MITRE ATT&CK: Initial Access Cyber Range

Learn the initial access tactics outlined in the MITRE ATT&CK framework.

4 hours, 30 minutes

The Labs

Train hands-on

  • MITRE ATT&CK - Initial Access - Rubber Ducky & Bash Bunny

    30 minutes
    Human Interface Devices(HID) include components like keyboard and mouse, which act as an interface between the machine and human beings.Rubber Ducky looks like a normal USB but is an HID. It finds use in various malicious situations; a malicious actor can use the rubber ducky to inject keystrokes into a system, hack a system, steal credentials, etc. This malicious act completes in seconds if the attacker manages to insert the Rubber Ducky into a computer physically.The strongest attribute of the rubber ducky is that it can bypass any Anti-Virus or FireWall. The reason that rubber ducky cannot get detected is that the computer does not consider HID devices malicious. Rubber Ducky itself can cause a lot of harm to a system, but can also open the way for other attacks. For example, an attacker can use the rubber ducky to disable a system's firewall then proceed with other attacks. It can also steal credentials from computers; via those credentials, it can compromise the victim's social media accounts, credit cards, etc.
  • MITRE ATT&CK - Initial Access - Exploiting Web Apps

    30 minutes
    The student will complete challenges and learn about Padding Oracle Attacks, Server Side Template Injection, Union-based SQLi, Blind SQLi, and Use of a One-Way Hash with a Predictable Salt.
  • MITRE ATT&CK - Initial Access - Exploiting Public-Facing Applications

    30 minutes
    Public-facing or Internet applications are programs or systems that are available from within the internal network and accessible from the Internet. These applications are responsible for delivering services to the public or allowing access to the internal network.These applications are often connected to databases, standard services (such as SMB or SSH), and other applications with internet-accessible open sockets (such as web servers).
  • MITRE ATT&CK - Initial Access - Drive-by Compromise

    30 minutes
    Drive-by Compromise attacks rely on vulnerable users (targets) visiting the infected commonly used websites through which adversaries host malware. These attacks are increasingly becoming a problem due to the numerous malicious hacker groups emerging.
  • MITRE ATT&CK - Initial Access - Broken Access Control

    30 minutes
    Broken Access Control is one of the most encountered security issues in web applications. This lab will show different versions and exploitation scenarios for this set of security issues.
  • MITRE ATT&CK - Initial Access - CTF

    30 minutes
    Exploit a vulnerable Webmin application in order to attach a code snippet to a software product which is used to establish a remote connection.
  • MITRE ATT&CK - Initial Access - Heartbleed

    30 minutes
    Heartbleed is a vulnerability in OpenSSL; it allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and encrypt the traffic, the names and passwords of the users, and the actual content.
  • MITRE ATT&CK - Initial Access - Log4j

    30 minutes
    The Apache Log4j versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an adversary with permission to control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled.
  • MITRE ATT&CK - Initial Access - Valid Accounts

    30 minutes
    This lab incorporates a series of Mitre ATT&CK techniques and sub techniques to whos how adversaries can obtain and abuse credentials of existing accounts to gain Initial Access, Persistence, Privilege Escalation or Defense Evasion.

Plans & pricing

Infosec Skills Personal

$299 / year

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Learn about scholarships and financing with

Affirm logo

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments