TryHackMe Learning Paths Rooms

A full list of all TryHackMe rooms in the learning paths

Table of Contents

• Table of Contents
• Learning Paths
  • Easy
    • Introduction to Cyber Security
      • Introduction to Cyber Security
      • Introduction to Offensive Security
      • Introduction to Defensive Security
    • Pre Security
      • Introduction to Cyber Security
      • Network Fundamentals
      • How The Web Works
      • Linux Fundamentals
      • Windows Fundamentals
    • SOC Level 1
      • Cyber Defence Frameworks
      • Cyber Threat Intelligence
      • Network Security and Traffic Analysis
      • Endpoint Security Monitoring
      • Security Information and Event Management
      • Digital Forensics and Incident Response
      • Phishing
    • Security Engineer
      • Introduction to Security Engineering
      • Threats and Risks
      • Network and System Security
      • Software Security
      • Managing Incidents
    • CompTIA Pentest+
      • Planning and Scoping
      • Tools and Code Analysis
      • Information Gathering and Vulnerability Scanning
      • Attacks and Exploits
    • Complete Beginner
      • Complete Beginner Introduction
      • Linux Fundamentals
      • Network Exploitation Basics
      • Web Hacking Fundamentals
      • Cryptography
      • Windows Exploitation Basics
      • Shells and Privilege Escalation
      • Basic Computer Exploitation
    • Web Fundamentals
      • How The Web Works
      • Introduction to Web Hacking
      • Burp Suite
      • Web Hacking Fundamentals
  • Intermediate
    • Jr Penetration Tester
      • Introduction to Cyber Security
      • Introduction to Pentesting
      • Introduction to Web Hacking
      • Burp Suite
      • Network Security
      • Vulnerability Research
      • Metasploit
      • Privilege Escalation
    • DevSecOps
      • Secure Software Development
      • Security of the Pipeline
      • Security in the Pipeline
      • Container Security
      • Infrastructure as Code
    • Cyber Defense
      • Cyber Defense Introduction
      • Threat and Vulnerability Management
      • Security Operations & Monitoring
      • Threat Emulation
      • Incident Response and Forensics
      • Malware Analysis
    • Offensive Pentesting
      • Getting Started
      • Advanced Exploitation
      • Buffer Overflow Exploitation
      • Active Directory
      • Extra Credit
  • Hard
    • SOC Level 2
    • Red Teaming

Learning Paths

Easy

Introduction to Cyber Security

Introduction to Cyber Security

Room Name	Free
Intro to Offensive Security	✔️
Intro to Defensive Security	✔️
Careers in Cyber	✔️

Introduction to Offensive Security

Room Name	Free
Web Application Security	✔️
Operating System Security	❌
Network Security	❌

Introduction to Defensive Security

Room Name	Free
Intro to Digital Forensics	✔️
Security Operations	❌

Pre Security

Introduction to Cyber Security

Room Name	Free
Intro to Offensive Security	✔️
Intro to Defensive Security	✔️
Careers in Cyber	✔️

Network Fundamentals

Room Name	Free
What is Networking?	✔️
Intro to LAN	✔️
OSI Model	❌
Packets & Frames	❌
Extending Your Network	❌

How The Web Works

Room Name	Free
DNS in detail	✔️
HTTP in Detail	✔️
How Websites Work	✔️
Putting it all together	✔️

Linux Fundamentals

Room Name	Free
Linux Fundamentals Part 1	✔️
Linux Fundamentals Part 2	✔️
Linux Fundamentals Part 3	✔️

Windows Fundamentals

Room Name	Free
Windows Fundamentals 1	✔️
Windows Fundamentals 2	✔️
Windows Fundamentals 3	✔️

SOC Level 1

Cyber Defence Frameworks

Room Name	Free
Junior Security Analyst Intro	✔️
Pyramid Of Pain	✔️
Cyber Kill Chain	✔️
Unified Kill Chain	✔️
Diamond Model	❌
MITRE	❌

Cyber Threat Intelligence

Room Name	Free
Intro to Cyber Threat Intel	✔️
Threat Intelligence Tools	✔️
Yara	❌
OpenCTI	❌
MISP	❌

Network Security and Traffic Analysis

Room Name	Free
Traffic Analysis Essentials	✔️
Snort	✔️
Snort Challenge - The Basics	❌
Snort Challenge - Live Attacks	✔️
NetworkMiner	❌
Zeek	❌
Zeek Exercises	❌
Brim	❌
Wireshark: The Basics	✔️
Wireshark: Packet Operations	❌
Wireshark: Traffic Analysis	❌

Endpoint Security Monitoring

Room Name	Free
Intro to Endpoint Security	✔️
Core Windows Processes	❌
Sysinternals	❌
Windows Event Logs	❌
Sysmon	❌
Osquery: The Basics	❌
Wazuh	✔️

Security Information and Event Management

Room Name	Free
Introduction to SIEM	✔️
Investigating with ELK 101	❌
ItsyBitsy	❌
Splunk: Basics	❌
Incident handling with Splunk	❌
Investigating with Splunk	❌
Benign	❌

Digital Forensics and Incident Response

Room Name	Free
DFIR: An Introduction	✔️
Windows Forensics 1	✔️
Windows Forensics 2	❌
Linux Forensics	❌
Autopsy	❌
Redline	✔️
KAPE	✔️
Volatility	❌
Velociraptor	❌
TheHive Project	❌
Intro to Malware Analysis	❌

Phishing

Room Name	Free
Phishing Analysis Fundamentals	✔️
Phishing Emails in Action	✔️
Phishing Analysis Tools	❌
Phishing Prevention	❌
The Greenholt Phish	❌

Security Engineer

Introduction to Security Engineering

Room Name	Free
Security Engineer Intro	✔️
Security Principles	✔️
Introduction to Cryptography	✔️
Identity and Access Management	✔️

Threats and Risks

Room Name	Free
Governance & Regulation	✔️
Threat Modelling	❌
Risk Management	❌
Vulnerability Management	❌

Network and System Security

Room Name	Free
Secure Network Architecture	✔️
Linux System Hardening	❌
Microsoft Windows Hardening	❌
Active Directory Hardening	✔️
Network Device Hardening	❌
Network Security Protocols	❌
Virtualization and Containers	❌
Intro to Cloud Security	❌
Auditing and Monitoring	❌

Software Security

Room Name	Free
OWASP Top 10 - 2021	✔️
OWASP API Security Top 10 - 1	❌
OWASP API Security Top 10 - 2	❌
SSDLC	✔️
SAST	❌
DAST	❌
Weaponizing Vulnerabilities	❌
Introduction to DevSecOps	✔️
Mother's Secret	❌
Traverse	❌

Managing Incidents

Room Name	Free
Intro to IR and IM	✔️
Logging for Accountability	❌
Becoming a First Responder	❌
Cyber Crisis Management	❌

CompTIA Pentest+

Planning and Scoping

Room Name	Free
Pentesting Fundamentals	✔️
Red Team Engagements	✔️
Governance & Regulation	✔️

Tools and Code Analysis

Room Name	Free
Metasploit: Introduction	✔️
Wireshark: The Basics	✔️
Burp Suite: The Basics	✔️
Hydra	✔️
Python Basics	✔️
Python for Pentesters	❌

Information Gathering and Vulnerability Scanning

Room Name	Free
Passive Reconnaissance	✔️
Active Reconnaissance	✔️
Nmap Live Host Discovery	✔️
Nmap Basic Port Scans	❌
Nmap Advanced Port Scans	❌

Attacks and Exploits

Room Name	Free
HTTP in Detail	✔️
OWASP Top 10 - 2021	✔️
OWASP Juice Shop	✔️
Phishing	❌
Windows Privilege Escalation	❌
Windows Local Persistence	❌
Active Directory Basics	✔️
Breaching Active Directory	✔️
Linux Privilege Escalation	✔️
Lateral Movement and Pivoting	❌
Persisting Active Directory	❌
Credentials Harvesting	❌

Complete Beginner

Complete Beginner Introduction

Room Name	Free
Tutorial	✔️
Starting Out In Cyber Sec	✔️
Introductory Researching	✔️

Linux Fundamentals

Room Name	Free
Linux Fundamentals Part 1	✔️
Linux Fundamentals Part 2	✔️
Linux Fundamentals Part 3	✔️

Network Exploitation Basics

Room Name	Free
Introductory Networking	✔️
Nmap	✔️
Network Services	✔️
Network Services 2	✔️

Web Hacking Fundamentals

Room Name	Free
How Websites Work	✔️
HTTP in Detail	✔️
Burp Suite: The Basics	✔️
OWASP Top 10 - 2021	✔️
OWASP Juice Shop	✔️
Upload Vulnerabilities	❌
Pickle Rick	✔️

Cryptography

Room Name	Free
Hashing - Crypto 101	❌
John The Ripper	❌
Encryption - Crypto 101	✔️

Windows Exploitation Basics

Room Name	Free
Windows Fundamentals 1	✔️
Windows Fundamentals 2	✔️
Active Directory Basics	✔️
Metasploit: Introduction	✔️
Metasploit: Exploitation	❌
Metasploit: Meterpreter	❌
Blue	✔️

Shells and Privilege Escalation

Room Name	Free
What the Shell?	❌
Common Linux Privesc	❌
Linux PrivEsc	✔️

Basic Computer Exploitation

Room Name	Free
Vulnversity	✔️
Basic Pentesting	✔️
Kenobi	✔️
Steel Mountain	❌

Web Fundamentals

How The Web Works

Room Name	Free
DNS in detail	✔️
HTTP in Detail	✔️
How Websites Work	✔️
Putting it all together	✔️

Introduction to Web Hacking

Room Name	Free
Walking An Application	✔️
Content Discovery	✔️
Subdomain Enumeration	❌
Authentication Bypass	❌
IDOR	❌
File Inclusion	❌
Intro to SSRF	❌
Intro to Cross-site Scripting	❌
Command Injection	❌
SQL Injection	✔️

Burp Suite

Room Name	Free
Burp Suite: The Basics	✔️
Burp Suite: Repeater	✔️
Burp Suite: Intruder	❌
Burp Suite: Other Modules	❌
Burp Suite: Extensions	❌

Web Hacking Fundamentals

Room Name	Free
How Websites Work	✔️
HTTP in Detail	✔️
Burp Suite: The Basics	✔️
OWASP Top 10 - 2021	✔️
OWASP Juice Shop	✔️
Upload Vulnerabilities	❌
Pickle Rick	✔️

Intermediate

Jr Penetration Tester

Introduction to Cyber Security

Room Name	Free
Intro to Offensive Security	✔️
Intro to Defensive Security	✔️
Careers in Cyber	✔️

Introduction to Pentesting

Room Name	Free
Pentesting Fundamentals	✔️
Principles of Security	✔️

Introduction to Web Hacking

Room Name	Free
Walking An Application	✔️
Content Discovery	✔️
Subdomain Enumeration	❌
Authentication Bypass	❌
IDOR	❌
File Inclusion	❌
Intro to SSRF	❌
Intro to Cross-site Scripting	❌
Command Injection	❌
SQL Injection	✔️

Burp Suite

Room Name	Free
Burp Suite: The Basics	✔️
Burp Suite: Repeater	✔️
Burp Suite: Intruder	❌
Burp Suite: Other Modules	❌
Burp Suite: Extensions	❌

Network Security

Room Name	Free
Passive Reconnaissance	✔️
Active Reconnaissance	✔️
Nmap Live Host Discovery	✔️
Nmap Basic Port Scans	❌
Nmap Advanced Port Scans	❌
Nmap Post Port Scans	❌
Protocols and Servers	❌
Protocols and Servers 2	❌
Net Sec Challenge	❌

Vulnerability Research

Room Name	Free
Vulnerabilities 101	✔️
Exploit Vulnerabilities	❌
Vulnerability Capstone	❌

Metasploit

Room Name	Free
Metasploit: Introduction	✔️
Metasploit: Exploitation	❌
Metasploit: Meterpreter	❌

Privilege Escalation

Room Name	Free
What the Shell?	❌
Linux Privilege Escalation	✔️
Windows Privilege Escalation	❌

DevSecOps

Secure Software Development

Room Name	Free
Introduction to DevSecOps	✔️
SDLC	✔️
SSDLC	✔️

Security of the Pipeline

Room Name	Free
Intro to Pipeline Automation	✔️
Source Code Security	❌
CI/CD and Build Security	❌

Security in the Pipeline

Room Name	Free
Dependency Management	❌
SAST	❌
DAST	❌
Mother's Secret	❌

Container Security

Room Name	Free
Intro to Containerisation	✔️
Intro to Docker	✔️
Intro to Kubernetes	❌
Container Vulnerabilities	❌
Container Hardening	❌

Infrastructure as Code

Room Name	Free
Intro to IaC	✔️
On-Premises IaC	❌
Cloud-based IaC	❌

Cyber Defense

Cyber Defense Introduction

Room Name	Free
Tutorial	✔️
Introductory Networking	✔️
Network Services	✔️
Network Services 2	✔️
Wireshark 101	❌
Windows Fundamentals 1	✔️
Active Directory Basics	✔️

Threat and Vulnerability Management

Room Name	Free
Nessus	✔️
MITRE	❌
Yara	❌
Zero Logon	❌
OpenVAS	✔️
MISP	❌

Security Operations & Monitoring

Room Name	Free
Core Windows Processes	❌
Sysinternals	❌
Windows Event Logs	❌
Sysmon	❌
Osquery: The Basics	❌
Splunk: Basics	❌
Splunk 2	❌

Threat Emulation

Room Name	Free
Attacktive Directory	✔️
Attacking Kerberos	❌

Incident Response and Forensics

Room Name	Free
Volatility	❌
Investigating Windows	✔️
Windows Forensics 1	✔️
Windows Forensics 2	❌
Redline	✔️
Autopsy	❌
Disk Analysis & Autopsy	✔️

Malware Analysis

Room Name	Free
History of Malware	✔️
MAL: Malware Introductory	✔️
MAL: Strings	❌
Basic Malware RE	✔️
MAL: REMnux - The Redux	❌

Offensive Pentesting

Getting Started

Room Name	Free
Tutorial	✔️
Vulnversity	✔️
Blue	✔️
Kenobi	✔️

Advanced Exploitation

Room Name	Free
Steel Mountain	❌
Alfred	❌
HackPark	❌
Game Zone	❌
Skynet	❌
Daily Bugle	✔️
Overpass 2 - Hacked	✔️
Relevant	✔️
Internal	✔️

Buffer Overflow Exploitation

Room Name	Free
Buffer Overflow Prep	✔️
Brainstorm	✔️
Gatekeeper	❌
Brainpan 1	✔️

Active Directory

Room Name	Free
Active Directory Basics	✔️
Breaching Active Directory	✔️
Enumerating Active Directory	✔️
Lateral Movement and Pivoting	❌
Exploiting Active Directory	❌
Persisting Active Directory	❌
Credentials Harvesting	❌

Extra Credit

Room Name	Free
Hacking with PowerShell	❌
Corp	❌
Mr Robot CTF	✔️
Retro	✔️

Hard

SOC Level 2

Red Teaming