Jumalaw98

TryHackMe (THM): Search Skills

Walkthrough for the "Search Skills" Room on TryHackMe

Lawrence Juma "Jumalaw98"'s photo
Lawrence Juma "Jumalaw98"
·

4 min read

TryHackMe (THM): Search Skills

The Search Skills room is designed to help you develop efficient Internet searching techniques. Knowing how to locate relevant and accurate information is critical in cybersecurity. This room covers essential skills such as evaluating search results, using advanced search operators, exploring specialized search engines, and navigating technical documentation.

The room focuses on building the following key competencies:

  • Evaluating Credibility: Identifying reliable and trustworthy sources.

  • Search Engine Mastery: Using advanced operators for targeted results.

  • Specialized Tools: Accessing platforms like Shodan, Censys, and VirusTotal.

  • Reading Technical Documentation: Utilizing official guides for accurate insights.

  • OSINT Techniques: Gaining intelligence via social media and other platforms.

Why This Matters for Cybersecurity Professionals

In cybersecurity, precision and efficiency in finding accurate information can make or break investigations. Learning to navigate the vast ocean of online data ensures you extract valuable, actionable insights.

Task 1: Introduction

The first task explains why search skills are essential in navigating the vast ocean of information online. For instance, a search for "learn hacking" yields billions of results. This highlights the importance of efficiently filtering and evaluating information.

Key Points:

  1. Develop the ability to discern reliable sources from biased or unfounded claims.

  2. Practice using tools and techniques to narrow down search results.

Task 2: Evaluating Search Results

This task emphasizes the importance of assessing the credibility and accuracy of online information.

Guidelines for Evaluation:

  • Source: Is the author or organization reputable?

  • Evidence: Do facts and logical arguments support the claims?

  • Objectivity: Does the content show impartiality or bias?

  • Corroboration: Can multiple sources validate the information?

Questions

  • What do you call a cryptographic method or product considered bogus or fraudulent?
    Answer: Snake oil

  • What is the name of the command replacing netstat in Linux systems?
    Answer: ss

Task 3: Search Engines

Advanced search operators can help you find more precise results.

Google Search Operators:

  1. "exact phrase": Search for an exact match. Example: "passive reconnaissance".

  2. site:: Restrict results to a specific domain. Example: site:tryhackme.com.

  3. -: Exclude certain terms. Example: pyramids -tourism.

  4. filetype:: Search for specific file types like PDFs or PowerPoints. Example: filetype:pdf cyber security.

Questions:

  • How would you limit your Google search to PDF files containing the terms cyber warfare report?
    Answer: filetype:pdf cyber warfare report

  • What phrase does the Linux command ss Stand for?
    Answer: socket statistics

Task 4: Specialized Search Engines

This task introduces tools designed for specific types of searches:

  • Shodan: A search engine for Internet-connected devices. Example: Search for servers running Apache 2.4.1.
  • Censys: focuses on domains, certificates, and open ports.
  • VirusTotal: Scans files for malware using multiple antivirus engines.
  • Have I Been Pwned (HIBP): Checks if your email was part of a data breach.

Questions and Answers:

  • What is the top country with lighttpd Servers?
    Answer: United States

  • What does BitDefenderFalx detect the file with the given hash as?
    Answer: Android.Riskware.Agent.LHH

Task 5: Vulnerabilities and Exploits

The focus here is on understanding and using vulnerability databases:

  • CVE (Common Vulnerabilities and Exposures): A standardized list of vulnerabilities. Example: CVE-2014-0160 (Heartbleed).

  • Exploit Database: A repository for verified exploit codes.

  • GitHub: Often used to host tools and proof-of-concept codes for vulnerabilities.

Questions

  • What utility does CVE-2024-3094 refer to?
    Answer: xz

Task 6: Technical Documentation

Technical documentation is the most reliable source for understanding software and tools. Examples include Linux man pages, Microsoft technical doc, and official documentation for products like Snort or Apache.

Key Commands:

  • Linux Man Pages: man ip

  • Windows Documentation: Search for commands like ipconfig.

Questions and Answers:

  • What does the Linux command cat Stand for?
    Answer: concatenate

  • What is the netstat Parameter in Windows to show executables?
    Answer: -b

Task 7: Social Media and OSINT

Social media is a goldmine for gathering OSINT:

  • Use LinkedIn to learn about employee backgrounds.

  • Check Facebook for personal information, such as answers to security questions.

  • Explore groups and follow cybersecurity professionals to stay updated.

Questions and Answers:

  • What platform would you use to learn about employees' technical backgrounds?
    Answer: LinkedIn

  • Which platform might reveal answers to secret questions like childhood schools?
    Answer: Facebook

Task 8: Conclusion

The room wraps up by emphasizing the importance of continuously exploring new information sources. Staying informed is crucial in cybersecurity as threats and technologies evolve rapidly.

Thank you for reading my article. Please leave any questions or comments. We can also connect more on LinkedIn or X.

OSINT (Open-Source Intelligence)#cybersecuritySearch Enginesinformation gatheringtechnical documentationtryhackmethm