This room teaches how to bypass PHP disabled functions, commonly used in Web CTFs and real-world restricted environments.

Hack this machine and get the flag. There are lots of hints along the way and is perfect for beginners!

A detailed walkthrough of the Cheese CTF challenge, covering reconnaissance, enumeration, exploitation, and privilege escalation.

Learn the basics

This room uses the Juice Shop vulnerable web application to learn how to identify and exploit common web application vulnerabilities.

Learn about and exploit each of the OWASP Top 10 vulnerabilities; the 10 most critical web security risks.

This is a machine that allows you to practise web app hacking and privilege escalation

Practice using tools such as Nmap and GoBuster to locate a hidden directory to get initial access to a vulnerable machine. Then escalate your privileges through a vulnerable cronjob.

Pickle Rick is a fun beginner-level TryHackMe room where you help Rick gain access to a server and find ingredients to turn himself back into a human. It teaches basic Linux enumeration, file permissions, and simple privilege escalation techniques.

This challenge focused on an AI-powered support portal. The vulnerability was not in the model itself, but in how the system handled the model’s output, specifically a link preview feature that fetched URLs.