TryHackMe Writeups

In this repository you will find various walkthroughs/writeups for various TryHackMe rooms. This is mostly for my own use as a sort of knowledge base. But anyone is welcome to view it themselves.

An alternative version can be found here: https://kevinovitz.github.io/TryHackMe_Writeups/.

The following rooms are available/in progress:

• Active Directory Basics
• Advent of Cyber 1 [2019]
• Advent of Cyber 2 [2020]
• Advent of Cyber 2023
• Advent of Cyber '23 Side Quest [WiP]
• Advent of Cyber 2024
• Advent of Cyber '24 Side Quest [WiP]
• Advent of Cyber 2025 [WiP]
• Agent Sudo
• AI in Security - old sAInt nick
• Anonymous
• AWS Security - S3cret Santa
• Auditing and Monitoring*
• Authentication Bypass*
• Blaster [WiP]
• Blue
• Bounty Hacker [WiP]
• Breaching Active Directory
• Breaking RSA
• Buffer Overflows*
• Burp Suite: The Basics
• Burp Suite: Intruder*
• Burp Suite: Other Modules* [Answered]
• Burp Suite: Repeater
• C2 Detection - Command & Carol
• Common Linux Privesc* [Answered]
• Containers - DoorDasher's Demise
• Content Discovery
• Crack the Hash
• CyberChef - Hoperation Save McSkidy
• DAST*
• Data Exfiltration* [WiP]
• Encryption - Crypto 101 [Answered]
• Enumerating Active Directory
• Enumeration* [Answered]
• Exploitation with cURL - Hoperation Eggsploit
• Exploiting Active Directory
• File Inclusion [WiP]
• Forensics - Registry Furensics
• Governance & Regulation*
• Hackfinity Battle [WiP]
• Hacking with PowerShell [WiP]
• Hydra
• Ice
• ICS/Modbus - Claus for Concern
• IDOR - Santa’s Little IDOR
• Introduction to Cryptography
• John The Ripper*
• Kenobi [Answered]
• Lateral Movement and Pivoting [WiP]
• Linux CLI - Shells Bells
• Linux Fundamentals Part 1
• Linux Fundamentals Part 2
• Linux Fundamentals Part 3
• Linux System Hardening
• Linux PrivEsc
• Linux Privilege Escalation [Answered]
• MAL: Malware Introductory [Answered]
• Malware Analysis - Egg-xecutable
• Malware Analysis - Malhare.exe
• Metasploit: Exploitation* [Answered]
• Metasploit: Meterpreter [WiP]
• Mother's Secret*
• Nessus [Answered]
• Net Sec Challenge* [Answered]
• Network Discovery - Scan-ta Clause
• Network Security*
• Obfuscation - The Egg Shell File
• OhSINT
• Operating System Security*
• OWASP Top 10 - 2021 [Answered]
• OWASP Juice Shop [Answered]
• Password Attacks* [Answered]
• Passwords - A Cracking Christmas
• Pickle Rick [Answered]
• Persisting Active Directory* [WiP]
• Phishing - Merry Clickmas
• Phishing - Phishmas Greetings
• Post-Exploitation Basics [WiP]
• Printer Hacking 101
• Prompt Injection - Sched-yule conflict (WiP)
• Race Conditions - Toy to The World
• Red Team Recon
• Risk Management* [Answered]
• Rootme [Answered]
• SAST* [WiP]
• Shodan.io [WiP]
• Simple CTF
• SOC Alert Triaging - Tinsel Triage (WiP)
• Splunk Basics - Did you SIEM?
• SQL Injection
• Steel Mountain* [Answered]
• The Lay of the Land* [Answered]
• Threat Modelling [Answered]
• The Return of the Yeti [WiP]
• Traverse*
• Upload Vulnerabilities [Answered]
• Vulnerability Capstone* [Answered]
• Vulnerability Management* [Answered]
• Vulnversity
• Walking An Application [Answered]
• Web Attack Forensics - Drone Alone
• Weaponization* [Answered]
• Windows Fundamentals 1 [Answered]
• Windows Fundamentals 2 [Answered]
• Windows Fundamentals 3 [Answered]
• Windows Local Persistence* [Answered]
• Windows Privilege Escalation* [Answered]
• Windows PrivEsc
• Wireshark: The Basics
• Wireshark: Packet Operations* [WiP]
• Wonderland [WiP]
• XSS - Merry XSSMas
• YARA Rules - YARA mean one!
• more to come

Rooms with the [Answered] annotation only have some questions remaining which don't require an answer.

*This room is only available with an subscription.

External Knowledge Bases

https://gitlab.com/dhiksec/tryhackme