AI is everywhere, and attackers know it. From poisoned training data to prompt injection, the threats targeting AI systems are real, evolving, and misunderstood. Whether you're defending an LLM-powered application or auditing an AI pipeline, this path gives you the knowledge to think like an AI security engineer.
","banner":"https://tryhackme-images.s3.eu-west-1.amazonaws.com/path-icons/aisecurity.webp","image":"https://tryhackme-images.s3.eu-west-1.amazonaws.com/path-icons/aisecurity.webp","color":"#dddddd","taskNo":0,"description":"AI is the new attack surface. Learn to break it, defend it, and secure it from the ground up.
\nSo you have decided to venture into web application testing? You know the basics, you can find the vulnerabilities, but it still feels like something is missing. What you need, is a good exploitation methodology! Rather than simply finding vulnerabilities and calling it a day, this learning path teaches you the principles of practical exploitation or as we like to call it: Web Application Red Teaming. This path covers the key topics you need to understand in order to be able to take your web application pentesting methodology to that next level, such as:
Completing this learning path will allow you to take your web application pentesting methodology to the next level and truly show the impact of discovered vulnerabilities.
","banner":"https://assets.tryhackme.com/img/paths/web-application-red-teaming-learning.webp","image":"https://assets.tryhackme.com/img/paths/web-application-red-teaming-learning.webp","color":"#dddddd","taskNo":0,"description":"Take your web pentesting to the next level by learning about practical exploitation and chains:
This beginner-friendly path aims to give a solid introduction to the different areas in Computer Security. This path covers the fundamental concepts and applications in the following:
\nLearn everything you need to embark on a career path in offensive or defensive cyber security.
The Security Operations Center (SOC) is a central hub for securing many large organizations, and junior analysts are among the most numerous and demanding roles in a SOC. In the analyst role, you will work with logs, triage and prioritize alerts, collaborate with your teammates and other departments, and be the first line of defense in reacting to cyber incidents. This comprehensive path covers the necessary technical and operational skills to make you a qualified, universal SOC analyst.
","banner":"https://assets.tryhackme.com/img/paths/SOCL1.svg","image":"https://assets.tryhackme.com/img/paths/SOCL1.svg","color":"#D6A60D","taskNo":0,"description":"Learn the skills needed to jumpstart your career as a SOC Level 1 Analyst or Security Analyst.
\nYour first step into cyber. Learn how tech works, then think like an attacker and defender.
This path has been replaced by an expanded Pre Security path. We recommend switching to the new path for the best experience.
","banner":"https://tryhackme.com/images/svgs/paths/presecuritylegacy.svg","image":"https://tryhackme.com/images/svgs/paths/presecuritylegacy.svg","color":"#212C42","taskNo":0,"description":"This path has been replaced by the new \"Pre Security\" learning path. Please enrol in the updated version.
","summary":"The original Pre Security path covered cyber security basics, networking, web technologies, and deep-dive Linux and Windows fundamentals. The new version is a major upgrade that starts earlier, teaching you how computers work from the inside out, and goes further with new modules on software fundamentals, introductory coding, and real-world attacks and defences. If you've already started or completed this path, your progress on shared modules is preserved. We encourage you to enrol in the updated Pre Security path for the best experience.","code":"presecuritylegacy","difficulty":"easy","rooms":0,"hours":0,"type":"regular","paid":false,"secondaryImage":"https://tryhackme.com/images/svgs/paths/presecuritylegacy.svg","roomCodes":[],"created":"2021-05-20T16:25:06.970Z","id":"60a68d627400860050984eaa","collaborator":[],"public":true},{"title":"Jr Penetration Tester","intro":"This learning path covers the core technical skills that will allow you to succeed as a junior penetration tester. Upon completing this path, you will have the practical skills necessary to perform security assessments against web applications and enterprise infrastructure.
","banner":"https://assets.tryhackme.com/img/paths/jrpenetrationtester.png","image":"https://assets.tryhackme.com/img/paths/jrpenetrationtester.svg","color":"#3BBC1E","taskNo":0,"description":"Learn the necessary skills to start a career as a penetration tester.
The aim of this pathway is to show you how to emulate a potential adversary attack in complex environments. Going beyond penetration testing, you will learn to conduct successful Red Team engagements and challenge the defence capability of your clients.
After completing this pathway, you will have the advanced skills needed to pursue new career opportunities in offensive security.
Learn the skills needed to become a Red Team Operator.
The SOC Level 2 path aims to help you succeed in your SOC career. It will help you transition into a Level 2 position or strengthen the core technical skills you need to perform well in your current position, using hands-on, practical, and realistic scenarios.
Security Engineers are critical to every organization’s security. Being a Security Engineer means designing secure systems, networks, and software, understanding threats and risks that can affect the organization, and being able to assist in responding to incidents. This path aims to give you an introduction to security engineering from various perspectives. No matter which speciality you choose as your cyber security career, understanding all elements is going to help you proactively identify and mitigate security risks, and play a crucial role in strengthening your company’s security posture. This path includes:
TryHackMe's DevSecOps Learning Path focuses on securing pipelines and introducing Infrastructure as Code (IaC) and Containerisation security techniques. You’ll learn the tools and practices to ensure robust development processes and secure software deployment workflows. From fortifying pipelines to automating infrastructure management, you will gain practical insights into modern DevSecOps methodologies.
","banner":"https://assets.tryhackme.com/img/paths/devsecops.png","image":"https://assets.tryhackme.com/img/paths/devsecops.svg","color":"#1153E4","taskNo":0,"description":"Acquire specialization in DevSecOps or broaden your understanding of product security.
Investigate endpoint threats across Windows, Linux, macOS, and mobile platforms using memory, disk, and file system forensics.
Master Azure security with hands-on exercises covering Azure-native security tooling.
Amazon Web Services is the most popular cloud service provider in the world offering hundreds of services. With a large number of businesses adopting cloud technologies like AWS, cyber practitioners must understand the security implications of moving to the cloud.
This pathway will give you hands on access with common misconfigurations across AWS environments and understand defensive mitigations to prevent these attacks including
Learn how attackers compromise AWS environments.
No matter where you are, the skills and requirements for a penetration tester will be the same. You’ll be required to have a good understanding of various aspects within information security including web applications, networks and sometimes even low level technology like assembly. A good understanding of these technologies is essential to learning how to exploit them.
The aim of this path is to make you ready for real world penetration testing by teaching you how to use industry standard tools along with a methodology to find vulnerabilities in machines. By the time you complete this path, you will be well prepared for interviews and jobs as a penetration tester. To complete this path you should have a basic to medium understanding of computing.
You can use this pathway to help you acquire the skills needed to go and get certified by well known certifiers in the security industry.
Prepare yourself for real world penetration testing.
The aim of this path is to teach you how to attack web applications. To successfully attack and exploit web applications, you need to understand how they work. The first section (Web Fundamentals) will give you all the pre-requisite knowledge on this.
The second section (Security Tools) focuses on learning how to use Industry Standard tooling to interact with your targets.
The third section (Vulnerabilities) covers various vulnerabilities found in web applications today. This section will go over root causes of these vulnerabilities and give you hands on experience on exploiting them.
The final section (Practise Makes Perfect) will help you apply what you've learnt in previous sections.
After completing this path, you should be able to:
A pathway to web application security.
Every day you interact with web applications. Just reading the information here means you are using a web application! Understanding how to test web applications is a critical skill required by almost every pentester! Even if you want to specialise in testing other systems like networks or cloud, a solid baseline in web application testing will greatly assist you on this journey. This path covers key topics that you need to understand for web application testing, such as:
\nCompleting this learning path will allow you to learn and become a great web application penetration tester.
\n","banner":"https://assets.tryhackme.com/img/paths/webapppentesting.png","image":"https://assets.tryhackme.com/img/paths/webapppentesting.svg","color":"#801a2f","taskNo":0,"description":"Learn how to perform security assessments of web applications.
\nThis PenTest+ pathway allows individuals to practice the majority of practical skills required for the CompTIA PenTest+ exam. In this you will learn about
CompTIA PenTest+ is for cybersecurity professionals tasked with penetration testing and vulnerability management.
Learn the practical skills and prepare to ace the Pentest+ exam.