From Zero to Hero: My 365-Day TryHackMe Journey and the Cybersecurity Secrets I Unlocked

By /

Listen to this Post

Featured Image

Introduction:

In an era where cyber threats evolve daily, structured, hands-on training has become the cornerstone of effective defense. Platforms like TryHackMe have democratized cybersecurity education, offering guided paths that transform beginners into proficient practitioners. This article deconstructs the core technical competencies gained through a year of dedicated “hacking” on such platforms, providing a blueprint for skill development.

Learning Objectives:

  • Understand and apply fundamental Linux and Windows commands essential for security assessments.
  • Execute basic network reconnaissance and vulnerability scanning using industry-standard tools.
  • Implement foundational web application attack techniques and corresponding mitigations.
  • Configure security controls on cloud workloads and harden system configurations.
  • Analyze security logs and apply basic incident response procedures.

You Should Know:

1. Mastering the Terminal: Your First Command Line

The command-line interface (CLI) is the cybersecurity professional’s primary weapon. Proficiency here is non-negotiable for navigating systems, analyzing logs, and running tools.

Step-by-step guide:

Linux/MacOS: Open your terminal. Practice navigation and inspection.
bash
Navigate directories
cd /var/log
List all files, including hidden, with details
ls -la
Search for a specific string within files (e.g., “Failed password”)
grep “Failed password” syslog
Check running processes
ps aux
Change file permissions (make a script executable)
chmod +x myscript.sh
[/bash]
Windows (PowerShell): PowerShell is the modern, powerful CLI for Windows.
bash
Navigate directories
cd C:\Windows\System32\Logs
List directory contents
Get-ChildItem
Find a string in files
Select-String -Path “.log” -Pattern “Error”
Get a list of running processes
Get-Process
Set an environment variable (often needed for tools)
[/bash]

2. Network Reconnaissance 101: Seeing the Digital Battlefield

Before any assessment, you must map the target network. This involves discovering live hosts, open ports, and running services.

Step-by-step guide:

  1. Host Discovery with `ping` & nmap: Identify which machines are online.
    bash
    Basic ping sweep (Linux/Windows cmd)
    ping -c 4 10.10.10.1
    Using Nmap for a network sweep
    nmap -sn 10.10.10.0/24
    [/bash]

2. Port Scanning: Discover accessible services.

bash
Basic TCP SYN scan on top 1000 ports
nmap -sS 10.10.10.5
Aggressive scan with OS and service detection
nmap -A -T4 10.10.10.5
[/bash]

3. Banner Grabbing: Identify service versions.

bash
nmap -sV –script=banner 10.10.10.5 -p 21,22,80,443
[/bash]

3. Web App Vulnerabilities: Exploiting & Mitigating SQLi

SQL Injection (SQLi) remains a critical web vulnerability, allowing attackers to interfere with database queries.

Step-by-step guide (Educational Context – PortSwigger Web Security Academy or TryHackMe Labs):

1. Detection: Test form fields or URL parameters.

bash
— Basic test in a login field
‘ OR ‘1’=’1
[/bash]
2. Exploitation: Use tools like `sqlmap` to automate discovery and data exfiltration.
bash
Test a GET parameter for vulnerabilities
sqlmap -u “http://vulnerable.site/page?id=1” –batch
Enumerate database names
sqlmap -u “http://vulnerable.site/page?id=1” –dbs
[/bash]
3. Mitigation: The only robust solution is using parameterized queries (prepared statements).
bash
VULNERABLE CODE (Python with SQLite example)
cursor.execute(f”SELECT FROM users WHERE username = ‘{user_input}'”)
SECURE CODE – Parameterized Query
cursor.execute(“SELECT FROM users WHERE username = ?”, (user_input,))
[/bash]

4. Defensive Hardening: Securing a Linux Server

System hardening reduces the attack surface of a critical asset.

Step-by-step guide:

  1. Update & Upgrade: Always start with the latest patches.
    bash
    sudo apt update && sudo apt upgrade -y
    [/bash]
  2. Configure the Firewall (ufw): Deny all, allow only necessary services.
    bash
    sudo ufw default deny incoming
    sudo ufw default allow outgoing
    sudo ufw allow ssh
    sudo ufw allow 443/tcp
    sudo ufw enable
    [/bash]
  3. Harden SSH: Disable root login and use key-based authentication.
    bash
    Edit the SSH daemon configuration
    sudo nano /etc/ssh/sshd_config
    Set the following lines:
    PermitRootLogin no
    PasswordAuthentication no
    PubkeyAuthentication yes
    Then restart SSH
    sudo systemctl restart sshd
    [/bash]
  4. Audit with lynis: Run a compliance and hardening audit tool.
    bash
    sudo lynis audit system
    [/bash]

  5. Cloud Security Posture: Locking Down an S3 Bucket
    Misconfigured cloud storage is a leading cause of data breaches.

Step-by-step guide (AWS CLI):

  1. Check Current Policy: A bucket should not be publicly readable.
    bash
    aws s3api get-bucket-policy –bucket my-bucket-name
    aws s3api get-bucket-acl –bucket my-bucket-name
    [/bash]
  2. Apply a Restrictive Policy: Ensure only authorized IAM roles/users can access it.
    bash
    Create a policy.json file denying non-HTTPS and public access
    cat > policy.json << EOF
    {
    “Version”: “2012-10-17”,
    “Statement”: [
    {
    “Effect”: “Deny”,
    “Principal”: “”,
    “Action”: “s3:”,
    “Resource”: “arn:aws:s3:::my-bucket-name/”,
    “Condition”: {“Bool”: {“aws:SecureTransport”: “false”}}
    }
    ]
    }
    EOF
    Apply the policy
    aws s3api put-bucket-policy –bucket my-bucket-name –policy file://policy.json
    [/bash]

3. Enable Bucket Encryption: Enforce encryption at rest.

bash
aws s3api put-bucket-encryption –bucket my-bucket-name \
–server-side-encryption-configuration ‘{“Rules”: [{“ApplyServerSideEncryptionByDefault”: {“SSEAlgorithm”: “AES256”}}]}’
[/bash]

What Undercode Say:

  • Consistent, Gamified Practice Beats Theoretical Mastery: The core value of platforms like TryHackMe is the daily reinforcement of skills through interactive, scenario-based labs. This builds muscle memory for tools and methodologies far more effectively than passive learning.
  • The Foundation is Universal: Whether aiming for red team (offensive) or blue team (defensive) roles, the foundational skills—networking, operating systems, scripting, and core security concepts—are identical. A year of focused practice solidifies this essential baseline.

Analysis: The post highlights a modern, effective approach to cybersecurity upskilling. The “ReCapMe” feature symbolizes a critical principle: progress is incremental and trackable. The technical domains covered—from CLI fluency to cloud misconfigurations—represent the exact skills gap the industry faces. This hands-on, gamified model directly addresses the need for “ready-on-day-one” practitioners, moving beyond certification-centric learning to proven, practical capability. It creates a continuous feedback loop of learning, doing, and validating.

Prediction:

The normalization of accessible, hands-on cyber ranges will accelerate the democratization of security expertise, lowering barriers to entry. This will pressure traditional education models to adapt and will raise the baseline skill level across the entire junior talent pool. Consequently, we can expect a rise in more sophisticated early-career assessments during hiring (e.g., complex practical labs) and a gradual shift in organizational security postures as a more practically skilled workforce implements defenses rooted in firsthand understanding of attack vectors.

🎯Let’s Practice For Free:

IT/Security Reporter URL:

Reported By: Andreea Negreanu – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow UndercodeTesting & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin | 🦋BlueSky

Related Posts: