TryHackMe Complete Beginner vs Jr Penetration Tester

TryHackMe officially announced the removal of the learning path Complete Beginner which has 64 hours and the difficulty level is easy to be replaced by the learning path Jr Penetration Tester which has 56 hours and the difficulty level is intermediate. The rooms in the Complete Beginner learning path will still be available via search. This post is a compression between both learning paths. If you are interested in completing the learning path You will have until 1/14/2022. The link to the rooms in the learning path Complete Beginner are at the end of this post.

THM official email notification on 1/7/2022

Links to the Complete Beginner learning path rooms

Complete Beginner Introduction

Network Exploitation Basics

Web Hacking Fundamentals


Windows Exploitation Basics

Shells and Privilege Escalation

Basic Computer Exploitation

Markdown with checkbox and links to TryHackMe Complete Beginner learning path

# Complete Beginner

The beginner path aims to give a broad introduction to the different areas in Computer Security. This path will be looking at the following areas:

- Basic Linux - Get familiar with the linux command line.
- Web Application Security - Learn web application security concepts through the OWASP Top 10
- Network Security - Using essential tools like NMAP to enumerate infrastructure.
- Scripting Challenges - Using Python and Bash to carry out different tasks.
- Privilege Escalation

Once you complete the beginner path, you should have learnt the fundamental knowledge for each specific area, and use these core concepts to build your understanding of more complex topics within the area.
* * *

## Complete Beginner Introduction

This section focuses on introducing you to the TryHackMe platform, and to the cyber security industry. Once you understand the virtual room concept on TryHackMe, you'll start exploring the different careers in cyber security to get a better feel of what you may like to do. After which, you'll learn how to effectively research for complex answer - cyber security is a very broad field and understand how to find relevant information will be extremely useful to you.

- [ ] [**Tutorial**](
    Learn how to use a TryHackMe room to start your upskilling in cyber security.
- [ ] [**Starting Out In Cyber Sec**](
    Learn about the different career paths in Cyber Security and how TryHackMe can help!
- [ ] [**Introductory Researching**](

A brief introduction to research skills for pentesting.

* * *

## Linux Fundamentals

Many servers and security tools use Linux. Learn how to use the Linux operating system, a critical skill in cyber security.

- [ ] [**Linux Fundamentals Part 1**](
    Embark on the journey of learning the fundamentals of Linux. Learn to run some of the first essential commands on an interactive terminal.
- [ ] [**Linux Fundamentals Part 2**](
    Continue your learning Linux journey with part two. You will be learning how to log in to a Linux machine using SSH, how to advance your commands, file system interaction.
- [ ] [**Linux Fundamentals Part 3**](
    Power-up your Linux skills and get hands-on with some common utilities that you are likely to use day-to-day!

* * *

## Network Exploitation Basics

Understand, enumerate and attack various networking services in real-world environments.

- [ ] [**Introductory Networking**](
    An introduction to networking theory and basic networking tools
- [ ] [**Nmap**](
    An in depth look at scanning with Nmap, a powerful network scanning tool.
- [ ] [**Network Services**](
    Learn about, then enumerate and exploit a variety of network services and misconfigurations.
- [ ] [**Network Services 2**](
    Enumerating and Exploiting More Common Network Services & Misconfigurations

* * *

## Web Hacking Fundamentals

Understand the core security issues with web applications, and learn how to exploit them using industry tools and techniques.

- [ ] [**How websites work**](
    To exploit a website, you first need to know how they are created.
- [ ] [**Web Fundamentals**](
    Learn how the web works!
- [ ] [**Burp Suite**](
    Learn the basics and major components of Burp Suite, the de facto tool to use when performing web app testing.
- [ ] [**OWASP Top 10**](
    Learn about and exploit each of the OWASP Top 10 vulnerabilities; the 10 most critical web security risks.
- [ ] [**OWASP Juice Shop**](
    This room uses the Juice Shop vulnerable web application to learn how to identify and exploit common web application vulnerabilities.
- [ ] [**Upload Vulnerabilities**](
    Tutorial room exploring some basic file-upload vulnerabilities in websites
- [ ] [**Pickle Rick**](
    A Rick and Morty CTF. Help turn Rick back into a human!

* * *

## Cryptography

Cryptography is essential in security. Learn how its used to preserve integrity and confidentiality of sensitive information.

- [ ] [**Hashing - Crypto 101**](
    An introduction to Hashing, as part of a series on crypto
- [ ] [**John The Ripper**](
    Learn how to use John the Ripper - An extremely powerful and adaptable hash cracking tool
- [ ] [**Encryption - Crypto 101**](
    An introduction to encryption, as part of a series on crypto

* * *

## Windows Exploitation Basics

Hacking Windows is often daunting. Grasp the fundamentals of core Windows concepts and Active Directory vulnerabilities.

- [ ] [**Windows Fundamentals 1**](
    In part 1 of the Windows Fundamentals module, we'll start our journey learning about the Windows desktop, the NTFS file system, UAC, the Control Panel, and more..
- [ ] [**Windows Fundamentals 2**](
    In part 2 of the Windows Fundamentals module, discover more about System Configuration, UAC Settings, Resource Monitoring, the Windows Registry and more..
- [ ] [**Intro to Windows**](
    An introduction to Windows
- [ ] [**Active Directory Basics**](
    Learn the basics of Active Directory and how it is used in the real world today
- [ ] [**Metasploit**](
    Learn to use Metasploit, a tool to probe and exploit vulnerabilities on networks and servers.
- [ ] [**Blue**](
    Deploy & hack into a Windows machine, leveraging common misconfigurations issues.

* * *

## Shells and Privilege Escalation

Once you have initial access on a machine, learn how to escalate your account privileges to root.

- [ ] [**What the Shell?**](
    An introduction to sending and receiving (reverse/bind) shells when exploiting target machines.
- [ ] [**Common Linux Privesc**](
    A room explaining common Linux privilege escalation
- [ ] [**Linux PrivEsc**](
    Practice your Linux Privilege Escalation skills on an intentionally misconfigured Debian VM with multiple ways to get root! SSH is available. Credentials: user:password321

* * *

## Basic Computer Exploitation

Strengthen your skills by exploiting a range of different applications and services, from networking to web to privilege escalation.

- [ ] [**Vulnversity**](
    Learn about active recon, web app attacks and privilege escalation.
- [ ] [**Basic Pentesting**](
    This is a machine that allows you to practise web app hacking and privilege escalation
- [ ] [**Kenobi**](
    Walkthrough on exploiting a Linux machine. Enumerate Samba for shares, manipulate a vulnerable version of proftpd and escalate your privileges with path variable manipulation.
- [ ] [**Steel Mountain**](
    Hack into a Mr. Robot themed Windows machine. Use metasploit for initial access, utilise powershell for Windows privilege escalation enumeration and learn a new technique to get Administrator access.

* * *

Leave a Reply