Using TryHackMe Cyberrange for CSC Workshops

Nov 21, 2023 by Frederic Hallot | 383 views

CSC HTB

https://cylab.be/blog/309/using-tryhackme-cyberrange-for-csc-workshops

For cyber security training, it's beneficial to create accounts on well-known cyberranges that offer both free and paid training:

For students attending the CSC workshops at cylab, we recommend creating an account on TryHackMe. If you haven't already, please create a profile at TryHackMe.

Hereafter, thm will be used to refer to TryHackMe, and htb may be used for HackTheBox.

How to Start

On thm, there are many lessons and labs available for free users. You don't need a paid subscription to fulfill the CSC workshop training requirements!

  • When participating in labs on thm, you have two options:

Use VPN or AttackBox

AttackBox

AttackBox is a fully configured online machine in the thm cyberrange used for exercises. While it's recommended, AttackBox has several disadvantages:

Use VPN or AttackBox costs

Drawbacks

  • Free accounts have limited time, speed, and availability for AttackBox.
  • Each session starts with a new machine, so there's no history of your previous activities.
  • You can't customize your AttackBox over time for efficiency.
  • AttackBox is only usable for thm labs.

VPN

Setting up VPN access involves installing OpenVPN on your machine/VM (Windows, Linux, MacOS) and downloading an .ovpn file from thm for configuration.

If you're reading this post and attending CSC workshops at cylab.be, you should be able to manage this setup.

Based on demand, this post might be updated with detailed setup instructions or link to another post covering this topic.

Using OpenVPN

Advantages

The VPN solution with OpenVPN requires more initial setup but offers several benefits:

  • You can use your own kali/parrot VM, WSL, etc., for exercises.

  • You can continuously improve your hacking environment based on lab experiences.

  • This environment is applicable to other cyberranges, like htb, which uses a similar VPN or attack box approach.

  • It's ideal for participating in CSC challenges.

Conclusion

Prioritize setting up the VPN connection after creating your account.

Even with a paid account, the VPN solution is recommended.

Consider using the AttackBox only in two situations:

  • If you're eager to start training but haven't set up the VPN yet.

  • When using someone else's hardware and you wish to train without altering their setup.

This blog post is licensed under CC BY-SA 4.0

Cyber Security Challenge Belgium 2024
Qualifiers for the Cyber Security Challenge 2024 will take place on 8 and 9 March 2024! It's time to register...
Feb 21, 2024 | 363 views
Building Your Bash Toolkit: Simplifying Key-Value Extractions with `extract_value`
In our previous post of the Building Your Bash Toolkit series, we delved deep into the process_args function, a utility that enables our bash scripts to handle both piped and direct inputs effortlessly. With that power in hand, we are set to further simplify some of the common bash scripting tasks.
Sep 18, 2023 | 400 views
Building Your Bash Toolkit: Creating a Dynamic Argument Processor in Bash
In the inaugural blog post of our Building Your Bash Toolkit series, we embarked on a journey to simplify our Bash interactions. Today, we dive deeper, introducing a utility function, process_args, that seamlessly merges both direct and piped inputs.
Sep 18, 2023 | 364 views
This website uses cookies. More information about the use of cookies is available in the cookies policy.
Accept