Try Hack Me Rooms Completed
Top 5% of users
Authentication Bypass

Learn how to defeat logins and other authentication mechanisms to allow you access to unpermitted areas.
Careers in Cyber

Learn about the different careers in cyber security.
Command Injection

Learn about a vulnerability allowing you to execute commands through a vulnerable app, and its remediations.
Content Discovery

Learn the various ways of discovering hidden or private content on a webserver that could lead to new vulnerabilities.
Cross-site Scripting

Learn how to detect and exploit XSS vulnerabilities, giving you control of other visitor's browsers.
Cyber Kill Chain

The Cyber Kill Chain framework is designed for identification and prevention of the network intrusions. You will learn what the adversaries need to do in order to achieve their goals.
DNS in detail

Learn how DNS works and how it helps you access internet services.
Diamond Model

Learn about the four core features of the Diamond Model of Intrusion Analysis: adversary, infrastructure, capability, and victim.
Extending Your Network

Learn about some of the technologies used to extend networks out onto the Internet and the motivations for this.
File Inclusion

This room introduces file inclusion vulnerabilities, including Local File Inclusion (LFI), Remote File Inclusion (RFI), and directory traversal.
HTTP in detail

Learn about how you request content from a web server using the HTTP protocol
How websites work

To exploit a website, you first need to know how they are created.
IDOR

Learn how to find and exploit IDOR vulnerabilities in a web application giving you access to data that you shouldn't have.
Intro to Cyber Threat Intel

Introducing cyber threat intelligence and related topics, such as relevant standards and frameworks.
Intro to Defensive Security

Introducing defensive security and related topics, such as threat intelligence, SOC, DFIR, and SIEM.
Intro to Digital Forensics

Learn about digital forensics and related processes and experiment with a practical example.
Intro to LAN

Learn about some of the technologies and designs that power private networks
Intro to Offensive Security

Hack your first website (legally in a safe environment) and experience an ethical hacker's job.
Junior Security Analyst Intro

Play through a day in the life of a Junior Security Analyst, their responsibilities and qualifications needed to land a role as an analyst.
Linux Fundamentals Part 1

Embark on the journey of learning the fundamentals of Linux. Learn to run some of the first essential commands on an interactive terminal.
Linux Fundamentals Part 2

Continue your learning Linux journey with part two. You will be learning how to log in to a Linux machine using SSH, how to advance your commands, file system interaction.
Linux Fundamentals Part 3

Power-up your Linux skills and get hands-on with some common utilities that you are likely to use day-to-day!
MITRE

This room will discuss the various resources MITRE has made available for the cybersecurity community.
Network Security

Learn about network security, understand attack methodology, and practice hacking into a target server.
OSI Model

Learn about the fundamental networking framework that determines the various stages in which data is handled across a network
Operating System Security

This room introduces users to operating system security and demonstrates SSH authentication on Linux.
Packets & Frames

Understand how data is divided into smaller pieces and transmitted across a network to another device
Pentesting Fundamentals

Learn the important ethics and methodologies behind every pentest.
Principles of Security

Learn the principles of information security that secures data and protects systems from abuse
Putting it all together

Learn how all the individual components of the web work together to bring you access to your favourite web sites.
Pyramid Of Pain

Learn what is the Pyramid of Pain and how to utilize this model to determine the level of difficulty it will cause for an adversary to change the indicators associated with them, and their campaign.
SQL Injection

Learn how to detect and exploit SQL Injection vulnerabilities
SSRF

Learn how to exploit Server-Side Request Forgery (SSRF) vulnerabilities, allowing you to access internal server resources.
Security Operations

Learn about Security Operations Center (SOC): its responsibilities, services, and data sources.
Subdomain Enumeration

Learn the various ways of discovering subdomains to expand your attack surface of a target.
Threat Intelligence Tools

Explore different OSINT tools used to conduct security threat assessments and investigations.
Unified Kill Chain

The Unified Kill Chain is a framework which establishes the phases of an attack, and a means of identifying and mitigating risk to IT assets.
Walking An Application

Manually review a web application for security issues using only your browsers developer tools. Hacking with just your browser, no tools or scripts.
Web Application Security

Learn about web applications and explore some of their common security issues.
What is Networking?

Begin learning the fundamentals of computer networking in this bite-sized and interactive module.
Windows Fundamentals 1

In part 1 of the Windows Fundamentals module, we'll start our journey learning about the Windows desktop, the NTFS file system, UAC, the Control Panel, and more..
Windows Fundamentals 2

In part 2 of the Windows Fundamentals module, discover more about System Configuration, UAC Settings, Resource Monitoring, the Windows Registry and more..
Windows Fundamentals 3

In part 3 of the Windows Fundamentals module, learn about the built-in Microsoft tools that help keep the device secure, such as Windows Updates, Windows Security, BitLocker, and more...
Yara

Learn the applications and language that is Yara for everything threat intelligence, forensics, and threat hunting!