Esther7171/TryHackMe-Walkthroughs
GitHub: Esther7171/TryHackMe-Walkthroughs
一个结构化的 TryHackMe 攻略与 CTF writeup 合集,覆盖 Web 攻击、提权、逆向、取证等多种渗透技术方向。
Stars: 50 | Forks: 12
# TryHackMe 攻略与 Writeup
这是一个结构化的 **TryHackMe 攻略和 CTF writeup** 集合,主要针对初级到中级的渗透测试实验室。
每个房间都记录了方法论、命令、枚举、漏洞利用步骤,并追踪了 **捕获的 flag 和完成积分**。
这是一个维护中的 **学习档案和参考资料**,用于动手实践和认证备考。
# 攻略列表
| 房间名称 | 难度 | 类型 | 描述 | 房间类型 |
|:---:|:---:|---|---|---|
| [0day](https://github.com/Esther7171/TryHackMe-Walkthroughs/blob/main/Room/0day/readme.md#0day) | Medium | Linux | Exploit Ubuntu, like a Turtle in a Hurricane | `CTF` |
| [0x41haz](https://github.com/Esther7171/TryHackMe-Walkthroughs/blob/main/Room/0x41haz/writeup.md#0x41haz--tryhackme-walkthrough) | Easy | Linux | Simple Reversing Challenge | `Reverse Engerniering` |
| [25 Days of Cyber Security](https://github.com/Esther7171/TryHackMe-Walkthroughs/tree/main/Room/25%20Days%20of%20Cyber%20Security#25-days-of-cyber-security---tryhackme-write-ups) | Easy | Linux | Get started with Cyber Security in 25 Days - Learn the basics by doing a new, beginner friendly security challenge every day. |learning |
| [A Bucket of Phish](https://github.com/Esther7171/TryHackMe-Walkthroughs/blob/main/Room/A%20Bucket%20of%20Phish/readme.md#a-bucket-of-phish---tryhackme-writeup) | Easy | Linux | From the Hackfinity Battle CTF event. | `cloud` |
| [Abusing Windows Internals](https://github.com/Esther7171/TryHackMe-Walkthroughs/tree/main/Room/Abusing%20Windows%20Internals#abusing-windows-internals) | Hard | Windows | Leverage windows internals components to evade common detection solutions, using modern tool-agnostic approaches. | `Learning` |
| [Agent Sudo](./Room/Agent-Sudo/writeup.md) | Easy | Linux | You found a secret server located under the deep sea. Your task is to hack inside the server and reveal the truth | CTF ```CVE-2019-14287``` |
| [Alfred](https://github.com/Esther7171/THM-Walkthroughs/blob/main/Room/Alfred/readme.md#alfred) | Easy | Windows | Exploit Jenkins to gain an initial shell, then escalate your privileges by exploiting Windows authentication tokens. | `privileges escalation via token impersonation` |
| [Analysing Volatile Memory](https://github.com/Esther7171/TryHackMe-Walkthroughs/tree/main/Room/Analysing%20Volatile%20Memory#analysing-volatile-memory) | Medium | Windows |Learn how the Windows OS manages volatile data in different files on disk. Explore how to extract and analyse volatile data from those artefacts.|`Forensics`|
| [Annie](./Room/Annie/writeup.md) | Medium | Linux | Remote access comes in different flavors | AnyDesk 5.5.2 – Remote Code Execution ```CVE-2020-13160``` |
| [Anonforce](./Room/Anonforce/writeup.md) | Easy | Linux | boot2root machine for FIT and bsides guatemala CTF | CTF |
| [Archangel](./Room/Archangel/writeup.md) | Easy | Linux | Boot2root, Web exploitation, Privilege escalation, LFI | CTF |
| [Basic-Pentesting](./Room/Basic-Pentesting/walkthrough.md) | Easy | Linux | This is a machine that allows you to practise web app hacking and privilege escalation | Beginner Level CTF |
| [Battery](./Room/Battery/writeup.md) | Medium | Linux | CTF designed by CTF lover for CTF lovers | ```Re-Registration Attack``` ```XML External Entity``` ```Sudo Abuse```|
| [Biteme](./Room/Biteme/writeup.md) | Medium | Linux | Stay out of my server! | CTF |
| [Blue](./Room/Blue/writeup.md) | Easy | Windows | Windows Exploitation Basics - Easy | ```MS17-010``` EternalBlue SMB Remote Windows Kernel Pool Corruption |
| [Blueprint](./Room/Blueprint/writeup.md) | Easy| Windows | Hack into this Windows machine and escalate your privileges to Administrator. | ```osCommerce 2.3.4.1 - Remote Code Execution``` ----------->re doing deleted. it [Lab](https://tryhackme.com/r/room/blueprint) |
| [Bounty Hacker](./Room/Bounty-Hacker/walkthrough.md) | Easy | Linux | You talked a big game about being the most elite hacker in the solar system. Prove it and claim your right to the status of Elite Bounty Hacker!| Beginner Level CTF |
| [Break Out The Cage](./Room/Break-Out-The-Cage/writeup.md) | Easy | Linux | Help Cage bring back his acting career and investigate the nefarious goings on of his agent! | CTF |
| [Brooklyn-Nine-Nine](./Room/Brooklyn-Nine-Nine/walkthrough.md) | Easy | Linux | This room is aimed for beginner level hackers but anyone can try to hack this box. There are two main intended ways to root the box | Beginner Level CTF |
| [Bugged](./Room/Bugged/writeup.md) | Easy | Linux | John likes to live in a very Internet connected world. Maybe too connected...| ```IoT Device hacking``` |
| [C4ptur3-th3-fl4g](./Room/C4ptur3-th3-fl4g/writeup.md) | Easy | Linux | A beginner level CTF challenge | Decoding Messages ```Spectrograms``` ```Steganography``` ```Security through obscurity``` |
| [CMesS](./Room/CMesS) | Medium | Linux | Can you root this Gila CMS box? | ```Gila CMS 1.10.9``` |
| [CTF collection Vol.2](./Room/CTF-collection-Vol.2/writeup.md) | Medium | Linux | Sharpening up your CTF skill with the collection. The second volume is about web-based CTF. | CTF ```Cryptography``` |
| [Capture!](./Room/Capture!/writeup.md) | Easy | Web | Can you bypass the login form? | Authentication vulnerability|
| [Careers in Cyber](./Room/Careers-in-Cyber/info.md) | Info | None | Learn about the different careers in cyber security | Guide |
| [Cheese CTF](./Room/Cheese-CTF/walkthrough.md) | Easy | Linux | Inspired by the great cheese talk of THM!| CTF ```LFI``` ```RCE``` ```SUID``` |
| [Chocolate_Factory](./Room/Chocolate_Factory/Walkthrough.md) | Easy | Linux | A Charlie And The Chocolate Factory themed room, revisit Willy Wonka's chocolate factory!| Beginner Level CTF |
| [Cicada-3301 Vol:1](./Room/Cicada-3301-Vol_1/writeup.md) | Medium | Linux | A basic steganography and cryptography challenge room based on the Cicada 3301 challenges | ```Cryptography``` |
| [Cipher's Secret Message](https://github.com/Esther7171/THM-Walkthroughs/blob/main/Room/Cipher's%20Secret%20Message/readme.md#ciphers-secret-message--tryhackme-writeup) | Easy | Any |Sharpen your cryptography skills by analyzing code to get the flag. | `Caesar Decryption` `Crypto Challenge` |
| [Compiled](https://github.com/Esther7171/TryHackMe-Walkthroughs/tree/main/Room/Compiled#compiled---tryhackme-writeup) | Easy | Any | Strings can only help you so far. | `binary` |
| [Corridor](./Room/Corridor/walkthroug.md) | Easy | Web | Can you escape the Corridor?| IDOR |
| [Crack the Hash Level-1](./Room/Crack-The-Hash-Level-1/writeup.md) | Easy | any | Cracking hashes challenges | ```Cryptography```|
| [Crack The Hash Level-2](./Room/Crack-The-Hash-Level-2/writeup.md) | Medium | Any | Advanced cracking hashes challenges and wordlist generation | ```Cryptography```|
| [CyberHeroes](https://github.com/Esther7171/TryHackMe-Walkthroughs/tree/main/Room/CyberHeroes#cyberheros-tryhackme-writeup) | Easy | Web | Want to be a part of the elite club of CyberHeroes? Prove your merit by finding a way to log in! | `Broken Authentication` |
| [Dig Dug](https://github.com/Esther7171/TryHackMe-Walkthroughs/blob/main/Room/Dig%20Dug/Readme.md#dig-dug-tryhackme-walkthrough) | Easy | Any | Turns out this machine is a DNS server - it's time to get your shovels out! |`Dns Enumeration` |
| [Directory](https://github.com/Esther7171/THM-Walkthroughs/tree/main/Room/Directory#directory) | Hard | Any | Do you have what it takes to crack this case? | `DFIR` |
| [Dogcat](./Room/Dogcat/writeup.md) | Medium | Linux | I made a website where you can look at pictures of dogs and/or cats! Exploit a PHP application via LFI and break out of a docker container. | CTF ```Web```
| [Dumping Router Firmware](./Room/Dumping-Router-Firmware/writeup.md) | Medium | Linux | Have you ever been curious about how your router works? What OS it runs? What makes it tick? | Investigation of router firmware |
| [Erlang/OTP SSH_CVE-2025-32433](https://github.com/Esther7171/TryHackMe-Walkthroughs/tree/main/Room/Erlang-OTP%20SSH_CVE-2025-32433#erlangotp-ssh-cve-2025-32433) | Easy | Linux | Learn about and exploit Erlang/OTP SSH CVE-2025-32433 in a lab setup. | `CVE-2025-32433` |
| [Event Horizon](https://github.com/Esther7171/THM-Walkthroughs/blob/main/Room/Event%20Horizon/readme.md#event-horizon) | Hard | Linux | Unearth the secrets beyond the Event Horizon. | `DFIR` |
| [Evil-GPT](https://github.com/Esther7171/THM-Walkthroughs/blob/main/Room/Evil-GPT/Readme.md#evil-gpt) | Easy | Linux | Practice your LLM hacking skills. | `LLM hacking ` `Prompt Injection` |
| [Evil-GPT v2](https://github.com/Esther7171/THM-Walkthroughs/blob/main/Room/Evil-GPT/Readme.md#evil-gpt)| Easy | Web | Put your LLM hacking skills to the test one more time. | `Advance LLM hacking ` `Prompt Injection` |
| [FFuF](./Room/Ffuf/writeup.md) | Easy | Linux | Enumeration, fuzzing, and directory brute forcing using ffuf | Tool Guide |
| [Flatline](https://github.com/Esther7171/TryHackMe-Walkthroughs/tree/main/Room/Flatline#flatline-tryhackme-walkthrough--complete-step-by-step-guide-to-root)| Easy | Windows | How low are your morals? |`FreeSWITCH` `openclinic`|
| [Game Buzz](https://github.com/Esther7171/THM-Walkthroughs/tree/main/Room/Game%20Buzz#gamebuzz) | Hard | Part of Incognito CTF | `Unsolved Port not open after knock` |
| [HackPark](https://github.com/Esther7171/TryHackMe-Walkthroughs/tree/main/Room/HackPark#hack-park---tryhackme-walkthrough) | Medium | Windows | Bruteforce a websites login with Hydra, identify and use a public exploit then escalate your privileges on this Windows machine! | `Hydra`, `RCE` & `WinPEAS` `CTF`|
| [Hacker v/s Hacker](./Room/Hacker-vs-Hacker/writeup.md) | Easy | Linux | Someone has compromised this server already! Can you get in and evade their countermeasures? | ```LFI``` |
| [Hackfinity Battle](https://github.com/Esther7171/TryHackMe-Walkthroughs/blob/main/Room/Hackfinity%20Battle/Readme.md#hackfinity-battle---tryhackme-flags) | Medium | Any | Welcome to the Hackfinity Battle CTF! | `Challange` |
| [HaskHell](./Room/HaskHell/writeup.md) | Medium | Linux | Teach your CS professor that his PhD isn't in security. | ```Python``` |
| [Hydra](./Room/Hydra/writeup.md) | Easy | Linux | Learn about and use Hydra, a fast network logon cracker, to bruteforce and obtain a website's credentials | Tool Guide |
| [Idor](https://github.com/Esther7171/TryHackMe-Walkthroughs/blob/main/Room/IDOR/Readme.md#idor---tryhackme-writeup) | Easy | Web |Learn how to find and exploit IDOR vulnerabilities in a web application giving you access to data that you shouldn't have.| `Learn idor` |
| [Ice](./Room/Ice/walkthrough.md) | Easy | Windows | Deploy & hack into a Windows machine, exploiting a very poorly secured media server | Buffer overflow in Icecast 2.0.1 allows remote attackers to execute arbitrary code via an HTTP request ```CVE-2004-1561``` |
| [Ignite](./Room/Ignite) | Easy | Linux | A new start-up has a few issues with their web server | vulnerable CMS service |
| [kenobi](./Room/Kenobi/walkthrough.md) | Easy | Linux | Walkthrough on exploiting a Linux machine. Enumerate Samba for shares, manipulate a vulnerable version of proftpd and escalate your privileges with path variable manipulation. | ```ProFtpd``` ```SUID```| USE
| [Kiba](./Room/Kiba/wrietup.md) | Easy | Linux | Identify the critical security flaw in the data visualization dashboard, that allows execute remote code execution. | ```CVE-2019-7609``` |
| [Linux Shell](https://github.com/Esther7171/TryHackMe-Walkthroughs/tree/main/Room/Linux%20Shells#linux-shells---tryhackme-walkthrough) | Easy | Linux | Learn about scripting and the different types of Linux shells. | shell |
| [Lo-Fi](./Room/Lo-Fi) | Easy | Linux | Want to hear some lo-fi beats, to relax or study to? We've got you covered! | CTF `LFI`|
| [Looking Glass](./Room/Looking-Glass/writeup.md) | Linux | Medium | Step through the looking glass. A sequel to the Wonderland challenge room. | CTF |
| [Lookup](./Room/Lookup/walkthrough.md)| Linux | Easy | Test your enumeration skills on this boot-to-root machine. | CTF `elFinder PHP Connector exiftran Command Injection vulnerability` `Path manipulation exploitation` |
| [MD2PDF](https://github.com/Esther7171/TryHackMe-Walkthroughs/tree/main/Room/MD2PDF#md2pdf-tryhackme-writeup) | Web | Easy | TopTierConversions LTD is proud to present its latest product launch. | CTF |
| [Madness](./Room/Madness/walkthrough.md)| Easy | Linux | Will you be consumed by Madness? | CTF ```Steganography``` ```setuid``` |
| [Metamorphosis](./Room/Metamorphosis/writeup.md) | Medium | Linux | Part of Incognito CTF | CTF ```rsync``` ```SQL```|
| [Metasploit: Exploitation](https://github.com/Esther7171/THM-Walkthroughs/tree/main/Room/Metasploit%3A%20Exploitation#metasploit-exploitation) | Easy | Linux | Using Metasploit for scanning, vulnerability assessment and exploitation. | `Msf` |
| [Metasploit: Meterpreter](https://github.com/Esther7171/THM-Walkthroughs/tree/main/Room/Metasploit%3A%20Meterpreter#metasploit-meterpreter) | Easy | Linux | Take a deep dive into Meterpreter, and see how in-memory payloads can be used for post-exploitation. | `Msf` |
| [Mindgames](./Room/Mindgames/writeup.md) | Medium | Linux | Just a terrible idea... | ```Python``` ```C```|
| [Mr Robot CTF](_URL_66/>) | Medium | Linux | Based on the Mr. Robot show, can you root this box? | CTF |
| [Nax](./Room/Nax/writeup.md) | Medium | Linux | Identify the critical security flaw in the most powerful and trusted network monitoring software on the market, that allows an user authenticated execute remote code execution. | ```CVE-2019-15949``` ``` Metasploit```|
| [Neighbour](https://github.com/Esther7171/TryHackMe-Walkthroughs/blob/main/Room/Neighbour/Readme.md#neighbour-tryhackme-walkthrough) | Easy | Web | Check out our new cloud service, Authentication Anywhere. Can you find other user's secrets? | `IDOR` |
| [Net Sec Challenge](https://github.com/Esther7171/TryHackMe-Walkthroughs/tree/main/Room/Net%20Sec%20Challenge#net-sec-challenge---tryhackme-walkthrough) | Medium | Linux | Practice the skills you have learned in the Network Security module.| `nmap` `Hydra` `Ftp`|
| [Oh My WebServer](./Room/Oh-My-WebServer/writeup.md) | Medium | Linux | Can you root me? | ```CVE-2021-41773``` |
| [Pentesting Fundamentals](https://github.com/Esther7171/THM-Walkthroughs/tree/main/Room/Pentesting%20Fundamentals#pentesting-fundamentals) | Easy | Any | Learn the important ethics and methodologies behind every pentest. | `info` |
| [Pickle Rick](./Room/Pickle-Rick/writeup.md) | Easy | Linux | A Rick and Morty CTF. Help turn Rick back into a human!| CTF ```Web Cmd``` |
| [Precision](https://github.com/Esther7171/TryHackMe-Walkthroughs/tree/main/Room/Precision#precision--tryhackme-writeup)| Hard | Linux | Practice your advanced Linux Exploit Development skills. | ` Binary Exploitation` |
| [Principles of Security](https://github.com/Esther7171/THM-Walkthroughs/tree/main/Room/Principles%20of%20Security#principles-of-security) | Easy | Any | Learn the principles of information security that secures data and protects systems from abuse | `info`
| [Psyco Break](./Room/Psycho-Break/writeup.md) | Easy | Linux | Help Sebastian and his team of investigators to withstand the dangers that come ahead. | CTF |
| [Publisher](./Room/Publisher/walkthrough.md) | Easy | Linux | Test your enumeration skills on this boot-to-root machine | CTF ```CVE-2023-27372``` |
| [Red Stone One Carat](https://github.com/Esther7171/TryHackMe-Walkthroughs/blob/main/Room/Red%20Stone%20One%20Carat/Readme.md#red-stone-one-carat---tryhackme-walkthrough--writeup) | Medium | Linux | First room of the Red Stone series. Hack ruby using ruby.| restricted `rzsh` shell |
| [Red Team Fundamentals](https://github.com/Esther7171/THM-Walkthroughs/tree/main/Room/Red%20Team%20Fundamentals#red-team-fundamentals) | Easy | Any |Learn about the basics of a red engagement, the main components and stakeholders involved, and how red teaming differs from other cyber security engagements.|
| [RootMe](https://github.com/Esther7171/THM-Walkthroughs/tree/main/Room/Rootme#root-me) | Easy | Linux |A ctf for beginners, can you root me? | `File Upload` |
| [Roundcube: CVE-2025-49113](https://github.com/Esther7171/THM-Walkthroughs/blob/main/Room/Roundcube:%20CVE-2025-49113/readme.md#roundcube-cve-2025-49113) | Easy | Linux | Exploit CVE-2025-49113 in a lab environment. | `CVE-2025-49113`|
| [Search Skills](https://github.com/Esther7171/THM-Walkthroughs/tree/main/Room/Search%20Skills#search-skills) | Easy | Any |Learn to efficiently search the Internet and use specialized search engines and technical docs. | `OSINT` |
| [Silver Platter](./Room/Silver-Platter/readme.md)| Easy | Linux | Can you breach the server? | `CVE-2024-36042` |
| [Simple CTF](./Room/Simple-CTF/writeup.md) | Easy | Linux | Beginner level ctf | ```CVE-2019-9053``` ```Vim``` |
| [Slingshot](https://github.com/Esther7171/THM-Walkthroughs/edit/main/Room/Slingshot/README.md#slingshot) | Easy | Linux |Can you retrace an attacker's steps after they enumerate and compromise a web server?| Logs |
| [smol](https://github.com/Esther7171/THM-Walkthroughs/tree/main/Room/Smol#smol) | Medium | Linux |Test your enumeration skills on this boot-to-root machine. | CTF |
| [Soupedecode 01](https://github.com/Esther7171/TryHackMe-Walkthroughs/tree/main/Room/Soupedecode%2001#soupedecode-01) | Easy | Windows | Test your enumeration skills on this boot-to-root machine.| `AD` |
| [Startup](./Room/Startup/walkthrough.md) | Easy | Linux |Abuse traditional vulnerabilities via untraditional means. | CTF |
| [Steel Mountain](https://github.com/Esther7171/THM-Walkthroughs/tree/main/Room/Steel%20Mountain#steel-mountain) | Easy | Linux | Hack into a Mr. Robot themed Windows machine. Use metasploit for initial access, utilise powershell for Windows privilege escalation enumeration and learn a new technique to get Administrator access. | `CVE-2014-6287` |
| [The Greenholt Phish](https://github.com/Esther7171/TryHackMe-Walkthroughs/tree/main/Room/The%20Greenholt%20Phish#the-greenholt-phish--tryhackme-write-up) | Easy | Windows | Use the knowledge attained to analyze a malicious email. | `soc`|
| [The Phishing Pond](https://github.com/Esther7171/TryHackMe-Walkthroughs/tree/main/Room/The%20Phishing%20Pond#the-phishing-pond-tryhackme-walkthrough-identifying-real-world-phishingemails) | Easy | Web | Catch the phish before the phish catches you. | `Identifying Phishing Emails` |
| [The Great Escape](https://github.com/Esther7171/TryHackMe-Walkthroughs/blob/main/Room/The-Great-Escape/readme.md#the-great-escape)| Medium | Linux | Our devs have created an awesome new site. Can you break out of the sandbox? | ```API``` ```Docker``` |
| [The London Bridge](./Room/The-London-Bridge/writeup.md) | Medium | Linux | The London Bridge is falling down | ```SSRF``` ```CVE-2018-18955```|
| [The Marketplace](./Room/The-Marketplace/writeup.md) | Medium | Linux | Can you take over The Marketplace's infrastructure? | ```XSS``` ```SQL``` ```Docker``` |
| [The Server From Hell](./Room/The-Server-From-Hell/writeup.md) | Medium | Linux |Face a server that feels as if it was configured and deployed by Satan himself. Can you escalate to root? | CTF |
| [The Sticker Shop](./Room/The-Sticker-Shop/writeup.md) | Easy | Linux | Can you exploit the sticker shop in order to capture the flag? | ```XSS``` |
| [Tomghost](./Room/Tomghost/writeup.md) | Easy | Linux | Identify recent vulnerabilities to try exploit the system or read files that you should not have access to. | ```CVE-2020–1938``` |
| [Toolbox: Vim](https://github.com/Esther7171/TryHackMe-Walkthroughs/blob/main/Room/Toolbox%E2%80%94%20Vim/Readme.md#toolbox-vim) | Easy | Lin/Win | Learn vim, a universal text editor that can be incredibly powerful when used properly. From basic text editing to editing of binary files, Vim can be an important arsenal in a security toolkit. | Text Editor |
| [UltraTech](./Room/UltraTech/writeup.md) | Medium | Linux | The basics of Penetration Testing, Enumeration, Privilege Escalation and WebApp testing | CTF |
| [Void Execution](https://github.com/Esther7171/TryHackMe-Walkthroughs/tree/main/Room/Void%20Execution#void-execution--tryhackme-writeup) | Medium | Linux |Learn how to bypass restrictions in Linux exploit development. | ` Binary Exploitation ` |
| [Vulnerabilities 101](https://github.com/Esther7171/TryHackMe-Walkthroughs/tree/main/Room/Vulnerabilities%20101#vulnerabilities-101) | Easy | Any | Understand the flaws of an application and apply your researching skills on some vulnerability databases. | Info |
| [W1seGuy](./Room/W1seGuy/writeup.md) | Easy | Linux| A w1se guy 0nce said, the answer is usually as plain as day. | ```Cryptographic``` |
| [Watcher](./Room/Watcher/writeup.md) | Medium | Linux | A boot2root Linux machine utilising web exploits along with some common privilege escalation techniques | ```LFI``` ```Cronjob```|
| [Web Application Security](./Room/Web-Application-Security/writeup.md) | Easy | Web | Learn about web applications and explore some of their common security issues. | Info |
| [Web Application Basics](./Room/Web_Application_Basics/readme.md) | Easy | Web | Learn the basics of web applications: HTTP, URLs, request methods, response codes, and headers.| Info |
| [Wekor](./Room/Wekor/writeup.md) | Medium | Linux |CTF challenge involving Sqli , WordPress , vhost enumeration and recognizing internal services ;) | ```SQL``` ```WordPress``` ```Eeverse engineering``` |
| [Welcome](./Room/Welcome/writeup.md) | Easy | Linux |Learn how to use a TryHackMe room to start your upskilling in cyber security. | Info |
| [Wgel CTF](./Room/Wgel) | Easy | Linux | Can you exfiltrate the root flag? | CTF |
| [Whiterose](./Room/Whiterose/walkthrough.md) | Easy | Linux| Yet another Mr. Robot themed challenge. | EJS ```SSTI```|
| [Windows Fundamentals 1](https://github.com/Esther7171/TryHackMe-Walkthroughs/tree/main/Room/Windows%20Fundamentals%201#windows-fundamentals-1) | info | Windows | In part 1 of the Windows Fundamentals module, we'll start our journey learning about the Windows desktop, the NTFS file system, UAC, the Control Panel, and more..|`windows`|
| [Wonderland](./Room/Wonderland-CTF/walkthroughs.md) | Medium | Linux | Fall down the rabbit hole and enter wonderland | ```Python``` |
| [Year of the Dog](./Room/Year-of-the-Dog/writeup.md) | Hard | Linux | Always so polite... | ```Sqli``` ``Gitea`` |
| [Year-of-the-Owl](./Room/Year-of-the-Owl/writeup.md) | Hard | Windows | The foolish owl sits on his throne... | ```CTF``` |
| [Zeno](./Room/Zeno/writeup.md) | Medium | Linux | Do you have the same patience as the great stoic philosopher Zeno? Try it out!| ```Restaurant Management System 1.0 - Remote Code Execution``` |
| [hc0n Christmas CTF](https://github.com/Esther7171/TryHackMe-Walkthroughs/tree/main/Room/hc0n%20Christmas%20CTF#hc0n-christmas-ctf---tryhackme-writeup) | Hard | Linux | hackt the planet | `CTF` |
除了攻略之外,本仓库还可能包含与每个房间相关的其他相关文件或资源,例如 exploit 脚本、日志文件或 nmap 扫描结果。这些文件可以在相应的目录中找到。
有时候我太懒了,没法做一个完整的攻略,所以请忽略这一点。
请注意,此处提供的攻略仅用于教育目的,不应用于任何恶意活动。请始终遵守道德黑客准则,并尊重 TryHackMe 平台的条款和条件。
欢迎探索这些攻略,了解更多关于每个房间中涵盖的不同挑战和技术。
如果您想通过添加自己的攻略或改进现有攻略来为本仓库做出贡献,请遵循标准的 GitHub 工作流程:Fork 本仓库,进行更改,然后提交 pull request。非常感谢您的贡献!
## Happy Hacking! 🚀
*本合集由 [Esther7171](https://github.com/Esther7171) 维护。*
标签:Aarch64, CISA项目, Cloudflare, Conpot, CTF学习, CTI, MITRE ATT&CK, Penetration Testing, PE 加载器, TryHackMe, Walkthrough, Web安全, Web报告查看器, Windows内核, Windows安全, Writeup, 云计算安全, 云资产清单, 内网渗透, 协议分析, 多线程, 学习笔记, 安全教育, 实战靶场, 技术文档, 插件系统, 数据展示, 权限提升, 漏洞分析, 白帽子, 红队, 网络安全, 网络安全审计, 蓝队分析, 请求拦截, 路径探测, 逆向工具, 逆向工程, 隐私保护