TryHackMe

One of our developers accidentally committed some sensitive code to our GitHub repository. Well, at least, that is what they told us… Introduction The challenge room for today is TryHackMe’s Commited room. Forensics is something that I need to work on, although this is less of a forensics room and more of a git knowledge room. More on that soon. Oh no, not again! One of our developers accidentally committed some sensitive code to our GitHub repository. Well, at least, that is what they told us… the problem is, we don’t remember what or where! Can you track down what we accidentally committed? ...

Apply learned skills to probe malicious emails and URLs, exposing a vast phishing campaign. Introduction It’s been a while since I’ve done a TryHackMe write-up. Initially this was all I ever wrote posts on up until I looked to some other platforms. We’re back today! Time for more Phishing analysis in today’s challenge; Snapped Phish-ing Line. We get quite a bit of an introduction to this room. Let’s go through it: As an IT department personnel of SwiftSpend Financial, one of your responsibilities is to support your fellow employees with their technical concerns. While everything seemed ordinary and mundane, this gradually changed when several employees from various departments started reporting an unusual email they had received. Unfortunately, some had already submitted their credentials and could no longer log in. ...

Catch the phish before the phish catches you. Introduction Back to a brand new (at the time of writing) TryHackMe room. There’s been a trend of Phishing related challenges lately on this blog. Being able to recognize phishing emails, and analyze the process of what happens when a phishing link is clicked is an important tool to have as an analyst. This challenge room is Easy. The information given is rather introductory as well, which is nice to see if you’re still starting out using THM. ...

We got our hands on a confidential case file from some self-declared “black hat hackers”… it looks like they have a secret invite code. Exciting introduction. Continuing on my recent binge of blue-team focused rooms, I’ll be doing the Confidential room today. From the looks of it this seems to be a very easy room. No need to get root access or run any nmap scans. In fact we don’t need to use any security-specific tools at all! ...

Introduction It’s time for more SOC Simulator challenges! Today I’ll be doing the Upload & Conquer scenario. You can find this on the scenarios page. This one is not another phishing-based scenario like my previous SOC simulator writeup. Phishing emails have a lot of red-flags that you can look out for. Once you know what to look for it can be fairly easy to spot. I don’t know if there will be any other phishing-based scenarios, but I’m always happy to see more content! ...