MITRE ATT&CK: Collection Cyber Range

Learn the Collection tactics outlined in the MITRE ATT&CK framework.

3 hours, 30 minutes

Get Started

The Labs

Train hands-on

  • MITRE ATT&CK - Collection - Archive Collected Data

    30 minutes
    This lab incorporates the MITRE ATT&CK Archive Collected Data technique. This lab utilizes tools and utilities such as: ZIP, GZIP, 7-Zip, Tar, PGP, Zlib, Bzip2 as well as others.

  • MITRE ATT&CK - Collection - Automated Collection

    30 minutes
    Learn how to Automate Data Collection using different programming languages such as PowerShell, C, Python and Bash.

  • MITRE ATT&CK - Collection - Data From Local System

    30 minutes
    Learn how to collect files and data from an infected machine. Utilizes commands such as find, locate and copy (cp) to collect data. Additionally this lab uses some basic mysql queries to find data in a mysql database.

  • MITRE ATT&CK - Collection - Data from Network Shared Drive

    30 minutes
    This lab incorporates the MITRE ATT&CK Data from Network Shared Drive technique. Utilities/Tools: Nmap, Samba/smb, SCP, Find, Grep and others.

  • MITRE ATT&CK - Collection - Data Staged

    30 minutes
    Learn different methods of how adversaries may stage collected data in a central location or directory prior to exfiltration.

  • MITRE ATT&CK - Collection - Email Collection

    30 minutes
    This lab incorporates the MITRE ATT&CK Email Collection technique

  • MITRE ATT&CK - Collection - Screen & Video Capture

    30 minutes
    This lab incorporates the MITRE ATT&CK Screen & Video Capture

Plans & pricing

Infosec Skills Personal

$299 / year

Buy Now 7-Day Free Trial
  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

Book a Meeting
  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Learn about scholarships and financing with

Affirm logo

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments
Start a Free Trial