By Shamsher khna This is a Writeup of Tryhackme room “Intro to Python”

Task 3. Mathematical Operators

Question 1. What is the name of >

Answer: greater than

Question 2. What is the name of !=

Answer: not equal to

Question 3. 1 != 0 will this return true or false (T or F)

Answer: T

Question 4. What is the name of <=

Answer: less than or equal to

Question 5. Will this sample code return truee or false

By Shamsher khna This is a Writeup of Tryhackme room “Intro to ISAC”


Threat Intelligence, also known as TI and Cyber Threat Intelligence also known as, CTI, is used to provide information about the threat landscape specifically adversaries and their TTPs. Typically CTI revolves around APT groups and/or other threats, these can be well-known groups or up and coming new threats.

Data must be analyzed to be considered threat intelligence. Once analyzed and actionable, then it becomes threat intelligence. The data needs context around to become intel.

CTI is a precautionary measure that companies use or contribute to so that…

By Shamsher khna This is a writeup of the TryHackMe room “John The Ripper” from the creator PoloMints

Task 2: Setting up John the Ripper

Question: What is the most popular extended version of John the Ripper?

Answer: Jumbo John

Task 3: Wordlists

Question: What website was the rockyou.txt wordlist created from a breach on?


Task 4: Cracking Basic Hashes

Tool we use hash-identifier. This tool is already install in kali linux


for the Practical we need to download “”

So Here we unzip the file

By Shamsher khna This is a Writeup of Tryhackme room “MITRE”

TASK 1 & 2 are simple click and complete tasks


Question 1: Only blue teamers will use the ATT&CK Matrix? (Yay/Nay)


Question 2: What is the ID for this technique?


Question 3: Based on this technique, what mitigation covers identifying social engineering techniques?

User Training

Question 4: There are other possible areas for detection for this technique, which occurs after what other technique?

User Execution

Question 5: What group has used spear phishing in their campaigns?


Question 6: Based on the information for this…

By Shamsher khna This is a Writeup of Tryhackme room “Jack”


First, we will connect to the VPN. If you are not familiar with the process go through this room

Once we are connected we will deploy the machine (note that in the room description there is a request for you to add jack.thm to /etc/hosts):

Let’s add jack.thm to the /etc/hosts file you can use leafpad or vim for edit this file

By Shamsher khna This is a Writeup of Tryhackme room “Hardening Basics Part 1”

Machine Credential spooky:tryhackme

By Shamsher khna This is a Writeup of Tryhackme room “Hardening Basics Part 2”


By Shamsher khan

To learn and practice penetration testing against web application and network devices, vulnerable web applications and platforms are playing major role and provide all the possibilities of attacks.

Here we have list of all most every vulnerable systems and applications on the internet.

Vulnerable Web Applications

  • BadStore — is dedicated to helping you understand how hackers prey on Web application vulnerabilities, and to showing you how to reduce your exposure. Our Badstore demonstration software is designed to show you common hacking techniques.
  • BodgeIt Store — The BodgeIt Store is a vulnerable web application which is currently aimed at people…

By Shamsher Khan, This is a Writeup of Tryhackme room “Linux Agency”

Welcome to Linux Agency. Agent 47, this is where you will need to go through several tests concerning linux fundamentals and privilege escalation techniques.

This room is proudly made by 0z09e and Xyan1d3

If you enjoy this room, please let us know by tagging us on Twitter. You may also contact us in case of some unintended routes or bugs, and we will be happy to resolve them.

Please wait about 1 minute before SSH’ing into the box.

SSH Username : agent47

SSH Password : 640509040147

Each flag…

By Shamsher khna This is a Writeup of Tryhackme room “Physical Security Intro”

Room link:

Task 1. Introduction

Learn the basics of physical security

A lot of times physical security is overlooked during red team engagements. Sure, it’s not as popular as cyber security, however having some basic knowledge of lock picking and bypasses are an important tool to have in your repertoire.

Below are some great videos that are a perfect introduction to physical security. …

Shamsher khan

Web Application Pen-tester || CTF Player || Security Analyst || Freelance Cyber Security Trainer

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store