#room-ideas

Please we need another Mr.Robot room please please please

After finishing almost 7 paths, I'm lacking a lot of Windows knowledge

Maybe we need more Windows CTFs implemented in some of the learning paths?

But I'm not judging only by this Skills Matrix thingy, I can confirm I'm waaay more comfortable on Linux because of the lack of Windows CTFs in the paths

Also it would be cool if one of the options in /search was a Platform option

Windows is a searchable tag. 🥳 How many rooms do you get in the search results?

A LOT 😂 But that might be a problem because not knowing which rooms to start with, not having a Windows path can be as bad as not having enough rooms

Im just saying it would be convenient 🙂

Have you tried the search in the top Navbar as well (the looking-glass icon left from the bell icon)?

Yes, its great, a lot of Windows rooms 🙂

Im able to look them up myself, but for the future beginners out there,

theyre gonna be following the learning paths

and their skills matrix will end up like mine, lacking in windows

its just an idea tho 🙂

If you like Linux, it makes sense to avoid Windows at first based on preference, but eventually realizing it is an important attack surface to learn and understand. 😎 The Networks section also has great Active Directory content.

Agree. I also had matrix bend towards Linux now I'm working on Windows matrix. If you recommend room on that matter it would be help. I just finished halo network.

i wanna ask how can i contact the thm rooms creation team ?

What do you need to contact then for?

i am already in the phase of creating a room

i wanna like get more assistance and guide about it

any idea to bypass the code in the room U.A. High School

please give me a hint

Too early for hint, Monday 7pm gmt

thanks i just see

this isn't really a room idea but I see a lot of digital forensics rooms in THM but I don't see a digital forensics path and I think that it would be really useful to some people that are into digital forensics

I have an idea for a AOC room. Is there someone to speak with about that?

This channel.

Thanks Scrubz. The idea is about building an "impersonations" task for AOC. It wouldn't be heavily technical, but it would be real-world and would advance the overall story. I think this is valuable because I've seen some pretty wild impersonation attempts in the last year. It will expose people to those types of attacks and inform them about potential responses. Most are not deep fakes, but those are also in the news.

Gave +1 Rep to @loud hornet (current: #1 - 2817)

A Room or walkthrough for the latest Cups vulnerability would be awesome 🙂

Hi I hope you are all doing well
I am making a room and uploading a windows server 2019 vm and it successfully converted but when i play the machine it gives me an error of VM: PARSING_ERROR

I was thinking of doing the Powershell for AD and DNS with another Windows 10 Machine and an Ubuntu machine

@coral ravine There is not really a C2 room, Empire is very old, there should be a new room on silver?

There’s an intro to C2

But it's Metasploit meterpreter, there is another room on Empire but I was hoping that THM could release a new update room based on silver?

I'm uploading the Windows Server 2022 Datacenter core

For what? 👀

Just completed the Empire room, very very old room.

Hope tryhackme release a free Silver C2 based room. 😭

Oh I was setting up a room that fully uses Powershell and how to do an active directory with it

Nice

Is it a walkthrough?

yeah most likely a room rather a challenge

probably limited to AD and connecting a few machines but I don't think I have that room

sadly walkthrough or information instead of challenge rooms are currently not being processed or planned to be added from users on tryhackme

i.e for now it is only challenge rooms

oh because there's too much rooms?

No it’s because THM has dedicated content engineers to create walkthrough rooms

ah okay

I hope they use my uploaded one then (Datacenter Core) when dealing with powershell

You can create a scripting challenge room with PowerShell.

that might work out Sir.

Thanks a lot THM. Please bring complete in detail Mobile, Android and IOS pentesting course.

For Server simulations, can you guys set up a rack simulator?

https://quamcode.github.io/rackify.io/
https://opendc.org/

Go loco

i feel like new rooms courses/paths and modules should be advanced window exploition all the way to basics-advanced full web pentesting course

include http smuggling

and malware development every malware dev charges so much

its perfect for tryhackme

We have a web application path that came out the other day

Malware dev won’t be possible due to legal reasons

Surely for Malware dev its possible to be made just following accordance to the rules while still being educational and legal as it can be used for malware analysis and reverse engineering?

Not quite, there is a fine grey area regarding MalDev and The Computer Misuse Act 1990.

Ah i see i thought it was allowed to be taught

As their is multiple docs about it

please some more azure content

GraphQL room please. I believe the previous one that was created was privated. I am guessing it was probably outdated. Can an up to date one be released?

+1 on what PNG said as well

Still searching for some good courses to dive deeper into advanced reverse engineering.
@wind osprey please add more of them 🙂

https://tryhackme.com/r/room/corsandsop

Add instructions on how to run apache on correct port from your own VM/host.

or, inform to use default port 80 instead of 81 perhaps?

Done!

Would anyone provide me the link of these tryhackme two rooms? 1. ccstego, 2. musicalstego.

If they're not available via the search bar, you cannot access them unfortunately.
https://tryhackme.com/hacktivities

https://tryhackme.com/jr/ccstego
https://tryhackme.com/jr/musicalstego

Caveat: these are old rooms. They were made private for a reason. Use them at your own risk.

You can technically access them though.

I'm not sure if this is already a thing, but I'd like a room about steps to go about removing malware from an infected device. So far, the rooms have been about static and dynamic analysis (which is great from a researcher point of view)

Like, steps to follow if you've been infected, different types, etc. Again not sure if this already exists

Reimage the system. That's the way to guarantee it.

Have you thought abou making the user apply more the learned lecons like on duolingo making you repeat older lecons after some time even your weak points?

FYI: The Brim Room in SOC 1 Path reference a tool which was reneamed Zui in 2021 and is concidered Legacy tool by the devs.

https://www.brimdata.io/

Are there any rooms on binary exploitation?

if not then that would be a cool room to add

TryPwnMe One

Hello, I think it could be a real plus to have a module or learning path about mobile pentesting, or maybe just a few more rooms with .apk or .ipa files that we have to pentest. I kinda feel like there are not a lot of rooms about this on THM

Rooms on AI exploitation

Osint module

is there a room about notpetya? if not, i think it’d be cool

It uses eternal blue aswell and there's already a room about it so it would be cool 😁

there's already a blue room, dunno about notpetya

not sure whether the filters for blue,red purple are working. I am assuming blue should only return defensive rooms but I am getting boxes that should be red when filtering for blue

I don't think there is a filter for a hat colour, more what is assigned to the room.

For example "Blue" would bring the Windows room blue.

There was just a while ago but it seems they removed it. So there was a drop down for blue, red and purple

so you could filter it based on defensive and offensive rooms or mix i.e purple but I believe it was not working so looks to have been removed

Realm C2 Room would be cool, I've participated as a volunteer red teamer for a collegiate event. One of the other volunteer red teamers used Realm C2 as the beacons at the time weren't being detected by defender

Dont know if it exists already but i think it would be nice to have a room/module in gdb

This is not a room but a module idea as there are existing loose rooms which can be added to a module in the path - CyberSec 101

I've not seen it in either the Complete Beginner path or the CyberSec 101 path.
The idea is adding a module on Cybersec Law & Awareness as with power comes responsibility.

There are a few rooms I'd like to see in there and have been finding them, if you have any suggestions on any other rooms that can be added, please do share.
ISO - https://tryhackme.com/room/iso27001
History of Malware - https://tryhackme.com/room/historyofmalware
CyberSecurity Awareness - https://tryhackme.com/module/cyber-security-awareness
Security Awareness - https://tryhackme.com/room/securityawarenessintro
Governance and Regulation - https://tryhackme.com/room/cybergovernanceregulation
Common Attacks - https://tryhackme.com/room/commonattacks

a more advanced zeek room focused solely on zeek development and writing analyzers in SPICY

Is there any room on pxe boot ?

a room/module in blockchain secruity/smart contracts

What if you add a to writeups so users can leave a like and let others know which ones are good and maybe that could trigger other users to post theirs as well?

A room on AI manipulation/exploitation

I think a dedicated room for this would be great, but also if you aren't aware I believe the most recent AOC (or maybe the one before) has a module on exploiting LLMs iirc 😄 might be useful checking it out!

Ye, I saw it, but it's very basic, good for starters, but not for the long run

Add chat to network rooms to cooperate better with other users or just to avoid interupting their sessions

Not really seeing anything on crypto currency and blockchain but some rooms on that might be interesting.

I was looking for on the tryhackme I found this one room only

https://tryhackme.com/room/pwn101

We can thought of creating the room

I submitted a room for review back in May 2024.
This January I got an email from THM asking a question about the room, I answered within the day. Have not heard back even after a follow up email.

Is there anything I can do to expedite the review process?

Cc @cunning thunder

Hi

You can DM me the name of the room and I can take a look

Will do, thanks

Hello

Okay sorry, that was me, the email response got lost in my thread, apologies

I did review it and overall it looks like a solid room, the one question I have is about the S3 bucket. I am assuming that it is hosted publicly on the internet?

Correct, currently the bucket is hosted on one of my accounts.
Alternatively we could host it on a THM bucket or just store the file directly in the repo

Thank you for letting me know

I will talk to my team on my Monday about this

The reason is because we don’t like to rely on things that are in the public domain as we have no control of them. Hence why we have stepped away from OSINT challenges for room for example.

But I’ll find out more information and get back to you on Monday

can we get some blue team CTF challenge rooms in, I feel as though its almost always red.

One may come out soon 😉

Blockchain exploitation

Things like bypassing logic in smart contracts, double spending cryptocurrencies, and limited versions of 51% attacks would be cool

Create an "Informational" room that guides you through creating a comprehensive bug report for the #1333993673381253162 channel. Perhaps the challenge section can generate an organized text block that can be copied into the channel or could message an email box or Discord API with attachments and all. 🙂

Hi, I would appreciate a few more rooms in the context of containers and Kubernetes security. So a bit more deep dive than the existing ones. Or an OWASP Top 10 for CI/CD in this context.
Rooms on API 101 and API Security 101 would also be cool. And of course content on AI Security 101, OWASP Top 10 for LLM, MITRE ATLAS. Just as a suggestion. Apart from that, I love TryHackMe. You all do a great job!

Most of the redteam CTFs released are medium, it could be easier

There're many easy red rooms on THM already . Feel free to drop a message in #infosec-general so we can recommend you some 🙂

I haven’t found any rooms that were about how to read Apache logs, I think it could be something important to learn since all this exploits from Apache based software (tomcat) are coming out

It's much more fun to do at release time 😔

There were 2-3 easy ctfs released recently like silver platter, billing, lo-fi, light,... 🙂

I have question about how about do you made like sal1 offensive security or pentesting

Rooms on the basics of quantum physics and quantum computing

Also on quantum exploitation, Shor's algorithm, etc

and PQC solutions like lattice-based cryptography

https://tenor.com/bqCF9.gif

u mean qubits

i think i did come across one i am not very sure if its by tryhackme

Hello how are you guys how about the basics of the cloud for aws attack and defending azure ?

To be preapre for azure defeneding and aws attack

Hey folks! A question: I was thinking of creating a simple room that would have a game tied into it that could be run via browser in the VM (using WebGL, build through Unity Engine). Would it be possible to have this running inside the VM on THM somehow? Has anyone tried this yet?

The jist of it would be to get the ticket by winning the game, but winning the game would be impossible/heavily time consuming without somehow figuring out a way to modify the memory during runtime or alternatively finding the flag by decrypting key game files somehow.

Hi, Task 25 in https://tryhackme.com/room/adventofcyber2024 is about Game Hacking. 🙂

#room-help

Thanks! I'm specifically wondering whether WebGL games built in Unity can be served from the THM VM and played in the user's browser, as part of a challenge flow. Has anyone done something like that?

Gave +1 Rep to @cunning thunder (current: #17 - 540)

Not sure if it was WebGL, but we stuck a browser-based version of the Tron Lightcycle game into another AoC box as an Easter Egg. I want to say 2021, day 24.

That definitely worked

https://tryhackme.com/room/windowseventlogs

This room can't start Machine

How to fix it bro?

We've pinged staff , problem should be resolved soon

Make a free room for LFI and RFI vulnerabilities

There is a bunch of rooms on LFI and RFI.

it would be interesting to see a standalone module on game hacking and the basics of it

Advent of Cyber has a couple short modules

And the 2024 sidequest has one too

But it's more of a challenge than an intro

yeah, ive done the advent of cyber ones :D

Is there a room planned about the basics of PHP?
I'm surprised there isn't one.
and it would really have helped me for "Injection Attack" Rooms
Edit: same for Python (actually there is a room for python but it's too basic compare to some examples we can see in advanced rooms)

Blockchain security... it's becoming more and more popular, we should have a learning path (or at least a module) with this

More rooms on IoT hacking/security plz

A room about enum4linux (inspired by something @tacit anvil said 🙂 )

DNS Hijacking and DNS Binding

We need more adventury ctfs. I absolutely loved the One Piece CTF, and we need more of those. this is probably because I'm a kid and I'm dying for adventure and fun, but still

Dw buddy, as soon as I can get my lazy brain to actually come up with smth good, I will hopefully make my room (some day)

https://tryhackme.com/room/androidhacking101 The whole room is of not-the-usual THM quality. I found needs of improvement in used language (even though English is not my mother tongue), visuals, mess of styles etc. There are a lot of long to read tasks but no clear learning goal (at least explained what it is that this is supposed to teach pedagogically). So I would suggest re-doing that room.

This room is almost 5 years old
So the quality requirements were much different back then when it was more about building content

Also this was a community walkthrough, one of the reasons we don’t accept those for the time being.

Probably should be retired though, I’ll see what can be done about this since we already have a more up to date Android Analysis room.

How about a room for locating and eliminating AI Based APT's (Ghost Domains attached to TPM modules and such)

I’d love to see more APT focused rooms.

Id love to see more OSINT rooms

Can you create a couple black boxes with pivoting?

Eh, OSINT is hard to do, in terms of ensuring that social media doesn't delete accounts, also it's a whole load of areas THM, or a creator would have no control over.

Hi Team,

I noticed an error in the explanation provided in the "Packets & Frames" room:

Link: https://tryhackme.com/room/packetsframes

Specifically, the following paragraph is conceptually incorrect:

"Think of this as putting an envelope within an envelope and sending it away. The first envelope will be the packet that you mail, but once it is opened, the envelope within still exists and contains data (this is a frame)."

Correction:
The metaphor is reversed. The correct order of encapsulation should be:

Outer envelope: Frame (Layer 2, Ethernet Frame)

Inner envelope: Packet (Layer 3, IP Packet)

Payload: The actual data (e.g., TCP segment)

In other words, a Frame encapsulates a Packet, not the other way around.

Could you please review and correct this part to avoid confusion for other learners?

Thank you!

I think the paragraph is correct

Ok, thanks for your reply. Could you please clarify where exactly my reasoning is incorrect? From what I understand, the Ethernet frame (layer 2) encapsulates the IP packet (layer 3), not the other way around. Perhaps I'm misunderstanding something—would you mind giving me a more detailed explanation? It would really help me better understand the concept. Thank you!

Gave +1 Rep to @worthy dagger (current: #46 - 215)

layer 2 comes before layer 3, so I don't think it encapsulates layer 3, altho I think one of the mods would better help you than me, I am bad at the OSI model

Ok, no problem—I’ll wait for one of the mods to clarify. But logically (at least for me), the encapsulation process goes from the top (Application layer) down to the bottom (Frame at layer 2). Then, when the data is received, it goes from the bottom (Frame) back up to the top (Payload). So, when my device receives a frame, it first strips off the frame header, revealing a packet (layer 3). Next, it strips the packet header to reveal the segment (layer 4). Finally, it strips the segment header to reveal the actual payload (application data).
Anyway, that's how I understand it—but maybe I'm missing something.

I think it starts from layer 1 to Application layer, but again, mods would help better

Can you please post any bugs you encounter in #1333993673381253162 please.

But yes, from my understanding, you're correct.

it would be something like

Placing an envelope containing the IP packet, and then putting that inside another envelope ethernet frame.

huh, odd thing is that this is a very old room, this hasn't been reported for that long, that's why I was kinda skeptical

The paragraph maybe wrong, but the main point may be driven by other task content.

maybe

Ok, thanks! And thanks for the quick response !

Gave +1 Rep to @loud hornet (current: #2 - 3881)

Encapsulation works down the layers, decapsulation works back up at the other end.
i.e., layer 2 data encapsulates layer 3 data. Andrea is correct -- a frame encapsulates a packet.

Yeah, probs should relook at the OSI model

why thm isnt working rn ? is there any issue in the site or the problem in my laptop

i think There is a problem with THM also

thats rly bad my content is gone

what am i suppose to do now

Content?

Hello, I’m just starting in the hacking and I want to have some help like : what is the machine for hacking ? I see Linux and kali linux but I have MacBook M1 its not working.
If you can help me thanks ☺️

#start-here

Would it be possible to recommend a module? I see that there is an “Advanced Splunk” but I believe a new module called “Splunk Fundamentals” or similar should be created. Either that or the “Advanced Splunk” should include some of the below as well and likely be renamed to just “”Splunk”.

With these rooms:
-Splunk Basics
-Incident Handling with Splunk
-Investigating with Splunk
-Conti
-New Hire Old Artifacts

A room working with satellite hacking. i mean hacking through satellite wifi not through ethernet. Also, the satellite has an ability to see through everything like a high resolution telescope.

There's such a module already 🙂
https://tryhackme.com/module/security-information-event-management

Why would any hacker hack into ICS/SCADA system like Industrial Intrusion and put people in a harm's way? The only explanation is to leverage people's mindset to do something that the hacker want most likely, for example, to generate more parking tickets avalanche to unfavorable people like 3 days in a row. By the way, parking ticket generator systems are running in municipal infrastructure like Industrial Intrusion public water infrastructure. It wouldn't be too hard to try parking ticket generator system if you solved Industrial Intrusion at some degree.

You think they care about putting people in harm's way?
Lot of ransom money if you threaten CNI. And you can cause a lot of chaos if you do it for political gain.

Hi

Could TryHackMe consider adding a feature that allows multiple users to team up and work through Challenge rooms collaboratively?

This would make completing the challenges more engaging and rewarding.

Yup

they might not purposefully add this feature because they want you to work on this challenge alone without real help to hone and practice your skills, but they might, idk

Done!

Then what about keeping both features, challenges for solo players and challenges for teams?

I think it is going to be pretty fun to have such a feature
Especially for those who enjoy teamwork

true, but I think thm also might think about the fact that people might exploit this and try to get points without them even doing it themselves or participating, but a nice idea 🙂

That makes sense and can't agree more

I hope they come up with an idea to prevent that abuse as well

Because if someone wants to cheat and get points, they can simply search for writeups too and submit their answers in no time.

right, I would like to see this kind of idea implemented without any cheating that may be involved 🙂

What exactly would this look like?

You can already see the questions together -- you have the same access.
You can already work on the same machine -- the network segregation is non-existent. Not sure why you'd want to though.

What more do you want?
As in, what can they add to make it more collaborative?

I agree with you that we can see the same questions and deploy the same machines.

I meant like, synchronizing the answered questions instead of submitting them separately by each person, and having the team appear on the scoreboard and showing which question is answered by which team member.

Such feature would be fun to have, and enjoy the challenges with teammates and friends.

Funny you should say that. I noticed something the other day

That's in the room editor now 🤷‍♂️

So it is based on the room editor's choice to whether allow or not, right?

Looks like it

Got it thanks

Gave +1 Rep to @native raptor (current: #10 - 892)

A windows vm room. Just like the kali room, a simple windows vm that you can use to your liking. It would be awesome to test out exploits and just experiment with malware such as rootkits or Metasploit post exploitation modules.

That did actually exist at one point. Wonder what happened to it

Either way though, remember that THM provides attack machines to support with their content.

If you just want to experiment (which you should), then you need to have a local lab (which is also a given).

Looks like THM withdrew it recently: #retired-rooms message That is the moment I discovered it had existed 🙃
If that is the one, it is currently locked: https://tryhackme.com/room/windowsbase

That's the one

How about code the system

can we get a room that has something to do with a dating app, just so we can make the name of the room "TryDateMe"??

ideas

I'm up for it, I can help with the idea and possibly the machine building

Make it an insane difficulty

But on a serious note, what kind of exploit are you thinking we could build into it?

i was thinking like having it be a chat app and the vuln is some IDOR to hop around the different chats to eventually find the flag, bonus points if its lik /chats/1337 or somethin lol

Fair enough

IDOR is one of the most common vulns in my experience, and we don't see nearly enough of it on THM

Can't make it an insane difficulty if it is just IDOR, but sacrifices must be made. I guess the self deprecating humour must be postponed

lol yeah

wew

Hi! I've created a beginner-level CTF VM with OSINT, stego, and privilege escalation. I'd like to publish it as a community room. Can someone guide me?

Check out this article 🙂
https://help.tryhackme.com/en/articles/6633511-creating-your-first-room

Thankyou

@night fossil ?

dms?

Sure

Does tryhackme have a room scenerio where somebody vibe codes a website or software and ends up pushing like env files or something sensitive to the live site or app? I think that would be a fun easy room for beginners and bring awareness with a modern touch.

Anyone know how to find ip’s

Sure.
Type ipconfig into a Windows terminal, or ip a for MacOS and most Linux distributions. Hope that helps!

It's ok honestly percentage means nothing and adds no value to your CV or anything.

a big fan of recent-threats module. The recent sudo vuln is an easy and critical PrivEsc imo worth paying attention to. a PoC is already available in github. https://github.com/pr0v3rbs/CVE-2025-32463_chwoot

Dig can help you find ips of domains!

how can i update kali linux bcz i just installed kali on last two days

Sudo apt full-upgrade

And sudo apt update

i am facing some prblm in kali that my mouse cursor not pointing at the actual point how can i fix it

Hello Team, for some time now, when you compleate a room, you get the nice summary, and next room link. However, the machine that was spawn, target or box, still remains live until it times out. Can you add a terminate button on one of those pages, as i have to go back to the room i just finished to terminate it or if it is my last room for the session, the machine will run needle$$ly. Thanks. If there is some other easy workaround, let me know.

id reccomend sending this in #feedback-and-ideas

dont' they just terminate after 5 minutes of room completion

if not, real problem

Have you tried asking Chat GPT by sharing your situation and screenshots of your problem?

Yes they do after 10min 🙂

It would be cool to have more rooms or an entire path dedicated to networking. Images of different cables, switches vs routers, VOIP setup, subnetting, etc. Things to help study and train for network+ certification.

Any upcoming rooms for GRC related concepts?

If not, are there other CTF style platforms that also have GRC platforms. Would be keen to find one

10 minutes yes

hi'

HI, anybody here? waiting for honeynet CTF?

Yes As it Start?

@feral zealot @drowsy fjord it is up and running , check #1392830908490449058 channel 🙂

Yay

I have earned 310 poinnts

so i cant send an image yet?

basically, been breezing through pre security course all day since 11am, it is now 10pm, and this 1 single question has me stumped

room - linux fundamentals part 3
question : When will the crontab on the deployed instance (10.10.175.50) run?

what do you guys want here lol

answer : _ _ _ _ _ _

6 characters

This isn't a proper channel for a such a question , for room related help please post in #room-help channel 🙂 . In order to upload images you need to verify , follow instructions from the link below to learn how to do so 🙂

Any plans for a SCCM Compromise/Abuse room? Credential harvesting and lateral movement using SCCM.

who whants to join me to make gods eye like in fast and furious?

Hello TryHackMe team!
I’d love to suggest a room focused on Suricata IDS/IPS. It could include:

• Introduction to Suricata
• Hands-on rule creation (custom signatures)
• Alert tuning (false positive reduction)
• Detecting attacks (e.g. scans, brute force, malware traffic)
• Incident detection and log analysis
• Optional integration with Wireshark or ELK
  This would be really useful for SOC analysts and blue team learners.
  Thank you for your great platform! 🙏

hey , i'm new here , any help ?

pls 😉

You can ask for room related help in #room-help channel 🙂

anyone

?

Check how many results you get when searching for learn hacking. At the time of writing, we got 1.5 billion results when searching on Google.

Try to ask in #room-help channel 🙂

I wonder if it would be an idea to add an ethics room to the Pre Security. Just watched a great talk by Allison Nixon from Unit 221B at BSides in Las Vegas about how ethics are often skipped in cybersecurity courses. Just thinking out loud here. THM attracts a lot of younger people who are interested in cybersecurity and it could be a great place to make them aware of the ethics involved. (content warning for anyone thinking of watching it: covers some difficult topics)

Please add a advance room / module about GraphQL hacking.

There's already a room about GraphQL
https://tryhackme.com/room/introtographqlhacking

Please create an Anti-Disinformation toolkit room/module that shows tools to both identify disinformation/misinformation and that can especially identify or predict the likelihood of material being created by Generative tools. This can include AI generated images, what to look out for in potentially ai generated chats, voice/audio analysis tools, text analysis tools, and fact checking tools more broadly (https://www.snopes.com/ looking up common disinformation campaigns for instance). Critical thinking, investigation. and research skills (investigating and fact checking against multiple sources) to gain experience for identifying disinfo and misinfo would probably also be more important skills in infosec than ever.
I would also look into connecting with infosec professionals that work with journalists, especially for more advanced fact checking rooms, since i realize this is a pretty large topic to try to cover

Additionally social engineering tool kits for red teaming might be a good room both for those pentesting and more importantly for those wanting to understand what to look out for when identifying phishing emails and other attempts to reveal unauthorised information;

Can we get more rooms focused on networking please? Like maybe even a series of rooms dedicated to networking. I love THM and find it as a very strong resource.

There're a few networking modules already
https://tryhackme.com/hacktivities/search?page=1&kind=modules&searchText=networking

I've done most of them already, which is why I'm asking about more. 🙂

@languid nova @tribal socket ACCESS

?

I have joined this server recently but feeling difficult to navigate properly
How can I connect with a learning buddy?

Maybe this resource could help you #start-here 🙂

Cyber tools inf

Cyber tools information

CVE-2025-53770 Room

hi

To whom did you escalate the event associated with the malicious IP address

This Question answers

Try to ask in #room-help channel 🙂

HI, any room recommendations that practice from a non privilege user to AD hack

https://tryhackme.com/module/hacking-active-directory

hello I have a room idea Creating prombt injection room that gives you a lab and these lab you must to take the flag from the ai and with any chapter you have completed its give
You challenges

And also not like a challenge its learning and challenging an example any progress you do from learning prombt injection it’s give you a challenge to see your progress and that my room idea i hope its good like evil gpt room 😁

Kindly help me verify my account

Wrong channel to ask that tbh

Hello everyone

Change KoTH flags in every time.!

yeah make sth like this

More ADCS rooms

Can anyone share some resources on how to make a vulnerable lab?

I only know that we have to use ubuntu LTS for that

And don't know how to configure the machine for such platforms like THM and HTB

this resource covers how to create a room for THM: https://help.tryhackme.com/en/collections/3665114-tryhackme-for-users

can you share a proper article where someone has made the machine from scratch using ubuntu TLS

you mean Ubuntu LTS (Long Term Support) I guess
the closest I can think of is that sub-resource (https://help.tryhackme.com/en/articles/8979423-building-a-successful-community-room-with-outc4s7) from the link I gave you, but I think it is a bit old
otherwise, there is Discord channel for room creation that you can join: just ask a mod (like KGB) so you get the role and can ask other room creators

https://releases.ubuntu.com/focal/

I was talking about this, but the article you gave me is soo relevent fr

thanks for your help!

No promos in here.

@copper bronze is a scammer

Instagram

Instagram hacke

Hi i found somewhat of a bug in one of the rooms , is ther ea chanel for me to report that ?

You can report it in #1333993673381253162 channel

https://gandalf.lakera.ai/baseline

These guys have a sweet setup

.

Thx!

Gave +1 Rep to @silent blade (current: #3174 - 1)

Would love to have Active directory certificate services module

An entire module or rooms? Multiple rooms for ADCS exists.

Oh you're level 14, you probably did them already.

module. From what I can remember, there was very little material for it.

Yeah, there's 1 specific ADCS room, and then other AD challenges where it's also present but no module.

one thing i was wondering as i go through each of the many rooms and the various links they share is if there is some sort of room or tldr page that helps to organize the the various webapps and software that is used for each area of cybersecuirity. creating a flowmap of various tools used for different areas of cybersecurity, similar to the https://roadmap.sh/cyber-security for instance, would be a really helpful tool for building a pkm of the various tools most often used, especially for ctfs where time finding the right tools for each task is often a big part of the challenge;

I am stuck on what is networkin? task3, the one it asks to spoof something for a month.Help

Try to look for online walkthroughs.

Thanks

Hi everyone today I had joined discord 😀

Hi

I'm doing Room "Threat modelling" task 6.

I would love if I have some kind of notepad to checkmark STRIDE threat categories for respectively teams during simulation. I need to do so using pencil and paper IRL.

And as a native Finnish speaker I'm not a huge fan of tight time limits which forces to rush through without actually thinking.

hi

:hammer: astra_xx1#0 has been banned.

[BAN] User left the discord server.

https://www.backblaze.com/blog/the-3-2-1-backup-strategy/

Having rooms that get into backup strategies and some of the tools like rsync and creating automated backup schedules to ensure effective backup would probably be important considering its one of the most important risk management strategies and one that will probably be essential to anyone in it especially if they are getting into cloud or datacenter risk management work;

Suricata IDS IPS rooms pls

Can anyone help me to solve the basic io pentesting room which should I use to find ms folder

Iot pentesting room what tool is used to find ms folder through port 445

Hey, Im making a new active directory room and I want to implement ESC1 misconfiguration

But I dont know how to make a Certificate template vulnerable to ESC1, Anyone here that might have an Idea how to?

I would recommend rewriting some of the basic instructions for network core protocols room. Some of the instructions are misleading or simply not there, such as to open a wireshark session to watch the network traffic, too much generalized information, and that the step by step instructions do not have intuitive questions such as logic and reasoning questionaires for new learners.

Highlights and improvements page should not just include smart data results and personal reflections. Rather provide the actual string commands that would better a user to understand in this case 'visually' what they are needing to work on in their discovery of knowledge.

What's wrong with "open a wireshark session to watch the network traffic"?

I wanted to use Breaching Active Directory but I'm having trouble with the initial settings.
Please help me how to do it in attackbox.

What's wrong with 'open a wireshark session to watch the network traffic*?' instruction should be made more clear. If I were good at instructing, I would recon that there are some missing reading instructions going forward that will confuse, if not more people on subject matter.

In the following example, we use our Firefox browser to access the web server on MACHINE_IP. Our browser fetches the web page and displays it perfectly; however, we are interested in what happens behind the scenes.

• To add: "Go ahead now and open Wireshark to watch incoming and outgoing traffic to your attackbox, as this data created from the software will help you with this Task's questions."

Are you saying that the room currently does not tell you to open wireshark? As in, you're suggesting that they add that?

Or are your suggesting that the instruction to open wireshark in itself is unclear?

the former not the latter

Ah, gotcha

Yeah, fair enough then. Can always improve things by encouraging students to go deeper

Everyone can learn something. I am refreshing my studies regarding Computer Networking and Cybersecurity, to refresh what I know. The thing to note is that some of the students do not have CN degrees, and are exploring without knowing cleartext instructions. Subtle and somewhat intuitive without having previous knowledge about what the software does or even where to find it.

What we cooking today chat?

Hello

This is an Algerian group

?

Account created today I don't even wanna bother with him

Hi everyone, can you tell me if i'm wrong this is the room: Windows Command Line, Task 3: Network Troubleshooting , Question: "What is the name of the service listening on port 135?" my responce was : MSRPC. https://tryhackme.com/room/windowscommandline?taskNo=3&sharerId=68dd73ef9e97425b58512a9c

Have u got it since?

it still doesn't work

Im not gonna tell you outright what it is

But take a closer look at this

but there is no bug or something like this?

Nahh

I wanted to paste a screenshot but this channel doesnt allow screenshots

You will have to take a closer look at the C:>netstat -abon terminal and your asnwer will be in there

thanks

Yw

Hi everyone. I m prepare for PT1 certifications. But these two rooms(Lateral Movement and Pivoting, AD: Basic Enumeration) are really hard to connect through attackbox. Ping don't work, I check the route table and have no idea. The default route table don't work.

Hi everyone

room-idea: Etherhiding

hey how/where can i send photos?

You need to verify your account using the token in your THM profile.

hhii

.

Hey guys, well, I need help to get started on the path to becoming a pentest

https://tryhackme.com/path/outline/presecurity

what can i do after that ? i completed this and i need next course

follow this -> https://tryhackme.com/hacktivities?tab=roadmap

hey can u guys make a feature that u can change in ur profile settings on THM for rooms not to show the answer,
like:
short for Internet Protocol:
thm rooms will show:
__

i want a feature that it doesnt give u a hint in the answer field

In the CI/CD Building & security. I couldn't receive the http request that I mentioned in the Jenkins file.
Is there anyone who had the same issue?

I am planning to learn the CTF can you anyone suggest me from which room we need to start? Like recon vulnerability analysis exploit like that

@main panther @remote socket I have a suggestion that you can consider if you want
How about doing a learning path about cloud penetration testing? And malware development
Thank you

Gave +1 Rep to @remote socket (current: #129 - 74)

Gave +1 Rep to @main panther (current: #246 - 38)

I don't know if this has been asked before, but would a learning path for identity and access management be possible in the future?

Code wifi hack

Hello

It'd be cool to see a room about url manipulation

Did some bug bounty work once (can't say for whom bc of confidentiality) with a site that had all of its services hidden behind a paywall. The initial page was essentially just a password/username box. I noticed that the URL was plain with the final part of the sequence being /login. Turned it into /home and managed to get in. Ridiculously simple hack, but still useful to know

Ironically enough, the site was really well made besides that (I couldn't pull off an SQLI, lockout after 3 incorrect inputs, passwords had a minimum length of I think ~10 symbols) and just had 1 stupid mistake that wrecked it

A room with multiple tasks related to pcaps that have HID traffic would be cool.

https://tryhackme.com/games/koth/join/f871b54c92a4a78675016764

https://youtu.be/x5e2Gzo5Bo8
https://www.perplexity.ai/search/https-youtu-be-x5e2gzo5bo8-htt-ubvcXCINSw.IWEPK03..Cw#0

tldr one of the things that i love about freeCodeCamp that i wish was more common in some of the tryhackme rooms are these sorts of portfolio project guides that help build demonstratable portfolio projects for showcasing to employers beyond the certs for some of the cyber learning paths themselves;

Especially if we can get youtubers like Mad Hat, Network Chuck, David Bombell, etc that can walk through the rooms so that we have rooms likes the Advent calendar rooms that combine the rooms themselves with how to guides that help people understand how to solve rooms going forwards;

@soft owl I have this error when I do a nmap scan in Attackbox but not in a vm with openvpn : mass_dns: warning: Unable to open /etc/resolv.conf. Try using --system-dns or specify valid servers with --dns-servers
mass_dns: warning: Unable to determine any DNS servers. Reverse DNS is disabled. Try using --system-dns or specify valid servers with --dns-servers

hack cctv jim browning type shit

Hello, How do i submit the room to THM, is there any prerequiste etc?

GRC rooms and path!

its not a new room idea but i think it would be great to have chat in koth to talk to other people because only way we can communicate is by making txt files or wall command

hello

will there be text to speak in the future?

https://tryhackme.com/room/hackacademyprivesc can any one help me get into this room

What is the average time that a newly created room stays in 'submitted'?

long long man

Upwards of a year, unless they've managed to get the queue down in the last couple of months.

considering that shadow has not seen any new rooms for testing since about summer... haha no it has not been brought down

Does anybody have done metasploit meterpreter hashdump

I have 4 room ideas on my GitHub https://jimster53.github.io/pwnadelphia
I also just added a hoagie making mini game

´

Batman x TryHackMe collab

Hello friends

Hello

hi

hi

hi

Hi Room developer my name is beginner aka full time hunter and a osint guy well tryhackme really helps me alot and i do lots of forensics and osint still mastering them and i have solved all osint rooms but they are good only the thing which is missing is that it's not on the real cases so i request you to add some osint rooms regarding investigation for ex nowadays there are so many scammers which are using virtual phone numbers to loot people and for normal one there are so many tools which we can use but am personally working on the virtual ohone numbers so please add room for investigating phone numbers and some more osint things

like username osint and many more not to the next level i really respect your policy but atleast a overview so that everyone can be familiar with osint cause osint is not about doxing people etc etc it's about understanding your target

so i hope you got me have fun

thanks

Osint is harder to set up on labs, as there is no control if the social media platform will delete the page.

add some osint rooms regarding investigation for ex

NGL, that sounds super creepy.

Oops am unable to get you and why you think it's creepy it's normal not creepy

can you explain more for that

It is not normal to stalk/osint your ex partner. Investigating scams also comes under a grey area

no no am not saying that do intesively i totally get your point and stalking someone is different thing not similar to osint those are differ topics am only saying that atleast give some overview like how it can be happened and prevention so that it will be better

cause nowaday people can use Ai for extortion type of scams too so it's important to aware people

before it all happened

MongoBleed

I'm not seeing what you mean here, you already dated your ex and know about them. Your choice of word ex instead of people makes what you say creepy

dude what the heck you are saying man ex = example man 😂

you guys are literally differ haha i haven't dated or done anything man now i will write full aka example not "ex" else you all will make again differ assumption

For example use e.g. as that’s what used when you shortening it so other don’t get confused. But lets leave it at that and let this channel be used for room ideas 🙂

There are already a few osint challenges on the site

i request you to update them and add some new one 🙂

lmao, people usually use e.g. for example not ex. Sorry for the misunderstanding then 🙏

haha no worry hope you haven't cheat on someone just kidding haha

i am going to focaus on red team what room you advice me to start with

will ever THM also relese machine like HTB ?

Hii guys I want to learn free el ethical hacking h from basic , anyone have idea Abt free alternative. ?? Plz DM and reply me..

youtube

Thms free path

Their Attackbox?

Nah.

Yep

They not explaining in details

Hello friends, I'm new here. I have a question: how can any system be hacked?

You'd find an entry point.

hey, its been 2 months since I submitted my vuln machine on THM.
The status for 2 months has been “Submitted”.

When do they plan to check submitted machines? Are they short-staffed or what?

i think they have alot of requests i saw someone asked a similar question

Not short staffed, just a long list of machines to test and go through.

Well, possibly short staffed.

Still a long line of rooms.

Does anyone know of a tutorial to make thm rooms?

Hello Guys

How Are y'all doing ?

I created a room since last year, yet, no review, still no response

I wrote to THM through three different ways, but no answer

Can anyone provide me with some hint, or a way to contact thm ?

When last year?

May

AFAIK waiting time is 1 year.

Wow, I didn't know that

Hello

a Room or multiple rooms about job interviews

and how to succeed in the interview

Room: How to build a Pen test Report?

This already exists.

Hey there, I saw that there wasn't much educational content on TryHackMe related to secure code review.

I'm thinking of creating a medium-level walkthrough room dedicated to secure code review titled "Introduction to Whitebox Hacking". This room will be all about how to identify security issues by reading code. It will teach concepts like source-sink (top-bottom, bottom-up), how to use Visual Studio to make code review easier, and how to find common vulnerabilities like XSS, SQL Injection, deserialization, SSTI, and others in code.

At the end, there will be a challenge where you are presented with a folder full of code and you have to find all the vulnerabilities within the code.

where?

https://tryhackme.com/room/writingpentestreports

Hey, I got an idea. What if you could make instructions and tasks work so we could learn something? Fucking crazy, right?

yeah i have also one.. what if you try to build an infrastructure like thm has with no bugs etc.. crazy right? 😉

i am an absolute beginner with zero pre - expirience and i understand and can make all task 🙂

and i learned so much only in tryhackme its amazing from my pov

Hi, I have a proposal for a new learning room focused on the security architecture of AI Agents, such as OpenClaw.

The room would explore how to harness the benefits of autonomous agents while maintaining strict human oversight. A key focus would be the isolation of the agent to mitigate the risks associated with 'Vibe Coding' The goal is to teach users how to build a 'secure cage' for AI so they can enjoy the productivity gains without losing control of their systems." Thanks 😃

Then maybe you should stop being an absolute beginner before you tell me what should I do?

Why so mad bro 😂

Why do you care about me being mad?

Hello
can someone help me in Active Directory Basics room, My machine is applying computer settings for 15 minutes tried to terminate it and open still the same.

I have built a vulnerable vm for submission who do I need to talk to?

You do it via the website.

got a link as the developer option seems to have disappeared. Thanks for the reply.

Gave +1 Rep to @nova ledge (current: #24 - 471)

No direct link; you'll have to enable developer mode from the profile settings!

cheers bud I will give it a go.

cheers bud, can only host as private at the moment but at least I know what to do now

@reef ember check this setting after creating the room

Thanks, room has now been submitted, look out for The Turing Option, difficulty medium.

Gave +1 Rep to @molten cloak (current: #1779 - 3)

Cool! well done 😁 ✌️ will look into it, feel free to ping me with it is on

See it in about 15-18 moths.

??

That's an average (and guessed mated) time frame, on how long it will take. 😄

oh, cheers for letting me know.

seems like way too high to me tbh, did you ever submit labs then?

Me?

Yeah, because you seem to have an oppinion or experience about it, right?

honest question btw

Python libraries needed for cybersec

Yes, when I left as a room tester in June 25' there was a 12-14 month qeueue of rooms waiting to be released, I can only imagine it's larger now.

ahhh wow, that's huge. Didn't know you was a room tester

I used to a moderator and community mentor for here too. 😄

I'm trying to use the machine on Networking Concepts TASK 7 but it is not showing up.

Wdym?

out of curiosity, how do you become a room tester? That seems interesting

You get invited by the QA team, or recomended by a current room tester.

That sounds pretty cool :3

Hi, I followed this instruction " Click on the Start AttackBox button at the top; click on the Start Machine button belowt to start the attached virtual machine (VM). "

but the target Ip address is different from the Ip address in the terminal. Can you help me? I can't finish the questions.

obviosuly, in termail you see a machine you are using, and you have to target the victim machine

Im a doing it right?

yes

Hello TryHackMe team, I am a regular user of THM since 2 months and the path i am currently learning "Web Application Pentesting" is so much half-baked kind of path. You did put the topics on, but the practical replication of the techniques seems so much low in the learning rooms. Even though the challenges are superb, but still the things you learn in the lernings do not qualify to have a good experience in the challenges. I request you to make the learning rooms much more harder and complex and more practical as I feel it to be half-cooked type sh. Thank you.

Hi Team, I am new to these platform can any one suggest me what can be done access free labs and certifications as for cybersecurity analyst role

Can any suggest me how to learn path for certifications and free labs access without any paid labs? Is there any alternative for that?

Hello everyone, I was thinking how can I improve my studying journey and I found what I can do to improve it A LOT. This is not really about new room ideas but maybe structure idea.

Whenever I finish a room, a learning room from a specific path like cyber 101, I would LOVE to have 2-3 examples of CTFs or other challenge rooms related to that room. To make sure I get more practice in, more hands-on experience before I move to other topics.

I sometimes have hard times finding the right rooms to do after my learning rooms.

That’s already a thing, you can find related rooms by looking at your skills matrix. It’s on the profile page. It will show you which skills you need to work on too.

Ooh, I'll give it a try today, thank you so much!

Gave +1 Rep to @bold wolf (current: #3663 - 1)

Support the idea with agents, also can be "Easy" CTF:
https://www.oasis.security/blog/openclaw-vulnerability
https://www.youtube.com/watch?v=A15fuHs7fOc

More AD guys, that's it, we need an insane AD machine

Hi there guys, could somebody help me to upload a room, i did before but couldn't figure out how create a room, i have files, docker is ready good to go, but there problem creating room on tryhackme to people could access, see and play if you help me dm please

You need to enable the developer options from your profile settings.

hello, I'm not sure this is the appropriate channel, but I have a sort of bug using metasploit on the Attackbox : when I use an exploit, the name doesn't appear anymore

(ah, damn I can't paste an image here)

I got something like that :

msf > use exploit/windows/smb/ms17_010_eternalblue
[*] No payload configured, defaulting to windows/x64/meterpreter/reverse_tcp
msf exploit( ) > set rhosts 10.129.183.166
rhosts => 10.129.183.166
msf exploit( ) > set payload windows/x64/shell/reverse_tcp
payload => windows/x64/shell/reverse_tcp
msf exploit( ) > run

hello

ا

سلام عليكم

في عرب؟

يا هلا

Hi everyone, I’d love to suggest adding some more Python-focused rooms. Python is such a versatile language, and having additional challenges—maybe covering topics like automation, web scraping, or advanced scripting—could be really helpful for learners. Thanks for considering this idea!

اهلا

I’m wondering when will be focus o cert about AI pentesting like pathway as well more deep

Is there anyone who can hack handphone 😭

It's legally authorized Place Why ya need to hack that I should assume youre beginner ?

idea: anonymous course for using proxy in chains not proxychains->tor I mean a real chain of socks5 proxies

idea: guerilla -> how to use tor network for real life communication or using I2P

idea: what is the usenet

idea: what is the helium network and how you can hack it

idea: what is lorawan how you can use it

idea: universal radio hacker and how to use it

السلام عليكم

how to learn to OSCP

I second this. More Python courses are absolutely needed. It's a great skill to have in cybersecurity.

python + socks proxies and python crafting own PoCs would be nice

wireshark or tcpdump showing DNS leaks

وعليكم السلام

hello Guys

what are the most important thing every cyber security guy must master

you have roadmap with Cybersecurity career

but as in programming in general, many things

you must know about networking, OS, programming, assembly, knowledge about common technologies, cloud

SSH is open and I got into the admin password is brute forcing the right move? It's saying 180 tries per minute so I think it's rate limited so anyone to suggest what to do or should I leave SSH and focus on the other open ports

not sure what lab but general rule at THM: if brute-forcing exceeds 6 minutes, likely not the path

anyone who is good in creating offensive and defensive style CTF boot2root machines

dm quick

tried to create a webapp but not boot2root, can you give any guide or resource for the same?

السلام عليكم

Hi everyone

I have questions, Which i do vertulmachine to attack for thim?
metasploitabol 2or3ir windows 10or7
?

What do you mean?

Hi everyone
I'm new to the server plus give me an idea what I should hack

there are pathes which you can choose

choose pre-security path

I am currently working on the Fakebank task, but the AttackBox is not appearing on my screen. Could someone please assist me in resolving this issue?

@obsidian raft How I can create a room in tryhackme and what's I need to be capable to do it?

@cinder bridge

@grave cypress

You need to enable developer options in your account settings first

Anyone to assist on best ways to track location via a phone number

It's learning platform

I do already

Nah

Why you said usa specially

I'n new to TryHackMe, but there is a blue button on the top of the page that says "Show Spilt View". Hitting that will open up AttackBox in Split-View mode. That should work.

Bonus: if you have at least two monitors, I like to hit the expanding arrows button on the very buttom left of the AttackBox side, which opens a new tab with the AttackBox in fullscreen. I like to drag that up to a new monitor, so I can have the room on one screen, and the AttackBox on the other.

Hy everyone

This might be a good thing to put in one of the beginner rooms. I know that as part of enumeration, it talks about how you can use github. It might be valuable to mention to look at the security tab specifically, because that can be quite valuable.

Dude even if enlarged the split screen no AttackBox insight.

Yeah, that's beyond me. Try ChatGPT if you have an account, or Microsoft Copilot. Copilot works with no account, just go to copilot.microsoft.com.

Linux Agency very nice room, could be more like that

does someone where i can find promotion codes for tryhackme payment?

please more rooms with malware analysis with linux and tools

hello

Hello

Idea 💡
The room could focus on the MongoDB Mongo bleed (CVE-2025-14847) vulnerability where players interact with a misconfigured MongoDB instance vulnerable to a memory leak caused by improper compressed request handling. The objective would be to identify the exposed service and exploit the flaw to leak sensitive memory data such as credentials or tokens and use the recovered information to gain further access or capture flags This would teach the real world concepts like unauthenticated data exposure , memory leak exploitation and the importance of secure database configurations and patching.

I have just finished creating a vulnerable VM based on the fast16 (predecessor to stuxnet) that in the new lately.

Free rooms for learning the cli

room idea: rate limiter fingerprinting

player gets 2 endpoints, both rate limited with different algos (token bucket / sliding window / fixed window / leaky bucket). they have to figure out which is which from behavior, then break each one accordingly

inspired by this https://bytebytego.com/courses/system-design-interview/design-a-rate-limiter — there's nothing like it on THM afaik, closest is Hammer but that's just bypass, no algo identification

Everyone who reads this and agrees please upvote it.

I don't want a new room, I want a new path. A path teaching us how to attack Azure and/or AWS. Like tack it on to the Pentester set of paths on the /hacktivies page. There is a path on how to defend Azure, and then another path for Attacking & Defending AWS, but not a path only on how to attack either. And it could be a double, like how to attack Azure and AWS. It would be a great skillset, and strong addition to THM platform.

What do you think?

In what world would you only need to attack a cloud platform?

I wouldn't. But I plan on becoming a Red Team Operator. That's my dream role. I was looking at the Pentesting set of paths that THM has laid out, and I noticed that the others have things related to AWS and Azure, but the Pentesting one doesn't. I just thought that it would be a nice thing to know how to do and put on a resume along with everything else from THM. And maybe not Azure and AWS exactly, but like Could Platforms in general. And maybe a Red Teamer would never touch those. But I thought it would be a useful skill to have as I said above.

Basically I would never need to only attack a cloud platform. But it would be another tool in a my toolbox of THM.

A red teamer absolutely will end up working with cloud environments in pretty much any modern infrastructure. As will most pentesters.

That's a given.

But, can you tell me what the product offering of a pentest or adversary emulation exercise is?

i.e., why do companies pay for tests? What do they get for their money?

Companies pay for pentests and adversary emulation exercises to understand where they are vulnerable before a real attacker finds those weaknesses first.

They’re paying for risk reduction.

The deliverable is not just “we attacked your environment,” but a professional assessment of exploitable weaknesses, proof of impact, how those weaknesses could affect business operations, and clear remediation guidance.

In a pentest, they get validation of security posture—what can actually be compromised versus what only looks risky on paper.

In adversary emulation or red teaming, they also get insight into how well their detection, response, and internal teams perform against realistic attacker behavior.

Basically, they’re paying to answer:
“If someone like a real attacker targeted us, what would happen, how bad would it be, and how do we fix it?”

Since cloud platforms like Azure and AWS now hold identities, critical infrastructure, and sensitive data, offensive cloud testing fits naturally into that because those environments are often the highest-value targets.

Good answer, but one line in particular is the important bit.

What would happen, how bad would it be, and how do we fix it?

In a practical sense, they're paying for an SME to tell them what they need to do to improve their security posture.
They don't care how cool the exploit chain is -- they only care how to stop it from working.

I am aware of that.

Knowing how to defend is crucial for a pentester or a red teamer.
Arguably the most crucial thing.

If all you can do is attack, but not give accurate remediation advice, then what use are you?

That is true for sure, and maybe I didn’t think it through enough.

I completely agree that knowing how to defend is critical—maybe the most important part—because the goal isn’t just to break something, it’s to help the client fix it and improve their security posture.

My thought wasn’t that offensive cloud content should replace defensive learning, but that having dedicated attacker-focused labs for cloud environments could strengthen that understanding. Sometimes understanding exactly how IAM abuse, privilege escalation, lateral movement, or persistence works in Azure or AWS helps you give better remediation advice because you understand the attack path more deeply.

I was thinking of it as complementing the defensive side, not separating from it. More of a “learn both sides to be better overall” approach rather than attack for the sake of attack.

Not a mixed—and then diluted—version, just one focusing on attacking, and there already is one on defending. And maybe it is a hard path, geared towards attacking those platforms from a Red Team Operators stance, not just general "how to hack Azure". Do you see what I am saying?

Mhm. Instructional content on attacking cloud environments while also including foundational information on the services + remediation steps is indeed a good idea. Much better than a "path only on how to attack either" imo.

I also assume that's what the "Attacking & Defending AWS" path is for, but I'm not gonna bet on that 😆

Yes, I can say I actually never looked at that path, though I knew it was there. And I was thinking more of Azure specifically, cause they are the faster growing company by far, and have almost the same market share as AWS.

Thanks for putting the heat on and showing that wasn't just randomly suggesting something. Are you a THM rep or something?

Not these days, no. I used to work for them a few years back.

And yes, Azure is especially interesting because of the push towards EntraID and Hybrid AD environments. It's not just cloud resources, which makes it a very interesting target. AWS do have their own managed AD service which is fairly solid, but I'd wager it's not nearly as prevalent as Entra.

Do you think I have a good idea, and was seeing if I actually was coming from somewhere and wanted me to flush it out, or something else? Personally, I thought I had a good idea, but then, I am kinda biased 😆.

With the modification that you also need to include the defence side? Yes, absolutely a good idea.

Cloud is a huge attack surface. Knowing how to attack and harden the various providers is pretty much crucial.
Only issue is that's a massive amount of content. AWS, Azure, and GCP are the big three, but there are other slightly less mainstream providers like Oracle Cloud which are still widely used.
They usually all offer fairly similar products, so a lot of attacks work on more than one provider (to varying degrees), but getting to know the quirks of each one is... complicated.

I see. But I don't mean a path covering each one. I mean a path for how to attack Azure from a Red Team Operators standpoint. They have a massive share, and are used by like some 95% of the Fortune 500 companies. There is no need for THM to cover even three of the biggest. Just Azure. They are big enough. And I know, it would probably be a lot of work. But would it be worth it? I think so, but I am just one person.

It would be a good addition, definitely.

Basically a path teaching how to attack Azure from a Red Team Operators stand point.
[there is a whole chat above for anyone interested. I hashed out my idea]

The defense side was already covered in the "Defending Azure" path. So if you wanted to learn the defensive side you could go there. Or they could just add in some of the key rooms from that path into this path that I am talking about.

Just looked at your bio and saw that you put Red Team Operator in there. Cool!! Can I send you a friend request?

Gave +1 Rep to @native raptor (current: #12 - 924)

u guys could put a some rooms challengers on final of some modules, like recommendation.. cz we could practice directly the subjects that we see on module

maybe a carrosell of some recommendation rooms

hello

i need some guidance

i m thinking to take cybersecurity as major can anyone guide me .. how to do that and move toward that cybersecurity think

https://tryhackme.com/path/outline/presecurity

hi

i am very much interested in digital forensix and would love a room dedicated to forensics from data recovery, analysis and the different types of forensix

There is a lot of forensic paths ie Malware analysis Packet analysis and other Endpoint investigation only labelling a few

@velvet flare Please slow down. Further spam will result in a short timeout.

Some more 5 minute hacks. I love those! Sometimes I don't have a lot of time, but I can sit down, and break into them. It might be even more fun if there was like one vuln we had to find and then exploit. Or a couple minor flaws we could chain together. Basically short and sweet.

Something really unusual, like IoT or a router. Not sure how it'd be done, but it'd be fun 🙂

Seconding IoT rooms. After all, the S in IoT stands for security.

LOL

Not a bad idea Bee...
I've got something unrelated in the works, but I'd be more than happy to explore this idea :d

So Qemu doesn't work on AWS?

Not that I am aware of :?

can't you install Qemu on EC2 Linux?

It wont run properly as you need a certain instance type to get it to work

EC2 is a VM, so its another layer of virtualization

I'm pretty sure AWS EC2 uses qemu in some form as it's hypervisor asw

Ill google it later 🙂

https://linux.die.net/man/1/virsh

https://www.youtube.com/watch?v=3PciCg4xzGk

pretty sure it will help you

Another option would be to explain how setup your environment and show the attacks.

https://www.exploit-db.com/docs/english/43906-arm-exploitation-for-iot.pdf

The IoT room idea would be great. But it sucks if Qemu doesn’t work

yep

Has anyone done any SSTI rooms yet?

Nope

SSTI and SSRF no exist.

Added to the list 🙂

Thanks for the suggestion!

Can I make a room request command, once done with enough requests, it'll reset but the request will be saved at DB, what you guys think?

Hi, I'm have preparing reverse engineering crack mes for a while seen some interesting challanges, can I create a room with those crackmes

@tacit anvil Go for it

I think some challanges most of the people have already solved I'll try to tweek hem

Is there any guide for room creation ?

A room to create a room!

I ❤️ it!

However, this should probably just be a page

Ont he site

Its on my to-do list

actually

not a room

but a page

https://blog.tryhackme.com/making-the-mountain/

😉 @rocky gazelle

hmmmmmm???

Side note, the talk version of that is going live soon (TM)

Technically, I retweeted it on my twitter account so you can find the talk I did on that

good talk ^

but I'll have it on my website soon

How to delete an uploaded file in yourmaterials

???

@tacit anvil you can’t

Currently you can't, we're going to work on that but it's kind of a low priority

No problem !

Oooooops I just uploaded allll my furry porn to THM, sooooooo sorry. I hope that my content doesnt taint your servers Hard drives. uwu

@tacit anvil please keep it SFW

smh be nice to dark m00

I love dark

Request:

• AV Evasion; basic (Shikata Ga Nai) -> Moderate (Veil) -> Advanced Unicorn, etc-> Expert, Custom payload obfuscation

10-4 Dinosaur

Advanced Unicorn? Holy, second that.

Someone please make a moderate level room or recommend one.

I have malware obfuscation on the list of primer rooms but if someone wants to beat me to it go for it

Regex room. I could make one after my currently planned room though

Regex could be a step of the room, maybe think a bit wider by adding other useful likely notions?

More of a learn regex than a challenge room

Do we have a crypto room?

there are some, but I forget the names

might just include crypto and not be dedicated to it

ohk that works

There's an RSA room @tribal bough

And there's like cryptofun or something

Cool

An introduction to GHIDRA room

Oo

I could do that

Ghidra is my bb

Ill have it done in a few hours or so @haughty berry

Holy shit, that'd be great! I've been wanting to learn how to properly use it @tacit anvil

Yeah

This isnt gonna be a really task heavy room though

Its more gonna be a walkthrough of analyzing a binary, and then the final part will be you analyzing a binary on you're own

Very picture heavy room

@tacit anvil this is great! CANT WAIT

oops

my capslock key got stuck for a sec

Nice pars

Aight

The room is done @light lynx

You want dev access to see if you want anything added?

ah i'd love to 🙂

@haughty berry the room is done and uploaded

@tacit anvil , you a beast

Let me know if you have any issues :D

This is more of a request for the #650425164894568455 event, but since it's essentially a room request, I'm posting it here. Since the event is nearing its end, I wanted to say I'd really like to see some manual exploitation in one of the last few challenges

Manual as in, understand the workflow of a service and develop a exploit accordingly, should be good as a head start.

^ We don't gave time to do that now - but we will do in the future

I’ll think about an AV bypass room. But right now what was considered moderate(Veil, fatrat) has the same detection rate as shikata ga nai.

I’ll have to think of some work arounds

@split viper We have that in the works 🙂

An introduction to memory analysis room

We have one of those @molten spire

o

https://tryhackme.com/room/forensics

Is it possible to get a kali 2019.4 and parrot as a subscribers room?

ParrotOS is not possible.

But Kali 2019.4 is 🙂

Ill add it to my to do list

is there a reason for that? do they not allow distribution?

Got a brilliant idea that just ticked now! Build your own kali distribution!! That should help people compile a build that is suitable for them rather than having a ram hog vm

Nah, ParrotOS is just annoying to try and have hosted on the cloud infrastructure that runs THM

We can do it

But its fiddly

oki dokes

but i still think that building your own kali will be a good starting point

let's drop parrot for now

Yeah

Thats a good idea

My to-do list is really big - working on networks for now 🙂

Its pretty much done

The whole network configuring is all done

Really excited to release it 🙂

if you need a hand with something and i can help let me know

agree with Chev tho, that would be genuinely sick

make ur own

more like a guide on how to build it from ground up

thats what i thought u meant

that would be very good to have

Oh. Okay. So we are on the same line

big selling point for subsription imo too

Even for non subscription

Because you build it yourself to suit your needs and interest

Like. If you are interested in Web pen testing you install x, y, z tools and configure them this way

Or windows

do u mean from kernel up?

too

thatd be a sweet room

i'm totally noob at this so i'm just throwing ideas out the window, but dunno, that might be a thing i think...?

its called lfs

but would be super useful here too @remote socket

Issue has been created by @formal turtle!

What about creating a room introducing Unicornscan and hping3. I haven't seen any mentions of them in any room and I think they might be useful (for beginners level for example)

Oooooo

Yeah thats actually a really good idea

Yup. Agree!

A small room on curl functionality and useage

a room to get a good grasp upon maltego

More sqli rooms, especially manual

pivoting boxes

This is something I can possibly look into. However it depends if the platform can handle it. @remote socket any chance you could clarify for me?

Pivoting will be possible in the future, but not at this current time 🙂

very cool, I just wanted to put it in the request list :). There's a few things on like vulnhub like 'myhouse'

Pog

The networks that are in the works will allow for pivoting setup, I already have plans which require you to pivot

Sounds good, I have a couple of ideas for a pivot box that I'd love to get running on here

though might take a while to develop

Need some info from you all. What do you think is missing from the site in terms of content? Either walkthroughs of topics or challenge rooms?

subs recently got a survey about that, skidy or ashu might be able to provide more on that

Ah sweet

Kinda wanna start a series of walkthroughs but don’t wanna dupe what’s already out

SQLi is always in demand

Harder challenges are often mentioned as well

And obv with harder challenges needs more walkthroughs for that level

Yeah I may look into ssti as that’s my baby but walking people through may be hard due to limited documentation

Can easily make a medium/hard room with it

Introduction to pwn

It's in development @modest trail

But not until 21-26

Wireshark for capturing or filtering?

It'd help to learn both but capturing is eh

Introduction to pwntools

I'm sorry but it depends actually, pwntools just basically is combined version of capstone, binutils, socket and importantly the interaction with binary with subprocess which you can do on your own. But don't worry the upcoming room(s) will help you get familiar with pwntools or something else coughs as well.

🙂

Gotta wait for some weeks though.

@coarse jacinth I gotchu

My new room on thursday will have a pwntools section

awesome

It wont be a comprehensive full intro though, but it will walk you through a basic exploit

As pwntools is an extremely complex library

I got you covered for that @tacit anvil

Bet @final sun

ARM re?

Sounds easy but damn it's hard.

Calling conventions is a pain in the ass.

I'll have a look into it myself because I want to learn ARM.

Fair enough, count me in. I do want to learn about the ARM binary analysis.

@coarse jacinth gonna have to point you to rule 8 dude

ssh tunnels

@coarse jacinth pls no nsfw

@still ice Gamezone has one

But that's it I think

Yeah gamezone does

Good memory Ninja

(I was doing this like 2 days ago)