MITRE ATT&CK: Defense Evasion Cyber Range

Learn the Defense Evasion tactics outlined in the MITRE ATT&CK framework.

5 hours, 30 minutes

Get Started

The Labs

Train hands-on

  • MITRE ATT&CK - Defense Evasion - Deobfuscate/Decode Files or Information

    30 minutes
    This lab incorporates the MITRE ATT&CK Deobfuscate/Decode Files or Information technique.

  • MITRE ATT&CK - Defense Evasion - Dynamic Linker Hijacking

    30 minutes
    Adversaries execute malicious payloads by hijacking the dynamic linker that loads shared libraries. The libraries specified into system files or environment variables always are loaded first, taking precedence over existing system libraries with the same function names.

  • MITRE ATT&CK - Defense Evasion - HTML Smuggling Attack

    30 minutes
    This lab incorporates a series of Mitre ATT&CK techniques and sub-techniques to show how adversaries may abuse JavaScript Blobs and HTML5 download attributes to deliver payloads.

  • MITRE ATT&CK - Defense Evasion - Metasploit Payload Generation

    30 minutes
    This lab incorporates a series of Mitre ATT&CK techniques and sub-techniques to show how adversaries may use the Metasploit framework to generate a variety of payloads.

  • MITRE ATT&CK - Defense Evasion - Process Injection

    30 minutes
    Learn how to execute malicious code in the address space of a separate live process

  • MITRE ATT&CK - Defense Evasion - Reflective Code Loading

    30 minutes
    Learn how to execute file-based malware without touching the disk.

  • MITRE ATT&CK - Defense Evasion - Steganography

    30 minutes
    This lab incorporates a series of Mitre ATT&CK techniques and sub-techniques to show how adversaries may use Steganography to hide malicious files inside images.

  • MITRE ATT&CK - Defense Evasion - XOR Encryption

    30 minutes
    This lab incorporates a series of Mitre ATT&CK techniques and sub-techniques to show how adversaries may use XOR Encryption to obfuscated and deobfuscate files or information.

  • MITRE ATT&CK - Defense Evasion - Bypassing IDS Signatures

    30 minutes
    This lab incorporates the MITRE ATT&CK techniques to guide students on bypassing IDS signatures and security mechanisms using the Caesar algorithm.This will be done using tools and utilities such as wireshark and powercat while obfuscating traffic between machines.

  • MITRE ATT&CK - Defense Evasion - Invoke-Obfuscation

    30 minutes
    This lab incorporates the MITRE ATT&CK Obfuscated Files or Information technique, guiding learners on how adversaries may take advantage of PowerShell features to create confusion and obfuscate malicious commands.The learner will use tools and utilities such as revshell-generator, invoke-obfuscation and netcat in this lab.

  • MITRE ATT&CK - Defense Evasion - Masquerading

    30 minutes
    This lab incorporates the MITRE ATT&CK Masquerading technique showcasing various techniques to manipulate features of artifacts to make them appear legitimate or benign to users and security tools.These techniques include learning how to abuse the RTLO character, renaming system utilities, disguising malware and operating without leaving a trace on the victim's machine.

Plans & pricing

Infosec Skills Personal

$299 / year

Buy Now 7-Day Free Trial
  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

Book a Meeting
  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Learn about scholarships and financing with

Affirm logo

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments
Start a Free Trial