Cyber Range

MITRE ATT&CK: Credential Access Cyber Range

Credential Access consists of techniques for stealing credentials like account names and passwords. Techniques used to get credentials include keylogging or credential dumping.
3 hours, 30 minutes

The Labs

Train hands-on

MITRE ATT&CK - Credential Access - Keylogging

This lab incorporates a series of Mitre ATT&CK techniques and sub-techniques that show how adversaries may capture key logs through CSS injection and credentials through fake prompts.

MITRE ATT&CK - Credential Access - Brute Force

This lab incorporates the MITRE ATT&CK Brute Force technique.In this lab the learner will utilize utilities such as: Hydra, Patator, Medusa, Nmap, NCrack, Dirb and GoBuster

MITRE ATT&CK - Credential Access - Credentials from Password Stores

This lab incorporates a series of Mitre ATT&CK techniques and sub-techniques to show how adversaries search for common password storage locations to obtain user credentials.Locations investigated as part of this lab include Network Manager as well as browser saved passwords on both Chrome and Firefox. In addition you will learn about LaZagne which can dump all saved passwords in a system to plaintext

MITRE ATT&CK - Credential Access - Network Sniffing

This lab incorporates the MITRE ATT&CK Network Sniffing technique.This lab uses tools such as nmap, wireshark and tshark to help demonstrate these techniques.

MITRE ATT&CK - Credential Access - Web Cookies

This lab incorporates a series of Mitre ATT&CK techniques and sub-techniques to teach the learner about stealing, creating and forging cookies to gain access to web applications.The learner will use tools such as flask-unsign and sqlite3 during this lab.

MITRE ATT&CK - Credential Access - Web Portal Capture

This lab incorporates the MITRE ATT&CK Input Capture technique by injecting a JavaScript skimmer into a web application to captures user's credentials.

Plans & pricing

Infosec Skills Personal

$299 / year

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments