[{"content":"Day 1 - Try Hack Me Room Owasp top 10 https://tryhackme.com/room/owasptop10 Day 2 - Try Hack Me Room Owasp Juice Shop https://tryhackme.com/room/owaspjuiceshop Day 3 - Try Hack Me Room Windows Fundamentals https://tryhackme.com/room/windowsfundamentals1xbx https://tryhackme.com/room/winadbasics Day 4 - Information Disclosure Portswigger Academy https://portswigger.net/web-security/information-disclosure/exploiting/lab-infoleak-in-error-messages https://portswigger.net/web-security/information-disclosure/exploiting/lab-infoleak-in-version-control-history https://portswigger.net/web-security/information-disclosure/exploiting/lab-infoleak-authentication-bypass Day 5 - XSS Portswigger Academy https://portswigger.net/web-security/cross-site-scripting/reflected/lab-html-context-nothing-encoded https://portswigger.net/web-security/cross-site-scripting/stored/lab-html-context-nothing-encoded https://portswigger.net/web-security/cross-site-scripting/dom-based/lab-document-write-sink https://portswigger.net/web-security/cross-site-scripting/dom-based/lab-jquery-href-attribute-sink Day 6 - Mr r3b0t Vulnhub https://www.vulnhub.com/entry/bizarre-adventure-mrr3b0t,561/ Day 7 - Try Hack Me Room Active Directory Attack https://tryhackme.com/room/breachingad Day 8 - XXE Portswigger Academy https://portswigger.net/web-security/xxe/lab-exploiting-xxe-to-retrieve-files https://portswigger.net/web-security/xxe/lab-exploiting-xxe-to-perform-ssrf https://portswigger.net/web-security/xxe/lab-xxe-via-file-upload Day 9 - SSRF Portswigger Academy https://portswigger.net/web-security/ssrf/lab-basic-ssrf-against-backend-system https://portswigger.net/web-security/ssrf/lab-basic-ssrf-against-localhost https://portswigger.net/web-security/ssrf/lab-ssrf-filter-bypass-via-open-redirection Day 10 - Rickdiculouslyeasy Vulnhub https://www.vulnhub.com/entry/rickdiculouslyeasy-1,207/ Day 11 - Stickyfingers Vulnhub https://www.vulnhub.com/entry/bizarre-adventure-sticky-fingers,560/ Day 12 - Kioptrix Level 1.3 Vulnhub https://www.vulnhub.com/entry/kioptrix-level-13-4,25/ Day 13 - Bellatrix Vulnhub https://www.vulnhub.com/entry/hogwarts-bellatrix,609/ Day 14 - Try Hack Me Room Buffer Overflow Prep https://tryhackme.com/room/bufferoverflowprep Day 15 - OS Command Injection Portswigger Academy https://portswigger.net/web-security/server-side-template-injection/exploiting/lab-server-sidetemplate-injection-basic https://portswigger.net/web-security/os-command-injection/lab-simple https://portswigger.net/web-security/os-command-injection/lab-blind-time-delays Day 16 - File Upload Vulnerabilities Portswigger Academy https://portswigger.net/web-security/file-upload/lab-file-upload-remote-code-execution-via-web-shell-upload https://portswigger.net/web-security/file-upload/lab-file-upload-web-shell-upload-via-content-type-restriction-bypass https://portswigger.net/web-security/file-upload/lab-file-upload-web-shell-upload-via-race-condition Day 17 - Busqueda Hack The Box https://app.hackthebox.com/machines/Busqueda Day 18 - JWT Portswigger Academy https://portswigger.net/web-security/jwt/lab-jwt-authentication-bypass-via-unverified-signature https://portswigger.net/web-security/jwt/lab-jwt-authentication-bypass-via-flawed-signature-verification https://portswigger.net/web-security/jwt/lab-jwt-authentication-bypass-via-weak-signing-key https://portswigger.net/web-security/jwt/lab-jwt-authentication-bypass-via-jwk-header-injection https://portswigger.net/web-security/jwt/lab-jwt-authentication-bypass-via-jku-header-injection https://portswigger.net/web-security/jwt/lab-jwt-authentication-bypass-via-kid-header-path-traversal https://portswigger.net/web-security/jwt/algorithm-confusion/lab-jwt-authentication-bypass-via-algorithm-confusion Day 19 - Cat Mobile Hack The Box https://app.hackthebox.com/challenges/cat Day 20 - SuperMarket Hack The Box https://app.hackthebox.com/challenges/supermarket Day 21 - Joker Hack The Box https://app.hackthebox.com/challenges/joker Day 22 - Seattle Lab Buffer Overflow https://ys2k-iwnl.medium.com/buffer-overflow-exploiting-seattle-lab-mail-slmail-61b1f659c8dc https://github.com/CyberSecurityUP/Buffer-Overflow-Labs Day 23 - OnlyforYou Hack The Box https://app.hackthebox.com/machines/OnlyForYou Day 24 - Escape Hack The Box https://app.hackthebox.com/machines/Escape Day 25 - Insecure Deserialization Portswigger Academy https://portswigger.net/web-security/deserialization/exploiting/lab-deserialization-modifying-serialized-data-types https://portswigger.net/web-security/deserialization/exploiting/lab-deserialization-using-application-functionality-to-exploit-insecure-deserialization https://portswigger.net/web-security/deserialization/exploiting/lab-deserialization-arbitrary-object-injection-in-php https://portswigger.net/web-security/deserialization/exploiting/lab-deserialization-developing-a-custom-gadget-chain-for-java-deserialization Day 26 - Djinn3 Proving Ground Lab https://portal.offsec.com/ Day 27 - InsanityHosting Proving Ground Lab https://portal.offsec.com/ Day 28 - Flight Hack The Box https://app.hackthebox.com/machines/Flight Day 29 - Absolute Hack The Box https://app.hackthebox.com/machines/Absolute Day 30 - Joestar Vulnhub https://www.vulnhub.com/entry/bizarre-adventure-joestar,590/ ","permalink":"https://buetsec.github.io/posts/30-days-of-pentest/","summary":"Day 1 - Try Hack Me Room Owasp top 10 https://tryhackme.com/room/owasptop10 Day 2 - Try Hack Me Room Owasp Juice Shop https://tryhackme.com/room/owaspjuiceshop Day 3 - Try Hack Me Room Windows Fundamentals https://tryhackme.com/room/windowsfundamentals1xbx https://tryhackme.com/room/winadbasics Day 4 - Information Disclosure Portswigger Academy https://portswigger.net/web-security/information-disclosure/exploiting/lab-infoleak-in-error-messages https://portswigger.net/web-security/information-disclosure/exploiting/lab-infoleak-in-version-control-history https://portswigger.net/web-security/information-disclosure/exploiting/lab-infoleak-authentication-bypass Day 5 - XSS Portswigger Academy https://portswigger.net/web-security/cross-site-scripting/reflected/lab-html-context-nothing-encoded https://portswigger.net/web-security/cross-site-scripting/stored/lab-html-context-nothing-encoded https://portswigger.net/web-security/cross-site-scripting/dom-based/lab-document-write-sink https://portswigger.net/web-security/cross-site-scripting/dom-based/lab-jquery-href-attribute-sink Day 6 - Mr r3b0t Vulnhub https://www.","title":"30 Days of Pentesting"},{"content":"Welcome to the BUET Cyber Security Club!\nEstablished on April 5, 2023, the BUET Cyber Security Club is a passionate and driven community of cybersecurity enthusiasts at the Bangladesh University of Engineering and Technology (BUET). Our mission is to foster a strong culture of cybersecurity awareness, knowledge sharing, and practical skill development among students interested in this dynamic field.\nSince Januray 2023, the club has conducted a full-day workshop on Capture-The-Flag competition followed by the Intra BUET CTF Competition 2023. This exciting event offered an opportunity for students within BUET to put their cybersecurity knowledge to the test in a friendly and competitive environment. The workshop was led by industry professionals and experienced club members who share their expertise and guide participants through various aspects of cybersecurity.\nCollaboration is at the core of our club\u0026rsquo;s values. We actively seek partnerships with other student organizations, industry professionals, and academic institutions to broaden our network and create opportunities for our members. Through these collaborations, we aim to stay at the forefront of cybersecurity developments, exchange knowledge, and contribute to the larger cybersecurity community. If you\u0026rsquo;re a student of Bangladesh University of Engineering \u0026amp; Technology willing to be a club member, reach us out through our Facebook page.\nFounding Members Dr. Md. Shohrab Hossain (Moderator) Toufik Zaman Pranto (Coordinator) BUET CSE 17 Batch\n Al Arafat Tanin Ataf Fazledin Ahamed Sheikh Azizul Hakim Tawsif Shahriar Dipto Maisha Rahman Zuhair Zaki Fahmid Al Rifat Shafayat Hossain Majumder Shayekh Bin Islam BUET CSE 18 Batch\n Shehabul Islam Sawraz Abdullah Al Fahad ","permalink":"https://buetsec.github.io/about/","summary":"Welcome to the BUET Cyber Security Club!\nEstablished on April 5, 2023, the BUET Cyber Security Club is a passionate and driven community of cybersecurity enthusiasts at the Bangladesh University of Engineering and Technology (BUET). Our mission is to foster a strong culture of cybersecurity awareness, knowledge sharing, and practical skill development among students interested in this dynamic field.\nSince Januray 2023, the club has conducted a full-day workshop on Capture-The-Flag competition followed by the Intra BUET CTF Competition 2023.","title":"About"},{"content":"Getting Started নিচের জিনিসগুলায় একটু ভালো ধারনা শুরুতে থাকা লাগবে। আর কোনো কিছু না বুঝলে, না জানলে খালি Google করবা। শুরুতে একটু বেশিই ঘাটাঘাটি করে শিখা লাগবে, এইটা একটা ইম্পর্ট্যান্ট ফেজ।\nBasic Theory\n Cryptography XOR, Ciphers, Hashing, Encryption (Basic) Modular Arithmetic (Advanced) Programming Language\n Python (একদম মাস্ট, সিটিএফ এর সব চ্যালেঞ্জ পাইথন দিয়ে সলভ করা যায়) C++ Tools\n Crypto Tools: cyberchef, dcode.fr Linux Practice Platforms Beginner Level:\n Over The Wire PicoCTF (এইটা একদম Best, এটার চ্যালেঞ্জ সলভ করে মজা পাবা, আর এইটার আন্সার গিটহাবে পাওয়া যায়) Medium Level:\n Try Hack Me Cyber Talents (এদের কিছু চ্যালেঞ্জ ব্রোকেন, আন্সার মিলে না) Advanced:\n Hack The Box Social Communication সিটিএফে একা বেশিদূর আগানো যায় না। একটা টিম থাকা লাগবে, যেহেতু সিটিএফ কম্পিটিশন গুলায় টিম হিসেবে দিতে হয়। আর নিচের সোশ্যাল সাইট গুলায় একটু এক্টিভিটি থাকা লাগবে।\nDiscord Servers\nYou MUST have a Discord account and use it regularly. You’ll find a LOT of Discord Communities who share and practice CTFs. এইখানে বেশ কিছু রাইটাপ (Write Up) পাবা। রাইটাপ হচ্ছে কোনো একটা সিটিএফ এর চ্যালেঞ্জ এর সলুশ্যন।\nSome of them are:\n BUET CTFers (আমাদের বুয়েটের কমিউনিটি) CTF BD Hacker 101 Facebook Groups\n CTF Community BD (এটায় জয়েন করা মাস্ট) YouTube Channels John Hammond (খুবই হেল্পফুল টিউটোরিয়াল বানায় চ্যালেঞ্জ সল্ভ করে) Rana Khalil Live Overflow Some Informal Guidelines সবচেয়ে ইম্পর্ট্যান্ট যে জিনিসটা, সেইটা হচ্ছে কন্সিস্টেন্সি বজায় রাখা। ডেইলি না হলেও সপ্তাহে ১ দিনে একটু বসতে হবে পিসিতে, আর চ্যালেঞ্জ সলভ করতে হবে (ইজি বা হার্ড চ্যালেঞ্জ নাকি ম্যাটার করে না)। আর, গিটহাবে একটা রিপো খুলে সেইখানে সলুশন গুলা ডেইলি কমিট করার অভ্যাস রাখবা। এতে করে দুইটা হেল্প হবে, এক হচ্ছে কোনো এক কম্পিটিশনে নিজের করা স্ক্রিপ্ট ইজিলি ইউজ করতে পারবা এবং দুই, পরে যখন তোমার রিপো বাড়তে থাকবে, নিজেরই ভালো লাগবে- আগ্রহ বাড়বে। আর কোনো প্রবলেমে আটকায় গেলে গুগল করবা, রাইটাপ পড়ে বুঝবা। তারপর সেইটা ফলো করে সলভ করবা- এইটা খারাপ কিছু না। বরং দেখা যাবে এই দেখে দেখে সলভ করে করে জিনিস শিখে গেছো।\nসিটিএফে শুরুর দিকে বেশ ঝামেলা পোহাতে হয়, যেহেতু অনেক ক্যাটাগরি- কোনটা ছেড়ে কোনটা দিয়ে শুরু করবো বুঝা যায় না। এই ক্ষেত্রে বলবো ক্রিপ্টোগ্রাফি, রিভার্স, স্টেগানোগ্রাফি, এবং ফরেন্সিক- এই সিরিয়ালে আগাতে।\n ক্রিপ্টোগ্রাফির ক্ষেত্রে থিওরি এবং টুলস ইউজ শেখা দরকার একদম, তারপর মোটামুটি সব প্রবলেম কম বেশি সলভ করা যায়। রিভার্সের ক্ষেত্রে Ghidra, Ida, Dogbolt শেখা দরকার, C/C++ বাইনারি সলভ করার জন্য। আর Java/Kotlin বেজড রিভার্স প্রবলেম সলভ করার জন্য IntelliJ IDEA থাকলেই হবে, সেখানে JAR ফাইল লোড করে খুব ইজিলি রিভার্স এবং ডিবাগ করা যায়। স্টেগানোগ্রাফির জন্য মূলত কিছু টুলস জানা থাকলেই হবে, যেমন- Steghide, Binwalk, Exiftool, OpenStego ইত্যাদি। ফরেন্সিক বেশ ভাস্ট একটা টপিক, বিগিনারদের জন্য Wireshark, Foremost, Autopsy দিয়ে শুরু করা যেতে পারে। এখন বাকি হচ্ছে OSINT এবং Web। OSINT এর জন্য প্রচুর খাটা লাগবে, Google Dork, Shodan ইত্যাদি ইউজ করা লাগবে, বিভিন্ন OSINT Framework পাওয়া যায়, সেগুলা ট্রাই করতে হবে, বিগিনার হিসেবে এগুলাতে বেশি ফোকাস না করতে সাজেস্ট করবো। আর Web এর ম্যাক্সিমাম চ্যালেঞ্জ হয়ে থাকে XSS, CSRF, SSRF এর উপর বেজড করে। এইক্ষেত্রে দেখা যায় চ্যালেঞ্জগুলো হয়ে যায় বাগ বাউন্টি টাইপের। এবং সিটিএফে এগুলা যারা সল্ভ করে, তারা বাগ বাউন্টি এক্সপার্ট হয়ে থাকে, অনেক Automation টুলস, ভিপিএস ইত্যাদি ইউজ করে থাকে। সেক্ষেত্রে Web চ্যালেঞ্জ সলভ করা বেশ টাইম ওয়েস্টিং ব্যাপার হয়ে থাকে, তাই এক্ষেত্রে শুরুতে Web সলভ করতে না যাওয়াই ভালো। বাকি চ্যালেঞ্জ সলভ করে মোটামুটি একটা ভালো পজিশনে থাকা যায়। এই হচ্ছে মূলত বিগিনারদের জন্য সিটিএফ নিয়ে কিছু গাইডলাইন। কন্সিস্টেন্সি, প্র্যাকটিস বজায় রেখে আগাতে থাকলে নিজে নিজেই নতুন টুলস এবং সল্যুশন এর ব্যাপারে ধারণা চলে আসবে। আর যেটা বললাম, কমিউনিটি কানেকশন রাখতে হবে, নিয়মিত রাইটাপ পড়তে হবে।\n","permalink":"https://buetsec.github.io/posts/beginners-guide-to-ctf/","summary":"Getting Started নিচের জিনিসগুলায় একটু ভালো ধারনা শুরুতে থাকা লাগবে। আর কোনো কিছু না বুঝলে, না জানলে খালি Google করবা। শুরুতে একটু বেশিই ঘাটাঘাটি করে শিখা লাগবে, এইটা একটা ইম্পর্ট্যান্ট ফেজ।\nBasic Theory\n Cryptography XOR, Ciphers, Hashing, Encryption (Basic) Modular Arithmetic (Advanced) Programming Language\n Python (একদম মাস্ট, সিটিএফ এর সব চ্যালেঞ্জ পাইথন দিয়ে সলভ করা যায়) C++ Tools\n Crypto Tools: cyberchef, dcode.fr Linux Practice Platforms Beginner Level:","title":"Beginner’s Guide to Capture The Flag 🏴"},{"content":"Reach Us 📩 Email: buetsec@gmail.com 🌐 Facebook: https://fb.me/buetsec 🤖 GitHub: https://github.com/buetsec Logo and Branding Materials BUETSEC_Logo.ai BUETSEC_Logo.pdf ","permalink":"https://buetsec.github.io/contact/","summary":"Reach Us 📩 Email: buetsec@gmail.com 🌐 Facebook: https://fb.me/buetsec 🤖 GitHub: https://github.com/buetsec Logo and Branding Materials BUETSEC_Logo.ai BUETSEC_Logo.pdf ","title":"Contact"},{"content":"Problemset Link You can find the problemset here: https://github.com/buetsec/intra-buet-ctf-2023-problemset\nProblems Category Cryptography Web Forensics Reverse Engineering Steganography OSINT Misc Flag Format The flag format used here was\n buet{some_text} BUET{some_text} Contributions rng70 (Al Arafat Tanin) · GitHub fazledyn (Ataf Fazledin Ahamed) · GitHub MrMajumder (Shafayat Hossain Majumder) · GitHub tawsifshahriar7 (Tawsif Shahriar) · GitHub alfahadarc (Abdullah Al Fahad) · GitHub C0d3Hunt3r (Shehabul-Islam-Sawraz) · GitHub Sourov72 (Sourov Jajodia) · GitHub Fahmid-Al-Rifat · GitHub ZuhairZaki (S. M. Zuhair Zaki) · GitHub ","permalink":"https://buetsec.github.io/posts/intra-buet-ctf-2023-problemset/","summary":"Problemset Link You can find the problemset here: https://github.com/buetsec/intra-buet-ctf-2023-problemset\nProblems Category Cryptography Web Forensics Reverse Engineering Steganography OSINT Misc Flag Format The flag format used here was\n buet{some_text} BUET{some_text} Contributions rng70 (Al Arafat Tanin) · GitHub fazledyn (Ataf Fazledin Ahamed) · GitHub MrMajumder (Shafayat Hossain Majumder) · GitHub tawsifshahriar7 (Tawsif Shahriar) · GitHub alfahadarc (Abdullah Al Fahad) · GitHub C0d3Hunt3r (Shehabul-Islam-Sawraz) · GitHub Sourov72 (Sourov Jajodia) · GitHub Fahmid-Al-Rifat · GitHub ZuhairZaki (S.","title":"Intra BUET Capture The Flag 2023 Problemset"},{"content":"BUET CSE 18 Batch\n Shehabul Islam Sawraz Abdullah Al Fahad Kazi Ababil Azam Talha Maneesha Rani Saha K.M Asifur Rahman Sanju Basak Nazmul Islam Ananto BUET CSE 19 Batch\n Tanvir Saad Abir Muhtasim Anindya Hoque Sabah Ahmed BUET CSE 20 Batch\n Turjoy Dey ","permalink":"https://buetsec.github.io/team/","summary":"BUET CSE 18 Batch\n Shehabul Islam Sawraz Abdullah Al Fahad Kazi Ababil Azam Talha Maneesha Rani Saha K.M Asifur Rahman Sanju Basak Nazmul Islam Ananto BUET CSE 19 Batch\n Tanvir Saad Abir Muhtasim Anindya Hoque Sabah Ahmed BUET CSE 20 Batch\n Turjoy Dey ","title":"Team Members"},{"content":"Hey Guys, here is a list of 350+ Free TryHackMe rooms to start learning hacking. I have arranged and compiled it according to different topics so that you can start hacking right away.\nAll the rooms mentioned here are absolute free. ENJOY!!\nMaintainer This repository is maintained by Al Arafat Tanin | rng70. For any suggestion feel free to reach me.\n Table of Contents Name of Topic Number of Rooms Number of Completed Rooms Introductory Rooms 10 Linux Fundamentals 5 5 Windows Fundamentals 3 Basic Rooms 9 Reconnaissance 10 Scripting 8 Networking 7 Tooling 17 Crypto \u0026amp; Hashes 5 Steganography 6 Web 27 Android 1 Forensics 5 Wifi Hacking 1 Reverse Engineering 11 Malware Analysis 7 Privilege Escalation 13 Windows 7 Active Directory 5 PCAP Analysis 4 Buffer Overflow 4 Easy CTF 58 Medium CTF 73 Hard CTF 38 Misc 35 Special Events 9 Total Rooms: = 378 Intro Rooms TryHackMe | Welcome\n TryHackMe | How to use TryHackMe\n TryHackMe | Welcome\n TryHackMe | Tutorial\n TryHackMe | OpenVPN\n TryHackMe | Learning Cyber Security\n TryHackMe | Starting Out In Cyber Sec\n TryHackMe | Introductory Researching\n TryHackMe | CC: Pen Testing\n TryHackMe | Regular expressions\n Linux Fundamentals TryHackMe | Learn Linux\n TryHackMe | Linux Modules\n TryHackMe | Linux Fundamentals Part 1\n TryHackMe | Linux Fundamentals Part 2\n TryHackMe | Linux Fundamentals Part 3\n Windows Fundamentals TryHackMe | Windows Fundamentals 1\n TryHackMe | Windows Fundamentals 2\n TryHackMe | Windows Fundamentals 3\n Basics Rooms TryHackMe | Basic Pentesting\n TryHackMe | Pentesting Fundamentals\n TryHackMe | Principles of Security\n TryHackMe | The Hacker Methodology\n TryHackMe | Physical Security Intro\n TryHackMe | Linux Strength Training\n TryHackMe | OpenVAS\n TryHackMe | ISO27001\n TryHackMe | UltraTech\n Recon TryHackMe | Passive Reconnaissance\n TryHackMe | Active Reconnaissance\n TryHackMe | Content Discovery\n TryHackMe | OhSINT\n TryHackMe | Shodan.io\n TryHackMe | Google Dorking\n TryHackMe | WebOSINT\n TryHackMe | Sakura Room\n TryHackMe | Red Team Recon\n TryHackMe | Searchlight - IMINT\n Scripting TryHackMe | Python Basics\n TryHackMe | Python Playground\n TryHackMe | Intro PoC Scripting\n TryHackMe | Peak Hill\n TryHackMe | JavaScript Basics\n TryHackMe | Bash Scripting\n TryHackMe | Learn Rust\n TryHackMe | Why Subscribe\n Networking TryHackMe | Introductory Networking\n TryHackMe | What is Networking?\n TryHackMe | Networking\n TryHackMe | Intro to LAN\n TryHackMe | HTTP in detail\n TryHackMe | DNS in detail\n TryHackMe | Dumping Router Firmware\n Tooling TryHackMe | Metasploit: Introduction\n TryHackMe | Metasploit: Introduction\n TryHackMe | tmux\n TryHackMe | REmux The Tmux\n TryHackMe | Hydra\n TryHackMe | Sublist3r\n TryHackMe | Toolbox: Vim\n TryHackMe | Introduction to OWASP ZAP\n TryHackMe | Phishing: HiddenEye\n TryHackMe | RustScan\n TryHackMe | Nessus\n TryHackMe | Nmap Live Host Discovery\n TryHackMe | Nmap\n TryHackMe | TShark\n TryHackMe | ffuf\n TryHackMe | Burp Suite: The Basics\n TryHackMe | Burp Suite: Repeater\n Crypto \u0026amp; Hashes TryHackMe | Cryptography for Dummies\n TryHackMe | Crack the hash\n TryHackMe | Crack The Hash Level 2\n TryHackMe | Agent Sudo\n TryHackMe | Brute It\n Steganography TryHackMe | CC: Steganography\n TryHackMe | Cicada-3301 Vol:1\n TryHackMe | Musical Stego\n TryHackMe | Madness\n TryHackMe | Psycho Break\n TryHackMe | Unstable Twin\n Web TryHackMe | HTTP in detail\n TryHackMe | WebAppSec 101\n TryHackMe | Vulnerabilities 101\n TryHackMe | Walking An Application\n TryHackMe | OWASP Top 10\n TryHackMe | OWASP Juice Shop\n TryHackMe | Web Scanning\n TryHackMe | OWASP Mutillidae II\n TryHackMe | WebGOAT\n TryHackMe | DVWA\n TryHackMe | VulnNet\n TryHackMe | Juicy Details\n TryHackMe | Vulnversity\n TryHackMe | Injection\n TryHackMe | LFI Basics\n TryHackMe | Inclusion\n TryHackMe | SQL Injection Lab\n TryHackMe | SSTI\n TryHackMe | SQL Injection\n TryHackMe | Basic Pentesting\n TryHackMe | OWASP Juice Shop\n TryHackMe | Ignite\n TryHackMe | Overpass\n TryHackMe | Year of the Rabbit\n TryHackMe | Develpy\n TryHackMe | Jack-of-All-Trades\n TryHackMe | Bolt\n Android TryHackMe | Android Hacking 101 Forensics TryHackMe | Linux Server Forensics\n TryHackMe | Forensics\n TryHackMe | Memory Forensics\n TryHackMe | Volatility\n TryHackMe | Disk Analysis \u0026amp; Autopsy\n Wi-Fi Hacking TryHackMe | Wifi Hacking 101 Reverse Engineering TryHackMe | Intro to x86-64\n TryHackMe | Windows x64 Assembly\n TryHackMe | Reverse Engineering\n TryHackMe | Reversing ELF\n TryHackMe | JVM Reverse Engineering\n https://tryhackme.com/room/ccradare\n TryHackMe | CC: Radare2\n TryHackMe | CC: Ghidra\n TryHackMe | Aster\n TryHackMe | Classic Passwd\n TryHackMe | REloaded\n Malware Analysis TryHackMe | History of Malware\n TryHackMe | MAL: Malware Introductory\n TryHackMe | Basic Malware RE\n TryHackMe | MAL: Researching\n TryHackMe | Mobile Malware Analysis\n TryHackMe | Carnage\n TryHackMe | Dunkle Materie\n PrivEsc TryHackMe | Linux Privilege Escalation\n TryHackMe | Linux PrivEsc\n TryHackMe | Linux PrivEsc Arena\n TryHackMe | Windows PrivEsc\n TryHackMe | Windows PrivEsc Arena\n TryHackMe | Linux Agency\n TryHackMe | Sudo Security Bypass\n TryHackMe | Sudo Buffer Overflow\n TryHackMe | Blaster\n TryHackMe | Ignite\n TryHackMe | Kenobi\n TryHackMe | c4ptur3-th3-fl4g\n TryHackMe | Pickle Rick\n Windows TryHackMe | Investigating Windows\n TryHackMe | Investigating Windows 2.0\n TryHackMe | Investigating Windows 3.x\n TryHackMe | Blueprint\n TryHackMe | VulnNet: Active\n TryHackMe | Anthem\n TryHackMe | Blue\n Active Directory TryHackMe | Attacktive Directory\n TryHackMe | Post-Exploitation Basics\n TryHackMe | USTOUN\n TryHackMe | Enterprise\n TryHackMe | RazorBlack\n PCAP Analysis TryHackMe | h4cked\n TryHackMe | Carnage\n TryHackMe | CCT2019\n TryHackMe | Overpass 2 - Hacked\n BufferOverflow TryHackMe | Buffer Overflow Prep\n TryHackMe | Gatekeeper\n TryHackMe | Chronicle\n TryHackMe | Intro To Pwntools\n Easy CTF TryHackMe | GamingServer\n TryHackMe | OverlayFS - CVE-2021-3493\n TryHackMe | Psycho Break\n TryHackMe | Bounty Hacker\n TryHackMe | Fowsniff CTF\n TryHackMe | RootMe\n TryHackMe | AttackerKB\n TryHackMe | Pickle Rick\n TryHackMe | c4ptur3-th3-fl4g\n TryHackMe | Library\n TryHackMe | Thompson\n TryHackMe | Simple CTF\n TryHackMe | LazyAdmin\n TryHackMe | Anonforce\n TryHackMe | Ignite\n TryHackMe | Wgel CTF\n TryHackMe | Kenobi\n TryHackMe | Dav\n TryHackMe | Ninja Skills\n TryHackMe | Ice\n TryHackMe | Lian_Yu\n TryHackMe | The Cod Caper\n TryHackMe | Blaster\n TryHackMe | Encryption - Crypto 101\n TryHackMe | Brooklyn Nine Nine\n TryHackMe | Year of the Rabbit\n TryHackMe | Jack-of-All-Trades\n TryHackMe | Madness\n TryHackMe | KoTH Food CTF\n TryHackMe | Easy Peasy\n TryHackMe | Tony the Tiger\n TryHackMe | CTF collection Vol.1\n TryHackMe | Smag Grotto\n TryHackMe | Couch\n TryHackMe | Source\n TryHackMe | Overpass\n TryHackMe | Gotta Catch'em All!\n TryHackMe | Bolt\n TryHackMe | Overpass 2 - Hacked\n TryHackMe | kiba\n TryHackMe | Poster\n TryHackMe | Chocolate Factory\n TryHackMe | Startup\n TryHackMe | Chill Hack\n TryHackMe | ColddBox: Easy\n TryHackMe | GLITCH\n TryHackMe | All in One\n TryHackMe | Archangel\n TryHackMe | Cyborg\n TryHackMe | Lunizz CTF\n TryHackMe | Badbyte\n TryHackMe | Team\n TryHackMe | VulnNet: Node\n TryHackMe | VulnNet: Internal\n TryHackMe | Atlas\n TryHackMe | VulnNet: Roasted\n TryHackMe | Cat Pictures\n TryHackMe | Mustacchio\n Medium CTF TryHackMe | Mr Robot CTF\n TryHackMe | GoldenEye\n TryHackMe | StuxCTF\n TryHackMe | Boiler CTF\n TryHackMe | HA Joker CTF\n TryHackMe | Biohazard\n TryHackMe | Break it\n TryHackMe | Willow\n TryHackMe | The Marketplace\n TryHackMe | Nax\n TryHackMe | Mindgames\n TryHackMe | Anonymous\n TryHackMe | Blog\n TryHackMe | Wonderland\n TryHackMe | 0day\n TryHackMe | Develpy\n TryHackMe | CTF collection Vol.2\n TryHackMe | CMesS\n TryHackMe | Deja Vu\n TryHackMe | hackerNote\n TryHackMe | dogcat\n TryHackMe | ConvertMyVideo\n TryHackMe | KoTH Hackers\n TryHackMe | Revenge\n TryHackMe | harder\n TryHackMe | HaskHell\n TryHackMe | Undiscovered\n TryHackMe | Break Out The Cage\n TryHackMe | The Impossible Challenge\n TryHackMe | Looking Glass\n TryHackMe | Recovery\n TryHackMe | Relevant\n TryHackMe | Ghizer\n TryHackMe | Mnemonic\n TryHackMe | WWBuddy\n TryHackMe | The Blob Blog\n TryHackMe | Cooctus Stories\n TryHackMe | One Piece\n TryHackMe | toc2\n TryHackMe | NerdHerd\n TryHackMe | Kubernetes Chall TDI 2020\n TryHackMe | The Server From Hell\n TryHackMe | Jacob the Boss\n TryHackMe | Unbaked Pie\n TryHackMe | Bookstore\n TryHackMe | Overpass 3 - Hosting\n TryHackMe | battery\n TryHackMe | Madeye's Castle\n TryHackMe | En-pass\n TryHackMe | Sustah\n TryHackMe | KaffeeSec - SoMeSINT\n TryHackMe | Tokyo Ghoul\n TryHackMe | Watcher\n TryHackMe | broker\n TryHackMe | Inferno\n TryHackMe | VulnNet: dotpy\n TryHackMe | Wekor\n TryHackMe | pyLon\n TryHackMe | The Great Escape\n TryHackMe | SafeZone\n TryHackMe | NahamStore\n TryHackMe | Sweettooth Inc.\n TryHackMe | CMSpit\n TryHackMe | Super-Spam\n TryHackMe | That's The Ticket\n TryHackMe | Debug\n TryHackMe | Red Stone One Carat\n TryHackMe | Cold VVars\n TryHackMe | Metamorphosis\n TryHackMe | SQHell\n TryHackMe | Fortress\n TryHackMe | CyberCrafted\n TryHackMe | Road\n Hard CTF TryHackMe | Motunui\n TryHackMe | Spring\n TryHackMe | Brainpan 1\n TryHackMe | Borderlands\n TryHackMe | hc0n Christmas CTF\n TryHackMe | Daily Bugle\n TryHackMe | Retro\n TryHackMe | Jeff\n TryHackMe | Racetrack Bank\n TryHackMe | Dave's Blog\n TryHackMe | CherryBlossom\n TryHackMe | CCT2019\n TryHackMe | Iron Corp\n TryHackMe | Carpe Diem 1\n TryHackMe | Ra\n TryHackMe | Year of the Fox\n TryHackMe | For Business Reasons\n TryHackMe | Anonymous Playground\n TryHackMe | Misguided Ghosts\n TryHackMe | Theseus\n TryHackMe | Internal\n TryHackMe | Year of the Dog\n TryHackMe | You're in a cave\n TryHackMe | Year of the Owl\n TryHackMe | Year of the Pig\n TryHackMe | envizon\n TryHackMe | GameBuzz\n TryHackMe | Fusion Corp\n TryHackMe | Crocc Crew\n TryHackMe | Uranium CTF\n TryHackMe | Year of the Jellyfish\n TryHackMe | Rocket\n TryHackMe | Squid Game\n TryHackMe | EnterPrize\n TryHackMe | Different CTF\n TryHackMe | VulnNet: dotjar\n TryHackMe | M4tr1x: Exit Denied\n TryHackMe | Shaker\n Misc TryHackMe | Introduction to Django\n TryHackMe | Git Happens\n TryHackMe | Meltdown Explained\n TryHackMe | Splunk\n TryHackMe | Linux Backdoors\n TryHackMe | Jupyter 101\n TryHackMe | Geolocating Images\n TryHackMe | Tor\n TryHackMe | tomghost\n TryHackMe | DLL HIJACKING\n TryHackMe | Intro to IoT Pentesting\n TryHackMe | Attacking ICS Plant #1\n TryHackMe | Attacking ICS Plant #2\n TryHackMe | Printer Hacking 101\n TryHackMe | DNS Manipulation\n TryHackMe | Introduction to Flask\n TryHackMe | MITRE\n TryHackMe | magician\n TryHackMe | JPGChat\n TryHackMe | Baron Samedit\n TryHackMe | CVE-2021-41773/42013\n TryHackMe | Binary Heaven\n TryHackMe | Git and Crumpets\n TryHackMe | Polkit: CVE-2021-3560\n TryHackMe | Hip Flask\n TryHackMe | Bypass Disable Functions\n TryHackMe | Wordpress: CVE-2021-29447\n TryHackMe | Linux Function Hooking\n TryHackMe | REvil Corp\n TryHackMe | Sudo Buffer Overflow\n TryHackMe | Sudo Security Bypass\n TryHackMe | Solar, exploiting log4j\n TryHackMe | Conti\n TryHackMe | Dirty Pipe: CVE-2022-0847\n TryHackMe | The find command\n Special Events TryHackMe | 25 Days of Cyber Security\n TryHackMe | Advent of Cyber 1 [2019]\n TryHackMe | Advent of Cyber 2 [2020]\n TryHackMe | Advent of Cyber 3 (2021)\n TryHackMe | Advent of Cyber 2022\n TryHackMe | Cyber Scotland 2021\n TryHackMe | Hacker of the Hill #1\n TryHackMe | Learn and win prizes\n TryHackMe | Learn and win prizes #2\n ","permalink":"https://buetsec.github.io/posts/tryhackme-roadmap/","summary":"Hey Guys, here is a list of 350+ Free TryHackMe rooms to start learning hacking. I have arranged and compiled it according to different topics so that you can start hacking right away.\nAll the rooms mentioned here are absolute free. ENJOY!!\nMaintainer This repository is maintained by Al Arafat Tanin | rng70. For any suggestion feel free to reach me.\n Table of Contents Name of Topic Number of Rooms Number of Completed Rooms Introductory Rooms 10 Linux Fundamentals 5 5 Windows Fundamentals 3 Basic Rooms 9 Reconnaissance 10 Scripting 8 Networking 7 Tooling 17 Crypto \u0026amp; Hashes 5 Steganography 6 Web 27 Android 1 Forensics 5 Wifi Hacking 1 Reverse Engineering 11 Malware Analysis 7 Privilege Escalation 13 Windows 7 Active Directory 5 PCAP Analysis 4 Buffer Overflow 4 Easy CTF 58 Medium CTF 73 Hard CTF 38 Misc 35 Special Events 9 Total Rooms: = 378 Intro Rooms TryHackMe | Welcome","title":"TryHackMe Road Map"}]