This is a community created path of extremely difficult rooms that will challenge you. While TryHackMe focuses on learning, the experts need to learn to and that requires much harder content. Enjoy! If you manage to complete this entire list, please message the Discord about it – it’s very hard! Some of these rooms have 2 - 3 solves, and some of them have been around for 2 years with only ~9 solves!...
Shodan.io is a search engine for the Internet of Things. Ever wondered how you can find publicly accessible CCTV cameras? What about finding out how many Pi-Holes are publicly accessible? Or whether your office coffee machine is on the internet? Shodan.io is the answer! Shodan scans the whole internet and indexes the services run on each IP address. Note: if you are following along, you’ll need a premium Shodan account....
I hate the current state of hacking education, or of hacking tools. None of it is accessible to any minority. In this post, I aim to distil some guidelines for making hacking accessible. I am by no means an expert. I don’t even work in A11Y. However, I do have some wonderful friends that do — and I am passionate about this subject. Why We Need to Focus on Accessibility Basic human rights An expansion in the infosec community of new tools, new learning platforms, and new hackers SEO It is legally required....
No talk about downloading things on BitTorrent. Or the best clients to do so. Just a deep-dive into the technical side of it. Anyone can read this article. Requires ZERO knowledge on networking or BitTorrent to read this. BitTorrent is one of the most common protocols for transferring large files. In February 2013, BitTorrent was responsible for 3.35% of all worldwide bandwidth, more than half of the 6% of total bandwidth dedicated to file sharing....
A hash function takes a message, m, and returns a pseudo-random string of letters/numbers which should be unique to that message. Let’s say the hash function returns “aBc67D” for the message “I love dogs”. This function should not return the same “aBc67D” for “Donuts are cool”. Hashing algorithms have 3 requirements: A hashing algorithm needs to be reasonably fast to compute and reasonably fast to verify. If you change one single bit anywhere in the message, the outputted string must look completely different....
Public key cryptography seems magical to everyone, even those who understand it. In this post, I’m going to explain public key cryptography. Public Key Cryptography is based on asymmetric cryptography, so first let us talk about symmetric cryptography. Symmetric Cryptography Your front door is usually locked by a key. This key unlocks & locks your front door. With symmetric cryptography, you have one key which you use to unlock and lock things....
Diffie-Hellman-Merkle is a way to share a secret key with someone (or something) without actually sending them the key. Before we look into how we share keys let’s first look into what keys are and why we would want to invent a method to share keys without giving the other person the key. Your front door is usually locked by a key. This key unlocks & locks your front door....