Advanced adversary tactics and defense evasion with MITRE ATT&CK

Learn how advanced persistent threat groups use defense evasion to stay hidden. Then open our cyber range and test your evasion skills.

Cybersecurity training videos


    Advanced adversary tactics and defense evasion with MITRE ATT&CK

    Published on: January 4, 2022

    Learn how advanced persistent threat groups use defense evasion to stay hidden. Then open our cyber range and test your evasion skills.


    Privilege escalation via cross-site scripting with MITRE ATT&CK

    Published on: December 21, 2021

    Learn how certain cross-site scripting vulnerabilities can be exploited for a privilege escalation attack. Then dive in and try it yourself.


    Persistence: Maintaining a foothold with MITRE ATT&CK techniques

    Published on: December 7, 2021

    Learn how threat actors use MITRE ATT&CK® persistence techniques to maintain a foothold in an environment. Then try the techniques yourself.


    Executing the Sandworm APT with MITRE ATT&CK

    Published on: November 23, 2021

    Learn the techniques the Sandworm APT hacking group used to compromise, pivot from and destroy a server. Then try to do it yourself.


    Pivoting with proxy chains with MITRE ATT&CK

    Published on: November 9, 2021

    Learn how adversaries leverage hardware to pivot into a protected network. Then try it yourself and master these MITRE ATT&CK® techniques.


    Reconnaissance and resource development with MITRE ATT&CK

    Published on: October 26, 2021

    Learn the MITRE ATT&CK® techniques adversaries use for reconnaissance and resource development. Then try it yourself in our cyber range.


    How to use the MITRE ATT&CK matrix

    Published on: October 12, 2021

    The MITRE ATT&CK® enterprise matrix outlines how real-world adversaries operate. Use it to help develop your team's cybersecurity skills.

  • Demo

    How to configure a network firewall

    Published on: September 28, 2021

    Learn the basics of setting up a network firewall, including stateful vs. stateless firewalls, setting up access control lists and more.

  • Demo

    4 network utilities every security pro should know

    Published on: September 14, 2021

    Command line utilities are useful in a variety of scenarios. Learn how, and when, you can use Ping, Netstat, Traceroute and ARP.

  • Demo

    How to use Nmap and other network scanners

    Published on: August 24, 2021

    What's on your network, or someone else's? Use free network scanning tools like Nmap, Zenmap and advanced port scanner and find out.

  • Demo

    How to use Wireshark for protocol analysis

    Published on: August 10, 2021

    Learn how to analyze network traffic with the free protocol analyzer Wireshark and sniffing tool tcpdump. Then try it yourself!

  • Demo

    Password security: Using Active Directory password policy

    Published on: July 27, 2021

    How do you enforce a secure password policy? Learn how to implement Windows local and group password policies in this episode.

  • Overview

    Identification, authorization and authentication

    Published on: July 13, 2021

    Someone's trying to gain access, but are they who they say they are? That's what the different methods of identification are all about.

  • Demo

    Wi-Fi password hack: How to hack into WPA Wi-Fi (and WPA2)

    Published on: June 29, 2021

    In this demo of a Wi-Fi WPA key hack, you'll learn how to use Aircrack-ng and Airodump-ng to access 802.11 WPA and WPA2 connections.

  • Demo

    Using password cracking tools: How to crack a password

    Published on: June 15, 2021

    Learn how to use the Cain and Abel password cracker to conduct both a brute-force password attack and a password dictionary attack.

  • Overview

    Hashing basics: How does hashing work?

    Published on: June 1, 2021

    What is password hashing? How does a one-way hash function work? Mike Meyers uses his sophisticated hashing box to explain in this episode.

  • Overview

    Cryptography basics: How does encryption work?

    Published on: May 18, 2021

    Learn cryptography basics — from Caesar and Vigenere ciphers to cryptography algorithms and encrypting data using public and private keys.

  • Cyberattack

    Extortion: How attackers double down on threats

    Published on: May 4, 2021

    You’ve just been breached or threatened with a cyberattack. Now comes a new extortion demand, pay up now — or it’s only going to get worse.

  • Cyberattack

    How cross-site scripting attacks work

    Published on: April 20, 2021

    Cross-site scripting attacks use insecure web apps to send malicious code to users — leading to account compromise, data loss and more.

  • Cyberattack

    Inside a DDoS attack against a bank

    Published on: April 2, 2021

    Distributed denial-of-service attacks are often used to disrupt websites. Learn how one bank got attacked and what they did to stop it.

  • Cyberattack

    How injection attacks work

    Published on: March 22, 2021

    Injection attacks are the number one security risk, according to the OWASP Top 10. Learn how they work and how you can defend against them.

  • Overview

    How to use the Infosec Skills platform

    Published on: March 9, 2021

    Get access to 100s of additional hands-on skill and certification courses with Infosec Skills — FREE when you use code LEARN.

  • Overview

    5 ways to prevent APT ransomware attacks

    Published on: February 23, 2021

    Advanced Persistent Threat groups involvement in ransomware campaigns have made them nearly unstoppable. Learn how you can slow them down.

  • Social Engineering

    Using AI to level up your phishing attacks

    Published on: February 9, 2021

    See a live demo of a phishing attack, and learn how cybercriminals are using AI to make them more effective — and more dangerous.

  • Demo

    Write a port scanner in Python in 5 minutes

    Published on: January 26, 2021

    Port scanners are an essential network security tool. Open up your Linux terminal and learn how to write one using basic Python — right now.

  • Cyberattack

    Connecting a malicious thumb drive

    Published on: January 12, 2021

    Is the thumb drive you found safe, or will it launch a nearly undetectable cyberattack that gives a cybercriminal control of your device?

  • Data breach

    Inside Capital One’s game-changing breach

    Published on: January 5, 2021

    The breach involved two of the world's largest organizations and new legal precedents that impact how cybersecurity professionals operate.

  • Demo

    How to set up a man-in-the-middle attack

    Published on: December 22, 2020

    Is your web browsing private, or is a man in the middle looking at everything you do? Learn how to set up and execute this type of attack.

  • Social Engineering

    How Zoom is being exploited for phishing

    Published on: December 15, 2020

    Zoom is one of the most popular meeting tools. Learn how threat actors are leveraging that popularity in a successful phishing campaign.

  • Careers

    Getting started in cybersecurity

    Published on: December 1, 2020

    Cybersecurity is one of the fastest-growing career fields. Learn how to break into the industry — and what you can do to get started now.

  • Demo

    How to carry out a watering hole attack

    Published on: November 10, 2020

    You could be compromised just by visiting a legitimate website. It's called a watering hole attack. See how it works in this episode.

  • Data breach

    Inside Equifax’s massive breach

    Published on: November 9, 2020

    Equifax was one of the most impactful data breaches of the past few years, affecting nearly half the U.S. population. See how it happened.

  • Overview

    Cloud computing: What you need to know

    Published on: November 7, 2020

    How do you keep data secure when migrating to the cloud, and who's responsible for that security? Find out in this overview video.