LAB 323 - ATT&CK: Exploiting Vulnerable Java Web Application Server Software

Course Details

Course Number: LAB 323

Course Duration: 12 minutes

Course CPE Credits: 0.24

NICE Specialty Areas

Risk Management (RSK)
Securely Provision (SP)
Software Development (DEV)

Related Subject Matter

Java
MITRE ATT&CK
OWASP ASVS
OWASP Web
Skill Labs
Web

Foreign Languages Available:

English

Course Overview

This lab simulates a Lack of Resources & Rate Limiting vulnerability found in the LetSee Cyber Range. The challenge includes an Online Marketplace app that fails to implement the security principle of “Establish Secure Defaults”.

Within a virtual machine, participants will analyze code to identify and mitigate instances of “Failure to enforce strong password policy”.

The objective of this lab is to apply ATT&CK Techniques T1190 Exploit Public-Facing Application” and “T1133 External Remote Services”.

Ready to Demo this course? Questions? Contact Us!