Cyber Range

MITRE ATT&CK: Exfiltration Cyber Range

Exfiltration consists of techniques that adversaries may use to steal data from your network. Once they’ve collected data, adversaries often package it to avoid detection while removing it. This can include compression and encryption. Techniques for getting data out of a target network typically include transferring it over their c2 channel.

3 hours, 40 minutes
Get Started

The Labs

Train hands-on

MITRE ATT&CK - Exfiltration - Data Transfer Size Limits

Learn various techniques for splitting exfiltrated data into different sizes and fixed-size chunks.Tools/Utilities used: stat, split, Gzip, csplit, dd, find, curl

MITRE ATT&CK - Exfiltration - Exfiltration Over Symmetric Encrypted Non-C2 Protocol

Learn how to exfiltrate data using the Exfiltration Over Symmetric Encrypted Non-C2 Protocol (T1048.001) sub-technique.

MITRE ATT&CK - Exfiltration - Exfiltration Over Unencrypted Non-C2 Protocol

Learn various techniques to exfiltrate data over an unencrypted network protocol.Tools/Utilities used: tar, base64, curl, powershell, IWR (Invoke-WebRequest), wget, ftp, mutt e-mail client

MITRE ATT&CK - Exfiltration - Exfiltration to Cloud Storage

Learn how to exfiltrate data over Cloud Storage.Tools/Utilities used: NextCloud, curl, unzip

MITRE ATT&CK - Exfiltration - Exfiltration to Code Repository

Learn how to exfiltrate data over code repository.Tools/Utilities used: Gitea, Git

MITRE ATT&CK - Exfiltration - Automated Exfiltration

Learn how to Automate Data Exfiltration using the FTP utility together with the Bash language, and Exfiltrate Data using HTTPS Python Servers.

MITRE ATT&CK - Exfiltration - Exfiltration Over Asymmetric Encrypted Non-C2 Protocol

Learn to exfiltrate data over an asymmetrical encrypted network protocol.Tools/Utilities used: gzip, gpg, sftp, openssl s_client, curl

MITRE ATT&CK - Exfiltration - Exfiltration to Text Storage Sites

This lab incorporates the MITRE ATT&CK Exfiltration to Text Storage Sites technique.

MITRE ATT&CK - Exfiltration - Scheduled Transfer

Learn how to schedule data exfiltration utilizing the Cron service.

MITRE ATT&CK - Exfiltration - Exfiltration Over C2 Channel

This lab incorporates the MITRE ATT&CK Exfiltration Over C2 Channel technique.

Plans & pricing

Infosec Skills Personal

$299 / year

Buy Now 7-Day Free Trial
  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

Book a Meeting
  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments
Start a Free Trial