TryHackMe: Finished the Advent of Cyber 2024

I’ve finished the Advent of Cyber 2024 at TryHackMe!

It was a lot of fun, and I’ve learned a lot of new topics.

The challenges included:

Operational Security (OPSEC)
Threat Hunting with Elastic SIEM
Log analysis with tools like ELK and Splunk 
Identify malicious techniques using the MITRE ATT&CK framework
Use Atomic Red Team tests to conduct attack simulations
Exploiting XXE in Web Apps
Analyze malware behaviour using sandbox tools
Learn about various malware evasion techniques
Implement an evasion technique to bypass YARA rule detection
Detecting Malicious Behavior in AWS using Cloudtrail
Generating shellcode for reverse shells
Executing shellcode with PowerShell
Governance, Risk, and Compliance (GRC)
Conducting Third Party Risk Assessments
Carry out a phishing attack with a macro
Cracking WPA/WPA2 WiFi networks
Exploit race conditions in a web application
Exploring WebSocket Vulnerabilities
Conducting Man-in-the-middle attacks
Crash Course on Active Directory and AD attacks
Azure Key Vault and MS Entra ID
Vulnerabilities faced by AI chatbots
Intercept and modify internal APIs using Frida
Identify indicators of compromise (IOCs) in captured network traffic
Understand how C2 servers operate and communicate with compromised systems
Reversing a multi-stage binary
Kubernetes DFIR (Digital Forensics & Incident Response)
Finding the password of a password-protected document
Analyze and reverse engineering MQTT traffic

Did I already say, that it were a lot of new topics? :-D

Thank you to everybody at THM - looking forward to 2025!

Happy new year!

• News
• Tryhackme