MITRE ATT&CK® is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK® framework has grown and expanded throughout the years. One notable expansion was that the framework focused solely on the Windows platform but has expanded to cover other platforms, such as macOS and Linux…

Passive Attack: This attack attempts to learn or use information from the systems but does not affect the system's resources. The goal of the opponent is to obtain the information being transmitted and that too without making any noise. Eavesdropping attack (Passive): In a passive eavesdropping attack, the hacker or sniffer program…

We will be solving the #adventofcyber2 room from TryHackMe. The progress will be posted every day. Task 6( Day 1): A Christmas Crisis On day 1, we are supposed to learn about the web, HTTPS protocol and Cookies in brief. The cookies are tiny little pieces of information that get stored on our computer and get sent…

This room aims to teach us about using a web-based code editor, learn the basics of Python and put our knowledge into practice by eventually coding a short Bitcoin investment project. This TryHackMe room can be accessed using this link: https://tryhackme.com/room/pythonbasics. Important: Please use the CODE HINT to either get…

This room aims to teach us how to use Metasploit for scanning, vulnerability assessment and exploitation. It can be accessed using the link: https://tryhackme.com/room/metasploitexploitation Task 2: Scanning We can scan the ports using Metasploit. We can list potential port scanning modules available using the search portscan command. CONCURRENCY: Number of targets to be…

This room is an introduction to the main components of the Metasploit Framework. It can be accessed using the link: https://tryhackme.com/room/metasploitintro Task 2: Main Components of Metasploit Auxiliary: Any supporting module, such as scanners, crawlers and fuzzers, can be found here. Encoders: Encoders will allow you to encode the exploit and payload in the hope that…

This room intends to play through a day in the life of a Junior Security Analyst, the responsibilities and qualifications needed to land a role as an analyst. This room can be accessed using this link: https://tryhackme.com/room/jrsecanalystintrouxo Task 1: A career as a Junior (Associate) Security Analyst

This room aims to teach how to leverage Nmap for service and OS detection, use Nmap Scripting Engine (NSE), and save the results. This room can be accessed using this link: https://tryhackme.com/room/nmap04 Task 2: Service Detection The flag used for service detection is -sV. Its intensive can be controlled using the banner — version-intensity…

This room aims to teach advanced techniques such as null, FIN, Xmas, and idle (zombie) scans, spoofing, in addition to FW and IDS evasion. This room can be accessed using the link: https://tryhackme.com/room/nmap03 Task 2: TCP Null Scan, FIN Scan, and Xmas Scan Flags for Null, Fin and Xmas Scans are -sN, -sF, and -sX respectively. In a null scan…