Cyber Range

MITRE ATT&CK: Defense Evasion Cyber Range

Defense Evasion consists of techniques that adversaries use to avoid detection throughout their compromise.

5 hours, 30 minutes

Get Started

The labs

Train hands-on

  • MITRE ATT&CK – Defense Evasion – Deobfuscate/Decode Files or Information

    This lab incorporates the MITRE ATT&CK Deobfuscate/Decode Files or Information technique.

  • MITRE ATT&CK – Defense Evasion – Dynamic Linker Hijacking

    Adversaries execute malicious payloads by hijacking the dynamic linker that loads shared libraries. The libraries specified into system files or environment variables always are loaded first, taking precedence over existing system libraries with the same function names.

  • MITRE ATT&CK – Defense Evasion – HTML Smuggling Attack

    This lab incorporates a series of Mitre ATT&CK techniques and sub-techniques to show how adversaries may abuse JavaScript Blobs and HTML5 download attributes to deliver payloads.

  • MITRE ATT&CK – Defense Evasion – Metasploit Payload Generation

    This lab incorporates a series of Mitre ATT&CK techniques and sub-techniques to show how adversaries may use the Metasploit framework to generate a variety of payloads.

  • MITRE ATT&CK – Defense Evasion – Process Injection

    Learn how to execute malicious code in the address space of a separate live process

  • MITRE ATT&CK – Defense Evasion – Reflective Code Loading

    Learn how to execute file-based malware without touching the disk.

  • MITRE ATT&CK – Defense Evasion – Steganography

    This lab incorporates a series of Mitre ATT&CK techniques and sub-techniques to show how adversaries may use Steganography to hide malicious files inside images.

  • MITRE ATT&CK – Defense Evasion – XOR Encryption

    This lab incorporates a series of Mitre ATT&CK techniques and sub-techniques to show how adversaries may use XOR Encryption to obfuscated and deobfuscate files or information.

  • MITRE ATT&CK – Defense Evasion – Bypassing IDS Signatures

    This lab incorporates the MITRE ATT&CK techniques to guide students on bypassing IDS signatures and security mechanisms using the Caesar algorithm.This will be done using tools and utilities such as wireshark and powercat while obfuscating traffic between machines.

  • MITRE ATT&CK – Defense Evasion – Invoke-Obfuscation

    This lab incorporates the MITRE ATT&CK Obfuscated Files or Information technique, guiding learners on how adversaries may take advantage of PowerShell features to create confusion and obfuscate malicious commands.The learner will use tools and utilities such as revshell-generator, invoke-obfuscation and netcat in this lab.

  • MITRE ATT&CK – Defense Evasion – Masquerading

    This lab incorporates the MITRE ATT&CK Masquerading technique showcasing various techniques to manipulate features of artifacts to make them appear legitimate or benign to users and security tools.These techniques include learning how to abuse the RTLO character, renaming system utilities, disguising malware and operating without leaving a trace on the victim’s machine.

You're in good company

CY

We use Infosec Skills to provide continuous training to our technicians and to prepare them for various certifications. Infosec Skills allows us to create personalized training programs that focus on each of our technicians’ particular roles and see their progress as they take courses. We also, recommend it to clients to make their IT support teams better.

Caleb Yankus

DS

This has been utilized to bridge the skills gap across our cyber team and to aid them as they prepare for their various certifications. It also has provided a nice learning foundation for our various cyber team members to utilize as we continue to find ways for cross-utilization with operations while minimizing the downtime needed to ensure everyone’s knowledge is the same.

Daniel Simpson

IS

We use Infosec Skills to provide base level knowledge for employees. We also use the services to provide in depth learning for employees as they encounter new technologies. If an employee is is assigned to a new project, we can rely on Infosec Skills to provide a rapid concentrated learning environment. This rapid concentrated learning positions our employees for success.

Infosec Skills Teams client

Plans & pricing

  • Infosec Skills Personal

    $299 / year
    Buy Now 7-Day Free Trial
    • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
    • 100s of hands-on labs in cloud-hosted cyber ranges
    • Custom certification practice exams (e.g., CISSP, Security+)
    • Skill assessments
    • Infosec peer community support

  • Infosec Skills Teams

    $799 per license / year
    Book a Meeting
    • Team administration and reporting
    • Dedicated client success manager
    • Single sign-on (SSO)
      Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
    • Integrations via API
      Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
    • 190+ role-guided learning paths and assessments (e.g., Incident Response)
    • 100s of hands-on labs in cloud-hosted cyber ranges
    • Create and assign custom learning paths
    • Custom certification practice exams (e.g., CISSP, CISA)
    • Optional upgrade: Guarantee team certification with live boot camps

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments
Start Free Trial