Active Scanning and Exploit Public-Facing Application

Threat actors will often perform Active Scanning to learn the landscape of a victim's network and plan their next steps. One of those next steps could be exploiting vulnerable public-facing applications to gain access and pursue their end-goals. Master the skills to detect and mitigate these techniques and secure your network.

Course Content

What is Active Scanning?


Active Scanning and Exploit Public Application
Campaign Overview


Prophet Spider Introduction
What is Exploit Public Application?


Active Scanning and Exploit Public Application
Detection, Validation, and Mitigation (Lab)


Active Scanning and Exploit Public Application
Course Description

By performing reconnaissance through active scanning, threat actors can gain a lot of useful informatoin about your organization and network. They may find open websites and database and make a plan to attack them. Next, they move on to exploit known vulnerabilities in public-facing applications. The flaws they take advantage of could affect your databases, services, or management protocols. Sometimes threat actors like Prophet Spider will gain access to your system and then sell that access to other bad actors, such as ransomware gangs.

It is vitally important to learn how to detect and mitigate these types of techniques to protect your organization.

Get the hands-on skills you need to detect and mitigate this attack in Cybrary's MITRE ATT&CK Framework courses aligned to the tactics and techniques used by the financially motivated threat group Prophet Spider. Prevent adversaries from accomplishing the tactics of Reconnaissance and Initial Access in your environment today.

This course is part of a Career Path:
No items found.

Instructed by

Master Instructor
Matthew Mullins

Matt has led multiple Red Team engagements, ranging from a few weeks to a year and covering multiple security domains. Outside of Red Teaming, Matt is also a seasoned penetration tester with interests in: AppSec, OSINT, Hardware, Wifi, Social Engineering, and Physical Security. Matt has a Master's degree in Information Assurance and an exhaustive number of certifications ranging from frameworks, management, and hands-on hacking. Matt is a Technical SME at Cybrary, focusing on Adversarial Emulation and Red Teaming for course content.

Chris Daywalt

After too many years of security operations work, Chris Daywalt tries to turn his phone off at 5:00 pm EST. While there are a bunch of training classes and education somewhere on his resume, much of what he has to teach was learned at the school of hard knocks, often at the expense of his previous clients. He wants to help you spend more time detecting and denying adversaries and less time banging your head against your keyboard. He dips his blueberry donuts in orange juice.

Chris’ 19-year career includes work for organizations of all sizes, both government and private sector, and is distributed roughly like so:

  • 30% doing DFIR
  • 30% teaching DFIR
  • 20% monitoring and detection engineering
  • 15% risk assessment
  • 5% other stuff, like sneaking in a game of Plants vs. Zombies or taking a quick nap at the desk (Don’t judge - I work overtime)

    Cybrary Logo
    Certification Body
    Certificate of Completion

    Complete this entire course to earn a Active Scanning and Exploit Public-Facing Application Certificate of Completion