exploiting the EternalBlue vulnerability, giving hands-on experience with one of the most well-known exploits.
  • Mr. Robot: Inspired by the TV show "Mr. Robot," this room provides a storyline-driven CTF, challenging users to think like a hacker.
  • Ice: Focuses on breaking into a machine through various means, requiring knowledge of enumeration, exploitation, and privilege escalation.

5. Topic-Specific Rooms

These rooms focus on specialized areas within cybersecurity, allowing users to focus on specific interests or deepen their knowledge in a particular field.

  • Burp Suite Basics: Covers the basics of using Burp Suite, a tool essential for web application testing.
  • Metasploit Basics: Teaches how to use the Metasploit Framework for exploitation.
  • Malware Analysis: An introductory room for those interested in analyzing and understanding malware behavior.
  • Wireshark Basics: Introduces Wireshark, a tool for capturing and analyzing network traffic, covering packet analysis basics.
  • Steganography CTFs: Teaches steganography techniques, the art of hiding messages within other files.

6. Learning Paths

TryHackMe provides a few curated learning paths, such as the Complete Beginner Path, Junior Penetration Tester Path, and Cyber Defense Path, each composed of rooms designed to build skills in a structured progression. These paths are highly recommended for those looking to develop career-ready skills in cybersecurity.

7. Continuous Practice and Updating Knowledge

Cybersecurity is a constantly evolving field, so continually practicing with different TryHackMe rooms will help you stay up-to-date on the latest threats and vulnerabilities.