# 2024 - [Advent of Cyber '24 Side Quest](https://0xb0b.gitbook.io/writeups/tryhackme/2024/advent-of-cyber-24-side-quest.md): Explore a series of advanced challenges alongside the core Advent of Cyber event! - by munra, am03bam4n, hadrian3689, MartaStrzelec, elliegillard, h4sh3m00, rePl4stic and MonAha - [T1: Operation Tiny Frostbite](https://0xb0b.gitbook.io/writeups/tryhackme/2024/advent-of-cyber-24-side-quest/t1-operation-tiny-frostbite.md): The first of our enemies is the Frostbite Fox. - [T2: Yin and Yang](https://0xb0b.gitbook.io/writeups/tryhackme/2024/advent-of-cyber-24-side-quest/t2-yin-and-yang.md): Penguin Zero, the tech genius of the Frostlings Five infiltrated the company’s network. With a few keystrokes and a sly grin, he uploaded a malicious script into YIN and YANG, seizing control. - [T3: Escaping the Blizzard](https://0xb0b.gitbook.io/writeups/tryhackme/2024/advent-of-cyber-24-side-quest/t3-escaping-the-blizzard.md): Beware of Blizzard Bear skills, he even managed to hack your old text-based service. Talk about a blast from the 90's! - [T4: Krampus Festival](https://0xb0b.gitbook.io/writeups/tryhackme/2024/advent-of-cyber-24-side-quest/t4-krampus-festival.md): The Krampus is out to snatch your naughty elves. Will they end up all in his bag, or will you find a way to take control back? - [T5: An Avalanche of Web Apps](https://0xb0b.gitbook.io/writeups/tryhackme/2024/advent-of-cyber-24-side-quest/t5-an-avalanche-of-web-apps.md): You got caught in the avalanche. I compromised most of your web applications without being detected. You can't compete with a leopard's speed. - [The Sticker Shop](https://0xb0b.gitbook.io/writeups/tryhackme/2024/the-sticker-shop.md): Can you exploit the sticker shop in order to capture the flag? - by toxicat0r - [Lookup](https://0xb0b.gitbook.io/writeups/tryhackme/2024/lookup.md): Test your enumeration skills on this boot-to-root machine. - by josemlwdf - [Mouse Trap](https://0xb0b.gitbook.io/writeups/tryhackme/2024/mouse-trap.md): Follow Jom and Terry on their purple teaming adventures, emulating attacks and investigating the leftover artefacts. - by ar33zy, DrGonz0 & Aashir.Masood - [Hack Back](https://0xb0b.gitbook.io/writeups/tryhackme/2024/hack-back.md): Can you get to the bottom of what's wrong with the machine? - by Maxablancas, h4sh3m8 & rePl4stic - [SeeTwo](https://0xb0b.gitbook.io/writeups/tryhackme/2024/seetwo.md): Can you see who is in command and control? - by hadrian3689 - [Whiterose](https://0xb0b.gitbook.io/writeups/tryhackme/2024/whiterose.md): Yet another Mr. Robot themed challenge. - by ngn - [Rabbit Hole](https://0xb0b.gitbook.io/writeups/tryhackme/2024/rabbit-hole.md): It's easy to fall into rabbit holes. - by shamollash - [Mountaineer](https://0xb0b.gitbook.io/writeups/tryhackme/2024/mountaineer.md): Will you find the flags between all these mountains? - by nirza - [Extracted](https://0xb0b.gitbook.io/writeups/tryhackme/2024/extracted.md): We need your help! - by hadrian3689 and DrGonz0 - [Backtrack](https://0xb0b.gitbook.io/writeups/tryhackme/2024/backtrack.md): Daring to set foot where no one has. - by 0utc4st and YoloSaimo - [Brains](https://0xb0b.gitbook.io/writeups/tryhackme/2024/brains.md): The city forgot to close its gate. - by Dex01, strategos and l000g1c - [Pyrat](https://0xb0b.gitbook.io/writeups/tryhackme/2024/pyrat.md): Test your enumeration skills on this boot-to-root machine. - by josemlwdf - [K2](https://0xb0b.gitbook.io/writeups/tryhackme/2024/k2.md): Are you able to make your way through the mountain? - by hadrian3689 - [Base Camp](https://0xb0b.gitbook.io/writeups/tryhackme/2024/k2/base-camp.md): K2 -Are you able to make your way through the mountain? - by hadrian3689 - [Middle Camp](https://0xb0b.gitbook.io/writeups/tryhackme/2024/k2/middle-camp.md): K2 - Are you able to make your way through the mountain? - by hadrian3689 - [The Summit](https://0xb0b.gitbook.io/writeups/tryhackme/2024/k2/the-summit.md): K2 - Are you able to make your way through the mountain? - by hadrian3689 - [The London Bridge](https://0xb0b.gitbook.io/writeups/tryhackme/2024/the-london-bridge.md): The London Bridge is falling down. - by Sharib - [Cheese CTF](https://0xb0b.gitbook.io/writeups/tryhackme/2024/cheese-ctf.md): Inspired by the great cheese talk of THM! - by shadowabsorber and VainXploits - [Breakme](https://0xb0b.gitbook.io/writeups/tryhackme/2024/breakme.md): Break this secure system and get the flags, if you can. - by TH3V1P3R - [CERTain Doom](https://0xb0b.gitbook.io/writeups/tryhackme/2024/certain-doom.md): Bob has since joined the CERT team and developed a nifty new site. Is there more than meets the eye? - by hydragyrum - [TryPwnMe One](https://0xb0b.gitbook.io/writeups/tryhackme/2024/trypwnme-one.md): A collection of Exploit Development challenges to practice the basic techniques of binary exploitation. - by rePl4stic - [Hammer](https://0xb0b.gitbook.io/writeups/tryhackme/2024/hammer.md): Use your exploitation skills to bypass authentication mechanisms on a website and get RCE. - by 1337rce - [U.A. High School](https://0xb0b.gitbook.io/writeups/tryhackme/2024/u.a.-high-school.md): Welcome to the web application of U.A., the Superhero Academy. - by Fede1781 - [IronShade](https://0xb0b.gitbook.io/writeups/tryhackme/2024/ironshade.md): Perform a compromise assessment on a Linux host and identify the attack footprints. - by Dex01 - [Block](https://0xb0b.gitbook.io/writeups/tryhackme/2024/block.md): Encryption? What encryption? - by hadrian3689 - [Injectics](https://0xb0b.gitbook.io/writeups/tryhackme/2024/injectics.md): Use your injection skills to take control of a web app. - by 1337rce & l000g1c - [DX2: Hell's Kitchen](https://0xb0b.gitbook.io/writeups/tryhackme/2024/dx2-hells-kitchen.md): Can you help compromise a civilian machine that we believe is connected to the NSF? -by Aquinas - [New York Flankees](https://0xb0b.gitbook.io/writeups/tryhackme/2024/new-york-flankees.md): Can you, the rogue adventurer, break through Stefan's defences to take control of his blog! - by ioctl & tgreenMWR - [NanoCherryCTF](https://0xb0b.gitbook.io/writeups/tryhackme/2024/nanocherryctf.md): Explore a double-sided site and escalate to root! - by dsneddon00 - [Publisher](https://0xb0b.gitbook.io/writeups/tryhackme/2024/publisher.md): Test your enumeration skills on this boot-to-root machine. -by josemlwdf - [W1seGuy](https://0xb0b.gitbook.io/writeups/tryhackme/2024/w1seguy.md): A w1se guy 0nce said, the answer is usually as plain as day. - by hadrian3689 and DrGonz0 - [mKingdom](https://0xb0b.gitbook.io/writeups/tryhackme/2024/mkingdom.md): Beginner-friendly box inspired by a certain mustache man. - by uartuo - [Airplane](https://0xb0b.gitbook.io/writeups/tryhackme/2024/airplane.md): Are you ready to fly? - by blgsvnomer - [Include](https://0xb0b.gitbook.io/writeups/tryhackme/2024/include.md): Use your server exploitation skills to take control of a web app. - by 1337rce and l000g1c - [CyberLens](https://0xb0b.gitbook.io/writeups/tryhackme/2024/cyberlens.md): Can you exploit the CyberLens web server and discover the hidden flags? - by TeneBrae93 and tgreenMWR - [Profiles](https://0xb0b.gitbook.io/writeups/tryhackme/2024/profiles.md): No profile? No problem. - by hadrian3689 - [Whats Your Name?](https://0xb0b.gitbook.io/writeups/tryhackme/2024/whats-your-name.md): Utilise your client-side exploitation skills to take control of a web app. - by 1337rce & l000g1c - [Capture Returns](https://0xb0b.gitbook.io/writeups/tryhackme/2024/capture-returns.md): The developers have improved their login form since last time. Can you bypass it? - by toxicat0r - [TryHack3M](https://0xb0b.gitbook.io/writeups/tryhackme/2024/tryhack3m.md): TryHackMe has just reached THREE MILLION users! 🎉 - [TryHack3M: Burg3r Bytes](https://0xb0b.gitbook.io/writeups/tryhackme/2024/tryhack3m/tryhack3m-burg3r-bytes.md): They say these burgers are worth every penny. Can you buy one? - by cmnatic, munra and melmols - [TryHack3M: Bricks Heist](https://0xb0b.gitbook.io/writeups/tryhackme/2024/tryhack3m/tryhack3m-bricks-heist.md): Crack the code, command the exploit! Dive into the heart of the system with just an RCE CVE as your key. - by umairalizafar, ujohn and l000g1c - [TryHack3M: Sch3Ma D3Mon](https://0xb0b.gitbook.io/writeups/tryhackme/2024/tryhack3m/tryhack3m-sch3ma-d3mon.md): A guided challenge to learn about SQL injection exploits. -by strategos, MaxRobertson and arebel - [TryHack3M: Subscribe](https://0xb0b.gitbook.io/writeups/tryhackme/2024/tryhack3m/tryhack3m-subscribe.md): Can you help Hack3M reach 3M subscribers? - by ar33zy, Dex01 and 1337rce - [Creative](https://0xb0b.gitbook.io/writeups/tryhackme/2024/creative.md): Exploit a vulnerable web application and some misconfigurations to gain root privileges. - by ssaadakhtarr - [Bypass](https://0xb0b.gitbook.io/writeups/tryhackme/2024/bypass.md): Use your defence evasion skills to take control of a secure network. - by 1337rce - [Clocky](https://0xb0b.gitbook.io/writeups/tryhackme/2024/clocky.md): Time is an illusion. - by toxicat0r - [El Bandito](https://0xb0b.gitbook.io/writeups/tryhackme/2024/el-bandito.md): Can you help capture El Bandito before he leaves the galaxy? - by l4m3r8 - [Hack Smarter Security](https://0xb0b.gitbook.io/writeups/tryhackme/2024/hack-smarter-security.md): Can you hack the hackers? - by TeneBrae93 and tgreenMWR - [Summit](https://0xb0b.gitbook.io/writeups/tryhackme/2024/summit.md): Can you chase a simulated adversary up the Pyramid of Pain until they finally back down? -by odacavoTHM - [Chrome](https://0xb0b.gitbook.io/writeups/tryhackme/2024/chrome.md): Let us place all of our trust in a password manager. - by hadrian3689 - [Exfilibur](https://0xb0b.gitbook.io/writeups/tryhackme/2024/exfilibur.md): You’ve been asked to exploit all the vulnerabilities present. - by l4m3r8 - [Breaking RSA](https://0xb0b.gitbook.io/writeups/tryhackme/2024/breaking-rsa.md): Hop in and break poorly implemented RSA using Fermat's factorization algorithm. - by hackerinthehouse - [Kitty](https://0xb0b.gitbook.io/writeups/tryhackme/2024/kitty.md): Map? Where we are going, we don't need maps. - by hadrian3689 - [Reset](https://0xb0b.gitbook.io/writeups/tryhackme/2024/reset.md): This challenge simulates a cyber-attack scenario where you must exploit an Active Directory environment. - by l4m3r8 - [Umbrella](https://0xb0b.gitbook.io/writeups/tryhackme/2024/umbrella.md): Breach Umbrella Corp's time-tracking server by exploiting misconfigurations around containerisation. - by brunofight - [WhyHackMe](https://0xb0b.gitbook.io/writeups/tryhackme/2024/whyhackme.md): Dive into the depths of security and analysis with WhyHackMe. - by suds4131 - [Dodge](https://0xb0b.gitbook.io/writeups/tryhackme/2024/dodge.md): Test your pivoting and network evasion skills. - by 1337rce and l000g1c --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://0xb0b.gitbook.io/writeups/tryhackme/2024.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.