MITRE ATT&CK: Credential Access Cyber Range

Learn the credential access tactics outlined in the MITRE ATT&CK framework.

3 hours,

The Labs

Train hands-on

  • MITRE ATT&CK - Credential Access - Keylogging

    30 minutes
    This lab incorporates a series of Mitre ATT&CK techniques and sub-techniques that show how adversaries may capture key logs through CSS injection and credentials through fake prompts.
  • MITRE ATT&CK - Credential Access - Brute Force

    30 minutes
    This lab incorporates the MITRE ATT&CK Brute Force technique.In this lab the learner will utilize utilities such as: Hydra, Patator, Medusa, Nmap, NCrack, Dirb and GoBuster
  • MITRE ATT&CK - Credential Access - Credentials from Password Stores

    30 minutes
    This lab incorporates a series of Mitre ATT&CK techniques and sub-techniques to show how adversaries search for common password storage locations to obtain user credentials.Locations investigated as part of this lab include Network Manager as well as browser saved passwords on both Chrome and Firefox. In addition you will learn about LaZagne which can dump all saved passwords in a system to plaintext
  • MITRE ATT&CK - Credential Access - Network Sniffing

    30 minutes
    This lab incorporates the MITRE ATT&CK Network Sniffing technique.This lab uses tools such as nmap, wireshark and tshark to help demonstrate these techniques.
  • MITRE ATT&CK - Credential Access - Web Cookies

    30 minutes
    This lab incorporates a series of Mitre ATT&CK techniques and sub-techniques to teach the learner about stealing, creating and forging cookies to gain access to web applications.The learner will use tools such as flask-unsign and sqlite3 during this lab.
  • MITRE ATT&CK - Credential Access - Web Portal Capture

    30 minutes
    This lab incorporates the MITRE ATT&CK Input Capture technique by injecting a JavaScript skimmer into a web application to captures user's credentials.

Plans & pricing

Infosec Skills Personal

$299 / year

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Learn about scholarships and financing with

Affirm logo

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments