Navigating the Waters of Cybersecurity: A Dive Into Phishing with TryHackMe

Written By Justin Curtis

In the ever-evolving world of technology, staying ahead of cyber threats is not just a necessity but a must for any technologist. That's why I recently embarked on an educational journey through TryHackMe’s Phishing Module, an experience that was both fun and profoundly enlightening.

Module Overview: The module comprises five detailed rooms, each focusing on different aspects of phishing threats:

  • Phishing Analysis Fundamentals

  • Phishing Emails in Action

  • Phishing Analysis Tools

  • Phishing Prevention

  • The Greenholt Phish

These rooms collectively provided a robust foundation in understanding and mitigating phishing threats.

Learning from Experience: What made this module particularly enjoyable was how it seamlessly blended learning with practical application. We've all stumbled across a phishing email at one point or another. This course offers the tools and insights needed to not only recognize these threats but to dissect them thoroughly to understand their origins and intents.

Deep Dive into Tools and Techniques:

  • Analyzing Email Headers: One of the first skills I honed was using the source HTML to analyze email headers. This process helps in identifying the originating IP address of the sender, giving clues about the email’s origin.

  • Utilizing WHOIS: Following the trail, using WHOIS to look up the IP address shed light on the owner of the IP, adding another layer of detail about the potential attacker.

  • Handling Attachments: Learning how to safely extract and analyze attachments was crucial. Using command-line tools to extract the sha256 hash from an email attachment allowed me to then use services like VirusTotal to investigate the nature of these files—pinpointing malicious content effectively.

  • Exploring Any Run: Perhaps the most fascinating tool was Any Run, which integrates many of these functions into a single platform, streamlining the analysis process and enhancing my understanding of phishing mechanics.

Favorite Section - The Greenholt Phish: My favorite part was "The Greenholt Phish," where after learning about various tools and their purposes, I applied my new skills in a real-life scenario. This hands-on approach was not only engaging but immensely informative, allowing me to analyze a phishing attempt in detail and learn more about the attacker behind it.

This module wasn't just an educational journey; it was a thrilling adventure into the world of cybersecurity. For anyone starting out or looking to deepen their understanding of how to combat phishing, I can't recommend this module on TryHackMe highly enough. It’s a perfect blend of theory and practical application, designed to equip every day technologists with the skills they need to protect themselves and their organizations from the growing threat of phishing.

Justin Curtis
Previous

Behind the Dashboard: My Personal Take on DataCamp’s Azure Fundamentals Course
Next

Celebrating 100 Days of Cyber with TryHackMe