Cybersecurity, OSINT, TryHackMe, InfoSec, Search Skills, Blue Team

Offensive Security Intro Banner

🧠 Introduction

The information age has brought us endless learning opportunities β€” but also information overload. The Search Skills room on TryHackMe helps you develop critical skills to search smart, evaluate sources, and leverage tools that security professionals rely on daily.

This walkthrough covers each task in the room and provides correct answers to help reinforce what you learn. Let’s get started!

🧩 Task 1 β€” Introduction

No questions to answer here β€” just an eye-opener: Searching β€œlearn hacking” returns 1.5 billion+ results on Google. It’s not about what you search, but how you search that counts.

βœ… Task Complete

🧩 Task 2 β€” Evaluation of Search Results

Understanding how to evaluate sources is critical in cybersecurity. Focus on:

  • βœ… Source authority
  • βœ… Evidence & logic
  • βœ… Bias detection
  • βœ… Cross-verification

πŸ“ Questions
What do you call a cryptographic method or product considered bogus or fraudulent?
βœ… Answer: Snake oil

What is the name of the command replacing netstat in Linux systems?
βœ… Answer: ss

🧩 Task 3 β€” Search Engines

Here we learn about Google search operators:

  • "exact phrase"
  • site:
  • - (exclude keywords)
  • filetype: (e.g., PDF, DOC, PPT)

πŸ“ Questions
How would you limit your Google search to PDF files containing the terms cyber warfare report?
βœ… Answer: filetype:pdf cyber warfare report

What phrase does the Linux command ss stand for?
βœ… Answer: socket statistics

🧩 Task 4 β€” Specialized Search Engines

Explore tools like:

  • Shodan β€” Search IoT/Internet-connected devices.
  • Censys β€” Focuses on hosts, domains, certs.
  • VirusTotal β€” Scans files/hashes/URLs with 60+ antivirus engines.
  • Have I Been Pwned β€” Check if your email was in a data breach.

πŸ“ Questions
What is the top country with lighttpd servers?
βœ… Answer: United States
(Search on Shodan: lighttpd, then view by country distribution.)

What does BitDefenderFalx detect the file with the hash 2de70ca737c1f4602517c555ddd54165432cf231ffc0e21fb2e23b9dd14e7fb4 as?
βœ… Answer: Gen:Variant.Application.Fake.Ax

🧩 Task 5 β€” Vulnerabilities and Exploits

Understand the roles of:

  • CVE (Common Vulnerabilities and Exposures) β€” Standardized vulnerability IDs.
  • Exploit-DB β€” Find public exploit code.
  • GitHub β€” Search for proof-of-concepts (PoCs) or attack scripts.

πŸ“ Question
What utility does CVE-2024–3094 refer to?
βœ… Answer: xz
(Search on cve.org or nvd.nist.gov)

🧩 Task 6 β€” Technical Documentation

Search smarter by reading official documentation:

  • man pages for Linux commands (man ip)
  • Microsoft Docs for Windows tools (e.g., ipconfig)
  • Product pages: Apache, PHP, Node.js, etc.

πŸ“ Questions
What does the Linux command cat stand for?
βœ… Answer: concatenate

What is the netstat parameter in MS Windows that displays the executable associated with each active connection and listening port?
βœ… Answer: -b

🧩 Task 7 β€” Social Media

Social media is both a goldmine of OSINT and a potential security liability.

Use Cases:

  • Find employee roles and backgrounds (LinkedIn)
  • Search for personal info (Facebook)
  • Stay updated with security news (Twitter/X, Reddit)

πŸ“ Questions
You are hired to evaluate the security of a particular company. What is a popular social media website you would use to learn about the technical background of one of their employees?
βœ… Answer: LinkedIn

What social media website would you consider checking to find the answer to secret questions like school names?
βœ… Answer: Facebook

βœ… Task 8 β€” Conclusion

You’ve now got a powerful cyber search toolkit:

  • 🧠 Know how to evaluate sources
  • 🧭 Use advanced search engine operators
  • πŸ› οΈ Explore specialized search engines like Shodan & Censys
  • πŸ› Find vulnerabilities & PoCs via CVE/ExploitDB
  • πŸ“š Read official documentation
  • 🌐 Use social media responsibly

This skillset is essential whether you’re in blue teaming, OSINT, or CTI (Cyber Threat Intelligence) roles.

πŸ™Œ Final Thoughts

The β€œSearch Skills” room on TryHackMe is a practical, high-impact room that every cyber learner should complete. It trains your digital literacy, improves research efficiency, and helps you become a smarter security professional.