MITRE ATT&CK: Persistence Cyber Range

Learn the persistence tactics outlined in the MITRE ATT&CK framework.

4 hours, 30 minutes

Get Started

The Labs

Train hands-on

  • MITRE ATT&CK - Persistence - Authentication Process Modification

    30 minutes
    Adversaries alter authentication processes to gain access to user credentials or allow unwarranted access to accounts. By maliciously modifying a part of the process, adversaries reveal or alter credentials or bypass authentication mechanisms. Compromised credentials may lead to bypassing other security layers or removing them altogether.

  • MITRE ATT&CK - Persistence - Compromise Client Software Binary

    30 minutes
    This lab incorporates a series of Mitre ATT&CK techniques and sub techniques to show how adversaries modified the OpenSSH binaries to establish persistent access to systems.

  • MITRE ATT&CK - Persistence - Traffic Signaling and Pre-OS Boot

    30 minutes
    This lab incorporates a series of Mitre ATT&CK techniques and sub-techniques to show how adversaries may use port knocking to hide open ports used for persistence and how adversaries may load a modified router configuration file from a Trivial File Transfer Protocol (TFTP) server.

  • MITRE ATT&CK - Persistence - Maintaining Connections

    30 minutes
    The lab will showcase how different binaries and programming languages can be used to maintain persistent connections with the target machine.

  • MITRE ATT&CK - Persistence - Browser Extensions

    30 minutes
    This lab incorporates a series of Mitre ATT&CK techniques and sub-techniques to show how adversaries may abuse Internet browser extensions to establish persistent access to victim systems.

  • MITRE ATT&CK - Persistence - Server Software Component

    30 minutes
    This lab incorporates a series of Mitre ATT&CK techniques and sub-techniques to show how adversaries may abuse legitimate extensible development features of servers to establish persistent access to systems.

  • MITRE ATT&CK - Persistence - Persistence Methodologies

    30 minutes
    The learner will be guided through different persistence techniques that make use of Autostart/Autorun scripts and configuration files of commonly used applications.

  • MITRE ATT&CK - Persistence - Account Manipulation

    30 minutes
    The lab will showcase enumeration techniques for Cloud Credentials and credentials manipulation with the aim of establishing persistence.

  • MITRE ATT&CK - Persistence - Email Delegate Permissions

    30 minutes
    This lab incorporates a series of Mitre ATT&CK techniques and sub-techniques that show how to set up and use mail servers for tasks such as mail forwarding, dumping and creating a C2 server.

Plans & pricing

Infosec Skills Personal

$299 / year

Buy Now 7-Day Free Trial
  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

Book a Meeting
  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Learn about scholarships and financing with

Affirm logo

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments
Start a Free Trial