TryHackMe introduces the “Security Engineer” Learning Path

TryHackMe introduced a new learning path called “Security Engineer”.It can be found here: https://tryhackme.com/path/outline/security-engineer-training I recorded a video about it, you can watch it below. To celebrate this, TryHackMe is running a Win Prizes and Learn campaign, details here. You can win prizes of up to $20,000. Good luck!

[Video] ‘Learning Cyber Security’ Writeup – Tryhackme

Learning Cyber Security Get a short introduction to a few of the security topics you’ll be learning about. Task 1 Web Application Security Why understanding how the web works is important   To attack web applications, you need to understand how they work. Hacking websites isn’t some magical process but does come down to knowing … Read more

[Video] ‘Snapped “Phish”-ing Line’ Writeup – Tryhackme

Snapped “Phish”-ing Line Apply learned skills to probe malicious emails and URLs, exposing a vast phishing campaign. Task 1 Challenge Scenario Based on real-world occurrences and past analysis, this scenario presents a narrative with invented names, characters, and events. Please note: The phishing kit used in this scenario was retrieved from a real-world phishing campaign. … Read more

[Video] “Cyber Kill Chain” Writeup – Tryhackme “SOC Level 1” Learning pathway

The Cyber Kill Chain framework is designed for identification and prevention of the network intrusions. You will learn what the adversaries need to do in order to achieve their goals. Task 1 Introduction The term kill chain is a military concept related to the structure of an attack. It consists of target identification, decision and … Read more

[Video] “Pyramid Of Pain” Writeup – Tryhackme “SOC Level 1” Learning pathway

Learn what is the Pyramid of Pain and how to utilize this model to determine the level of difficulty it will cause for an adversary to change the indicators associated with them, and their campaign.   Task 1 Introduction This well-renowned concept is being applied to cybersecurity solutions like Cisco Security, SentinelOne, and SOCRadar to … Read more

“Junior Security Analyst Intro” Writeup – Tryhackme “SOC Level 1” Learning pathway

Task 1 A career as a Junior (Associate) Security Analyst In the Junior Security Analyst role, you will be a Triage Specialist. You will spend a lot of time triaging or monitoring the event logs and alerts. The responsibilities for a Junior Security Analyst or Tier 1 SOC Analyst include: Monitor and investigate the alerts … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 23] Defence in Depth Mission ELFPossible: Abominable for a Day

Every effort you have put through builds on top of each other to bring you right at this moment. Santa and the security team are so proud of you for sticking around and being with us until now. You’re practically a member of the SSOC team already! There’s just one more thing left to learn: … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 22] Attack Surface Reduction Threats are failing all around me

McSkidy wants to improve the security posture of Santa’s network by learning from the recent attempts to disrupt Christmas. As a first step, she plans to implement low-effort, high-value changes that improve the security posture significantly. Learning Objectives To help McSkidy with her improvements, we will learn some concepts and evaluate some steps to take. … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 21] MQTT Have yourself a merry little webcam

After investigating the web camera implant through hardware and firmware reverse engineering, you are tasked with identifying and exploiting any known vulnerabilities in the web camera. Elf Mcskidy is confident you won’t be able to compromise the web camera as it seems to be up-to-date, but we will investigate if off-the-shelf exploits are even needed … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 20] Firmware Binwalkin’ around the Christmas tree

We can now learn more about the mysterious device found in Santa’s workshop. Elf Forensic McBlue has successfully been able to find the device ID. Now that we have the hardware device ID, help Elf McSkidy reverse the encrypted firmware and find interesting endpoints for IoT exploitation. Learning Objectives What is firmware reverse engineering Techniques … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 19] Hardware Hacking Wiggles go brrr

Spying on Santa Elf McSkidy was doing a regular sweep of Santa’s workshop when he discovered a hardware implant! The implant has a web camera attached to a microprocessor and another chip. It seems like someone was planning something malicious… We must try to understand what this implant was trying to do! We will deal … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 18] Sigma Lumberjack Lenny Learns New Rules

Compromise has been confirmed within the Best Festival Company Infrastructure, and tests have been conducted in the last couple of weeks. However, Santa’s SOC team wonders if there are methodologies that would help them perform threat detection faster by analysing the logs they collect. Elf McSkidy is aware of Sigma rules and has tasked you … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 17] Secure Coding Filtering for Order Amidst Chaos

After handling unrestricted file uploads and SQLi vulnerabilities, McSkidy continued to review Santa’s web applications. She stumbled upon user-submitted inputs that are unrecognizable, and some are even bordering on malicious! She then discovered that Santa’s team hadn’t updated these web applications in a long time, as they clearly needed more controls to filter misuse. Can … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 16] Secure Coding SQLi’s the king, the carolers sing

Set to have all their apps secured, the elves turned towards the one Santa uses to manage the present deliveries for Christmas. Elf McSkidy asked Elf Exploit and Elf Admin to assist you in clearing the application from SQL injections. When presented with the app’s code, both elves looked a bit shocked, as none of … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 15] Secure Coding Santa is looking for a Sidekick

Input Validation Insufficient input validation is one of the biggest security concerns for web applications. The issue occurs when user-provided input is inherently trusted by the application. Since user input can also be controlled by an attacker, we can see how this inherent trust can lead to many problems. Several web application vulnerabilities, such as … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 14] Web Applications I’m dreaming of secure web apps

Elf McSkidy was sipping her coffee when she saw on her calendar that it was time to review the web application’s security. An internal web application is being developed to be used internally and manage the cyber security team. She calls Elf Exploit McRed and asks him to check the in-development web application for common … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 13] Packet Analysis Simply having a wonderful pcap time

 After receiving the phishing email on Day 6 and investigating malware on Day 12, it seemed everything was ready to go back to normal. However, monitoring systems started to show suspicious traffic patterns just before closing the case. Now Santa’s SOC team needs help in analysing these suspicious network patterns. Learning Objectives Learn what … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 12] Malware Analysis Forensic McBlue to the REVscue!

  The malicious document attached to the phishing email was confirmed to have been executed. Aside from the fact that rogue connections were observed, we know little about what it does. Our in-house expert Forensic McBlue confirmed that the malicious document spawned another suspicious binary. Pivoting from that, he dumped it from memory for this task … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 11] Memory Forensics Not all gifts are nice

The elves in Santa’s Security Operations Centre (SSOC) are hard at work checking their monitoring dashboards when Elf McDave, one of the workshop employees, knocks on the door. The elf says, “I’ve just clicked on something and now my workstation is behaving in all kinds of weird ways. Can you take a look?”. Elf McSkidy tasks you, … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 10] Hack a game You’re a mean one, Mr. Yeti

Santa’s team have done well so far. The elves, blue and red combined, have been securing everything technological all around. The Bandit Yeti, unable to hack a thing, decided to go for eldritch magic as a last resort and trapped Elf McSkidy in a video game during her sleep. When the rest of the elves … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 9] Pivoting Dock the halls

Today’s task was created by the Metasploit Team at Rapid7.   Because of the recent incident, Santa has asked his team to set up a new web application that runs on Docker. It’s supposed to be much more secure than the previous one, but better safe than sorry, right? It’s up to you, McSkidy, to … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 8] Smart Contracts Last Christmas I gave you my ETH

  After it was discovered that Best Festival Company was now on the blockchain and attempting to mint their cryptocurrency, they were quickly compromised. Best Festival Company lost all its currency in the exchange because of the attack. It is up to you as a red team operator to discover how the attacker exploited the … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 7] CyberChef Maldocs roasting on an open fire

In the previous task, we learned that McSkidy was indeed a victim of a spearphishing campaign that also contained a suspicious-looking document Division_of_labour-Load_share_plan.doc. McSkidy accidentally opened the document, and it’s still unknown what this document did in the background. McSkidy has called on the in-house expert Forensic McBlue to examine the malicious document and find the … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 6] Email Analysis It’s beginning to look a lot like phishing

Elf McBlue found an email activity while analysing the log files. It looks like everything started with an email… Learning Objectives Learn what email analysis is and why it still matters. Learn the email header sections. Learn the essential questions to ask in email analysis. Learn how to use email header sections to evaluate an … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 5] Brute-Forcing He knows when you’re awake

Elf McSkidy asked Elf Recon McRed to search for any backdoor that the Bandit Yeti APT might have installed. If any such backdoor is found, we would learn that the bad guys might be using it to access systems on Santa’s network. Learning Objectives Learn about common remote access services. Recognize a listening VNC port … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 4] Scanning Scanning through the snow

 The Story Check out HuskyHack’s video walkthrough for Day 4 here! During the investigation of the downloaded GitHub repo (OSINT task), elf Recon McRed identified a URL qa.santagift.shop that is probably used by all the elves with admin privileges to add or delete gifts on the Santa website. The website has been pulled down for maintenance, and … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 3] OSINT Nothing escapes detective McRed

Video 1 – no sound Video 2 – sound The Story Check out CyberSecMeg’s video walkthrough for Day 3 here! As the elves are trying to recover the compromised santagift.shop website, elf Recon McRed is trying to figure out how it was compromised in the first place. Can you help him in gathering open-source information against … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 2] Log Analysis Santa’s Naughty & Nice Log

          The Story Santa’s Security Operations Center (SSOC) has noticed one of their web servers, santagift.shop has been hijacked by the Bandit Yeti APT group. Elf McBlue’s task is to analyse the log files captured from the web server to understand what is happening and track down the Bandit Yeti APT group. Learning … Read more

[Video] TryHackMe Advent of Cyber 2022 – [Day 1] Frameworks Someone’s coming to town!

           The Story John Hammond is kicking off the Advent of Cyber 2022 with a video premiere at 2pm BST! Once the video becomes available, you’ll be able to see a sneak peek of the other tasks and a walkthrough of this day’s challenge! Best Festival Company Compromised Someone is … Read more