| type | lab-note | ||
|---|---|---|---|
| status | wip | ||
| created | YYYY-MM-DD | ||
| updated | YYYY-MM-DD | ||
| tags |
|
||
| project | |||
| area | |||
| source | |||
| next_action | |||
| platform | tryhackme | ||
| room | |||
| slug | |||
| path | |||
| topic | |||
| domain | |||
| skills | |||
| artifacts |
|
||
| difficulty | |||
| sanitized | true |
- Objective: What the lab, room, or exercise is designed to teach.
- Core finding: The main security issue or defensive insight.
- Security impact: What an attacker or defender can realistically gain or lose.
- Primary remediation: The most important fix or control.
- Authorized lab or training target only.
- Replace live identifiers with canonical placeholders such as
TARGET_IP,TARGET_HOST,TARGET_URL,USER_A, andAPI_KEY_REDACTED. - Follow docs/placeholder-policy.md and validate materially edited public notes with
python scripts/check_placeholders.py <changed files>. - Exclude secrets, full exploit chains, and customer-specific data.
- Publish reasoning, decision points, and defensive takeaways instead of raw command spam.
- Entry points observed:
- Trust boundaries:
- Signals worth testing:
- Constraints that shaped the approach:
- Category: Vulnerability class or detection theme.
- Affected component: Endpoint, service, route, parser, workflow, or trust boundary.
- Root cause: Why the weakness exists.
- Exploitation logic: High-level reasoning, not a weaponized recipe.
- Impact: Confidentiality, integrity, availability, or detection impact.
- Remediation: Concrete engineering fix.
- Detection ideas: Logs, alerts, telemetry pivots, and control points.
- Generalizable lesson: What to reuse elsewhere.
- Why this path was tested:
- What was ruled out:
- What evidence changed the hypothesis:
- What should stay private or unpublished:
- Screenshots or artifacts kept under
assets/. - Sanitize usernames, tokens, domains, hostnames, and IP addresses before publishing.
- Prefer short narrative evidence summaries over raw dumps.
- Preventive controls:
- Detective controls:
- Hardening opportunities:
- Residual risk:
- Reusable pattern:
- Mistake to avoid next time:
- Reference worth re-reading:
- Vendor documentation
- Standards, ATT&CK, OWASP, NVD, or protocol references
- Official lab page if publication rules allow it