Cyber Range

MITRE ATT&CK: Lateral Movement Cyber Range

Lateral Movement consists of techniques that adversaries use to enter and control remote systems on a network. Following through on their primary objective often requires exploring the network to find their target and subsequently gaining access to it. Reaching their objective often involves pivoting through multiple systems and accounts to gain. Adversaries might install their own remote access tools to accomplish Lateral Movement or use legitimate credentials with native network and operating system tools, which may be stealthier.

4 hours, 30 minutes
Get Started

The Labs

Train hands-on

MITRE ATT&CK - Lateral Movement - Exploitation of Remote Services

Learn how to exploit Remote Services to gain unauthorized access to internal systems and abuse vulnerable MySQL to gain root access.

MITRE ATT&CK - Lateral Movement - Internal Spearphishing

This lab incorporates the MITRE ATT&CK Internal Spearphishing technique using tools such as the Social Engineering Toolkit (setoolkit) and using telnet over port 25 to spoof an email.

MITRE ATT&CK - Lateral Movement - Lateral Tool Transfer

This lab incorporates the MITRE ATT&CK Lateral Tool Transfer technique using native tools on the system, such as scp, rsync, curl, ftp, and sftp, to move files on between systems

MITRE ATT&CK - Lateral Movement - Remote Service Session Hijacking

This lab incorporates MITRE ATT&CK Remote Service Session Hijacking techniques.

MITRE ATT&CK - Lateral Movement - SambaCry

Sambacry lab will provide users with hands-on experience in exploiting the SambaCry vulnerability and understanding the impact it can have on a system. The student will learn how to exploit the vulnerability by uploading and executing an arbitrary binary file that runs with Samba permissions. Also, the student will learn how this can be accomplished with just a few lines of code without requiring interaction from the end user.

MITRE ATT&CK - Lateral Movement - CTF

The student will exploit system vulnerabilities to gain access to the victim and move laterally using various techniques.

MITRE ATT&CK - Lateral Movement - Remote Services

The lab will guide students through several scenarios on how to log in to different machines using remote access protocols and perform lateral movement.

MITRE ATT&CK - Lateral Movement - Software Deployment Tools

The aim of this lab is to demonstrate security vulnerabilities caused by third-party software to gather information and achieve remote code execution.

MITRE ATT&CK - Lateral Movement - Using Alternate Authentication Material

Learn how to generate access tokens on a vulnerable OAuth application and access restricted accounts.

Plans & pricing

Infosec Skills Personal

$299 / year

Buy Now 7-Day Free Trial
  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

Book a Meeting
  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments
Start a Free Trial