[Video] “Introduction to Cryptography” Writeup – Tryhackme “Security Engineer” Learning path

Task 1 Introduction The purpose of this room is to introduce users to basic cryptography concepts such as: Symmetric encryption, such as AES Asymmetric encryption, such as RSA Diffie-Hellman Key Exchange Hashing PKI Suppose you want to send a message that no one can understand except the intended recipient. How would you do that? One … Read more

[Video] “ Security Principles” Writeup – Tryhackme “Security Engineer” Learning path

Task 1 Introduction Security has become a buzzword; every company wants to claim its product or service is secure. But is it? Before we start discussing the different security principles, it is vital to know the adversary against whom we are protecting our assets. Are you trying to stop a toddler from accessing your laptop? … Read more

[Video] “Security Engineer Intro” Writeup – Tryhackme “Security Engineer” Learning path

Security engineers form the backbone of an enterprise’s cyber security posture. In this room, we will get an introduction to the security engineer role and learn the day-to-day activities of a security engineer. It is highly recommended that before continuing on this room, you have completed the Pre Security path. Learning Objectives Why does the … Read more

[Video] ‘Trooper’ Writeup – Tryhackme

Task 1 Who’s The Threat? A multinational technology company has been the target of several cyber attacks in the past few months. The attackers have been successful in stealing sensitive intellectual property and causing disruptions to the company’s operations. A threat advisory report about similar attacks has been shared, and as a CTI analyst, your … Read more

[Video] ‘Learning Cyber Security’ Writeup – Tryhackme

Learning Cyber Security Get a short introduction to a few of the security topics you’ll be learning about. Task 1 Web Application Security Why understanding how the web works is important   To attack web applications, you need to understand how they work. Hacking websites isn’t some magical process but does come down to knowing … Read more

[Video] ‘Snapped “Phish”-ing Line’ Writeup – Tryhackme

Snapped “Phish”-ing Line Apply learned skills to probe malicious emails and URLs, exposing a vast phishing campaign. Task 1 Challenge Scenario Based on real-world occurrences and past analysis, this scenario presents a narrative with invented names, characters, and events. Please note: The phishing kit used in this scenario was retrieved from a real-world phishing campaign. … Read more

[Video] “Cyber Kill Chain” Writeup – Tryhackme “SOC Level 1” Learning pathway

The Cyber Kill Chain framework is designed for identification and prevention of the network intrusions. You will learn what the adversaries need to do in order to achieve their goals. Task 1 Introduction The term kill chain is a military concept related to the structure of an attack. It consists of target identification, decision and … Read more

[Video] “Pyramid Of Pain” Writeup – Tryhackme “SOC Level 1” Learning pathway

Learn what is the Pyramid of Pain and how to utilize this model to determine the level of difficulty it will cause for an adversary to change the indicators associated with them, and their campaign.   Task 1 Introduction This well-renowned concept is being applied to cybersecurity solutions like Cisco Security, SentinelOne, and SOCRadar to … Read more

“Junior Security Analyst Intro” Writeup – Tryhackme “SOC Level 1” Learning pathway

Task 1 A career as a Junior (Associate) Security Analyst In the Junior Security Analyst role, you will be a Triage Specialist. You will spend a lot of time triaging or monitoring the event logs and alerts. The responsibilities for a Junior Security Analyst or Tier 1 SOC Analyst include: Monitor and investigate the alerts … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 23] Defence in Depth Mission ELFPossible: Abominable for a Day

Every effort you have put through builds on top of each other to bring you right at this moment. Santa and the security team are so proud of you for sticking around and being with us until now. You’re practically a member of the SSOC team already! There’s just one more thing left to learn: … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 22] Attack Surface Reduction Threats are failing all around me

McSkidy wants to improve the security posture of Santa’s network by learning from the recent attempts to disrupt Christmas. As a first step, she plans to implement low-effort, high-value changes that improve the security posture significantly. Learning Objectives To help McSkidy with her improvements, we will learn some concepts and evaluate some steps to take. … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 21] MQTT Have yourself a merry little webcam

After investigating the web camera implant through hardware and firmware reverse engineering, you are tasked with identifying and exploiting any known vulnerabilities in the web camera. Elf Mcskidy is confident you won’t be able to compromise the web camera as it seems to be up-to-date, but we will investigate if off-the-shelf exploits are even needed … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 20] Firmware Binwalkin’ around the Christmas tree

We can now learn more about the mysterious device found in Santa’s workshop. Elf Forensic McBlue has successfully been able to find the device ID. Now that we have the hardware device ID, help Elf McSkidy reverse the encrypted firmware and find interesting endpoints for IoT exploitation. Learning Objectives What is firmware reverse engineering Techniques … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 19] Hardware Hacking Wiggles go brrr

Spying on Santa Elf McSkidy was doing a regular sweep of Santa’s workshop when he discovered a hardware implant! The implant has a web camera attached to a microprocessor and another chip. It seems like someone was planning something malicious… We must try to understand what this implant was trying to do! We will deal … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 18] Sigma Lumberjack Lenny Learns New Rules

Compromise has been confirmed within the Best Festival Company Infrastructure, and tests have been conducted in the last couple of weeks. However, Santa’s SOC team wonders if there are methodologies that would help them perform threat detection faster by analysing the logs they collect. Elf McSkidy is aware of Sigma rules and has tasked you … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 17] Secure Coding Filtering for Order Amidst Chaos

After handling unrestricted file uploads and SQLi vulnerabilities, McSkidy continued to review Santa’s web applications. She stumbled upon user-submitted inputs that are unrecognizable, and some are even bordering on malicious! She then discovered that Santa’s team hadn’t updated these web applications in a long time, as they clearly needed more controls to filter misuse. Can … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 16] Secure Coding SQLi’s the king, the carolers sing

Set to have all their apps secured, the elves turned towards the one Santa uses to manage the present deliveries for Christmas. Elf McSkidy asked Elf Exploit and Elf Admin to assist you in clearing the application from SQL injections. When presented with the app’s code, both elves looked a bit shocked, as none of … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 15] Secure Coding Santa is looking for a Sidekick

Input Validation Insufficient input validation is one of the biggest security concerns for web applications. The issue occurs when user-provided input is inherently trusted by the application. Since user input can also be controlled by an attacker, we can see how this inherent trust can lead to many problems. Several web application vulnerabilities, such as … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 14] Web Applications I’m dreaming of secure web apps

Elf McSkidy was sipping her coffee when she saw on her calendar that it was time to review the web application’s security. An internal web application is being developed to be used internally and manage the cyber security team. She calls Elf Exploit McRed and asks him to check the in-development web application for common … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 13] Packet Analysis Simply having a wonderful pcap time

 After receiving the phishing email on Day 6 and investigating malware on Day 12, it seemed everything was ready to go back to normal. However, monitoring systems started to show suspicious traffic patterns just before closing the case. Now Santa’s SOC team needs help in analysing these suspicious network patterns. Learning Objectives Learn what … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 12] Malware Analysis Forensic McBlue to the REVscue!

  The malicious document attached to the phishing email was confirmed to have been executed. Aside from the fact that rogue connections were observed, we know little about what it does. Our in-house expert Forensic McBlue confirmed that the malicious document spawned another suspicious binary. Pivoting from that, he dumped it from memory for this task … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 11] Memory Forensics Not all gifts are nice

The elves in Santa’s Security Operations Centre (SSOC) are hard at work checking their monitoring dashboards when Elf McDave, one of the workshop employees, knocks on the door. The elf says, “I’ve just clicked on something and now my workstation is behaving in all kinds of weird ways. Can you take a look?”. Elf McSkidy tasks you, … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 10] Hack a game You’re a mean one, Mr. Yeti

Santa’s team have done well so far. The elves, blue and red combined, have been securing everything technological all around. The Bandit Yeti, unable to hack a thing, decided to go for eldritch magic as a last resort and trapped Elf McSkidy in a video game during her sleep. When the rest of the elves … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 9] Pivoting Dock the halls

Today’s task was created by the Metasploit Team at Rapid7.   Because of the recent incident, Santa has asked his team to set up a new web application that runs on Docker. It’s supposed to be much more secure than the previous one, but better safe than sorry, right? It’s up to you, McSkidy, to … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 8] Smart Contracts Last Christmas I gave you my ETH

  After it was discovered that Best Festival Company was now on the blockchain and attempting to mint their cryptocurrency, they were quickly compromised. Best Festival Company lost all its currency in the exchange because of the attack. It is up to you as a red team operator to discover how the attacker exploited the … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 7] CyberChef Maldocs roasting on an open fire

In the previous task, we learned that McSkidy was indeed a victim of a spearphishing campaign that also contained a suspicious-looking document Division_of_labour-Load_share_plan.doc. McSkidy accidentally opened the document, and it’s still unknown what this document did in the background. McSkidy has called on the in-house expert Forensic McBlue to examine the malicious document and find the … Read more

[Video] “Intro to Defensive Security” Writeup – Tryhackme

Intro to Defensive Security Introducing defensive security and related topics, such as threat intelligence, SOC, DFIR, and SIEM. Task 1 Introduction to Defensive Security Offensive security focuses on one thing: breaking into systems. Breaking into systems might be achieved through exploiting bugs, abusing insecure setups, and taking advantage of unenforced access control policies, among other … Read more