Coming mid-July
Cybrary Reimagined.
People first, Security first.
Coming mid-July.
Cybrary Reimagined.
Celebrate Cybersecurity Awareness Month with our buy 2, get 1 offer!
People first, Security first.
Valid until October 31. Elevate your skills today!
Start for free

Spinning a Web Shell for Initial Access

Certain threat actors specialize in targeting vulnerable web servers and gain initial access by exploiting public-facing applications. Then they act as access brokers for ransomware gangs. Such campaigns highlight the need to protect against known vulnerabilities. Understanding these techniques is key to protecting your organization.

Campaign Outline

Threat Actor Campaigns are comprised of multiple MITRE ATT&CK aligned courses. Click on a course below to learn more.

Overview

Threat actors will often perform Active Scanning to learn the landscape of a victim's network and plan their next steps. One of those next steps could be exploiting vulnerable public-facing applications to gain access and pursue their end-goals. Master the skills to detect and mitigate these techniques and secure your network.

Overview

Bad actors can gain persistence on your network by abusing software development features that allow legitimate developers to extend server applications. In this way, they can install malicious code for later use. Learn to detect and thwart this activity and protect your network.

Overview

Once attackers have a presence on your system, they may dump credentials from the operating system to gain further access and perform lateral movement. Learn to detect and dump attackers in this lab-based course.

Overview

Financially motivated adversaries will often steal valuable data and exfiltrate it over an alternate protocol like FTP, SMTP or, HTTP/S. They could also encrypt or obfuscate these alternate channels to protect their nefarious activities. Learn to exfiltrate the attackers by detecting and mitigating these techniques.