TryHackMe Networks

Introduction

We're releasing networks, where you can deploy your own network in TryHackMe rooms and learn new concepts that were previously not possible with a single machine.

Networks in rooms have a visual network map, which updates as you discover or compromise machines on the network.

Network map updating with newly discovered and compromised machines

Why Networks, and Why Now?

A lot of the content on TryHackMe focuses on stand alone virtual machines. This has been really great because it allows users to focus on particular techniques on individual components such as websites, network services and more. One down side of this is that it doesn't give the user a realistic experience of what to encounter in the real world; networks are used in almost every organisation and threats against networks can only be demonstrated and learnt through hands on experience. We've always focused on practical, real-world learning material and giving users' access to networks helps us fulfil this goal.

We have always taken an educational approach to teaching cyber security on TryHackMe - this is reflected by how rooms are structured. Our first network Throwback (more details later in the blog), simulate networks seen in the industry; we've added the complexity of a corporate network showing some very common attack paths. Instead of throwing users in the deep end and letting them figure how everything works, we're using a mixture of guided content and challenges to teach how networks can be vulnerable in many different ways.

Finally, we pride ourselves in being affordable. We've always worked on reducing barriers to entry for security, and one of these barriers is the cost. We want to provide high quality education that will be available for a reasonably low price! The first network we're releasing will be a paid course, the next network released will be for VIP Subscribers and then we will have networks freely available to everyone (yes you read that right)!

Future Plans

We've always built TryHackMe to be flexible and networks is no exception. Here are a few of our plans for the future:

  • Allowing users to upload their own machines, and configure their own vulnerable networks they can use in rooms they've created; we already do this for certain educational institutions as a bespoke service.
  • Releasing VIP Subscriber-only networks, followed by networks available for everyone (at no cost).
  • Integrating networks into King of the Hill, our competitive hacking game.
  • More courses with network integration and a CTF-like network

Our First Network - Throwback

A staple of modern hacking training, our first network is being released the week of the 17th of August: Throwback Hacks

Throwback Network Logo

Throwback is an Active Directory (AD) lab that teaches the fundamentals and core concepts of attacking a Windows network. The network simulates a realistic corporate environment that has several attack vectors you would expect to find in today’s organisations.

The lab uses a structured approach to guide users through exploiting the network, but requires you to put what you've learnt into practice, solving challenges as you go. The use of Windows to manage authentication and user identities in IT infrastructure today is so commonly used; as an aspiring security practitioner, it’s crucial to understand how this works and the network’s common weaknesses.

In this scenario, you’ll be assessing Throwback Hacks Security: a rather unfortunate security company that really doesn't practice much of what it preaches and subsequently has a network that is positively riddled with issues (and multiple paths for compromise). As our first network, this course will be targeted towards intermediate TryHackMe members as a separate package from our monthly subscription. Additionally, we'll have course material that accompanies the network which will cover the following topics (and more!):

  • Phishing and OSINT (with user emulation!)
  • Lateral Movement
  • Kerberos Abuse
  • Malicious Macros
  • Active Directory Enumeration & Exploitation
  • Attacking Mail Servers
  • Firewall Pivoting
  • Utilizing C2
  • Abusing Cross-Domain Trusts

Access to the network can be purchased so far in increments of either 30 or 45 days, albeit we're playing with these amounts a bit so they're subject to further change. Once available, you can find networks on the sidebar under networks:

Networks location on the dashboard.

Once in this menu, you'll be presented with an overview of Throwback as well as the various purchasing options:

Purchasing Options Preview

Throwback consists of eleven different machines, varying in difficulty and in purpose. Here's a quick preview of the layout within the control panel:

Throwback Hacks Network Control Panel Preview

Do note, to access this network you'll have to download a separate connection pack. You can select this from the access page per normal:

VPN Selection via the Access Page

Once connected, you'll be able to explore and start hacking the network. See if you compromise every machine and find every path to pwn Throwback Hacks!

One of the various services on the Throwback Hacks network

We're very fond of using the room like structure to provide access to content; users' don't just hack into virtual machines, but have access to supporting material to teach them various techniques. While progressing through room, users' also answer questions to ensure that they're on the right track and to reinforce their learning. We'll be applying the same approach to networks; you'll have plenty of material to guide you on what to do to provide an efficient and enjoyable learning experience.

The course will be $60 for 30 days of access (~£45); which works out to be $2 a day.

Frequently Asked Questions:

  • Is this included with a subscription? Unfortunately no, in this case we have networks available as a separate package. However, other networks will be available for both VIP and free users.
  • Is this a shared environment? Yes, the networks will be shared between roughly five or so users. This allows us to keep costs significantly lower overall.
  • Are we allowed to do videos/stream the network? Absolutely! You can stream/do videos over the network as much as you like, same as our other content. The only exceptions to this is that we ask you don't share the coursework.
  • Can we do write-ups on the network? Yeah :) Just again, keep the coursework out of these. You can refer to specific sections of the coursework though!
  • Will you have more networks in the future? Yup! We'll have one that's included with our normal subscription and eventually a free network. Of course these will vary in size from Throwback a fair bit.
  • Is there a certificate of completion? Yes, once you've managed to compromise every machine on the network, you can download a certificate to prove your skills to others.

As always, happy hacking! <3