🛡️ THM-Legend-Playbook

A structured collection of TryHackMe writeups and methodologies.
Focused on real-world offensive security techniques, continuous learning, and practical penetration testing skills.

---

📌 About

This repository documents my hands-on experience solving rooms and participating in events on TryHackMe.
It emphasizes methodology, tooling, and reasoning rather than just answers.

Covered areas include:

• 🔍 Reconnaissance
• 🧪 Enumeration
• ⚔️ Exploitation
• 🔓 Privilege Escalation
• 🧠 Post-Exploitation

⚠️ Note: This repository focuses on the process, learning, and methodology, not just final answers.

---

🏆 Current Status (Start of Documentation)

At the beginning of this documentation, I am:

• 🔥 On a 113-day learning streak
• 🛡️ Ranked Legend on TryHackMe
• 🌍 In the Top 1% worldwide
• 🇲🇼 Ranked #6 in Malawi

📸 Proof of Stats:

This repository begins from this point as a structured record of my continued offensive security learning journey and practical experience.

---

🎯 Objectives

• Build a strong offensive security knowledge base
• Reinforce real-world penetration testing workflows
• Track and refine my problem-solving approach
• Create a professional cybersecurity portfolio

---

🗂️ Repository Structure

This repository is organized to reflect both difficulty progression and real-world offensive security workflows.

📁 THM-Legend-Playbook/
│
├── 📁 Rooms/
│   ├── 📁 Easy/
│   ├── 📁 Medium/
│   ├── 📁 Hard/
│   └── 📁 Insane/
│
├── 📁 Events/
│   ├── 📁 Advent-of-Cyber-2023/
│   │   ├── Day-01/
│   │   ├── Day-02/
│   │   └── README.md
│   │
│   └── 📁 Advent-of-Cyber-2025/
│       ├── Day-01/
│       ├── Day-02/
│       ├── ...
│       └── README.md
│
├── 📁 Cheatsheets/
│   ├── Enumeration.md
│   ├── Linux-PrivEsc.md
│   ├── Windows-PrivEsc.md
│   └── Web-Exploitation.md
│
├── 📁 Tools/
│   ├── Nmap.md
│   ├── BurpSuite.md
│   └── Metasploit.md
│
└── 📁 Templates/
    └── Room-Writeup-Template.md

---

🎄 Events

Special cybersecurity events are documented separately for structured learning and tracking.

Example Event:

• :contentReference[oaicite:0]{index=0}

Each event includes:

• Day-by-day writeups
• Key lessons learned
• Tools and techniques used
• Overall summary of concepts learned

---

🧠 Methodology

Each room or challenge is documented using the following structure:

🔍 Reconnaissance

• Initial observations
• Information gathering techniques
• Attack surface identification

🧪 Enumeration

• Services discovered
• Open ports and versions
• Vulnerabilities identified

⚔️ Exploitation

• Attack vectors used
• Payloads and techniques
• Gaining initial access

🔓 Privilege Escalation

• Misconfigurations abused
• Kernel or service exploitation
• Root/Admin access gained

📚 Lessons Learned

• Key takeaways
• What could be improved
• Defensive security insights

---

🛠️ Tools & Technologies

• Nmap
• Burp Suite
• Gobuster / Dirsearch
• Metasploit Framework
• Wireshark
• Linux & Windows Privilege Escalation techniques
• Custom scripts

---

🚀 Highlights

• 🧠 Strong focus on offensive security methodology
• 🔍 Hands-on penetration testing experience
• 📈 Continuous skill improvement and documentation
• 🛡️ Real-world attacker mindset development
• 📊 Structured learning progression

---

📖 Disclaimer

This repository is for educational purposes only.
All content is based on legal lab environments provided by TryHackMe.

---

👨‍💻 Author

Prince Damiano
Aspiring Offensive Security Specialist
🇲🇼 Malawi