Advent of Cyber 2022 - A Fun and Educational Experience

Alt text

I recently participated in TryHackMe’s Advent of Cyber 2022, a 24-day event that provided a fun and enjoyable experience while also allowing me to learn something new every day. The event’s awesome storyline, including a comic, advanced each day and was interwoven with the day’s tasks, accompanied by some awesome photos like the one below with the bad boy Yeti and Santa’s stolen gifts. Additionally, each day, a cybersecurity content creator was featured with a walkthrough, explanations and additional information on the topic.

Alt text

The event covered topics related to blue, red, and purple team cybersecurity, and some of the topics were:

Blue Team Topics

  • Frameworks like NIST’s CSF, the ISO 270000 series, MITRE ATT&CK, Cyber Kill Chain and the Unified Kill Chain
  • Log Analysis and basics of grep
  • Email Analysis - Issues, social engineering, phishing and analysis
  • CyberChef - Analyzing malicious documents
  • Memory Forensics - Volatility, Image Analysis
  • Malware Analysis - Manual, Static & Dynamic Analysis
  • Packet Analysis - Traffic analysis with Wireshark
  • Threat Detection with Sigma
  • Attack Surface Reduction - Attack vectors, attack surface and reduction techniques

Red Team Topics

  • OSINT (Open Source Intelligence) - Google dorking, lookups and github
  • Scanning - Network, port and vulnerability scanning
  • Brute-Forcing - Remote access and Authentication
  • Smart Contracts - Blockchains, Re-entrancy attack
  • Pivoting - Docker and Metasploit
  • Game Hacking - Memory manipulation
  • Web Apps - OWASP Top 10, IODR
  • Hardware Hacking - low-level hardware & protocols analysis and exploitation
  • Firmware - Reverse engineering, code extraction, encryption and injection
  • IoT - MQTT, Messaging Protocols, Pub/Sub model and exploitation

Purple Team Topics

  • Secure Coding - Input Validation & SQL Injection
  • Defense in Depth - Layers of defense

Overall Experience

TryHackMe’s Advent of Cyber 2022 was a blast, and I enjoyed every bit of it. The event was captivating, fun, and educational. The organizers did an amazing job with the storyline, the photos, and the cybersecurity topics. I can’t wait for the next installment of the event.