TryHackMe is a free online platform for learning cyber security, using hands-on exercises and labs, all through your browser!
| Name | Description |
|---|---|
| Vulnversity | - File Upload Vulnerability - Privilege Escalation via systemctl |
| Kenobi | - Samba Share Enumeration - ProFTPd Exploit - Privilege Escalation with Path Variable Manipulation |
| Blue | - Eternal Blue (ms17-010) - Use of msfconsole |
| Basic Pentesting | - enum4linux- SSH Password Cracking via Hydra - linPEAS- Cracking SSH Private Key via JohnTheRipper |
| Classic Passwd | - Reverse Engineering using ltrace |
| JPGChat | - Source Code Reading - Python Library Manipulation |
| Regular expressions | - Basics of RE |
| Crack the hash | - Crack Station - Hash Analyzer - HashCat - JohnTheRipper |
| tomghost | - AJP Exploit (CVE-2020-1938) - GPG Cracking via JohnTheRipper |
| Team | - Source Code Reading - Virtual Host Routing - Subdomains Finder via WFUZZ- LFI - linPEAS - CronJobs |
| Mr. Robot CTF | - GoBuster Scan - Web Login Dictionary Attack via BurpSuite - PHP Reverse Shell - SUID via Nmap |
| OhSINT | - exiftool |
| Simple CTF | - CMS Made Simple (CVE-2019-9053) - SQLi |
| Pickle Rick | - Source Code Read - Command Injection Vulnerability |
| CTF collection Vol.1 | ----- |
| Badbyte | - FTP Anonymous Login - SSH Password Cracking via JohnTheRipper - SSH Port Forwarding - WordPress Plugins Enumeration - WordPress File Manager RCE |
| Bounty Hacker | - FTP Anonymous Login - SSH Password Cracking via Hydra - Privilege Escalation via tar |
| Metasploit | ---- |
| Lazy Admin | - Recursive Directory Enumeration - MySQL Backup File Enumeration - Sweet Rice XSS Exploit - Privilege Escalation via adding bash to a file |
| Overpass | - Source Code Reading - Broken Authentication Exploit via BurpSuite - SSH Private Key Cracking via JohnTheRipper - Privilege Escalation via CronJobs - Working with Host File |
| Anonymous | - Samba Enumeration - FTP Anonymous Login - File Content Manipulation (CronJobs) |
| VulnNet: Node | - NodeJS Express Framework Exploit via Cookies - File Content Manipulation |
| Anonforce | - FTP Anonymous Login - GPG Password Cracking via JohnTheRipper - Password Cracking via HashCat |
| Thompson | - Tomcat Error Page - WAR File Exploit |
| Ignite | - Fuel CMS RCE (CVE-2018-16763) - Default Credentials |
| Startup | - FTP Anonymous Login - Wireshark (Follow TCP Stream) |
| Brooklyn Nine Nine | - FTP Anonymous Login - SSH Password Cracking via Hydra - Privilege Escalation via less |
| Hydra | - Basic of Hydra - Crack Post Web Form- Crack SSH |
| Chocolate Factory | - FTP Anonymous Login - Command Injection Vulnerability - Reverse Engineering - SUIDs |