TryHackMe SOC1 Lab Notes

This notes contains my personal notes and summaries from the TryHackMe platform, focusing on the SOC Level 1 path and Blue Team topics and SIEM basics.

The goal is to document what I’ve learned, strengthen my cybersecurity knowledge, and build a practical portfolio others can follow.

---

Tools that helped me along the way

Address, Network Search

• https://www.abuseipdb.com/
• https://wigle.net/index
• https://www.arin.net/
• https://ipinfo.io/

Adversary Tactics and Techniques, Knowledge Base

• https://attack.mitre.org/

Analyze Headers

• https://toolbox.googleapps.com/apps/messageheader/analyzeheader
• https://mha.azurewebsites.net/
• https://mailheader.org/

Blocklist Botnet

• https://feodotracker.abuse.ch/

Blocklist Programs

• https://threatfox.abuse.ch/

Blocklist SSL

• https://sslbl.abuse.ch/

Blocklist URL

• https://urlhaus.abuse.ch/

Crack, Hash

• https://crackstation.net/
• https://md5hashing.net/
• https://hashes.com/en/decrypt/hash
• https://hashcat.net/wiki/doku.php?id=example_hashes
• https://www.onlinehashcrack.com/hash-identification.php
• https://emn178.github.io/online-tools/
• https://www.srihash.org/

Decoding, HEXA

• https://emn178.github.io/online-tools/base32_decode.html
• https://www.base64decode.org/
• https://www.dcode.fr/cipher-identifier
• https://morsecode.world/international/translator.html
• https://gchq.github.io/CyberChef/
• https://cyberchef.io/
• https://regex101.com/r/zQ3mH7/1

Downloads-exe

• https://lolbas-project.github.io/

Education, certificates

• https://www.cybrary.it/catalog
• https://www.giac.org/certifications/security-essentials-gsec/
• https://www.isc2.org/certifications/ccsp
• https://www.comptia.org/training/certmaster-learn/securitysection2

Encryption, Cryptography

• https://cryptii.com/pipes/caesar-cipher

Error Codes

• https://hstechdocs.helpsystems.com/manuals/globalscape/cuteftpmacpro3/Numbered_FTP_status_and_error_codes.htm?ref=securitynguyen.com

Exploit, Vulnerability Database

• https://www.exploit-db.com/
• https://www.cve.org/

IP Calculator

• https://jodies.de/ipcalc

Linux

• https://ubuntu.com/
• https://www.linuxmint.com/
• https://www.kali.org/
• https://www.centos.org/
• https://fishshell.com/

MAC Address Lookup

• https://maclookup.app

Magic Number

• https://asecuritysite.com/forensics/magic

Malware Databases

• https://malshare.com/
• https://tdm.socprime.com/signup
• https://bazaar.abuse.ch/
• https://user-agents.net/browsers

Network Protocol Analyzers

• https://tshark.dev/
• https://www.tcpdump.org/
• https://www.wireshark.org/
• https://nmap.org/man/hu/index.html
• https://www.snort.org/ (A site for sharing packet capture (pcap) files and malware) samples.
• https://www.malware-traffic-analysis.net/

OSINT

• https://github.com/laramies/theHarvester
• https://www.varonis.com/blog/what-is-osint
• https://hunter.io/
• https://osintframework.com/

Other Search Engines

• https://search.censys.io/
• https://www.shodan.io/
• https://haveibeenpwned.com/

Phishing

• https://www.knowbe4.com/resource-center/phishing
• https://www.itgovernance.co.uk/blog/5-ways-to-detect-a-phishing-email
• https://cheapsslsecurity.com/blog/10-phishing-email-examples-you-need-to-see/
• https://phishingquiz.withgoogle.com/
• https://app.phishtool.com/

Ports

• https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml

Protocol numbers

• https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml

Reading, Magazine

• https://www.securitymagazine.com/articles/87787-hackers-attack-every-39-seconds

Security News

• https://www.mandiant.com/resources/blog

Threat Research

• https://talosintelligence.com/
• https://oasis-open.github.io/cti-documentation/taxii/intro
• https://oasis-open.github.io/cti-documentation/
• https://www.mandiant.com/resources
• https://www.recordedfuture.com/resources
• https://search.censys.io/

Threat Sharing

• https://www.circl.lu/doc/misp/

URL Extractor

• https://www.convertcsv.com/url-extractor.htm

Virus Check On-Line

• https://metadefender.opswat.com/
• https://www.virustotal.com/gui/home/upload
• https://app.any.run/
• https://urlscan.io/
• https://abuse.ch/
• https://hybrid-analysis.com/

VirtualBox

• https://www.virtualbox.org/

WHOIS

• https://www.phishtool.com/
• https://www.whois.com/whois/
• https://mxtoolbox.com/
• https://mxtoolbox.com/SuperTool.aspx

Windows

• https://learn.microsoft.com/en-us/sysinternals/resources/windows-internals
• https://0xcybery.github.io/blog/Core-Processes-In-Windows-System
• https://learn.microsoft.com/hu-hu/sysinternals/

VMware

• https://profile.broadcom.com/web/registration

WWW/Agents

• https://explore.whatismybrowser.com/useragents/explore/
• https://outervision.com/power-supply-calculator
• https://securityheaders.com/

🇭🇺 TCP IP

Petrényi József TCP/IP - 1 óra alatt:

• https://vmek.oszk.hu/08300/08373/index.phtml

TCP/IP - alapok:

• https://vmek.oszk.hu/08300/08374

🇭🇺 Linux

• https://www.szabilinux.hu/
• https://www.letix.hu/

🐧 Conclusions
The author is now spreading his wings in cybersecurity and making friends with scripting and Phython. He loves Linux and penguins 🐧 and is interested in information technology and likes to tinker with internet networks.