THM¶
THM - Advent of Cyber 2022 - Day 22
Difficulty: 
Challenge Link
OS: Linux
THM - Advent of Cyber 2022 - Day 21
Difficulty:
Challenge Link
OS: Linux
THM - Advent of Cyber 2022 - Day 20
Difficulty:
Challenge Link
OS: Linux
THM - Advent of Cyber 2022 - Day 19
Difficulty:
Challenge Link
OS: Linux
Learning Objectives How data is sent via electrical wires in low-level hardware Hardware communication protocols * How to analyze hardware communication protocols * Reading USART data from a logic capture
THM - Advent of Cyber 2022 - Day 18
Difficulty:
Challenge Link
OS: Linux
Learning Objectives * Learn What is threat detection * Understand what is Sigma rules * Why are Sigma rules used * How to implement Sigma rules in threat detection
THM - Advent of Cyber 2022 - Day 17
Difficulty:
Challenge Link
OS: Linux
Learning Objectives
- There needs to be more than understanding input validation.
- Learn the basics of HTML5 and Regex
- Implement HTML5 and regex to improvise the security of the web application
THM - Advent of Cyber 2022 - Day 16
Difficulty:
Challenge Link
OS: Linux
Learning Objectives
- Understand what SQL is
- Learn how to read PHP code
- How to secure PHP code to prevent SQL injections
THM - Advent of Cyber 2022 - Day 15
Difficulty:
Challenge Link
OS: Linux
Learning Objectives Input validation of file upload functionality Unrestricted file upload vulnerabilities Phishing through file uploads How to properly secure file upload functionality
THM - Advent of Cyber 2022 - Day 14
Difficulty:
Challenge Link
OS: Linux
Learning Objectives
- Web Applications
- The Open Web Application Security Project (OWASP) Top 10
- IDOR
THM - Advent of Cyber 2022 - Day 13
Difficulty:
Challenge Link
OS: Linux
After receiving the phishing email on Day 6 and investigating malware on Day 12, it seemed everything was ready to go back to normal. However, monitoring systems started to show suspicious traffic patterns just before closing the case. Now Santa's SOC team needs help in analysing these suspicious network patterns.
Learning Objectives
- Learn what traffic analysis is and why it still matters.
- Learn the fundamentals of traffic analysis.
- Learn the essential Wireshark features used in case investigation.
- Learn how to assess the patterns and identify anomalies on the network.
- Learn to use additional tools to identify malicious addresses and conduct further analysis.
- Help the Elf team investigate suspicious traffic patterns.
THM - Advent of Cyber 2022 - Day 12
Difficulty:
Challenge Link
OS: Linux
The malicious document attached to the phishing email was confirmed to have been executed. Aside from the fact that rogue connections were observed, we know little about what it does.
Our in-house expert Forensic McBlue confirmed that the malicious document spawned another suspicious binary. Pivoting from that, he dumped it from memory for this task to be further analysed via Malware Analysis.
Learning Objectives
- Learn the fundamentals of analysing malware samples without relying on automated sandbox scanners.
- Learn and understand typical malware behaviour and its importance in the incident investigation pipeline.
THM - Advent of Cyber 2022 - Day 11
Difficulty:
Challenge Link
OS: Linux/Windows
This challenge is focused on doing Memory Forensics.
To access the memory dump, you will need to deploy the machine attached to this task by pressing the green "Start Machine" button located at the top-right of this task. The machine should launch in a split-screen view. If it does not, you will need to press the blue "Show Split Screen" button near the top-right of this page.
Volatility and the memory file (named workstation.vmem) is located in /home/elfmcblue/volatility3.
THM - Advent of Cyber 2022 - Day 10
Difficulty:
Challenge Link
OS: Linux
Learning Objectives
- Learn how data is stored in memory in games or other applications.
- Use simple tools to find and alter data in memory.
- Explore the effects of changing data in memory on a running game.
THM - Advent of Cyber 2022 - Day 9
Difficulty:
Challenge Link
OS: Linux
Learning Objectives
- Using Metasploit modules and Meterpreter to compromise systems
- Network Pivoting
- Post exploitation
THM - Advent of Cyber 2022 - Day 7
Difficulty:
Challenge Link
OS: Linux
THM - Advent of Cyber 2022 - Day 6
Difficulty:
Challenge Link
OS: Linux
THM - Advent of Cyber 2022 - Day 5
Difficulty:
Challenge Link
OS: Linux
THM - Advent of Cyber 2022 - Day 4
Difficulty:
Challenge Link
OS: Linux
THM - Advent of Cyber 2022 - Day 3
Difficulty:
Challenge Link
OS: Linux
THM - Advent of Cyber 2022 - Day 2
Difficulty:
Challenge Link
OS: Linux
Things are starting to get a little more hands on with this day's challenge. We have to start a machine and go look inside of it.
THM - Advent of Cyber 2022 - Day 1
Difficulty:
Challenge Link
OS: Linux
The Advent of Cyber 2022 is a fun event that TryHackMe tends to host similarly like events during key holidays in the United States. This particular one will be 24 Days of Challenges catered in a Christman fashion.
THM - Lazy Admin
Difficulty:
Direct link: Module Link
Background
This is going to be a quick walkthrough and brain dump of my experience going through THM LazyAdmin. I am not above using hints. This is all a growing and learning experience for me. This was one of the suggested boxes for Capstone in TCM Security's Linux Privesc Course.