Top 10 TryHackMe CTFs for Beginners

We’re going to look at a list of the Top 10 TryHackMe CTFs for Beginners. One of the biggest problems w/ Tryhackme, other than suspected fraud, is they don’t provide proper descriptions for the CTFs. For example, the “description” for the Wgel CTF is “can you exfiltrate the root flag?” This is equivalent to describing a video game as, “can you win?” They now have ratings related to difficulty, but it’s not enough to go on: especially if you are looking to practice particular skills, tools, or against a specific attack surface. THM’s search feature is particularly dumb: “CTF” returns 101 results while “CTFs” only returns 22. So for all these reasons and more, I’m going to curate CTF lists and add slightly more comprehensive, far more useful descriptions beginning with a list of the Top 10 TryHackMe CTFs for Beginners!

1. Simple CTF

🔗 https://tryhackme.com/room/simplectf
Classic beginner CTF with FTP, web enum, and sudo misconfigurations.
Attack Surface: Linux

Primary Lesson:

It teaches some of the unwritten rules of CTFs.

Tools/Apps Used:

nmap, gobuster, curl, searchsploit, hashcat, ftp, ssh, vim

2. Pickle Rick

🔗 https://tryhackme.com/room/picklerick
A fun but solid intro to web enumeration and Linux commands. Teaches you not to rely exclusively on automation.
Attack Surface: Linux

Primary Lesson:

Do not rely solely on automation. Manual inspection, creativity, and adapting to restricted shells are often more important than brute-forcing or scanners.

Tools/Apps Used:

nmap, gobuster, curl, browser dev tools, strings, less

3. Basic Pentesting

🔗 https://tryhackme.com/room/basicpentestingjt
Covers enumeration, brute forcing, and basic Linux privilege escalation.
Attack Surface: Linux

Primary Lesson:

Enumeration wins boxes. The more thoroughly you enumerate users, shares, and services, the fewer “guesses” you need later.

Tools/Apps Used:

nmap, enum4linux, smbclient, hydra, ssh

4. RootMe

🔗 https://tryhackme.com/room/rrootme
Excellent first exposure to web exploitation and Linux privilege escalation.
Attack Surface: Linux

Primary Lesson:

Small misconfigurations compound. A single upload flaw plus weak privilege separation is often enough for full compromise.

Tools/Apps Used:

nmap, gobuster, curl, netcat, linpeas

5. Ignite

🔗 https://tryhackme.com/room/ignite
Focuses on CMS exploitation and abusing known vulnerabilities.
Attack Surface: Linux

Primary Lesson:

Default credentials and outdated software are still extremely common and highly exploitable.

Tools/Apps Used:

nmap, gobuster, searchsploit, curl

6. Bounty Hacker

🔗 https://tryhackme.com/room/cowboyhacker
Introduces FTP, SSH, weak credentials, and basic privilege escalation.
Attack Surface: Linux

Primary Lesson:

Weak credentials and poor privilege separation are still among the most common real-world failures.

Tools/Apps Used:

nmap, ftp, hydra, ssh, sudo

7. Lazy Admin

🔗 https://tryhackme.com/room/lazyadmin
A great lesson in poor admin practices, sudo abuse, and enumeration.
Attack Surface: Linux

Primary Lesson:

Enumeration beats exploitation. This room teaches that careful directory busting, reading application files, and following credential reuse will often get you further than chasing complex exploits.

Tools/Apps Used:

nmap, gobuster, curl, searchsploit, ssh, sudo

8. Linux PrivEsc Playground

🔗 https://tryhackme.com/room/linuxprivesc
Not a traditional CTF, but essential hands-on practice for privilege escalation.
Attack Surface: Linux

Primary Lesson:

Privilege escalation is about system understanding, not exploits. This room teaches you how to systematically enumerate a Linux system and recognize misconfigurations that allow elevation to root without kernel exploits.

Tools/Apps Used:

linpeas, sudo, find, grep, strings, ps, crontab, bash

9. Blue

🔗 https://tryhackme.com/room/blue
Walkthrough of exploiting EternalBlue (MS17-010) in a controlled environment.
Attack Surface: Windows

Primary Lesson:

Unpatched systems are catastrophic. Known exploits remain devastating when patching is neglected.

Tools/Apps Used:

nmap, metasploit

10. Kenobi

🔗 https://tryhackme.com/room/kenobi
Teaches NFS enumeration, SSH key abuse, and Linux privilege escalation.
Attack Surface: Linux

Primary Lesson:

Misconfigured network file systems can completely undermine host security.

Tools/Apps Used:

nmap, showmount, mount, ftp, ssh

There it is! This seems like a short and simple list but struggling with WordPress formatting, especially the Details Blocks, meant that it took about an hour to type in, let alone the research! Tryhackme, I’ve done your job for you, again. You’re welcome! This has been a more comprehensive, far more useful description of the Top 10 TryHackMe CTFs for Beginners!