Skip to main content

91 posts tagged with "THM"

View All Tags

THM | Windows Privilege Escalation

· 13 min read

Red Teaming | Windows Privilege Escalation | Description:

Notes taken while exploring the Windows Privilege Escalation room on the Red Teaming Path. The primary goal is to master the fundamentals of Windows privilege‑escalation techniques.

THM | Enumeration

· 12 min read

Red Teaming | Enumeration | Summary:

This room is designed to introduce learners to post-exploitation enumeration techniques within unknown corporate environments.

It covers both Linux and Windows systems, detailing various methods for gathering system information, identifying users, understanding networking configurations, and listing running services.

The room also explores DNS, SMB, and SNMP protocols, along with additional tools like Sysinternals Suite, Process Hacker, and GhostPack Seatbelt, specifically for Windows enumeration.

THM | The Lay of the Land

· 20 min read

Red Teaming | The Lay of the Land | Summary:

This room offers hands-on learning about corporate security technologies. It covers Active Directory (AD) management, host solutions like antivirus, firewalls, Sysmon, HIDS/HIPS, EDR, network security with firewalls, SIEM, and IDS/IPS, plus applications and services including installed programs, processes, file sharing, DNS, local apps.

More importantly, it equips learners with practical knowledge of corporate security infrastructures.

THM | Phishing

· 11 min read

Red Teaming | Phishing | Summary:

This room focuses on teaching the basics of phishing attacks and their importance in red team engagements.

The room takes you through various aspects of phishing, including setting up infrastructure, writing convincing emails, and using different tools like GoPhish and techniques like Typosquatting to trick targets into opening malicious links or attachments.

THM | Password Attacks

· 29 min read

Red Teaming | Password Attacks | Summary:

This room is designed to teach about various strategies and techniques used in cracking or guessing passwords. It covers both offline and online methods, including dictionary and brute-force attacks, rule-based attacks, and custom rules.

The room emphasizes password profiling, teaching users how to create effective wordlists using default, weak, leaked, combined, and username sources.

Other topics include keyspace techniques, CUPP (Custom Password Profile), and online attacks targeting FTP, SMTP, SSH, and HTTP login pages. Additionally, it introduces the concept of password spraying attacks.

THM | Weaponization

· 18 min read

Red Teaming | Weaponization | Summary:

The room focuses on alternative scripting techniques used by red teamers to execute payloads in a Windows environment.

Since many organizations restrict or monitor the execution of .exe files, this room explores other methods, including Windows Script Host, HTML Applications, Visual Basic Applications, and PowerShell.

The goal is to learn and practice these techniques, which are commonly used by attackers to bypass security controls and execute malicious code.

THM | Red Team Recon

· 14 min read

Red Teaming | Red Team Recon | Summary:

The room provides training on different types of reconnaissance, including WHOIS and DNS-based reconnaissance, advanced searching techniques, and specialized search engines.

Additionally, it delves into specific tools and techniques such as Google Hacking, Recon-ng, and Maltego, offering a comprehensive understanding of the reconnaissance process in a cyber attack or penetration test scenario.

Overall, it aims to equip users with the skills and knowledge necessary to gather valuable information about a target using various reconnaissance methods and tools.

THM | Red Team OPSEC

· 10 min read

Red Teaming | Red Team OPSEC | Summary:

This room is focused on applying the OPSEC process in the context of Red Team operations. The content likely covers strategies and techniques for protecting sensitive information from adversaries, including identifying threats, vulnerabilities, and risks, and implementing countermeasures to stay one step ahead.

THM | Red Team Threat Intel

· 9 min read

Red Teaming | Red Team Threat Intel | Summary:

In this room, you'll learn how to harness the power of threat intelligence in red team engagements. You'll discover how to apply threat intel concepts to drive your campaigns, understand key frameworks like TIBER-EU, and practice using threat intelligence to inform your tactics, techniques, and procedures (TTPs).

Through interactive challenges and real-world examples, you'll gain a deeper understanding of how to create a threat-intel-driven campaign that sets you apart as a red team operator.

THM | Red Team Engagements

· 12 min read

Red Teaming | Red Team Engagements | Summary:

This room serves as a guide for Red Team engagements, covering essential steps such as defining scope and objectives, establishing rules of engagement, and planning campaigns, to ensure successful execution and effective documentation of the exercise.

It provides a structured approach to setting up and conducting a Red Team engagement, from conceptualizing the project to executing it, including key operational plans and mission-specific details.

THM | Windows Internals

· 14 min read

Malware Analysis | Windows Internals | Summary:

This room aims to provide an in-depth exploration of Windows operating system internals and common components. Important concepts like Processes, Threads, Virtual Memory, DLLs, PE and the Window API are introduced.

THM | x86 Assembly Crash Course

· 13 min read

Malware Analysis | x86 Assembly Crash Course | Summary:

The room discusses various aspects of x86 assembly language programming, covering essential concepts such as opcodes and operands, general assembly instructions, arithmetic and logical instructions, conditionals, and branching instructions.

It also includes some warnings about the use of these instructions in real-world scenarios, particularly related to shellcode injection.

THM | x86 Architecture Overview

· 8 min read

Malware Analysis | x86 Architecture Overview | Summary:

The room provides an overview of CPU architecture, explaining how it executes instructions and interacts with external components. It details the basic components of a CPU (Control Unit, Arithmetic Logic Unit, Registers) and how they interact with memory and I/O devices.

It then delves deeper into registers, explaining their types (Instruction Pointer, General-Purpose Registers, Status Flag Registers), and how they are used to store data temporarily while it is being processed by the CPU. Additionally, the room covers program memory layout, highlighting the importance of the stack in malware analysis, and explains common malware techniques such as stack buffer overflow attacks.

THM | Intro to Malware Analysis

· 7 min read

Malware Analysis | Intro to Malware Analysis | Summary:

The aim of this room is to provide SOC analysts with steps to determine whether suspicious content (files or traffic) is malicious or not. It will cover the basics of malware, how to start analyzing it, and different analysis methods, as well as resources for further assistance.

THM | Kenobi

· 3 min read

Basic Computer Exploitation | Kenobi | Summary:

This series of walkthroughs aims to help out complete beginners with finishing the Complete Beginner path on the TryHackMe website. It is based on the learning content provided in the Kenobi room.

THM | Vulnversity

· 2 min read

Basic Computer Exploitation | Vulnversity | Summary:

This series of walkthroughs aims to help out complete beginners with finishing the Complete Beginner path on the TryHackMe website. It is based on the learning content provided in the Vulnversity room.

THM | Blue

· 4 min read

Windows Exploitation Basics | Blue | Summary:

This series of walkthroughs aims to help out complete beginners with finishing the Complete Beginner path on the TryHackMe website. It is based on the learning content provided in the Blue room.

THM | Pickle Rick

· One min read

Web Hacking Fundamentals | Pickle Rick | Summary:

This series of walkthroughs aims to help out complete beginners with finishing the Complete Beginner path on the TryHackMe website. It is based on the learning content provided in the Pickle Rick room.

THM | Nmap

· 6 min read

Network Exploitation Basics | Nmap | Summary:

This series of walkthroughs aims to help out complete beginners with finishing the Complete Beginner path on the TryHackMe website. It is based on the learning content provided in the Nmap room.

THM | Tutorial

· One min read

Complete Beginner Introduction | Tutorial | Summary:

This series of walkthroughs aims to help out complete beginners with finishing the Complete Beginner path on the TryHackMe website. It is based on the learning content provided in the Tutorial room.