Blue Team Cyber Defender

Learn the various ways of discovering hidden or private content on a webserver that could lead to new vulnerabilities. Link - https://tryhackme.com/room/contentdiscovery What is the Content Discovery method that begins with M? Manually What is the Content Discovery method that begins with A? Automated What is the Content Discovery method that begins with O? OSINT What is the directory in the robots.txt that isn’t allowed to be viewed by web crawlers? Check the robots.txt file /staff-portal What framework did the favicon belong to? Download the file and upload to virustotal to get hash and then check the mentioned website for the hash. cgiirc What is the path of the secret area that can be found in the sitemap.xml file? Check the sitemap /s3cr3t-area What is the flag value from the X-FLAG header? Run the curl command What is the flag from the framework’s administration portal? Go to mentioned website and find the location /thm-framework-login and login with username and password “admin”...

  Learn how DNS works and how it helps you access internet services. Link- https://tryhackme.com/room/dnsindetail What does DNS stand for? Domain Name System What is the maximum length of a subdomain? 63 Which of the following characters cannot be used in a subdomain ( 3 b _ — )? _ What is the maximum length of a domain name? 253 What type of TLD is .co.uk? ccTLD What type of record would be used to advise where to send email? MX What type of record handles IPv6 addresses? AAAA What field specifies how long a DNS record should be cached for? TTL What type of DNS Server is usually provided by your ISP? recursive What type of server holds all the records for a domain? authoritative Follow the instructions on website for remaining questions:- What is the CNAME of shop.website.thm? shops.myshopify.com What is the value of the TXT record of website.thm? What is the numerical priority value for the MX record? 30 What is the IP address for the A record of www.website.thm? 10.10.10.1...

  Learn about digital forensics artefacts found on Linux servers by analysing a compromised server Link :- https://tryhackme.com/room/linuxserverforensics Deploy the first VM Login using ssh and navigate to /var/log/apache2 How many different tools made requests to the server? Run the below command Answer is 2 Name a path requested by Nmap. Run below command Answer is /nmaplowercheck1618912425 What page allows users to upload files? Navigate to the website Answer is contact.php What IP uploaded files to the server? Run below command to find Answer is 192.168.56.24 Who left an exposed security notice on the server? Run below command to find Go to the location mentioned above and open the security.md file Answer is Fred What command and option did the attacker use to establish a backdoor? Run below command to find backdoor Answer is sh -i What is the password of the second root account? Search passwd Google search xxx from root2 :xxx to find password Deploy the second VM Login a...

  Learn the important ethics and methodologies behind every pentest Link - https://tryhackme.com/room/pentestingfundamentals You are given permission to perform a security audit on an organisation; what type of hacker would you be? White Hat You attack an organisation and steal their data, what type of hacker would you be? Black Hat What document defines how a penetration testing engagement should be carried out? Rules of Engagement What stage of penetration testing involves using publicly available information? Information Gathering If you wanted to use a framework for pentesting telecommunications, what framework would you use? Note: We’re looking for the acronym here and not the full name. OSSTMM What framework focuses on the testing of web applications? OWASP You are asked to test an application but are not given access to its source code — what testing process is this? Black Box You are asked to test a website, and you are given access to the source code — what testing process...

  Learn the principles of information security that secures data and protects systems from abuse Link - https://tryhackme.com/room/principlesofsecurity What element of the CIA triad ensures that data cannot be altered by unauthorised people? integrity What element of the CIA triad ensures that data is available? availability What element of the CIA triad ensures that data is only accessed by authorised people? confidentiality What does the acronym “PIM” stand for? Privileged Identity Management What does the acronym “PAM” stand for? Privileged Access Management If you wanted to manage the privileges a system access role had, what methodology would you use? PAM If you wanted to create a system role that is based on a users role/responsibilities with an organisation, what methodology is this? PIM What is the name of the model that uses the rule “can’t read up, can read down”? The Bell-LaPadula Model What is the name of the model that uses the rule “can read up, can’t read down”? The ...