• Below is a series of rooms/machines in TryHackMe for beginners to cyber security to learn and practice.

• Configure environment in one line!

trevohack@anonymous $ curl -O https://raw.githubusercontent.com/Trevohack/TryHackMe-Zero-To-Hero/main/Scripts/setup.sh && chmod +x setup.sh && ./setup.sh

• Tutorial
• Beginner

• Linux
• Linux 2
• Linux 3
• Bash Scripting
• Linux Modules

Acquainting yourself with tools in cybersecurity involves learning how to effectively use software, hardware, and techniques to secure digital systems and networks against cyber threats.

Nmap, short for "Network Mapper," is a powerful network scanning and exploration tool used in cybersecurity. It's designed to discover hosts, services, and vulnerabilities within a computer network. Nmap employs various scanning techniques, like TCP, UDP, SYN, and ICMP scans, to identify open ports, services running on those ports, and operating systems. This information is crucial for assessing network security, finding potential entry points, and strengthening defenses against potential threats.

• Nmap 1
• Nmap 2
• Nmap 3
• Nmap 4
• Further Nmap
• Networking
• Networking Services
• Protocols And Servers
• Protocols And Servers 2

• Tmux
• Tmux 2

Burp Suite: Essential tool for web app security testing, uncovering vulnerabilities and aiding in their resolution.

• Burp: The Basics
• Burp: Repeater
• Burp: Intruder
• Burp: Other Modules

Metasploit is a leading penetration testing tool for identifying and testing system vulnerabilities, widely used by cybersecurity professionals.

• Metasploit: Introduction
• Metasploit: Exploitation
• Metasploit: Meterpreter

Web penetration testing: Assessing web app security by simulating attacks to uncover and address vulnerabilities.

• Walking An Application
• Content Discovery
• Subdomain Enumeration
• Authentication Bypass
• IDOR
• XSS
• Command Injection
• SSRF
• File Inclusion
• SQL Injection

• Vulns
• Exploitation
• Vulnerability Capstone

Privilege escalation (priv esc) is the act of gaining higher levels of access or privileges than initially granted to a user or system. It involves exploiting vulnerabilities to elevate privileges, granting unauthorized access to resources or actions. This can be a critical step for attackers to gain control over a system, making it a crucial focus in security assessments to prevent unauthorized escalation of privileges.

• Linux Priv Esc
• Windows Priv Esc

• Python 1
• Python 2
• Flask

• Poc Writing

• Javascript Basics
• Jason

• Enumerating AD
• Breaching AD
• Lateral Movement & Pivoting
• Exploiting AD
• Persisting AD
• Holo

• Buffer Overflow Prep
• Brainstorm

You could get to this level or position after completing the above theory content and starting to practice through CTF challenges.

For the machines/rooms mentioned below writeups will be added soon!

• Rootme
• Ignite
• Pickle Rick
• Cyborg
• Tomghost
• Source
• Res
• Lazy Admin
• Overpass
• Startup
• Wgel CTF
• Gaming Server

• Athena
• Wonderland
• Mr Robot CTF
• dogcat
• The Marketplace
• GoldenEye

• Internal
• Year of the fox
• Retro
• Ra

Congrats! 🥳 If you have done all the rooms mentioned here, you are officially a penetration tester. You can go ahead in your career with other resources and platforms.