TryHackMe Labs

This repository contains my learning journey through TryHackMe's cybersecurity labs. Each lab includes key learnings, and solutions that I documented for future reference.

TryHackMe Rooms Master List (241 Rooms)

🐧 Linux Fundamentals

• Linux Fundamentals Part 1
• Linux Fundamentals Part 2
• Linux Fundamentals Part 3
• Linux Shells
• Linux Privilege Escalation
• Common Linux PrivEsc
• Linux Incident Surface
• Linux System Hardening

🪟 Windows Fundamentals

• Windows Fundamentals 1
• Windows Fundamentals 2
• Windows Fundamentals 3
• Windows Command Line
• Windows PowerShell
• Windows Privilege Escalation
• Windows Event Logs
• Windows Forensics 1
• Windows Forensics 2
• Microsoft Windows Hardening

🔍 Networking

• Introductory Networking
• What is Networking?
• Networking Concepts
• Networking Essentials
• Intro to LAN
• OSI Model
• Packets and Frames
• Extending Your Network
• DNS in Detail
• HTTP in Detail
• Network Services
• Networking Core Protocols
• Networking Secure Protocols
• Network Security Protocols

⚔️ Offensive Security

• Offensive Security Intro
• Pentesting Fundamentals
• Metasploit: Introduction
• Metasploit: Exploitation
• Metasploit: Meterpreter
• Nmap
• Nmap Live Host Discovery
• Nmap: The Basics
• Nmap Basic Port Scans
• Nmap Advanced Port Scans
• Nmap Post Port Scans
• Hydra
• Enumeration & Brute Force
• Burp Suite: The Basics
• Burp Suite: Repeater
• Burp Suite: Intruder
• Burp Suite: Other Modules
• Burp Suite: Extensions
• Web Application Basics
• Web Application Security
• OWASP Top 10 - 2021
• OWASP Juice Shop
• XSS
• Intro to Cross-site Scripting
• SQL Injection
• SQL Fundamentals
• SQLMap: The Basics
• Command Injection
• File Inclusion
• IDOR
• Authentication Bypass
• Upload Vulnerabilities
• Content Discovery
• Subdomain Enumeration
• Passive Reconnaissance
• Active Reconnaissance
• What the Shell
• Shells Overview
• Red Team Fundamentals

🛡️ Defensive Security

• Defensive Security Intro
• Junior Security Analyst Intro
• SOC Fundamentals
• Security Operations
• Security Principles
• Principles of Security
• Incident Response Process
• Incident Response Fundamentals
• Intro to IR and IM
• Becoming a First Responder
• Logs Fundamentals
• Logging for Accountability
• Introduction to SIEM
• Splunk: Basics
• Incident Handling with Splunk
• Investigating with Splunk
• Wazuh
• Sysinternals
• Osquery: The Basics
• Core Windows Processes
• Intro to Endpoint Security
• Firewall Fundamentals
• IDS Fundamentals
• Snort
• Snort Challenge - The Basics
• Snort Challenges - Live Attacks
• Zeek
• Zeek Exercises
• Network Security
• Operation System Security

🔎 Digital Forensics (DFIR)

• DFIR: An Introduction
• Intro to Digital Forensics
• Digital Forensics Fundamentals
• Forensic Imaging
• Legal Considerations in DFIR
• Intro to Cold System Forensics
• Autopsy
• Redline
• Velociraptor
• KAPE
• Volatility
• TheHive Project
• NetworkMiner
• Wireshark: The Basics
• Wireshark: Packet Operations
• Wireshark: Traffic Analysis
• Tcpdump: The Basics
• TShark: The Basics
• TShark: CLI Wireshark Features
• TShark Challenge I: Teamwork
• TShark Challenge II: Directory
• REMnux: Getting Started
• FlareVM: Arsenal of Tools
• Brim

🕵️ Threat Intelligence

• Cyber Kill Chain
• Pyramid of Pain
• Unified Kill Chain
• Diamond Model
• MITRE
• Intro to Cyber Threat Intel
• Threat Intelligence Tools
• OpenCTI
• MISP
• Yara

📧 Phishing

• Phishing Analysis Fundamentals
• Phishing Emails in Action
• Phishing Analysis Tools
• Phishing Prevention
• The Greenholt Phish
• Snapped Phish-ing Line

🔐 Cryptography

• Cryptography Basics
• Public Key Cryptography Basics
• Hashing Basics
• John the Ripper: The Basics
• Introduction to Cryptography
• Encryption - Crypto 101
• JWT Security
• OAuth Vulnerabilities
• Session Management

🏗️ Secure Development

• OWASP API Security Top 10 - 1
• OWASP API Security Top 10 - 2
• SSDLC
• SAST
• DAST
• Introduction to DevSecOps
• Weaponizing Vulnerabilities

🏢 Governance & Risk

• Governance and Regulation
• Security Awareness
• Risk Management
• Vulnerability Management
• Threat Modeling
• Identity and Access Management
• Secure Network Architecture
• Cyber Crisis Management
• Industrial Intrusion

🎄 Advent of Cyber

• Advent of Cyber 2024

🧩 Miscellaneous

• The Sticker Shop
• Supply Chain Attack: Lottie
• How Websites Work
• Putting It All Together
• ohSINT
• Learning Cyber Security
• Ninja Skills
• JavaScript Basics
• JavaScript Essentials
• Python Basics
• Toolbox: Vim
• Bypass Disable Functions
• Moniker Link (CVE-2024-21413)
• Tor
• OpenVPN
• Active Directory Basics
• Active Directory Hardening
• Network Device Hardening
• Virtualization and Containers
• Intro to Cloud Security
• Auditing and Monitoring
• Learn and Win Prizes
• Careers in Cyber
• Starting Out in Cyber Sec
• Training Impact on Teams
• Search Skills
• Google Dorking
• Introductory Researching
• History of Malware
• Intro to Malware Analysis
• Walking an Application
• Pickle Rick
• Vulnversity
• Tempest
• Boogeyman 1/2/3
• Mother's Secret
• Traverse
• Friday Overtime
• Trooper
• Summit
• Eviction
• Retracted
• Benign
• Unattended
• Disgruntled
• Secret Recipe
• Light
• Critical
• Lo-Fi
• Crash the Hash
• Monday Monitor
• Investigating with ELK 101
• ItsyBitsy