Advanced adversary tactics and defense evasion with MITRE ATT&CK
Learn how advanced persistent threat groups use defense evasion to stay hidden. Then open our cyber range and test your evasion skills.
Cybersecurity training videos
-
MITRE ATT&CK
Advanced adversary tactics and defense evasion with MITRE ATT&CK
Published on: January 4, 2022
Learn how advanced persistent threat groups use defense evasion to stay hidden. Then open our cyber range and test your evasion skills.
-
MITRE ATT&CK
Privilege escalation via cross-site scripting with MITRE ATT&CK
Published on: December 21, 2021
Learn how certain cross-site scripting vulnerabilities can be exploited for a privilege escalation attack. Then dive in and try it yourself.
-
MITRE ATT&CK
Persistence: Maintaining a foothold with MITRE ATT&CK techniques
Published on: December 7, 2021
Learn how threat actors use MITRE ATT&CK® persistence techniques to maintain a foothold in an environment. Then try the techniques yourself.
-
MITRE ATT&CK
Executing the Sandworm APT with MITRE ATT&CK
Published on: November 23, 2021
Learn the techniques the Sandworm APT hacking group used to compromise, pivot from and destroy a server. Then try to do it yourself.
-
MITRE ATT&CK
Pivoting with proxy chains with MITRE ATT&CK
Published on: November 9, 2021
Learn how adversaries leverage hardware to pivot into a protected network. Then try it yourself and master these MITRE ATT&CK® techniques.
-
MITRE ATT&CK
Reconnaissance and resource development with MITRE ATT&CK
Published on: October 26, 2021
Learn the MITRE ATT&CK® techniques adversaries use for reconnaissance and resource development. Then try it yourself in our cyber range.
-
MITRE ATT&CK
How to use the MITRE ATT&CK matrix
Published on: October 12, 2021
The MITRE ATT&CK® enterprise matrix outlines how real-world adversaries operate. Use it to help develop your team's cybersecurity skills.
-
Demo
How to configure a network firewall
Published on: September 28, 2021
Learn the basics of setting up a network firewall, including stateful vs. stateless firewalls, setting up access control lists and more.
-
Demo
4 network utilities every security pro should know
Published on: September 14, 2021
Command line utilities are useful in a variety of scenarios. Learn how, and when, you can use Ping, Netstat, Traceroute and ARP.
-
Demo
How to use Nmap and other network scanners
Published on: August 24, 2021
What's on your network, or someone else's? Use free network scanning tools like Nmap, Zenmap and advanced port scanner and find out.
-
Demo
How to use Wireshark for protocol analysis
Published on: August 10, 2021
Learn how to analyze network traffic with the free protocol analyzer Wireshark and sniffing tool tcpdump. Then try it yourself!
-
Demo
Password security: Using Active Directory password policy
Published on: July 27, 2021
How do you enforce a secure password policy? Learn how to implement Windows local and group password policies in this episode.
-
Overview
Identification, authorization and authentication
Published on: July 13, 2021
Someone's trying to gain access, but are they who they say they are? That's what the different methods of identification are all about.
-
Demo
Wi-Fi password hack: How to hack into WPA Wi-Fi (and WPA2)
Published on: June 29, 2021
In this demo of a Wi-Fi WPA key hack, you'll learn how to use Aircrack-ng and Airodump-ng to access 802.11 WPA and WPA2 connections.
-
Demo
Using password cracking tools: How to crack a password
Published on: June 15, 2021
Learn how to use the Cain and Abel password cracker to conduct both a brute-force password attack and a password dictionary attack.
-
Overview
Hashing basics: How does hashing work?
Published on: June 1, 2021
What is password hashing? How does a one-way hash function work? Mike Meyers uses his sophisticated hashing box to explain in this episode.
-
Overview
Cryptography basics: How does encryption work?
Published on: May 18, 2021
Learn cryptography basics — from Caesar and Vigenere ciphers to cryptography algorithms and encrypting data using public and private keys.
-
Cyberattack
Extortion: How attackers double down on threats
Published on: May 4, 2021
You’ve just been breached or threatened with a cyberattack. Now comes a new extortion demand, pay up now — or it’s only going to get worse.
-
Cyberattack
How cross-site scripting attacks work
Published on: April 20, 2021
Cross-site scripting attacks use insecure web apps to send malicious code to users — leading to account compromise, data loss and more.
-
Cyberattack
Inside a DDoS attack against a bank
Published on: April 2, 2021
Distributed denial-of-service attacks are often used to disrupt websites. Learn how one bank got attacked and what they did to stop it.
-
Cyberattack
How injection attacks work
Published on: March 22, 2021
Injection attacks are the number one security risk, according to the OWASP Top 10. Learn how they work and how you can defend against them.
-
Overview
How to use the Infosec Skills platform
Published on: March 9, 2021
Get access to 100s of additional hands-on skill and certification courses with Infosec Skills — FREE when you use code LEARN.
-
Overview
5 ways to prevent APT ransomware attacks
Published on: February 23, 2021
Advanced Persistent Threat groups involvement in ransomware campaigns have made them nearly unstoppable. Learn how you can slow them down.
-
Social Engineering
Using AI to level up your phishing attacks
Published on: February 9, 2021
See a live demo of a phishing attack, and learn how cybercriminals are using AI to make them more effective — and more dangerous.
-
Demo
Write a port scanner in Python in 5 minutes
Published on: January 26, 2021
Port scanners are an essential network security tool. Open up your Linux terminal and learn how to write one using basic Python — right now.
-
Cyberattack
Connecting a malicious thumb drive
Published on: January 12, 2021
Is the thumb drive you found safe, or will it launch a nearly undetectable cyberattack that gives a cybercriminal control of your device?
-
Data breach
Inside Capital One’s game-changing breach
Published on: January 5, 2021
The breach involved two of the world's largest organizations and new legal precedents that impact how cybersecurity professionals operate.
-
Demo
How to set up a man-in-the-middle attack
Published on: December 22, 2020
Is your web browsing private, or is a man in the middle looking at everything you do? Learn how to set up and execute this type of attack.
-
Social Engineering
How Zoom is being exploited for phishing
Published on: December 15, 2020
Zoom is one of the most popular meeting tools. Learn how threat actors are leveraging that popularity in a successful phishing campaign.
-
Careers
Getting started in cybersecurity
Published on: December 1, 2020
Cybersecurity is one of the fastest-growing career fields. Learn how to break into the industry — and what you can do to get started now.
-
Demo
How to carry out a watering hole attack
Published on: November 10, 2020
You could be compromised just by visiting a legitimate website. It's called a watering hole attack. See how it works in this episode.
-
Data breach
Inside Equifax’s massive breach
Published on: November 9, 2020
Equifax was one of the most impactful data breaches of the past few years, affecting nearly half the U.S. population. See how it happened.
-
Overview
Cloud computing: What you need to know
Published on: November 7, 2020
How do you keep data secure when migrating to the cloud, and who's responsible for that security? Find out in this overview video.