Cyber Range

Advanced Adversary Tactics

Each lab in this Cyber Range covers a known technique or techniques that attackers use to compromise a system. By understanding the tactics and techniques used by attackers, offensive and defensive measures can be put in place to prevent and mitigate attacks.

The labs

Train hands-on

  • Advanced Adversary Tactics – Reconnaissance and Resource Development

    The first steps of the MITRE ATT&CK chain focus on learning about a target and gathering information for future attacks. This sort of information gathering can be instrumental to the success of future operations. For example, learning that a target uses a standard IT management software could cause an APT to target this software in a supply-chain vulnerability attack later on. 

    In this lab we’ll take a look at some of the social engineering techniques and tools that can help aid Reconnaissance and Resource Development.

  • Sandworm APT Lab 1

    Sandworm APT is an advanced hacking group that has been active since at least 2009. Most famous for their attacks on Ukrainian electrical companies and the NotPetya attacks in 2016, they are a Russian-backed threat group. 

    In this lab, we’ll take a look at and emulate some of the techniques that Sandworm has used in the past to compromise, pivot from, and destroy a server.

  • Advanced Adversary Tactics – Defense Evasion

    This lab covers multiple techniques related to defense evasion including crashing an antivirus to avoid detection, modifying PAM to allow for a backdoored password, and going through multiple methods of identifying virtual environments.

  • Advanced Adversary Tactics – Persistence 2

    This lab covers multiple techniques related to persistence including creating a malicious browser extension and modify system processes.

  • Advanced Adversary Tactics – Pivoting with Proxychains

    This lab covers configuring and using proxychains to pivot between machines on a network. The lab simulates pivoting that might occur were a raspberry pi or similar device added to a network.

  • Sandworm APT Lab 2

    Sandworm APT is an advanced hacking group that has been active since at least 2009. Most famous for their attacks on Ukrainian electrical companies and the NotPetya attacks in 2016, they are a Russian-backed threat group. 

    In this lab we’ll take a look at and emulate some of the techniques that Sandworm has used in the past to compromise, pivot from, and destroy a server.

  • Advanced Adversary Tactics – Privilege Escalation XSS

    This lab will cover using XSS techniques to steal tokens from other users and using these tokens to escalate to admin privileges.

  • Advanced Adversary Tactics – Persistence

    This lab covers multiple techniques related to persistence including tampering with desktop autostart application, .bashrc files, trojanizing binaries, and infecting a USB drive.

No software. No set up. Unlimited access.

Skip the server racks and spin up a realistic environment with one click. lnfosec Skills cyber ranges require no additional software, hardware or server space so your team can spend less time configuring environments and more time learning. Unlimited cyber range access is included in every Infosec Skills subscription so your team can skill up however they learn best.

Plans & pricing

  • Infosec Skills Personal

    $299 / year

    • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
    • 100s of hands-on labs in cloud-hosted cyber ranges
    • Custom certification practice exams (e.g., CISSP, Security+)
    • Skill assessments
    • Infosec peer community support
  • Infosec Skills Teams

    $799 per license / year

    • Team administration and reporting
    • Dedicated client success manager
    • Single sign-on (SSO)
      Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
    • Integrations via API
      Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
    • 190+ role-guided learning paths and assessments (e.g., Incident Response)
    • 100s of hands-on labs in cloud-hosted cyber ranges
    • Create and assign custom learning paths
    • Custom certification practice exams (e.g., CISSP, CISA)
    • Optional upgrade: Guarantee team certification with live boot camps

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments

You're in good company

CY

We use Infosec Skills to provide continuous training to our technicians and to prepare them for various certifications. Infosec Skills allows us to create personalized training programs that focus on each of our technicians’ particular roles and see their progress as they take courses. We also, recommend it to clients to make their IT support teams better.

Caleb Yankus

DS

This has been utilized to bridge the skills gap across our cyber team and to aid them as they prepare for their various certifications. It also has provided a nice learning foundation for our various cyber team members to utilize as we continue to find ways for cross-utilization with operations while minimizing the downtime needed to ensure everyone’s knowledge is the same.

Daniel Simpson

IS

We use Infosec Skills to provide base level knowledge for employees. We also use the services to provide in depth learning for employees as they encounter new technologies. If an employee is is assigned to a new project, we can rely on Infosec Skills to provide a rapid concentrated learning environment. This rapid concentrated learning positions our employees for success.

Infosec Skills Teams client