By now it is clear to both free members and subscribers, that TryHackMe has a daunting amount of content. From rooms, to write-ups, to video walkthroughs it can be difficult for new (and even seasoned) hackers to know where to start. Speaking with members of my team as well as many new-comers I decided to make a "guide" of what rooms to complete and when. The main purpose of this “guide” is to give some structure to those who are new to the game, hopefully allowing them to build a solid foundation from the beginning and building upon that every step of the way.
I’ve broken it down in what I call Waves. Each wave serves a specific purpose. The waves are comprised of a mixture of both the easy/medium walkthroughs as well as the easy CTFs. I have also split this guide into two different paths, a path for free members and a path for subscribers. Before we get into the specifics let’s go over the waves. Wave 1 is the Introduction. This is made up of a few of the most basic tools necessary for any hacker, a brief introduction to Linux/Windows operating systems, and finally the basics of Web Applications. Wave 2 is the Foundation of your knowledge. This wave contains much more Linux, Windows, and Web App hacking challenges and introduces a couple more tools. Wave 3 is the Expansion to more advanced concepts, ranging from Buffer Overflows, to more complex challenges, and again, more tools. Finally, Wave 4 is your Test, where it's time to demonstrate and solidify the knowledge you have learned. It is almost all CTFs/challenges.
Keep in mind that this guide stops at the “Easy” rated CTFs. Depending on the community response, later I will be making a “Hero to God” guide as well. You also may notice that not all “Easy” rooms are listed. At the bottom of this guide I will list the missing rooms that you can (and should) complete whenever you’d like. All rooms named in the guide are found in the "Hacktivities" tab under "Learn."
Free Member’s Guide
As I said, TryHackMe has an abundance if amazing content. Each wave will have you pivoting (yay, I got to work that term in) from Linux, to Windows, to Web Apps, and back again.
Looking at this you might ask what more could the "Subscriber" guide have that this doesn't? The short answer is Windows and Web Apps. The Subscriber guide has three times as many Windows walkthroughs, and two times as many Web Apps. It also has more Linux, additional tools, and six more CTF challenges. In a world dominated by Windows and Web Application testing quickly becoming a major industry, it might be worth seriously considering.
I apologise for the small print, there is just too much content! Anyways, that's the guide. I tried to make each wave build onto each-other and give students the ability to develop their skills on a strong foundation. Lastly, here is the list of missing rooms that I felt were more MISC style rooms and, although definitely worth doing, didn't make the cut.
If you like this guide please let me know! But, more importantly if you disagree with this guide please, please, please let me know! I made this with the hope of helping the community so if it is off it defeats the purpose! If you have a suggestion or critique please reach out. I try to be active on discord throughout the day, DM me at CatchUphacker#5486, or @CatchUpHacker on Twitter.