PortSwigger 1

Best Laptops for Cybersecurity Training in 2025

Author: CyberiumX

Best Laptops for Cybersecurity Training in 2025

Posted on by CyberiumX

If you’re planning to build a career in cybersecurity, your laptop is one of the most important tools you’ll invest in. Whether you’re running Kali Linux, setting up virtual machines (VMs), learning ethical hacking, or completing CTFs on TryHackMe or HackTheBox, you’ll need a powerful and secure system to keep up with your tasks.

In this blog, we’ve compiled the top laptops for cybersecurity training in 2025, based on performance, Linux compatibility, virtualization support, and overall value for money. These laptops are available on Amazon and are perfect for both beginners and professionals.

1. Lenovo ThinkPad T14s Gen 5 – Best Overall for Professionals

 

Processor: Intel Core Ultra 7
RAM: 32 GB
Storage: 512 GB SSD
Security: TPM 2.0, fingerprint sensor, privacy shutter

Lenovo laptop for Cyber security

Why it’s great: ThinkPads are built for enterprise-level security and performance. They handle VMs, penetration testing tools, and Kali Linux without breaking a sweat.

🔗 [Buy Lenovo ThinkPad T14s Gen 5 – https://amzn.to/46J0ALN]

2. Apple MacBook Pro 14″ (M4) – Best for macOS + Cybersecurity Labs

 

Processor: Apple M4
RAM: 16 GB (upgradeable)
Storage: 512 GB SSD
Security: T2 chip, Secure Enclave, FileVault encryption

apple m e1753337094262

Why it’s great: Perfect for professionals who want macOS’s secure ecosystem while also running virtual machines using VMware or Parallels.

🔗 [Buy MacBook Pro 14″ (M4) – https://amzn.to/3UrX3Kd]

3. Dell XPS 13 Ultra – Best Linux-Friendly Premium Laptop

 

Processor: Intel Ultra 7
RAM: 32 GB
Storage: 1 TB SSD
Display: 13.4″ FHD+ InfinityEdgedell e1753337859726

Why it’s great: Lightweight, premium, and highly compatible with Linux distros like Kali and Ubuntu. Ideal for on-the-go ethical hackers.

🔗 [Buy Dell XPS 13 Ultra – https://amzn.to/40BhXu1]

4. Samsung Galaxy Book4 – Best Display + Secure Hardware

 

Processor: Intel Ultra 7
RAM: 16–64 GB
Storage: 512 GB SSD
Display: Super AMOLED
Security: Samsung Knox Vault

samsung e1753338447689

Why it’s great: Beautiful display, great battery life, and strong built-in security. A great Windows-based alternative for cybersecurity learners.

🔗 [Buy Samsung Galaxy Book4 – https://amzn.to/3TVHLgE]

5. Acer Aspire 7 Gaming Laptop – Best for GPU-Powered Tools

 

Processor: AMD Ryzen 5 / Intel i5 options
RAM: 16 GB
Storage: 512 GB SSD
Graphics: NVIDIA GTX or RTX

Acer Aspire for Cyber security

Why it’s great: For those learning password cracking, GPU-accelerated tasks like Hashcat, or 3D visualizations—this gaming laptop gives both performance and affordability.

🔗 [Buy Acer Aspire 7 – https://amzn.to/454G1GO ]

 

6. Lenovo LOQ Ryzen 5 – Best Budget Laptop for Students

 

Processor: AMD Ryzen 5
RAM: 16 GB
Storage: 512 GB SSD

lenovo LOQ for cyber security

Why it’s great: A solid choice for students or beginners who want to start learning Kali Linux and basic networking without breaking the bank.

🔗 [Buy Lenovo LOQ Ryzen 5 – https://amzn.to/3UwcGjK]

Ideal Use Cases Across the List:

 

Screenshot 2025 07 24 172556

 

What to Look for in a Cybersecurity Laptop

 

Before buying a laptop for cybersecurity, make sure it includes:

  1. Powerful CPU – At least Intel i5 or AMD Ryzen 5
  2. 16 GB RAM or more – For smooth multitasking and VMs
  3. 512 GB SSD – Faster boot, tool installs, and response
  4. Virtualization Support – Enable VT-x or AMD-V in BIOS
  5. Linux Compatibility – Works well with Kali Linux or Ubuntu
  6. Secure Hardware – TPM 2.0, fingerprint reader, encryption tools

Choose the Right Laptop for Your Cyber Lab

 

Choosing the right laptop for cybersecurity training is not just about speed or price—it’s about reliability, performance, and compatibility with the tools and technologies you’ll use every day. Whether you’re diving into ethical hacking, penetration testing, or network defense, your machine must support everything from Kali Linux and virtual machines to packet sniffing and secure browsing.

From the professional-grade Lenovo ThinkPad T14s to the sleek and powerful MacBook Pro M4, and the budget-friendly Lenovo LOQ Ryzen 5, this curated list gives you a laptop for every level and purpose.

🔗 Ready to build your cyber lab?
Check out our blog here

Tip for Students & Beginners:

If you’re just starting out, invest smartly. Begin with a reliable mid-range machine like the Acer Aspire 7 or Samsung Galaxy Book4, and upgrade as your needs evolve.

Tip for Professionals & OSCP Aspirants:

Choose a laptop with 32 GB RAM, a high-end CPU, and Linux compatibility for handling multiple VMs, CTF platforms, and advanced toolkits.

Your cybersecurity career deserves a powerful launchpad—invest in a laptop that works as hard as you do.

Team CyberiumX

 

How to Build a Cybersecurity Lab at Home

Posted on by CyberiumX

If you’re passionate about cybersecurity and ethical hacking, practical hands-on experience is essential. Whether you’re a beginner, student, or aspiring penetration tester, having your own cybersecurity lab at home helps you gain real-world skills that books and videos can’t teach.

The best part? You don’t need expensive hardware. With just a few budget-friendly tools and devices (most available on Amazon), you can set up your very own cyber lab at home—perfect for learning Kali Linux, networking, and ethical hacking.

Why You Need a Home Cybersecurity Lab

 

DALL·E 2025 07 13 16.30.03 A creative flat lay image showing components for building a home cybersecurity lab. Items include Raspberry Pi 4 with fan case USB Wi Fi adapter m 1

 

A cybersecurity lab gives you:

  • A safe and isolated environment to practice hacking techniques
  • The ability to run Kali Linux and penetration testing tools
  • Experience with network devices, servers, IoT, and wireless attacks
  • Practical knowledge of tools like Metasploit, Wireshark, Nmap, Burp Suite, and more

Whether you’re preparing for CEH, OSCP, eJPT, or just learning for fun—this setup will speed up your progress.

Components of a Cybersecurity Lab at Home

Here’s a simple breakdown of what you’ll need:

1. Raspberry Pi – The Heart of Your LabRaspberry pi 4 removebg preview

Raspberry Pi 4 is a small, affordable, and powerful mini-computer that can run Kali Linux, act as a server, or simulate IoT devices. It’s perfect for creating a hacking lab that’s portable and energy-efficient.

Use Cases:

  • Install Kali Linux ARM version
  • Simulate IoT devices
  • Host vulnerable web apps
  • Use as a Wi-Fi hacking station

🔗 Buy Raspberry Pi 4 (4GB RAM): [https://amzn.to/4kyA8aI]
🔗 Buy Raspberry Pi 4 Starter Kit: [https://amzn.to/4eRjYYS]

💡 Go for the 4GB or 8GB version for smooth multitasking.

2. USB Wi-Fi Adapter – For Wireless Hacking & Monitor Mode

Most internal laptop Wi-Fi cards don’t support monitor mode or packet injection—essential features for wireless attacks. That’s why you’ll need an external USB Wi-Fi adapter.

Recommended Features:

  • Dual-band (2.4GHz + 5GHz)
  • Supports monitor mode & packet injection
  • Compatible with Kali Linux

🔗 Buy ALFA AWUS036ACH USB Wi-Fi Adapter: [https://amzn.to/3GESpFw]

💡 This is one of the most popular adapters among ethical hackers.

3. MicroSD Card – To Install Kali Linux on Raspberry Pi

To run Kali Linux on Raspberry Pi, you’ll need a high-speed microSD card. This will store your OS, tools, and files.

Recommended:

  • 32GB or 64GB
  • Class 10 (for fast performance)

🔗 Buy SanDisk 64GB Class 10 microSD Card: [https://amzn.to/3GL9P3b]

💡 Avoid cheap cards—they often crash during installations.

What Can You Practice in This Lab?

 

DALL·E 2025 07 13 16.29.55 A modern home cybersecurity lab setup on a desk. The scene includes a Raspberry Pi 4 with connected HDMI cable and cooling fan case a USB Wi Fi adapt

 

Once your lab is ready, you can begin learning and experimenting with:

  • Installing and using Kali Linux
  • Network scanning using Nmap
  • Sniffing traffic with Wireshark
  • Wireless attacks using Aircrack-ng
  • Building and attacking vulnerable web apps (DVWA, OWASP Juice Shop)
  • Setting up MITM attacks on your test network
  • Practicing reverse shells and payload creation
  • Running honeypots, firewalls, and DNS sinkholes (like Pi-hole)

You can also connect your lab with platforms like:

  • TryHackMe
  • Hack The Box
  • VulnHub
  • OverTheWire

Tips for Using Your Home Cyber Lab

  • Isolate your lab network from your home Wi-Fi to avoid accidental damage
  • Always practice ethically—never test tools on unauthorized devices
  • Keep your Kali Linux system updated
  • Take notes and screenshots to track your progress
  • Join forums and communities to ask questions and learn faster

Conclusion

Building your own cybersecurity lab at home is one of the best investments you can make in your learning journey. With tools like the Raspberry Pi, USB Wi-Fi adapters, and a few basic accessories, you can create a complete hands-on environment that mirrors real-world scenarios.

And the best part? You can buy everything you need directly from Amazon in one click.

👉 Start building your lab today – Click here to buy the complete kit
Empower your learning. Practice with real tools. Build a future-proof cybersecurity career from your own desk!

Team CyberiumX

TryHackMe | Answers for CyberChef: The Basics

Posted on by CyberiumX

Hello Folks,

In this blog, we will cover the concepts as well as the answers for the “CyberChef: The Basics” room which is a part of the “Cyber Security 101” learning path. This room provides an overview of a very important web service called CyberChef used for performing cryptographic operations. After completing this room, you will find yourself comfortable with Encryption, Hashing and Encoding.

You can access the room here.

Task 1 Introduction

CyberChef is a versatile, web-based tool for handling various cyber operations, from simple encodings like Base64 to complex encryptions like AES. It operates through “recipes,” or sequences of tasks applied to data. Key learning includes navigating its interface, understanding operations, and creating data-processing recipes.

Proceed with the next tasks to learn more!

No answer required

Task 2 Accessing the Tool

This task will help us access the CyberChef tool. There are two methods: first, accessing it via a web browser, and second, downloading the stable release, which works on both Linux and Windows Operating Systems.

I have access to CyberChef and I’m ready to dive into it.

No answer required

Task 3 Navigating the Interface

This task will guide us about the interface of CyberChef which has four main sections: Operations, Recipe, Input, and Output. The Operations area offers a wide range of categorized functions, the Recipe area lets users arrange and manage operations, the Input area is for entering data, and the Output area displays processed results with options to save or copy.

Q 3.1- In which area can you find “From Base64”?

A 3.1- Operations

Q 3.2- Which area is considered the heart of the tool?

A 3.2- Recipe

Task 4 Before Anything Else

Using CyberChef involves a four-step process: define a clear objective, input your data, choose relevant operations (like encryption/encoding methods), and review the output to ensure the goal is achieved. If the result isn’t as expected, refine and repeat the steps.

Q 4.1- At which step would you determine, “What do I want to accomplish?

A 4.1- 1

Task 5 Practice, Practice, Practice

This task explores CyberChef’s main operation categories—Extractors, Date/Time, and Data Format. It covers extracting data (like IP addresses, URLs, emails), converting timestamps, and encoding formats (e.g., Base64). A practical exercise lets users apply these operations by analyzing task files.

Q 5.1- What is the hidden email address?

A 5.1- hidden@hotmail.com

Q 5.2- What is the hidden IP address that ends in .232?

A 5.2- 102.20.11.232

Q 5.3- Which domain address starts with the letter “T”?

A 5.3- TryHackMe.com

Q 5.4- What is the binary value of the decimal number 78?

A 5.4- 01001110

Q 5.5- What is the URL encoded value of https://tryhackme.com/r/careers?

A 5.5- https://tryhackme.com/r/careers

Task 6 Your First Official Cook

In this task, we have to practically apply whatever we have learned in this room to get a deeper understanding of all the concepts.

Q 6.1- Using the file you downloaded in Task 5, which IP starts and ends with “10”?

A 6.1- 10.10.2.101

Q 6.2- What is the base64 encoded value of the string “Nice Room!”?

A 6.2- TmljZSBSb29tIQ==

Q 6.3- What is the URL decoded value for https%3A%2F%2Ftryhackme%2Ecom%2Fr%2Froom%2Fcyberchefbasics?

A 6.3- https://tryhackme.com/r/room/cyberchefbasics

Q 6.4- What is the datetime string for the Unix timestamp 1725151258?

A 6.4- Sun 1 September 2024 00:40:58 UTC

Q 6.5- What is the Base85 decoded string of the value <+oue+DGm>Ap%u7?

A 6.5- This is fun!

Task 7 Conclusion

I will have CyberChef, the Swiss Army knife of cyber security, ready for my upcoming journeys!

No answer required

You can check out our other blogs here.

Happy Pentesting!!!

Team CyberiumX

TryHackMe | Answers for Training Impact on Teams

Posted on by CyberiumX

Hello Folks,

In this blog, we will cover the importance as well as the answers for the “Training Impact on Teams” room which is a part of the “Cyber Security 101” learning path. This room provides an understanding of how cyber security training is important for organizations. We will learn some unique concepts about the procedure and the impact of it in ensuring security.

You can access the room here.

Task 1 Understanding the Impact of Cyber Security Training

Mastering cybersecurity requires practice in safe environments, like training labs, to build skills without risking live systems. Training not only enhances individual and team readiness but also aligns skill levels within organizations, fostering collaboration, faster learning, and better incident response.

Q 1.1- What is the most efficient way to ramp up the skills of a junior hire in cyber security?

A 1.1- Training

Task 2 Cyber Security Training for Large Organisations

Off-the-shelf training is ideal for small teams, but larger teams or those with specific needs benefit from customizable options like TryHackMe’s Content Studio. Large corporations often seek integrated solutions with features like SSO and APIs to seamlessly incorporate training into existing systems.

Q 2.1- What is the name of the dashboard that TryHackMe offers for companies to create customised training paths?

 A 2.1- Content Studio

Task 3 Write a Cyber Security Training Investment Proposal

Companies can see significant ROI from training investments, as shown in a case where a cybersecurity team of 10 improves productivity by 4%, yielding $32,000 in savings versus a $5,000 training cost, resulting in a 640% ROI. Proposals detailing these benefits, like the one from TryHackMe, can help secure training budgets.

Q 3.1- What would be the savings due to the increased productivity?

A 3.1- 40000

Q 3.2- Assuming that training costs $500 per employee, what is the Return on Investment?

A 3.2- 400%

Task 4 Vendor Selection

When selecting a training vendor, consider questions such as the training’s target audience, content relevance, vendor experience, platform capabilities, and cost-benefit alignment. Addressing these helps ensure the training aligns with organizational needs and optimizes team productivity.

Remember to consider the above questions as you work to select the training provider.

No answer required

Task 5 Conclusion

Training is crucial for a cybersecurity team’s effectiveness and benefits both employees and employers, as many embrace lifelong learning.

Let’s continue investing in our knowledge and skills.

No answer required

You can check out our other blogs here.

Happy Pentesting!!!
Team CyberiumX

TryHackMe | Answers for SOC Fundamentals

Posted on by CyberiumX

Hello Folks,

In this blog, we will cover the concepts as well as the answers for the “SOC Fundamentals” room which is a part of the “Cyber Security 101” learning path. It will cover the fundamentals of Security Operations Center (SOC), including the purpose and components of it. In the end we’ll have a practical exercise, after completing which, we will find ourselves familiar with the operations performed in SOC.

You can access the room by clicking here.

Task 1 Introduction to SOC

This task introduces us with the basic concept of SOC which protects critical data from cyber threats. A Security Operations Center (SOC) is a 24/7 dedicated team that monitors networks to detect and respond to malicious activity protecting company’s assets.

Q 1.1- What does the term SOC stand for?

A 1.1- Security Operations Center 

Task 2 Purpose and Components

In this section, we will dive deep into the purpose and components of SOC. The primary focus of SOC is Detection and Response. The effective SOC operations rely on people, process and technology which altogether creates an efficient environment for detection and response.

Q 2.1- The SOC team discovers an unauthorized user is trying to log in to an account. Which capability of SOC is this?

A 2.1- Detection

Q 2.2- What are the three pillars of a SOC?

A 2.2- People, Process, Technology

Task 3 People

Despite automation, skilled People in a SOC are essential for filtering out false alerts and identifying real threats. The SOC team includes roles like Level 1-3 Analysts for escalating threat detection, security and detection engineers for deploying and managing security solutions, and a SOC Manager who oversees processes and reports to the CISO on security posture.

Q 3.1- Alert triage and reporting is the responsibility of?

A 3.1- SOC Analyst (Level 1)

Q 3.2- Which role in the SOC team allows you to work dedicatedly on establishing rules for alerting security solutions?

A 3.2- Detection Engineer

Task 4 Process

SOC processes involve alert triage, where analysts assess alerts using the “5 Ws” (What, When, Where, Who, Why) to prioritize threats, and reporting, where critical findings are escalated as detailed tickets. For severe threats, the team conducts incident response and forensics to analyze and contain malicious activities, identifying root causes.

Q 4.1- At the end of the investigation, the SOC team found that John had attempted to steal the system’s data. Which ‘W’ from the 5 Ws does this answer?

A 4.1- Who

Q 4.2- The SOC team detected a large amount of data exfiltration. Which ‘W’ from the 5 Ws does this answer?

A 4.2- What

Task 5 Technology

In a SOC, technology encompasses security solutions that centralize threat detection and response, minimizing manual effort. Key tools include SIEM for log-based threat detection, EDR for endpoint visibility and response, and firewalls for network traffic filtering. These technologies, along with others like IDS/IPS and SOAR, are chosen based on organizational needs and resources to effectively safeguard the network.

Q 5.1- Which security solution monitors the incoming and outgoing traffic of the network?

A 5.1- Firewall

Q 5.2- Do SIEM solutions primarily focus on detecting and alerting about security incidents? (yea/nay)

A 5.2- yea

Task 6 Practical Exercise of SOC

In this section, a practical task is given to practice the things we have learnt in this room.

Q 6.1- What: Activity that triggered the alert?

A 6.1- Port Scan

Q 6.2- When: Time of the activity? 

A 6.2- June 12, 2024 17:24

Q 6.3- Where: Destination host IP? 

A 6.3- 10.0.0.3

Q 6.4- Who: Source host name?

A 6.4- Nessus

Q 6.5- Why: Reason for the activity? Intended/Malicious

A 6.5- Intended

Q 6.6- Additional Investigation Notes: Has any response been sent back to the port scanner IP? (yea/nay)

A 6.6- Yea

Q 6.7- What is the flag found after closing the alert?

A 6.7- THM{000_INTRO_TO_SOC}

Task 7 Conclusion

I understand the fundamentals of a SOC.

No answer needed

You can check out our other blogs here.

Happy Pentesting!!!
Team CyberiumX

TryHackMe | Answers for Web Application Basics

Posted on by CyberiumX

Hello Folks,
In this blog, we will cover the concepts as well as the answers for the “Web Application Basics” room which is a part of the “Cyber Security 101” learning path. It will cover web application fundamentals, including some key topics such as, URLs, HTTP requests/response headers, methods and status codes. After completing this blog, you will find yourself familiar with how web applications work.

You can access the room by clicking here.

Task 1 Introduction

This task will let you know the learning objectives for understanding the basics of web application architecture.

I am ready to learn about Web Applications!

No answer needed

Task 2 Web Application Overview

In this task, the overview of a web app is given compared to a planet where Front End represents the surface which is visible to everyone using programming languages like HTML, CSS and JavaScript. The Back End is similar to the planet’s hidden surface including infrastructure, database and security systems like Web Application Firewalls (WAF).

Q 2.1- Which component on a computer is responsible for hosting and delivering content for web applications?

A 2.1- Web Server

Q 2.2- Which tool is used to access and interact with web applications?

A 2.2- Web Browser

Q 2.3- Which component acts as a protective layer, filtering incoming traffic to block malicious attacks, and ensuring the security of the web application?

A 2.3- Web Application Firewall

Task 3 Uniform Resource Locator

This task will focus on one of the important component through which a user accesses a web application; a URL sometimes called a web address. It has various components such as Scheme (HTTP/HTTPS), User which consists of login details, Host/Domain which identifies the website, Path (resource location or web page), Query String (input for searches), Fragments (for accessing specific section on a web page).

Q 3.1- Which protocol provides encrypted communication to ensure secure data transmission between a web browser and a web server?

A 3.1- HTTPS

Q 3.2- What term describes the practice of registering domain names that are misspelt variations of popular websites to exploit user errors and potentially engage in fraudulent activities?

A 3.2- Typosquatting

Q 3.3- What part of a URL is used to pass additional information, such as search terms or form inputs, to the web server?

A 3.3- Query String

Task 4 HTTP Messages

This section will dive deep into the concepts of HTTP messages which are exchanged between a client browser and a web server including requests coming from the user and response coming from the server. These messages contains start line, headers, empty line and body. Understanding these components is crucial for web application communication.

Q 4.1- Which HTTP message is returned by the web server after processing a client’s request?

A 4.1- HTTP Response

Q 4.2- What follows the headers in an HTTP message?

A 4.2- Empty Line

Task 5 HTTP Request: Request Line and Methods

This section will help us understand an HTTP request, which is sent by a user to a web server and includes a request line (method, path, version), various HTTP methods (GET, POST, etc.), and a URL path that directs the server to the desired resource. Each method has unique security implications, and newer HTTP versions (like HTTP/2 and HTTP/3) enhance speed and security, though many systems still use HTTP/1.1.

Q 5.1- Which HTTP protocol version became widely adopted and remains the most commonly used version for web communication, known for introducing features like persistent connections and chunked transfer encoding?

A 5.1- HTTP/1.1

Q 5.2- Which HTTP request method describes the communication options for the target resource, allowing clients to determine which HTTP methods are supported by the web server?

A 5.2- OPTIONS

Q 5.3- In an HTTP request, which component specifies the specific resource or endpoint on the web server that the client is requesting, typically appearing after the domain name in the URL?

A 5.3- URL Path

Task 6 HTTP Request: Headers and Body

This task will provide an introduction to common HTTP request headers and body. Request headers provide additional details to the server, such as the host, user-agent, and content type. The request body, present in POST/PUT requests, contains data in formats like URL-encoded, form data, JSON, or XML—each suited for different data structures and types.

Q 6.1- Which HTTP request header specifies the domain name of the web server to which the request is being sent?

A 6.1- Host

Q 6.2- What is the default content type for form submissions in an HTTP request where the data is encoded as key=value pairs in a query string format?

A 6.2- application/x-www-form-urlencoded

Q 6.3- Which part of an HTTP request contains additional information like host, user agent, and content type, guiding how the web server should process the request?

A 6.3- Request Headers

Task 7 HTTP Response: Status Line and Status Codes

This section covers the concepts of HTTP Responses which include a status code and reason phrase to indicate the outcome of a request. These codes fall into categories like informational (100-199), successful (200-299), redirection (300-399), client errors (400-499), and server errors (500-599). Common examples are 200 (OK), 404 (Not Found), and 500 (Internal Server Error).

Q 7.1- What part of an HTTP response provides the HTTP version, status code, and a brief explanation of the response’s outcome?

A 7.1- Status Line

Q 7.2- Which category of HTTP response codes indicates that the web server encountered an internal issue or is unable to fulfil the client’s request?

A 7.2- Server Error Responses

Q 7.3- Which HTTP status code indicates that the requested resource could not be found on the web server?

A 7.3- 404

Task 8 HTTP Response: Headers and Body

HTTP response headers are key-value pairs that provide important details to the client, such as content type, server info, and caching instructions. Essential headers include Date, Content-Type, and Server, while others like Set-Cookie, Cache-Control, and Location offer additional functionality, like managing cookies and caching.

Q 8.1- Which HTTP response header can reveal information about the web server’s software and version, potentially exposing it to security risks if not removed?

A 8.1- Server

Q 8.2- Which flag should be added to cookies in the Set-Cookie HTTP response header to ensure they are only transmitted over HTTPS, protecting them from being exposed during unencrypted transmissions?

A 8.2- Secure

Q 8.3- Which flag should be added to cookies in the Set-Cookie HTTP response header to prevent them from being accessed via JavaScript, thereby enhancing security against XSS attacks?

A 8.3- HttpOnly

Task 9 Security Headers

HTTP Security Headers enhance web application security by mitigating risks like Cross-Site Scripting (XSS) and clickjacking. Key headers include Content-Security-Policy (CSP), which defines safe content sources; Strict-Transport-Security (HSTS), which enforces HTTPS connections; X-Content-Type-Options, which prevents MIME type sniffing; and Referrer-Policy, which controls referrer information shared during redirection. These headers work together to strengthen web security.

Q 9.1- In a Content Security Policy (CSP) configuration, which property can be set to define where scripts can be loaded from?

A 9.1- script-src

Q 9.2- When configuring the Strict-Transport-Security (HSTS) header to ensure that all subdomains of a site also use HTTPS, which directive should be included to apply the security policy to both the main domain and its subdomains?

A 9.2- includeSubDomains

Q 9.3- Which HTTP header directive is used to prevent browsers from interpreting files as a different MIME type than what is specified by the server, thereby mitigating content type sniffing attacks?

A 9.3- nosniff

Task 10 Practical Task: Making HTTP Requests

In this section, a practical task is given to practice the things we have learnt in this room.

Q 10.1- Make a GET request to /api/users. What is the flag?

A 10.1- THM{YOU_HAVE_JUST_FOUND_THE_USER_LIST}

Q 10.2- Make a POST request to /api/user/2 and update the country of Bob from UK to US. What is the flag?

A 10.2- THM{YOU_HAVE_MODIFIED_THE_USER_DATA}

Q 10.3- Make a DELETE request to /api/user/1 to delete the user. What is the flag?

A 10.3- THM{YOU_HAVE_JUST_DELETED_A_USER}

Task 11 Conclusion

I’m ready to move forward and learn more about web application security.

No answer needed

You can check out our other blogs here.

Happy Pentesting!!!
Team CyberiumX

TryHackMe | Answers for Moniker Link (CVE-2024-21413)

Posted on by CyberiumX

Hello Folks,
In this introductory blog, we will cover the answers for the “Moniker Link (CVE-2024-21413)” room which is a part of the “Cyber Security 101” learning path. This room covers a critical Remote Code Execution (RCE) and credential leak vulnerability in Microsoft Outlook. This vulnerability allows attackers to exploit malicious Moniker Links in emails, leaking NTLM credentials from affected Office versions.

You can access the room by clicking here.

Task 1 Introduction

This task will let you know the learning objectives and prerequisites for understanding the CVE-2024-21413 vulnerability

Q 1.1- What “Severity” rating has the CVE been assigned?

A 1.1- Critical

Task 2 Moniker Link (CVE-2024-21413)

In this task, we will understand the overview of CVE-2024-21413 in which attackers exploited Moniker links by modifying them with special characters to bypass Outlook’s Protected View security feature.

Q 2.1- What Moniker Link type do we use in the hyperlink?

A 2.1- file://

Q 2.2- What is the special character used to bypass Outlook’s “Protected View”?

A 2.2- !

Task 3 Exploitation

Here, we will dive deep into the exploitation part of this vulnerability where an intruder can craft an email containing the Moniker Link designed to bypass the outlook’s security feature and capture the netNTLMv2 hash of the user who clicks on it. Adversaries in this scenario can use Responder for capturing the hashes.

Q 3.1- What is the name of the application that we use on the AttackBox to capture the user’s hash?

A 3.1- Responder

Q 3.2- What type of hash is captured once the hyperlink in the email has been clicked?

A 3.2- netNTLMV2

Task 4 Detection

Now to detect this vulnerability a YARA rule was created which identifies the “file:\” element in Moniker Links. Also, capturing packets via sniffing can reveal SMB requests from victims containing truncated netNTLMv2 hashes.

Click me to proceed onto the next task!

No answer needed

Task 5 Remediation

This section discusses the mitigation steps immediately taken by Microsoft in February’s “Patch Tuesday” and users were also advised to avoid clicking on unsolicited links before previewing it.

Click me to proceed onto the next task.

No answer needed

Task 6 Conclusion

Mischief managed.

No answer needed

You can check out our other blogs here.

Happy Pentesting!!!
Team CyberiumX

TryHackMe | Answers For Cryptography Basics

Posted on by CyberiumX

Hello Folks,

In this introductory blog, we will cover the answers for the “Cryptography Basics” room which is a part of the “Cyber Security 101” learning path.  This room covers the basics of cryptography which secures the digital communication maintaining confidentiality, integrity and authenticity of the data. We will cover many concepts related to it such as symmetric & asymmetric cryptography, encoding and basic math behind these ciphers. 

You can access the room by clicking here.

Task 1 Introduction

This task will let you know the learning objectives and prerequisites of this room. You can work on it to understand the concepts of Cryptography.

I’m ready to start learning about cryptography!

No answer needed

Task 2 Importance of Cryptography

Cryptography has become vital for every online transaction and communication as it secures our data privacy from intruders. In this section, we will understand the importance of it. 

Q 2.1- What is the standard required for handling credit card information?

A 2.1- PCI DSS

Task 3 Plaintext to Ciphertext

In this task, we will explore the concepts of Plaintext which is considered as human readable and understandable form of data and Ciphertext which is non-human readable form of data. Key terms include plaintext, ciphertext, encryption and decryption.

Q 3.1- What do you call the encrypted plaintext?

A 3.1- Ciphertext

Q 3.2- What do you call the process that returns the plaintext?

A 3.2- decryption

Task 4 Historical Ciphers

This task presents the history of cryptography where one of the oldest algorithms called Caesar Cipher was built and used. This cipher is considered weak as per today’s world but now we have other ciphers to use such as Base64, Morse Code, etc.

Q 4.1- Knowing that XRPCTCRGNEI was encrypted using Caesar Cipher, what is the original plaintext?

A 4.1- ICANENCRYPT

Task 5 Types of Encryption

In this section, we will cover two types of encryption: symmetric encryption where a shared key is used for both encryption and decryption and asymmetric encryption where two different but relational keys are used; one for encryption and other one for decryption.

Q 5.1- Should you trust DES? (Yea/Nay)

A 5.1- Nay

Q 5.2- When was AES adopted as an encryption standard?

A 5.2- 2001

Task 6 Basic Math

The two fundamental mathematical operations on which most cryptographic ciphers are based are XOR and modulo operation. We can understand the concepts of it by going through this task.

Q 6.1- What’s 1001 ⊕ 1010?

A 6.1- 0011

Q 6.2- What’s 118613842%9091?

A 6.2- 3565

Q 6.3- What’s 60%12?

A 6.3- 0

Task 7 Summary

Before proceeding to the next room, make sure you have taken note of all the key terms and concepts introduced in this room.

No answer needed

You can check out our other blogs here.

Happy Pentesting!!!
Team CyberiumX

TryHackMe | Answers For Networking Concepts

Posted on by CyberiumX

Hello Folks,

In this introductory blog, we will cover the answers for the “Networking Concepts” room which is a part of the “Cyber Security 101” learning path.  This room covers the basics of networking, including the concepts of the OSI model, TCP/IP model, IP addresses, subnets, routing, and TCP/UDP. This knowledge will help us understand the backbone of computer networks.

You can access the room by clicking here.

Task 1 Introduction

This task will let you know the learning objectives and prerequisites of this room. You can work on it to understand the networking concepts.

Get your notepad ready, and let’s begin.

No Answer Needed

Task 2 OSI Model

This task covers one of the most vital concepts of networking which is OSI Model. It is a 7 layer framework governing the network communication. Read the concepts of it and then we can easily answer the following questions.

Q 2.1- Which layer is responsible for connecting one application to another?

A 2.1- Layer 4

Q 2.2- Which layer is responsible for routing packets to the proper network?

A 2.2- Layer 3

Q 2.3- In the OSI model, which layer is responsible for encoding the application data?

A 2.3- Layer 6

Q 2.4- Which layer is responsible for transferring data between hosts on the same network segment?

A 2.4- Layer 2

Task 3 TCP/IP Model

The TCP/IP model is another real-time communication model that helps individuals to understand network communication. It is the simplified form of the OSI model. Go through the concepts of this and then work on the following questions.

Q 3.1- To which layer does HTTP belong in the TCP/IP model?

A 3.1- Application Layer

Q 3.2- How many layers of the OSI model does the application layer in the TCP/IP model cover?

A 3.2- 3

Task 4 IP Addresses and Subnets

This task will provide us with the in depth knowledge of IP addresses which helps in uniquely identifying every device present on a network. We will explore different types of IP addresses and a very important technique called Network Address Translation (NAT).

Q 4.1- Which of the following IP addresses is not a private IP address?

a) 192.168.250.125

b) 10.20.141.132

c) 49.69.147.197

d) 172.23.182.251

A 4.1- 49.69.147.197

Q 4.2- Which of the following IP addresses is not a valid IP address?

a) 192.168.250.15

b) 192.168.254.17

c) 192.168.305.19

d) 192.168.199.13

A 4.2- 192.168.305.19

Task 5 UDP and TCP

In this task, we will explore the two most important transport layer protocols which are essential for providing end-to-end connectivity. These protocols are Transmission Control Protocol (TCP) which is used for reliable communication and User Datagram Protocol (UDP) which is used for fast data transmission. 

Q 5.1- Which protocol requires a three-way handshake?

A 5.1- TCP

Q 5.2- What is the approximate number of port numbers (in thousands)?

A 5.2- 65

Task 6 Encapsulation

Here, we are going to explore the concepts of encapsulation which is a process of concatenating the header and trailer in each layer to the data received from the previous layer. After reading the content, you can answer the following questions.

Q 6.1- On a WiFi, within what will an IP packet be encapsulated?

A 6.1- Frame

Q 6.2- What do you call the UDP data unit that encapsulates the application data?

A 6.2- Datagram

Q 6.3- What do you call the data unit that encapsulates the application data sent over TCP?

A 6.3- Segment

Task 7 Telnet

Telnet is another useful protocol that allows us to connect to the remote open ports and run text commands which can be useful for accessing services like HTTP, SMTP, echo, etc. This can help us gather information about the service versions of protocols running on the target machine.

Q 7.1- Use telnet to connect to the web server on MACHINE_IP. What is the name and version of the HTTP server?

A 7.1- lighttpd/1.4.63

Q 7.2- What flag did you get when you viewed the page?

A 7.2- THM{TELNET_MASTER}

Task 8 Conclusion

Please note and remember all the concepts, network layers, and protocols explained in this room.

No answer needed

You can check out our other blogs here.

Happy Pentesting!!!
Team CyberiumX

TryHackMe | Answers For Windows Command Line

Posted on by CyberiumX

Hello Folks,
In this write-up, we will discuss the answers for the “Windows Command Line” room which is a segment of the “Cyber Security 101” learning path. This blog covers the concepts of using Windows with the CLI interface for doing your day-to-day tasks such as file management, system information, monitoring processes, etc. Harnessing the power of CLI offers speed, efficiency, and advantages like automation and remote management.

You can access the room by clicking here.

Task 1 Introduction

This task will let you know the learning objectives and prerequisites required for the Command line interface of Windows which is essential in cyber security.

Q 1.1- What is the default command line interpreter in the Windows environment?

A 1.1- cmd.exe

Task 2 Basic System Information

This task will guide us in learning some basic but important commands like set, ver, systeminfo, more, cls, and some CLI-based operators. Using these commands we can get the information about our system.

Q 2.1- What is the OS version of the Windows VM?

A 2.1- 10.0.20348.2655

Q 2.2- What is the hostname of the Windows VM?

A 2.2- WINSRV2022-CORE

Task 3 Network Troubleshooting

CLI interface of Windows using command prompt provides various vital utilities for network configurations and troubleshooting such as ipconfig, ipconfig /all, ping, tracert, nslookup, and netstat. Each of these tools can help us perform tasks related to networking.

Q 3.1- Which command can we use to look up the server’s physical address (MAC address)?

A 3.1- ipconfig /all

Q 3.2- What is the name of the process listening on port 3389?

A 3.2- TermService

Q 3.3- What is the IP address of your gateway?

A 3.3- 10.10.0.1

Task 4 File and Disk Management

For managing the file system of Windows OS, the CLI interface offers multiple commands such as cd, dir, mkdir, rmdir, tree, copy, move, type, and erase for traversing and managing files and directories. We can also use the power of wildcards like * which will help handle multiple files and directories at once.

Q 4.1- What are the file’s contents in C:\Treasure\Hunt?

A 4.1- THM{CLI_POWER}

Task 5 Task and Process Management

For managing tasks and running processes in Windows Command Prompt, we have an important utility called tasklist which has the capability of listing and filtering various processes running on the machine. We can also terminate the running processes with taskkill command.

Q 5.1- What command would you use to find the running processes related to notepad.exe?

A 5.1- tasklist /FI “imagename eq notepad.exe”

Q 5.2- What command can you use to kill the process with PID 1516?

A 5.2- taskkill /PID 1516

Task 6 Conclusion

Q 6.1- The command shutdown /s can shut down a system. What is the command you can use to restart a system?

A 6.1- shutdown /r

Q 6.2- What command can you use to abort a scheduled system shutdown?

A 6.2- shutdown /a

You can check out our other blogs here.

Happy Pentesting!!!
Team CyberiumX