Skip to content
Sam's Blog

Development

TryHackMe Review: Pros, Cons, and How It Can Improve

8 min read
TryHackMe Review: Pros, Cons, and How It Can Improve

TryHackMe has become a household name in the cybersecurity community, especially for those looking to dive into Capture the Flag (CTF) challenges and hands-on cybersecurity practice. But is it truly the best platform out there? Or does it have flaws that are often overlooked in the sea of praise? In this article, I’ll take you through my detailed experience with TryHackMe, highlighting its strengths, weaknesses, and areas where it can improve. This isn’t just a review—it’s a deep, humanized exploration of what makes TryHackMe tick, what it does well, and where it falls short.

What is TryHackMe? A Beginner’s Guide

For those unfamiliar with TryHackMe, let’s start with the basics. TryHackMe is an online platform designed to teach cybersecurity through interactive virtual labs. It’s structured around “rooms,” which are self-contained learning modules focusing on specific topics or challenges. These rooms range from beginner-friendly tutorials on networking and Linux to advanced CTF-style challenges that simulate real-world hacking scenarios.

The platform is designed to be accessible to users of all skill levels. Each room consists of tasks that vary in complexity, and completing these tasks earns you points. These points contribute to your overall ranking on the platform, adding a gamified element to the learning experience. TryHackMe also allows users to create their own rooms, which has led to a diverse range of content but also some significant issues, as we’ll discuss later.

The Good: Why TryHackMe Shines

1. Beginner-Friendly and Structured Learning

TryHackMe excels at making cybersecurity accessible to beginners. The platform’s rooms are structured in a way that gradually builds your knowledge, starting with the basics and moving on to more advanced topics. For example, you’ll find rooms dedicated to teaching tools like Nmap, Metasploit, and Burp Suite, as well as fundamental concepts like encryption, networking, and web vulnerabilities.

The platform also provides detailed walkthroughs for many of its rooms, which can be incredibly helpful if you’re stuck. These walkthroughs strike a nice balance between guiding you and encouraging independent problem-solving.

2. Hands-On Practice in a Safe Environment

One of TryHackMe’s biggest strengths is its focus on practical, hands-on learning. The virtual lab environment allows you to apply what you’ve learned in a real-world context. For example, if you’re learning about SQL injection, you’ll actually get to exploit a vulnerable web application in the lab. This kind of experiential learning is invaluable for developing the skills needed to tackle real-world cybersecurity challenges.

3. Gamification and Community Features

TryHackMe’s gamified approach to learning is another major plus. The points system and leaderboard add a competitive element that can be highly motivating. The platform also allows you to team up with friends and collaborate on rooms, which adds a social dimension to the experience.

4. Regular Updates and New Content

TryHackMe is constantly updating its platform with new rooms and challenges. This keeps the content fresh and ensures that there’s always something new to learn. The platform’s newsletter gives users a sneak peek at upcoming releases, which is a nice touch.

The Bad: Where TryHackMe Falls Short

While TryHackMe has many strengths, it’s not without its flaws. Here are some of the most significant issues I’ve encountered:

1. Plagiarism and Lack of Original Content

One of the most glaring problems with TryHackMe is the prevalence of plagiarized content. While the platform allows users to create their own rooms, this has led to a situation where some rooms are blatant copies of challenges from other platforms like VulnHub and Hack The Box. In some cases, even the flags (the solutions to the challenges) are identical.

For example, I once encountered a TryHackMe room that was an exact replica of a VulnHub machine I had previously solved. Not only were the tasks and vulnerabilities the same, but the flags were also copied verbatim. This raises serious questions about the platform’s commitment to originality and quality control.

Why This is a Problem:

  • It undermines the creativity and effort of content creators on other platforms.
  • It limits the educational value of TryHackMe, as users are essentially solving the same challenges they’ve seen elsewhere.
  • It creates a lack of trust in the platform’s content, as users may wonder whether they’re learning something new or just rehashing old material.

2. Slow Website Performance

While TryHackMe has made improvements in this area, the platform’s website used to be notoriously slow. This was especially frustrating when you were in the middle of a challenge and the site would lag or crash. While the performance has gotten better in recent years, it’s still not perfect, and there’s room for further improvement.

3. Early Write-Ups and Over-Reliance on Hints

Another issue with TryHackMe is the prevalence of early write-ups. Write-ups are detailed guides that explain how to solve a particular challenge, and while they can be helpful, they can also discourage independent problem-solving. Some users rely too heavily on write-ups and hints, which defeats the purpose of the challenges.

For example, I’ve seen users immediately search for write-ups or YouTube tutorials as soon as they encounter a difficult challenge, rather than trying to solve it on their own. This over-reliance on external resources can hinder the development of critical thinking and problem-solving skills.

4. Hypocritical and Discouraging Discord Community

TryHackMe’s Discord server is another area where the platform falls short. While the server is meant to be a place where users can discuss challenges and help each other out, it often devolves into a toxic environment. Overachiever users who have already solved the challenges can be dismissive or even hostile toward newcomers who are struggling.

For instance, I’ve seen users ask for help on the Discord server, only to be heckled by others who insist that they should figure it out on their own. This creates a discouraging atmosphere that can be off-putting for beginners. The hypocrisy is particularly glaring when you consider that TryHackMe itself provides hints and write-ups for many of its rooms.

5. Disappearing Old CTF Rooms

Over time, TryHackMe has removed or locked access to many of its older rooms. While this might not seem like a big deal at first glance, it’s actually a significant loss. These rooms often contain valuable learning material, and their removal limits the platform’s overall utility.

Suggestions for Improvement: How TryHackMe Can Get Better

While TryHackMe has its flaws, there are several steps the platform can take to improve:

1. Address Plagiarism and Improve Content Originality

TryHackMe needs to implement stricter guidelines and quality control measures to prevent plagiarism. This could include:

  • A thorough review process for user-generated rooms to ensure they are original and not copied from other platforms.
  • Clear consequences for users who submit plagiarized content, such as temporary bans or removal of their rooms.

2. Change Flags for Every User

To combat the issue of users copying flags from early write-ups, YouTube videos, or Twitch streams, TryHackMe could implement dynamic flags that change for each user. This would make it much harder for users to simply copy and paste solutions, encouraging them to actually solve the challenges on their own.

3. Improve Discord Community Guidelines

TryHackMe should establish clearer guidelines for its Discord community to foster a more supportive and inclusive environment. This could include:

  • Encouraging experienced users to provide constructive feedback rather than heckling newcomers.
  • Implementing a system for reporting toxic behavior and taking appropriate action against users who violate the guidelines.

4. Preserve Old CTF Rooms

Instead of removing old CTF rooms, TryHackMe should consider archiving them or making them available to premium users. This would preserve the platform’s history and provide users with access to a wider range of learning material.

Conclusion: Is TryHackMe Worth It?

TryHackMe is a platform with a lot of potential, but it’s not without its flaws. Its beginner-friendly approach, hands-on learning environment, and gamified elements make it a great resource for those new to cybersecurity. However, issues like plagiarism, slow website performance, and a toxic community detract from the overall experience.

If you’re a beginner or someone looking to dip your toes into the world of cybersecurity, TryHackMe is a solid choice. However, if you’re an experienced hacker or someone looking for a more rigorous and original CTF experience, you might want to explore other platforms.

Ultimately, the key to success in cybersecurity is practice and persistence. TryHackMe is just one tool in your arsenal, and while it has its shortcomings, it can still be a valuable resource if used correctly. So, give it a try, but don’t be afraid to branch out and explore other platforms as well. After all, the journey to becoming a cybersecurity expert is a marathon, not a sprint.

Recommended for you

View all posts →