https://tryhackme.com/r/r3dBust3r/badges/90-day-streak

https://preview.redd.it/binpqb76af4e1.png?width=700&format=png&auto=webp&s=19c78659d7d115ed9053eed364bbd43179f9f40e

Hey everyone! I’ve uploaded my Day 1 of Advent of Cyber 2024! Today’s challenge is all about OPSEC (Operational Security), where we explore:

Best practices for operational security

Common failures and their consequences

Case-based scenarios with real-world examples

A hands-on lab to practice the concepts

🎥 Watch here: https://youtu.be/f_1xUoQ8Pg8

Room Link: https://tryhackme.com/r/room/adventofcyber2024

Perfect for beginners looking to strengthen their cybersecurity knowledge!

https://infosecwriteups.com/tryhackmes-advent-of-cyber-2024-day-01-writeup-2c4046d7f1ae

this guy done it asap

Are you able to do the Advent of Cyber late? As in could you start day 1 on days 3 and play catch up?

Hey there guys I learned some labs and gained some knowledge about xss, sql inj, authentication, csrf, ssrf and completed this labs from Portswigger labs.. I even tried to search vulnerability but nah.. Unable to find any is this knowledge enough? Or what I need to know what next about learning path? Do I still try about searching vulnerability or where can I get enough knowledge about it??

Day 1 I'm ready to learn and win

Hello,

I have 7 years of experience as a Software QA professional and am now seeking a technical role in cybersecurity. If you or someone you know is hiring, I’d love to connect! I’m open to relocation and excited to bring my skills to the cybersecurity field.

Thank you!

From just 1 day to an incredible 90-day hacking streak on TryHackMe!
Proud of the progress with 135 completed rooms, 22 badges, and a spot in the top 3%. The journey continues!

#CyberSecurity #TryHackMe #LearningByDoing

https://preview.redd.it/evk20emxq94e1.png?width=1366&format=png&auto=webp&s=1921f3aaa08e4666029f9f0ece21ea09dff34ede

I have done google cybersecurity professional certificate and now I have started doing thm ctfs. Hey, 20m Engineering student Im trying to build technical skills and avoid addiction. Im looking for someone to share our journals and compliment or motivate each other.

I know many of you would have already completed it but this is the first learning path I completed fully. Although, I started the jr. penetration learning path but I paused it at 40% when CyberSecurity 101 was launched. I just wanted to share it with you guys. Now I will focus back onto the jr. penetration learning path and complete it also. I am very happy that I slowly and gradually learnt all this stuff.

A big thanks to the tryhackme team😊😊

They are giving away 30% discount on monthly and annual subscription for THM premium to celebrate the Advent of Cyber, Use the code "AOC2024" on checkout.

Edit: Valid till 31st December, 2024

Edit 2: only applicable for annual subscriptions.

Seeing all these discounts it's really starting to annoy me that openvpn keeps dropping out and the Kali attack box suck and is so slow. I don't understand how a company that knows so much about systems haven't gotten it efficient and effective enough that you can actually keep to the times required to do the rooms.

Am I doing something wrong?

Based in Australia 🇦🇺

Hello, I would like to learn about cybersecurity, I am self-taught due to budget, any recommendations on free courses or books that can help me?

I have ordered some merch on October 28th, still no sign of it. DHL number stopped existing this week, no reply from the THM shop e-mail. The order was stuck in Texas DHL depot for a month and then just stopped existing.

I’m in Europe and maybe there was some issue with taxes or something, order was for like $20. Nothing life changing, but sad to not be able to get a reply and no way to track the package.

Hi all,

I plan on getting the tryhackme sale for the yearly sub before it runs out.

ive dabbled with the site as im learning my CompTIA trifecta and soon to be CySA and plan to continue using the site to learn all round cyber security.

Just wondering if people have found it useful putting on a resume like your rank about the site and using it to help answer things regarding interviews etc?

Kind Regards

It fails to work because NetworkManager's OpenVPN plugin is enforcing stricter cipher requirements than the command line client (which is why they say to use the command line to connect - its a workaround). The server is offering AES-256-CBC, but NetworkManager is only allowing newer AEAD ciphers (AES-256-GCM, AES-128-GCM, CHACHA20-POLY1305).

The way to resolve this is to configure NetworkManager to accept CBC ciphers by editing the connection:

nmcli connection modify YOUR_VPN_NAME +vpn.data "data-ciphers=AES-256-CBC:AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305"

Alternatively, TryHackMe could update their VPN servers to use more modern AEAD ciphers.

AES-CBC is an older encryption mode that's still secure when properly implemented but requires separate authentication and can't take advantage of modern hardware acceleration. Newer modes like AES-GCM and ChaCha20-Poly1305 are preferred since they provide built-in authentication and better performance, making them both more secure and efficient.

Hey everyone! I just created a new TryHackMe room focused on AI security fundamentals, with a special emphasis on penetration testing techniques and real-world applications. I’m excited to share what I’ve learned. I used some AI assistance to help me craft the content more clearly, but the goal is to make learning engaging and accessible for everyone. Check it out and let me know what you think!

https://tryhackme.com/r/room/aisecurityfundamentals

Just signed up with that black Friday deal. Is there an option for dark view or mode?

Hello everyone, I am having serious challenges installing the wpscan api token so that I can get the result of the vulnerability assessment result. somebody help me please

Okay, so I know how reverse shells work

Essentially, some firewalls don't allow inbound connections, but most do allow outbound, so to connect to your target, you upload a file that start's an outbound connection to your device, and using a scan listener you would see and interact with that connection.

But, my question is, how do you know when a device is vulnerable to this, and I don't mean vulnerable to the act of reverse shelling itself, but rather, if you have to already have access to a machine in order to upload the reverse shell, what's the point? How do you get previous access to the machine to upload the file in the first place

I never did anything with reverse shells, but understood them in principle, a few years ago I was teaching a friend to set them up, and for some reason I thought about reverse shells randomly tonight and started researching more on them, I was just watching a youtube video and out of nowhere thought about them not sure why, I guess it just sort of interested me

Obviously I know there's no set in stone way to do things but I was wondering what everyone else's methods of learning and getting familiar with new concepts in try hack me do since at the moment I've only been doing the rooms

Hello everyone! My career began with one simple thing: someone gave me a chance. Now, I’d like to pay it forward and give someone else that same opportunity.

I have partnered with TryHackMe, and we are giving away a total of 12 1-month subscription vouchers! (10 are sponsored by THM, huge thanks to them)

To enter, simply comment on this post explaining why you need it and how it will help you achieve your goals.

Best of luck to all! The giveaway will close in one week!

I’m reading and practicing on The Linux Command Line, 2nd Edition to learn Linux, but there’s a Black Friday discount on TryHackMe I don't want to miss it. Should I finish the book first or learn from both at the same time? Or should I just focus on THM? What’s the best approach?

does anyone know a way to take advantage of this deal if your monthly membership hasn't expired yet ?

ive contemplated making a new account and just copy pasting the answers to get this new account up to where i am in progress but i would loose the streak and this feels like too much working around just to save on the annual.

Hey Guys, This has been asked so many times before, and here we go again.
Discord is not verifying my cell so I cant communicate within the THM Discord channels..
So, what I would like to know is this: Is there anyone who would like to team up, do some CTF, push each other to become better and learn from one another?
If that's you , feel free to send me a friend request on Discord.

I do at least a couple modules a day, doesn't really matter what time, I'm at my PC all day

My discord name is : _groot_user_61911

So, I hit 180 days today after my ISP screwed me out of my original 90 (roughly 270 days on THM to clarify) and I was expecting a little more than a single 1 day freeze and a 365 goal. Considering that most of my rooms are actually completed on Saturdays, when I have the most free time (parenting and adulting sucks lol) is it even worth it to push for the 365 badge??