diff --git a/TryHackMe/AnonForceCTF.md b/TryHackMe/AnonForceCTF.md
new file mode 100644
index 0000000..c56fd60
--- /dev/null
+++ b/TryHackMe/AnonForceCTF.md
@@ -0,0 +1,110 @@
+# TryHackMe-AnonForce
+Abdullah Rizwan ,23 August,8:08 PM
+
+AnonForce a boo2root beginner level box where you have to find 2 flags one for user and one for root
+
+## NMAP
+
+We are going to scan for open ports on the box.
+
+```
+nmap -sC -sV -oN initial/nmap 10.10.94.79 -o scan.txt
+```
+```
+Nmap scan report for 10.10.94.79
+Host is up (0.19s latency).
+Not shown: 998 closed ports
+PORT STATE SERVICE VERSION
+21/tcp open ftp vsftpd 3.0.3
+| ftp-anon: Anonymous FTP login allowed (FTP code 230)
+| drwxr-xr-x 2 0 0 4096 Aug 11 2019 bin
+| drwxr-xr-x 3 0 0 4096 Aug 11 2019 boot
+| drwxr-xr-x 17 0 0 3700 Aug 23 08:10 dev
+| drwxr-xr-x 85 0 0 4096 Aug 13 2019 etc
+| drwxr-xr-x 3 0 0 4096 Aug 11 2019 home
+| lrwxrwxrwx 1 0 0 33 Aug 11 2019 initrd.img -> boot/initrd.img-4.4.0-157-generic
+| lrwxrwxrwx 1 0 0 33 Aug 11 2019 initrd.img.old -> boot/initrd.img-4.4.0-142-generic
+| drwxr-xr-x 19 0 0 4096 Aug 11 2019 lib
+| drwxr-xr-x 2 0 0 4096 Aug 11 2019 lib64
+| drwx------ 2 0 0 16384 Aug 11 2019 lost+found
+| drwxr-xr-x 4 0 0 4096 Aug 11 2019 media
+| drwxr-xr-x 2 0 0 4096 Feb 26 2019 mnt
+| drwxrwxrwx 2 1000 1000 4096 Aug 11 2019 notread [NSE: writeable]
+| drwxr-xr-x 2 0 0 4096 Aug 11 2019 opt
+| dr-xr-xr-x 108 0 0 0 Aug 23 08:10 proc
+| drwx------ 3 0 0 4096 Aug 11 2019 root
+| drwxr-xr-x 18 0 0 540 Aug 23 08:10 run
+| drwxr-xr-x 2 0 0 12288 Aug 11 2019 sbin
+| drwxr-xr-x 3 0 0 4096 Aug 11 2019 srv
+| dr-xr-xr-x 13 0 0 0 Aug 23 08:10 sys
+|_Only 20 shown. Use --script-args ftp-anon.maxlist=-1 to see all.
+| ftp-syst:
+| STAT:
+| FTP server status:
+| Connected to ::ffff:10.8.94.60
+| Logged in as ftp
+| TYPE: ASCII
+| No session bandwidth limit
+| Session timeout in seconds is 300
+| Control connection is plain text
+| Data connections will be plain text
+| At session startup, client count was 1
+| vsFTPd 3.0.3 - secure, fast, stable
+|_End of status
+22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.8 (Ubuntu Linux; protocol 2.0)
+| ssh-hostkey:
+| 2048 8a:f9:48:3e:11:a1:aa:fc:b7:86:71:d0:2a:f6:24:e7 (RSA)
+| 256 73:5d:de:9a:88:6e:64:7a:e1:87:ec:65:ae:11:93:e3 (ECDSA)
+|_ 256 56:f9:9f:24:f1:52:fc:16:b7:7b:a3:e2:4f:17:b4:ea (ED25519)
+Service Info: OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel
+
+Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
+Nmap done: 1 IP address (1 host up) scanned in 19.17 seconds
+
+```
+It has 2 ports one is for ftp and other is for ssh.
+
+## FTP
+
+
+
+Now we can read any file directly because there is no command to view files so we can download that flag file and read it later.
+
+
+
+Now we came to find a folder called "noread" in which there are 2 key files.
+
+
+
+
+
+
+We downloaded those files and now we have to crack "private.asc".
+
+
+
+## Cracking The Hash
+
+
+
+Using johntheripper's gpg2john we can crack the key
+
+
+
+Now we know that password for "backup.pgp" is "xbox360" we are going to decrypt "backup.pgp" using this password.
+
+
+
+We now have obtained the root hash , now we just have to crack it.
+
+
+
+
+
+## SSH
+
+Now we ssh into the box with username "root" and password "hikari"
+
+
+
+Now read "root.txt" and submit that flag to complete the CTF.