MITRE ATT&CK: Lateral Movement Cyber Range

Learn the Lateral Movement tactics outlined in the MITRE ATT&CK framework.

4 hours, 30 minutes

The Labs

Train hands-on

  • MITRE ATT&CK - Lateral Movement - Exploitation of Remote Services

    30 minutes
    Learn how to exploit Remote Services to gain unauthorized access to internal systems and abuse vulnerable MySQL to gain root access.
  • MITRE ATT&CK - Lateral Movement - Internal Spearphishing

    30 minutes
    This lab incorporates the MITRE ATT&CK Internal Spearphishing technique using tools such as the Social Engineering Toolkit (setoolkit) and using telnet over port 25 to spoof an email.
  • MITRE ATT&CK - Lateral Movement - Lateral Tool Transfer

    30 minutes
    This lab incorporates the MITRE ATT&CK Lateral Tool Transfer technique using native tools on the system, such as scp, rsync, curl, ftp, and sftp, to move files on between systems
  • MITRE ATT&CK - Lateral Movement - Remote Service Session Hijacking

    30 minutes
    This lab incorporates MITRE ATT&CK Remote Service Session Hijacking techniques.
  • MITRE ATT&CK - Lateral Movement - SambaCry

    30 minutes
    Sambacry lab will provide users with hands-on experience in exploiting the SambaCry vulnerability and understanding the impact it can have on a system. The student will learn how to exploit the vulnerability by uploading and executing an arbitrary binary file that runs with Samba permissions. Also, the student will learn how this can be accomplished with just a few lines of code without requiring interaction from the end user.
  • MITRE ATT&CK - Lateral Movement - CTF

    30 minutes
    The student will exploit system vulnerabilities to gain access to the victim and move laterally using various techniques.
  • MITRE ATT&CK - Lateral Movement - Remote Services

    30 minutes
    The lab will guide students through several scenarios on how to log in to different machines using remote access protocols and perform lateral movement.
  • MITRE ATT&CK - Lateral Movement - Software Deployment Tools

    30 minutes
    The aim of this lab is to demonstrate security vulnerabilities caused by third-party software to gather information and achieve remote code execution.
  • MITRE ATT&CK - Lateral Movement - Using Alternate Authentication Material

    30 minutes
    Learn how to generate access tokens on a vulnerable OAuth application and access restricted accounts.

Plans & pricing

Infosec Skills Personal

$299 / year

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Learn about scholarships and financing with

Affirm logo

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments