Nothing fancy today. I had to go early to my mother’s so I’m doing small, basic-level tutorial-like rooms from TryHackMe to clear them.
Let’s see how it works in our daily #FromZeroToHacker challenge.
Table of contents |
Introduction |
What I have learnt today? |
Stats |
Resources |
Introduction to a handful of repetitive tutorials
As I have said, there is not much I have done today but take out the small and basic rooms on TryHackMe. It was repetitive, as many rooms were dedicated to teaching you how to start your AttackBox and a little more, but well, at least you feel like you are doing something with the gamification in TryHackMe.
The rooms
This tutorial explained what rooms (lessons) are, how to deploy your first machine in TryHackMe and little more. It has a little exercise where you deploy a machine, copy the IP generated, and then visit the IP in your browser to get a Flag.
Another room that explains how to start your first machine. Pretty much the same as the previous room, but simpler. We can even see a bit of the terminal, how to navigate, and how to print a text, but otherwise pretty basic.
Yay! Another room that explains how to start a virtual machine on the browser!
Funny thing: It has the same exercise that the first room had, with the same flag. Lazy.
And Now for Something Completely Different. This room gives us a brief explanation of the different career paths in Cyber Security: Offensive and Defensive.
On the Offensive side, you should pick this one if you enjoy understanding how things work, you are analytical and thinking outside the box. The most common job role is as a Penetration tester or Pentesting, which involves testing web applications and network security, even writing small scripts to automate attacks.
On the Defensive side, you have the careers of Security Analyst, an individual that monitors various systems in the same organisation to detect if they are being attacked, Incident Responder, who acts when the attack has already occurred to figure out what the actions the attacker took and what impact they had. Another niche role is Malware Analysis, to learn how the malware works, what it can do, how to prevent attacks and even how to stop it and fix the harm it did.
A quick explanation about why we should understand how websites work with a short (and fake) brute-force attack demo. This was an Instagram bug that was fixed.
The second part of the room is about a Target attack that started by hacking the air conditioning units, as they weren’t safe and were controlled remotely to monitor the temperature. You can read more in this Infosecurity-magazine article.
Learn how to connect to TryHackMe from your computer (or a Virtual Machine). I started using this instead of the THM AttackBox so that I can have 100% control of my system, I can customize it better, and can reuse files.
Yep. Another tutorial-like room that explains how TryHackMe works. Instead of having 10 rooms like this, they should have created a big one that explains all, but well…
How a contest where you could earn tickets to buy prizes worked. Ok.
When they did the same, a second time. Ok again.
Summary
Time for a recap. We have learned about:
- How TryHackMe works
- How to connect your Virtual Machine to TryHackMe
Stats
From 131.834th to 129.124th. Now I’m sitting in the top 6% in TryHackMe, yay!
Here is also the Skill Matrix:
Resources
Path: Web Fundamentals
Introduction to Web Hacking
Too many rooms to link here.
Other resources
Target Hackers May Have Gotten In Through the Air Conditioner