MITRE ATT&CK: Resource Development Cyber Range

Learn the resource development tactics outlined in the MITRE ATT&CK framework.

5 hours, 30 minutes

The Labs

Train hands-on

  • MITRE ATT&CK - Resource Development - Building Custom Tools

    30 minutes
    Understanding how tools are built allow a user to modify those tools to their needs or create new tools for the task at hand. This lab teaches the user to re-create functionality of known tools such as Nmap and Netcat as well as tools that can be used for enumeration and vulnerability scanning.
  • MITRE ATT&CK - Resource Development - Compromising Accounts

    30 minutes
    Information Technology and its staff are committed to ensuring a safe and secure computing environment for employees and students. To this end, there are instances where computer accounts must be disabled to protect the account, its owner and to protect sensitive information that resides on administrative and academic computing resources. In some cases, compromise of these accounts can be caused by simple information leakage or profiling techniques, which give attackers the possibility to break in.
  • MITRE ATT&CK - Resource Development - Drive-by Scenarios

    30 minutes
    This lab incorporates a series of Mitre ATT&CK techniques and sub techniques to show several drive-by attack scenarios and learn how to identify them.
  • MITRE ATT&CK - Resource Development - Establishing Accounts

    30 minutes
    This lab incorporates a series of Mitre ATT&CK techniques and sub techniques to identify and access website resources that could contain information of value. That information will be used to compromise accounts and establish access to target servers.
  • MITRE ATT&CK - Resource Development - Malicious APK

    30 minutes
    Android Package (APK) is the Android application package file format. This package is used by the Android operating system and many other Android-based operating systems to distribute and install mobile apps, mobile games, and middleware. The APK files install apps on the system. Therefore, they pose a severe security threat. Adversaries with malicious intentions could modify the APK before prior to its installation and use it as a digital Trojan to install and run malware.
  • MITRE ATT&CK - Resource Development - Malicious Linux Packages

    30 minutes
    Debian is a robust and reliable system that uses APT as its default package manager. The APT package manager handles how software packages are downloaded and installed on Linux systems, including Debian and Ubuntu. Unofficial package repositories replace any package they want freely, and there is no clear trust path between the user and the developer. The adversaries usually exploit Debian-based systems by creating malicious repositories for the APT packet manager and distributing them to the victims. Once exploited, the vector of attacks proprietary increases.
  • MITRE ATT&CK - Resource Development - Python-based Command and Control server

    30 minutes
    This lab shows how to develop a stable Python-based Command and Control Server using the socket library and creating a reusable script which can be converted into an executable to be run on different targets.
  • MITRE ATT&CK - Resource Development - Python-based Keylogger

    30 minutes
    Learn and create a Python-based keylogger utilizing Object-oriented programming principles to email the keystrokes to the user using a mail server as the information gathering unit.
  • MITRE ATT&CK - Resource Development - Stored Firefox Credentials

    30 minutes
    This lab incorporates a series of Mitre ATT&CK techniques and sub techniques to show how they can be intertwined to steal saved credentials from firefox.
  • MITRE ATT&CK - Resource Development - Web-based Command and Control Server

    30 minutes
    This lab entails a series of Mitre ATT&CK techniques and sub techniques with the aim of learning how a compromised web server can be used as a Command and Control server to launch attacks to other targets.
  • MITRE ATT&CK - Resource Development - Webshells

    30 minutes
    In this lab, the student learns to develop and stage several webshells and how to determine which webshell should be uploaded to a web server. The compromised infrastructure is then used to deploy drive-by attacks.

Plans & pricing

Infosec Skills Personal

$299 / year

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Learn about scholarships and financing with

Affirm logo

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments