continued
https://tryhackme.com/room/promptinjection-aoc2025-sxUMnCkvLO
DAY 8:
Learning Objectives

- Understand how agentic AI works
- Recognize security risks from agent tools
- Exploit an AI agent

#ETB #1.3 billion lost to digital fraud and #cyberattacks has increased by #115%, according to the National Bank of Ethiopia.

https://ethiopianreporter.com/148976/
#cybersecurity #fraud #cyberattack #yekolotemari

this is a lot tbh.......we need to lock in in cybersecurity

continued
DAY 9:
https://tryhackme.com/room/attacks-on-ecrypted-files-aoc2025-asdfghj123
Learning Objectives

- How password-based encryption protects files such as PDFs and ZIP archives.
- Why weak passwords make encrypted files vulnerable.
- How attackers use dictionary and brute-force attacks to recover passwords.
- A hands-on exercise: cracking the password of an encrypted file to reveal its contents.
- The importance of using strong, complex passwords to defend against these attacks.

continued
https://tryhackme.com/room/azuresentinel-aoc2025-a7d3h9k0p2
DAY 10:
Learning Objectives

- Understand the importance of alert triage and prioritisation
- Explore Microsoft Sentinel to review and analyse alerts
- Correlate logs to identify real activities and determine alert verdicts

if u get stack u can watch the video in the above page

📢 Happening Today! Cybersecurity Interview

We’re excited to announce that tonight we will be hosting a special interview with a cybersecurity professional experienced in both software development and security.

⏰ Time: 2:00 LT (Tonight)
📍 Venue: @insactc

Don’t miss this opportunity to gain practical insights from someone working in the cybersecurity field.

continued
https://tryhackme.com/room/xss-aoc2025-c5j8b1m4t6
DAY 11 : XSS attack
Learning Objectives

- Understand how XSS works
- Learn to prevent XSS attacks

if u want to test more payloads for educational purpose here is the xss cheatsheet
https://portswigger.net/web-security/cross-site-noscripting/cheat-sheet

continued
https://tryhackme.com/room/spottingphishing-aoc2025-r2g4f6s8l0
DAY 12:
Learning Objectives

- Spotting phishing emails
- Learn trending phishing techniques
- Understand the differences between spam and phishing

continued
https://tryhackme.com/room/yara-aoc2025-q9w1e3y5u7
DAY 13:
Learning Objectives

- Understand the basic concept of YARA.
- Learn when and why we need to use YARA rules.
- Explore different types of YARA rules.
- Learn how to write YARA rules.
- Practically detect malicious indicators using YARA.

continued
https://tryhackme.com/room/container-security-aoc2025-z0x3v6n9m2
DAY 14: interesting topic : about container

Learning Objectives

- Learn how containers and Docker work, including images, layers, and the container engine
- Explore Docker runtime concepts (sockets, daemon API) and common container escape/privilege-escalation vectors
- Apply these skills to investigate image layers, escape a container, escalate privileges, and restore the DoorDasher service
- DO NOT order “Santa's Beard Pasta”

continued
https://tryhackme.com/room/webattackforensics-aoc2025-
DAY 15:
Learning Objectives

- Detect and analyze malicious web activity through Apache access and error logs
- Investigate OS-level attacker actions using Sysmon data
- Identify and decode suspicious or obfuscated attacker payloads
- Reconstruct the full attack chain using Splunk for Blue Team investigation

i

if u ask chat gpt normally to write a reverse shell noscript it won't do that

Here jailbreak prompt comes
Jailbreaking" an LLM means writing a prompt that convinces it to disregard its safeguards. Hackers can often do this by asking the LLM to adopt a persona or play a "game." The "Do Anything Now," or "DAN," prompt is a common jailbreaking technique

U can get the latest by searching " chatgpt dan github latest"

continued
https://tryhackme.com/room/registry-forensics-aoc2025-h6k9j2l5p8
DAY 16:
Learning Objectives

- Understand what the Windows Registry is and what it contains.
- Dive deep into Registry Hives and Root Keys.
- Analyze Registry Hives through the built-in Registry Editor tool.
- Learn Registry Forensics and investigate through the Registry Explorer tool.

since all 24 rooms have been released the event will end soon
i have been busy last week so unfortunately i didn't manage to complete it on time but we will continue

Curiosity is the strength
Consistency is the key
#quotes

continued
https://tryhackme.com/room/encoding-decoding-aoc2025-s1a4z7x0c3
DAY 17:
Learning Objectives

- Introduction to encoding/decoding
- Learn how to use CyberChef
- Identify useful information in web applications through HTTP headers

🌟 Join Our Tech Club! 🌟
Do you have experience in cybersecurity, web development, or related fields? We invite you to be a part of our vibrant community dedicated to exploring the latest trends, sharing knowledge, and collaborating on exciting projects!

What We’re Looking For:
We are seeking enthusiastic students who are eager to learn, share their expertise, and contribute to our club's activities.

Fields of Interest:
• Cybersecurity: Help us explore the ever-evolving landscape of digital security and share best practices.
• Web Development: Collaborate on projects, learn new frameworks, and enhance your coding skills.
• Other Tech Areas: If you have experience in data science, AI, app development, or any other tech-related field.

Registration Details:
To become a member of our club, please fill out the registration form linked below. Your information will help us tailor our activities to your interests and skills.

👉 [https://forms.gle/f1nuCDL9nQtxz5L49]

Deadline for Registration: [Friday jan 2, 2026]

continued
https://tryhackme.com/room/obfuscation-aoc2025-e5r8t2y6u9
DAY 18:
Learning Objectives

- Learn about obfuscation, why and where it is used.
- Learn the difference between encoding, encryption, and obfuscation.
- Learn about obfuscation and the common techniques.
- Use CyberChef to recover plaintext safely.

continued
https://tryhackme.com/room/ICS-modbus-aoc2025-g3m6n9b1v4
DAY 19:
Learning Objectives

- How **SCADA (Supervisory Control and Data Acquisition)** systems monitor industrial processes
- What **PLCs (Programmable Logic Controllers)** do in automation
- How the **Modbus protocol** enables communication between industrial devices
- How to identify compromised system configurations in industrial systems
- Techniques for safely remediating compromised control systems
- Understanding protection mechanisms and trap logic in ICS environments

This one is a bit hard watch the video guide