Room link: https://tryhackme.com/room/honeynet-collapse

Over the weekend, the Honeynet Collapse CTF by TryHackMe dropped — and it quickly proved to be one of the most demanding solo forensics challenges in recent memory. It wasn’t just hard because of obscure artifacts or tricky logs; it was hard because every question fed into the next. This was an investigation, not a checklist.

The CTF begins with a realistic premise: Emily Ross, a junior IT staffer, deploys a honeypot for internal testing and leaves it exposed to the internet over the weekend. From there, the fallout is brutal. One weak password leads to access. Access leads to a web shell. The shell becomes persistence, and that persistence becomes ransomware.

This wasn’t a set of isolated questions. It was a chain reaction — and your job was to catch every link before the system collapsed.