Helps a lot specially for beginners i just have done the warm up and still 3 rooms to go from released ones
It doesn't matter when u do the rooms what matters to win the prize is having more points at the end , if u do all the rooms u will get the certificate after 24 days

Will post what each room is about

The warm up room: was about basic linux commands , looking for suspicious emails, files and the first defense of cyber attack strengthing ur password .....
Should i continue posting this?

next time when u think to do a project consider these

continued
let's do the rooms together
https://tryhackme.com/room/linuxcli-aoc2025-o1fpqkvxti
DAY 1:
- basics linux commands
such as ls, cd , grep(to find a text in a file) , find (to find a file with certain parameter provided) , and others
- what are some file systems in linux actually hold
such as /var/log/, a Linux directory where all security events (logs) are stored etc....
if u get stack u can get a video guide in the first page

continued
let's do the rooms together
https://tryhackme.com/room/phishing-aoc2025-h2tkye9fzU
DAY 2: was about
Understand what social engineering is
Learn the types of phishing
Explore how red teams create fake login pages
Use the Social-Engineer Toolkit to send a phishing email

Unfortunately, phishing attacks are becoming harder to spot so try to remember this word always : S.T.O.P
Suspicious?
Telling me to click something?
Offering me an amazing deal?
Pushing me to do something now?

the other mnemonic

Slow down. Scammers run on your adrenaline.
Type the address yourself. Don’t use the message’s link.
Open nothing unexpected. Verify first.
Prove the sender. Check the real From address/number, not just the display name.

Channel summary for 2025
your top preforming post of the year is https://news.1rj.ru/str/kiddev13/152

continued
let's do the rooms together
https://tryhackme.com/room/splunkforloganalysis-aoc2025-x8fj2k4rqp
DAY 3: was about
learning objectives
- Ingest and interpret custom log data in Splunk
- Create and apply custom field extractions
- Use Search Processing Language (SPL) to filter and refine search results
- Conduct an investigation within Splunk to uncover key insights

continued
let's do day 4 it is interesting and short
https://tryhackme.com/room/AIforcyber-aoc2025-y9wWQ1zRgB
DAY 4: consideration of AI in cybersecurity
learning objectives
Learning Objectives
How AI can be used as an assistant in cyber security for a variety of roles, domains and tasks
Using an AI assistant to solve various tasks within cyber security
Some of the considerations, particularly in cyber security, surrounding the use of AI

the usage of ai in offensive security , defensive security and software development

⚠️ Researchers found malicious packages in VS Code, Go, npm, and Rust stealing developer data.

They mimicked themes, AI tools, and libraries to grab screenshots, Wi-Fi passwords, and browser cookies.

🔗 Find details here ↓ https://thehackernews.com/2025/12/researchers-find-malicious-vs-code-go.html

CONTINUED
let's do the rooms together
https://tryhackme.com/room/idor-aoc2025-zl6MywQid9
DAY 5: Learning Objectives

- Understand the concept of authentication and authorization
- Learn how to spot potential opportunities for Insecure Direct Object References (IDORs)
- Exploit IDOR to perform horizontal privilege escalation
- Learn how to turn IDOR into SDOR (Secure Direct Object Reference)

and we have to know the concepts
- **Authentication:** The process by which you verify who you are. For example, supplying your username and password.
- **Authorization:** The process by which the web application verifies your permissions. For example, are you allowed to visit the admin page of a web application, or are you allowed to make a payment using a specific account?

continued
let's do the rooms together
https://tryhackme.com/room/malware-sandbox-aoc2025-SD1zn4fZQt
DAY 6:
learning objectives
- The principles of malware analysis
- An introduction to sandboxes
- Static vs. dynamic analysis
- Tools of the trade: PeStudio, ProcMon, Regshot

There are two main branches of malware analysis: **static** and **dynamic**. Static analysis focuses on inspecting a file without executing it, whereas dynamic analysis involves execution. We will come to these shortly.

sandboxes
In cyber security, sandboxes are used to execute potentially dangerous code. Think of this as disposable digital play-pens. These sandboxes are safe, isolated environments where potentially malicious applications can perform their actions without risking sensitive data or impacting other systems.

continued
https://tryhackme.com/room/networkservices-aoc2025-jnsoqbxgky
DAY 7:
Learning Objectives

- Learn the basics of network service discovery with Nmap
- Learn core network protocols and concepts along the way
- Apply your knowledge to find a way back into the server

u can learn basic networking commands and tools like nmap, netcat etc....

Best approach😂

continued
https://tryhackme.com/room/promptinjection-aoc2025-sxUMnCkvLO
DAY 8:
Learning Objectives

- Understand how agentic AI works
- Recognize security risks from agent tools
- Exploit an AI agent

#ETB #1.3 billion lost to digital fraud and #cyberattacks has increased by #115%, according to the National Bank of Ethiopia.

https://ethiopianreporter.com/148976/
#cybersecurity #fraud #cyberattack #yekolotemari

this is a lot tbh.......we need to lock in in cybersecurity

continued
DAY 9:
https://tryhackme.com/room/attacks-on-ecrypted-files-aoc2025-asdfghj123
Learning Objectives

- How password-based encryption protects files such as PDFs and ZIP archives.
- Why weak passwords make encrypted files vulnerable.
- How attackers use dictionary and brute-force attacks to recover passwords.
- A hands-on exercise: cracking the password of an encrypted file to reveal its contents.
- The importance of using strong, complex passwords to defend against these attacks.

continued
https://tryhackme.com/room/azuresentinel-aoc2025-a7d3h9k0p2
DAY 10:
Learning Objectives

- Understand the importance of alert triage and prioritisation
- Explore Microsoft Sentinel to review and analyse alerts
- Correlate logs to identify real activities and determine alert verdicts

if u get stack u can watch the video in the above page

📢 Happening Today! Cybersecurity Interview

We’re excited to announce that tonight we will be hosting a special interview with a cybersecurity professional experienced in both software development and security.

⏰ Time: 2:00 LT (Tonight)
📍 Venue: @insactc

Don’t miss this opportunity to gain practical insights from someone working in the cybersecurity field.