This post could quite easily be titled “How I Finally got off my Arse”, since I’ve been trying to find the motivation to learn about penetration testing (a.k.a. PenTesting). I was prodded into action courtesy of a post on social media somewhere about TryHackMe’s Advent of Cyber event. It seemed like the perfect thing for me.

The concept is simple: it’s a 25 day event, and each day has a task or challenge that introduces various cyber-security concepts. I looked at the site to see what it was about and immediately knew that it was just what I needed. There were guided tutorials covering basic security concepts, all the way up to full CTFs (capture the flags). Even better, it was free (with certain limits).

The event is Christmas themed (no surprise there), and has an excellent back story. The first task was clearly explained, and I solved it fairly quickly. The first task covered web sites, cookies, and how they can be used to bypass authentication. Today’s task built on the previous one, and introduced bypassing file type filtering and reverse shells. I’m looking forward to tomorrow’s task, and can’t wait to see what will be introduced next.