🛡️ TryHackMe: Offensive Security Intro — Pre Security Path

A beginner’s first legal hack — step-by-step.

🧠 Overview

Welcome to the “Offensive Security Intro” room from the Pre Security learning path on TryHackMe. This room introduces you to the world of ethical hacking and offensive security — showing how hackers think and operate, and how cybersecurity professionals use those same skills to defend systems.

In this room, you’ll:

• Learn what offensive security means 🧨
• Hack your first fake bank in a legal, virtual environment 🏦
• Get a glimpse of real-world cybersecurity careers 👩‍💻👨‍💻

Let’s break down the room task-by-task. 👇

📘 Task 1: What is Offensive Security?

“To outsmart a hacker, you need to think like one.”

This task sets the stage for what Offensive Security means — using hacking techniques to find and fix vulnerabilities before cybercriminals can exploit them.

You’ll also be introduced to the learning journey ahead in this path.

✅ Question:
Which of the following options better represents the process where you simulate a hacker’s actions to find vulnerabilities in a system?

Answer: Offensive Security

📘 Task 2: Hacking Your First Machine

Now the fun begins! You’ll hack a simulated banking website called FakeBank using a command-line tool called Gobuster to find hidden pages.

💻 Step-by-Step:

1. Step 1: Open the machine and click the terminal icon on the virtual desktop.
2. Step 2: Run Gobuster to brute-force hidden directories:

   gobuster -u http://fakebank.thm -w wordlist.txt dir

   This command scans the website for hidden pages by trying every word in the wordlist.
3. Step 3: Look for the /bank-transfer page in the output. It’ll look something like this:

   /images (Status: 301)
   /bank-transfer (Status: 200)

4. Step 4: Go to the /bank-transfer page and move $2000 from account 2276 to your account 8881.

💰 Once done, visit your account page and refresh. You’ll see a success message.

✅ Question:
Above your account balance, you should now see a message indicating the answer to this question. Can you find the answer you need?

Answer: BANK-HACKED

📘 Task 3: Careers in Cyber Security

This final task gives a sneak peek at real jobs in offensive security. It emphasizes learning by doing and building skills through hands-on practice.

Here are a few roles you’ll encounter:

• Penetration Tester — Finds vulnerabilities in systems.
• Red Teamer — Simulates advanced adversary attacks.
• Security Engineer — Builds and maintains secure systems.

You’ll also find inspiring stories of people who broke into cybersecurity from non-technical backgrounds.

✅ Question:
No answer required — just read and continue.

🏁 Conclusion

Congratulations! 🎉 You’ve just completed your first ethical hacking challenge and learned the foundation of Offensive Security.

🔓 You now understand:

• What offensive security is
• How to find hidden web pages using tools like Gobuster
• How real-world attacks (like unauthorized transfers) might work
• That you can learn this, no matter your background

🛠️ Next up: Defensive Security Intro