TryHackMe Top 10% in 6 days and 23 Rooms (Story Time)
The Beginning - A Need for Rapid Training
I was talking to a colleague about an area of penetration testing I wanted to brush up on, Compromising Active Directory. I needed some practice for a near-approaching penetration test and wanted to maximize my time.
Standing up an Active Directory environment on my local machine after work with a crying newborn did not seem like an appealing option.
While discussing the various training platforms that have started or been through a complete redesign in recent years, he mentioned TryHackMe. Keep in mind after achieving my OSCP by Offensive Security in 2019, I turned away from formalized penetration testing training to apply those skills and learn others for my day job.
Enter TryHackMe
I apprehensively created an account. Within minutes I knew why I stayed away - I was hooked again.
THM totally gamifies the learning process in digestible Rooms with a clean interface. Each room boasts a plethora of information and forces you to use internal and external resources to engage the material, sometimes even hacking their provided systems!
How TryHackMe Nails Gamification:
Learning Paths, Modules, Networks, and Practice Series
Profile Badges (live and static link sources)
Learning Path Certifications of Completion
Activity Badges (think specific modules, rooms, or themed set of them)
Live Ranking (with percentile)
Activity Streaks
King of the Hill competitions
The Goal - Top 10%
After seeing my live ranking rapidly increase while completing some of the rooms in the Compromising Active Directory learning path a question crept into my mind:
How many rooms would it take to get to the top 10%?
At the time of this writing - 23 rooms.
Rapid Progression Tempered
At about 12% ranking I saw the first diminished return on a room - my percentage didn’t change… it stayed at 12%. I got anxious but knew I should just press on.
I rapidly began completing many of the basic learning paths and embedded rooms that my 13 years of information technology and cybersecurity experience would allow me to breeze through:
Introduction to Cyber Security
Introduction to Offensive Security
Introduction to Defensive Security
What I found is that I bookmarked so many pages and spent so much time reading little “nuggets” of information that I was already reaching the limit of information I could ingest at each session. The changes in the basics provided fresh insight into the nuances of the technologies that I had not explored in quite some time.
Achieving the Goal
Finally, after 6 days of squeezing in questions or full rooms when I got the opportunity, I achieved my goal - TryHackMe Top 10% in 6 Days and 23 Rooms.
You know what - I still haven’t completed my original learning path, Compromising Active Directory.
I’ll leave you with a few parting thoughts:
Learning takes time - even if it’s a review of seemingly old information
Focused energy enables faster results
If you don’t use it, you lose it - even the basics.
Have you used TryHackMe? Which learning path, module, or room is your favorite?
I hope you enjoyed reading that as much as I enjoyed writing it. Drop a comment below to let me know what you think or connect with me @kirkedcarter on all socials.