PRE-SEC path by the 1& only > THM
Hello peeps! I am Ash (https://tryhackme.com/p/acs), who is working currently as a system administrator and trying to break into cybersecurity. I have been using THM for more than a year now and I can firmly say that this is one of the best learning platforms you will come across. Recently, I stumbled upon this beautiful path by TryHackMe — https://tryhackme.com/path/outline/presecurity which is great for one who is a beginner and wants to understand how Systems, Networks, Web applications, etc. work or one who wants to get back to the basics and have some fun.
For anyone who wants to get into the “technical” side of cybersecurity, having street-level knowledge of Linux, Windows, Networks, HTML, JS is a must. Now, how deep one wants to go in each one of those, is entirely their self-interest and to be fair, even if you are a master at one or two of those, you are going to be fine as these are like the evergreen building blocks of security which is not going anywhere soon.
The pre security path by THM has introduced a testing ground called “View-Site” which is so cool. Once you click on that, it opens up a sandboxed based mini website where you can practically see/do the things the module explains. I hope to see more of them.
The 1st module (CyberSecurity Fundaments) gives you an introduction on how important network and web applications are and how vulnerable they can become if not maintained properly. It also glances on the two main types of profession one might possibly have, Red team or the Blue team.
The 2nd module which is “Network fundamentals” touches on the CCENT/CCNA level concepts where one can learn about network topologies, how the OSI model is structured,data flow from one network device to the other and how encapsulation/de-encapsulation occurs, which is an important concept to understand for someone who is looking to get into network engineer/Network security roles.
The module also shows a very cool real-time working of PING, ARP, DHCP, TCP/IP protocol which I recommend everyone to make use of and play around with it. You will be also touching on the moslty used routing protocols and technologies like RIP, OSPF and VLAN which is very important to understand.
The 3rd module teaches us about how wesbite works and how it can be manipulated by hackers if source code is unsecure.
Almost 75% of the bug bounty programs, CTFs are based on web application security and software security, so it is fair to say that if someone wants to be a commendable security engineer/pentester, he/she should have sound knowledge about web application and the attack surface of it. A website is made of HTML, CSS, JS predominantly and one could easily learn the basics of HTML and JS from W3Schools .
The module also gives a detailed explanation about domains and how DNS works, showing us a real-time walkthrough of how query is made from the client and how it reaches the correct server and back to the client. I highly recommend everyone to research more about recursive and authoritative query to get a solid understanding as it might be confusing at the start.
The 4th module and my favorite undoubtedly is Linux fundamentals. I can’t begin to explain how much I love Linux and Bash scripting. THM has a lot of exercises on the “Linux fundamentals” room which gives us a beginner to Intermediate level knowledge about the various Linux concepts like Kernel, processes, crontabs, file/folder permissions, user accounts, how to use the man command and so much more.
I have to say, I actually liked the previous Linux fundamentals rooms (The one during Advent of Cyber 2020) more than the current one. The previous one was way cooler as we had find the flags by using the various commands with the corresponding switches and it was really cool. Coming back to the present, in these modules, we will also be covering the basics on how to use a text editor like Nano, VIM, Emacs, etc. (Personally I like VIM, don’t ask me why). To top it all, once you finish all the three Linux rooms, you get a cute little badge, how cool is that ?!
I would also recommend everyone to play OverTheWire to master Linux in every possible way. Jason Cannon Linux courses on Udemy are good as well, check it out!
The 5th and final module is the Windows fundamentals where most of us would be thinking “Oh! Only two rooms for Windows, it’s nothing!”, well, it was completely opposite, at least for me, maybe because I was doing it late night, I felt it a bit draggy and way long for windows, however, the information given on those two rooms are golden. So, my suggestion for everyone is not to dive straight to answering the questions, rather I recommend you to read everything and keep the questions at the last.
The modules cover the file system that we use currently, the file/folder permissions, how to navigate the control panel, features in the task manager, msconfig explanation, advantages of UAC and more.
The second module was really good, where we discuss about environment variables, command prompt, how to fetch the hardware details, how to get the event logs, etc. THM has done a great job to add all the possible external links and advanced rooms for people who are looking to deep dive into anything, like, if someone wants to learn more about windows processes, you would see this link — Core Windows Processes room . This is the reason I said earlier to read through everything since they have added many external links and other advanced rooms similar to the one below, highlighted in blue,
The only thing I am a bit sad about is there was no PowerShell in there at all :-(
Overall, I would like to thank TryHackMe for this wonderful path and hope to see many more paths in the future :-) Lots of Love to THM!!!!!
To be honest with everyone, this is my first blog post and I just did this so that I might get some extra tickets. I was always a bit a skeptical about writing blogs, either I thought people would judge and throw some unwanted comments or I was afraid that someone would have already posted about what I am about to write and they wont look into it at all. I have to say, I was wrong.
Writing blogs not only means you share your thoughts and experience about something, it also improves our memory about what we experienced when we write it after few days. It will show how much you understood doing whatever you did, which is very important. To top that, when we come back and check our own blog, it will jog our memory about what we did that time, which is cool. So, my honest suggestion/advice for everyone is to write blogs and dont care about what people might say, just write it thinking that you are doing this for your own good. Peace out !
External resources:
