Cyber Range

MITRE ATT&CK: Command and Control Cyber Range

Command and Control consists of techniques that adversaries may use to communicate with systems under their control within a victim network. Adversaries commonly attempt to mimic normal, expected traffic to avoid detection. There are many ways an adversary can establish command and control with various levels of stealth depending on the victim’s network structure and defenses.

5 hours, 30 minutes
Get Started

The Labs

Train hands-on

MITRE ATT&CK - Command and Control - Application Layer Protocol

This lab incorporates the MITRE ATT&CK Application Layer Protocol technique.

MITRE ATT&CK - Command and Control - Data Encoding

This lab incorporates the MITRE ATT&CK Data Encoding technique.

MITRE ATT&CK - Command and Control - Data Obfuscation

Learn how to hide command and control activity by adding junk data to communication protocols and using steganography to conceal C2 communications.

MITRE ATT&CK - Command and Control - Non-Application Layer Protocol

Learn how to use various non-application layer protocols for communication between the host and C2 server.

MITRE ATT&CK - Command and Control - Proxy

Learn to use a proxy to route traffic through a back-connect server and steal the victim's session cookies to obtain sensitive data.

MITRE ATT&CK - Command and Control - Remote Access Software

Learn how to use different remote access software to create interactively command and control channels.

MITRE ATT&CK - Command and Control - Protocol Tunneling

Learn how to use tunneling to hide network traffic and access unreachable systems by encapsulating one protocol within another, providing an extra layer of encryption, and blending malicious traffic with existing traffic.

MITRE ATT&CK - Command and Control - Ingress Tool Transfer

This lab incorporates the MITRE ATT&CK Ingress Tool Transfer technique.

MITRE ATT&CK - Command and Control - Multi Stage Channels

This lab incorporates the MITRE ATT&CK Multi Stage Channels technique.

MITRE ATT&CK - Command and Control - Non Standard Port

This lab incorporates the MITRE ATT&CK Non-Standard Port technique.

MITRE ATT&CK - Command and Control - Web Service

Learn to use legitime Web Services as Command and Control Server for relaying data from a compromised system, whilst hiding inside of expected noise.

Plans & pricing

Infosec Skills Personal

$299 / year

Buy Now 7-Day Free Trial
  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

Book a Meeting
  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments
Start a Free Trial