I’ve spent the past few weeks tackling TryHackMe’s Advent of Cyber 2024.

Some of my favorite challenges were:

  • Day 1 OPSEC, searching online to try and find similar strings via GitHub to link back to the attacker
  • Day 7 AWS Log Analysis, I’m not super versed in cloud security, this was helpful information on log review for AWS
  • Day 16 Azure, same with above, more info into Azure CLI
  • Day 18 Prompt injection, AI has secured a foothold in our present and future. Finding ways to break LLMs for malicious purposes will constantly be looming, and with each evolution, it will get better at generating code and could create a completely autonomous way to generate malware and setup infrastructure
  • Day 19 Game Hacking, I have not heard of Frida before but was a fan of it. I have used burp proxies to intercept mobile traffic for mobile game hacking and also cheat engine for pc game hacking. This was another welcome addition to the toolkit.
  • Day 21 Reverse Engineering, Malware Analysis and Reverse Engineering is a true passion of mine and I enjoyed this room
  • Day 24 Communication protocols, Intercepting a new protocol to determine how to intercept and forge our own traffic was neat. I have done similar things with CANBus traffic in vehicles.

This was a pretty well-balanced room that covered a number of red team, blue team and purple team topics and I had a lot of fun with it!