Cyber Range

MITRE ATT&CK: Discovery Cyber Range

Discovery consists of techniques an adversary may use to gain knowledge about the system and internal network. These techniques help adversaries observe the environment and orient themselves before deciding how to act. They also allow adversaries to explore what they can control and what’s around their entry point in order to discover how it could benefit their current objective.

4 hours, 30 minutes

The Labs

Train hands-on

MITRE ATT&CK - Discovery - Account Discovery

In this lab the learner will be guided through various methods on how to list accounts on a compromised machine such as dumping accounts, displaying messages and email addresses from Postfix and extracting emails from a POP3 server.

MITRE ATT&CK - Discovery - Debugger Evasion

Learn how to detect a debugger inside a system, detach it and inject payload to get a shell.

MITRE ATT&CK - Discovery - Network Service Discovery

This lab showcases different techniques on how adversaries may find running services and exploit vulnerable ones. The learner will list running services on a remote host and local network, learn to acquire information using tools to scan the network and perform port scans using PowerShell

MITRE ATT&CK - Discovery - Process Discovery

The lab will showcase various techniques to enumerate processes running on a victim's machine such as listing running processes on a Linux machine as well as using PowerShell, enumerating processes via /proc.

MITRE ATT&CK - Discovery - Remote System Discovery

The lab will showcase different techniques on how adversaries may sniff network traffic to capture information about an environment and detect the existence of remote systems.

MITRE ATT&CK - Discovery - System Network Configuration and Connections Discovery

The student will learn how to list network configuration and connections in a compromised machine.

MITRE ATT&CK - Discovery - System Owner/User Discovery

The student will learn how to identify system users, the groups they belong to, and their password policies.

MITRE ATT&CK - Discovery - Browser Data Discovery

This lab incorporates the MITRE ATT&CK Browser Bookmark Discovery & File and Directory Discovery techniques.

MITRE ATT&CK - Discovery - System Information Discovery

This lab incorporates the MITRE ATT&CK System Information Discovery and Software Discovery technique.

Plans & pricing

Infosec Skills Personal

$299 / year

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments