“Every expert was once a beginner.”
I still remember the buzz of excitement that ran through our team when we clicked “Start CTF” on TryHackMe. As beginners with minimal guidance and raw curiosity, our team—0day Hunters—had just stepped into the world of Capture The Flag (CTF) competitions for the very first time. We didn’t know what exactly to expect, but we knew one thing: we were going to give it our best shot.
And surprisingly… we ended up ranking in the top 400 out of over 5,000 teams!
WhoAmI
Before I dive into the experience, let me introduce myself.
Jaymeen Bhatt a.k.a Ethical-Knight.I’m a BSc IT student specializing in Cybersecurity, and this was my very first CTF ever. I’m not a pro ethical hacker. I’m just a passionate learner who decided to take the leap, along with my teammates, into something way outside our comfort zone.
We had no mentor. No roadmap. No idea what tools we might need.
Just sheer passion and a hunger to learn.
What is a CTF Anyway?
If you’re new to the cybersecurity space, a Capture The Flag (CTF) competition is a cybersecurity challenge where participants solve problems related to hacking, cryptography, OSINT (Open-Source Intelligence), forensics, reverse engineering, and more to "capture flags" — basically hidden strings or codes that prove you've solved a task.
CTFs are like real-world hacking simulations packed into puzzles. And for us, this one on TryHackMe was a full buffet of challenges:
Web Exploitation
Cloud Security
Cryptography
OSINT
Forensics
Even Web3 and Blockchain-based puzzles!
The Raw Reality of Being Beginners
Honestly? It was chaotic.
We had zero experience with most of the categories. Sometimes we didn’t even know what the question was asking. We’d Google everything from “What is XSS?” to “How to analyze packet captures?”
It felt like we were blindfolded in a jungle of cybersecurity.
But that’s where the learning happened.
We started trying everything:
Brute-forcing random pages (bad idea, we learned!)
Googling tools like Burp Suite, CyberChef, Hash-Identifier
Reading random blogs, GitHub scripts, and YouTube videos
Discussing in our team, throwing ideas around — some worked, many didn’t.
What We Faced — And How We Grew
Each challenge became a small lesson in itself.
🔍 In OSINT, we learned the art of digital stalking (ethically, of course). Tracking usernames across platforms, reverse image searching, digging through metadata—skills we had never even heard of before.
🕸️ In Web Exploitation, we got our first hands-on exposure to vulnerabilities like SQL Injection and XSS. It felt thrilling to see how a small payload could bypass a login form.
☁️ In Cloud Security, we faced services we didn’t even know existed. AWS buckets, misconfigured permissions, cloud endpoints—it was all new and overwhelming.
🧩 In Cryptography, we spent hours decrypting ciphers, learning about base encodings, and understanding the difference between hashing and encryption. (Yes, we confused them at first.)
🔗 Even Web3 and blockchain challenges blew our minds. We barely understood smart contracts, but we tried.
Why This Meant So Much To Us
This wasn’t just a competition.
This was our first taste of real-world cybersecurity. All our YouTube tutorials and courses finally came to life when we faced problems that had no straight answers.
And the best part? We did it as a team.
Late-night Discord calls, screen shares, random “Eureka!” moments, and celebrating every flag we found like we had just won a war.
Even when we were completely lost, we never gave up. That’s what made us 0day Hunters — not because we’re elite hackers, but because we’re willing to hunt down every challenge with persistence.
Our Small Victory: Top 400 out of 5,000
We didn’t expect to place anywhere near the top.
But when the results were out, and we saw our team name among the top 400, we were stunned. That small number felt like a massive trophy to us.
It wasn’t about the rank. It was about how far we had come with no map.
To Every Beginner Reading This…
If you’re a student, a self-learner, or someone just stepping into cybersecurity:
Don’t wait to be perfect before you start.
You will feel lost. You will fail challenges. You will Google a hundred things.
But that’s exactly how you grow.
CTFs are not just for pros. They are the fastest, rawest, most intense learning experience you can gift yourself. No classroom, no YouTube video can replace the adrenaline and learning of hands-on practice.
What’s Next for 0day Hunters?
This was just the beginning.
We’ve already started exploring more TryHackMe rooms, planning to dive deeper into topics like privilege escalation, malware analysis, and red teaming.
We’ll fail again. We’ll learn again. And we’ll hunt 0days, not as professionals yet—but as learners who never quit.
Final Words
"You don’t have to be great to start. But you have to start to be great."
This experience changed how I look at cybersecurity. It’s no longer just theory.
It’s a battlefield—and I’ve taken my first step onto it.
Stay curious. Keep learning. And see you in the next CTF.
— Jaymeen Bhatt
Team 0day Hunters
Top comments (0)