• Close
  • Training
    • CMD+CTRL Base Camp
    • SI-CSC Certification
    • Courses
      • Overview
      • Features
      • Learning Paths
      • Course Catalog
      • Customer Success
      • Try it
    • Labs
    • Cyber Range
      • Overview
      • Environments & Modes
      • Reporting
      • Customer Success
      • Get Started
    • Try it | Lab Journey series
    • Try it | Take the AppSec Challenge
  • Services
    • Overview
    • Software Penetration Testing
      • IoT Pen Testing
      • Mobile Pen Testing
      • Cloud & Web Penetration Testing
      • Blockchain Pen Testing
      • Our Difference
    • Application Security Consulting
      • Secure SDLC (SSDLC) Consulting
      • Application Security Code Review
      • Architecture & Design Review
      • Medical Device Threat Modeling
    • Infrastructure Security Consulting
      • Attack Simulation
      • Cloud Security Configuration
      • Security Tabletop Consulting
  • Solutions
    • Cloud & Web
    • Mobile
    • IoT & Embedded
    • Blockchain
  • Resources
    • Ed TALKS
    • White Papers, Tipsheets, & Case Studies
    • Webinars
  • About Us
    • Company Overview
    • 20 Years of Innovation
    • Closing the Skills Gap
    • Diversity, Equity & Inclusion
    • Clients
    • Leadership
    • Careers
    • News & Events
    • Contact
  • Let’s Talk
  • Request a Demo
  • We’re Hiring
  • Blog
  • Course Catalog
Security Innovation
  • Request a Demo
  • We’re Hiring
  • Blog
  • Course Catalog
  • Training
    • CMD+CTRL Base Camp
    • SI-CSC Certification
    • Courses
      • Overview
      • Features
      • Learning Paths
      • Course Catalog
      • Customer Success
      • Try it
    • Labs
    • Cyber Range
      • Overview
      • Environments & Modes
      • Reporting
      • Customer Success
      • Get Started
    • Try it | Lab Journey series
    • Try it | Take the AppSec Challenge
  • Services
    • Overview
    • Software Penetration Testing
      • IoT Pen Testing
      • Mobile Pen Testing
      • Cloud & Web Penetration Testing
      • Blockchain Pen Testing
      • Our Difference
    • Application Security Consulting
      • Secure SDLC (SSDLC) Consulting
      • Application Security Code Review
      • Architecture & Design Review
      • Medical Device Threat Modeling
    • Infrastructure Security Consulting
      • Attack Simulation
      • Cloud Security Configuration
      • Security Tabletop Consulting
  • Solutions
    • Cloud & Web
    • Mobile
    • IoT & Embedded
    • Blockchain
  • Resources
    • Ed TALKS
    • White Papers, Tipsheets, & Case Studies
    • Webinars
  • About Us
    • Company Overview
    • 20 Years of Innovation
    • Closing the Skills Gap
    • Diversity, Equity & Inclusion
    • Clients
    • Leadership
    • Careers
    • News & Events
    • Contact
  • Let’s Talk

Course Catalog / Subject / MITRE ATT&CK

MITRE ATT&CK

View All Courses     Download Course Catalog

CYB 250 – Cyber Threat Hunting: Tactics, Techniques, and Procedures (TTP)


20 Minutes
Advanced

DES 232 – Mitigating OWASP 2021 Injection


12 Minutes
Advanced

LAB 111 – Identifying Server-Side Request Forgery


5 Minutes
Advanced

LAB 124 – Identifying Horizontal Privilege Escalation


5 Minutes
Advanced

LAB 125 – Identifying Buffer Overflow


5 Minutes
Advanced

LAB 126 – Identifying Information Leakage


5 Minutes
Advanced

LAB 131 – Identifying Improper Restriction of XML External Entity Reference


5 Minutes
Elective

LAB 132 – Identifying Exposed Services


5 Minutes
Elective

LAB 133 – Identifying Exposure of Sensitive Information Through Environmental Variables


5 Minutes

LAB 134 – Identifying Plaintext Storage of a Password


5 Minutes

LAB 135 – Identifying URL Redirection to Untrusted Site


5 Minutes

LAB 136 – Identifying Improper Neutralization of Script in Attributes in a Web Page


5 Minutes

LAB 137 – Identifying Improper Authorization (NEW)


5 Minutes
Advanced

LAB 139 – Identifying Use of a Key Past its Expiration Date (NEW)


5 Minutes
Advanced

LAB 211 – Defending Java Applications Against Credentials in Code Medium


10 Minutes
Advanced

LAB 212 – Defending Python Applications Against Credentials in Code Medium


10 Minutes
Advanced

LAB 213 – Defending Node.js Applications Against Credentials in Code Medium


10 Minutes
Advanced

LAB 214 – Defending C# Applications Against Credentials in Code Medium


10 Minutes
Advanced

LAB 215 – Defending Java Applications Against Business Logic Error for Input Validation


10 Minutes
Advanced

LAB 216 – Defending Python Applications Against Business Logic Error for Input Validation


10 Minutes
Advanced

LAB 217 – Defending Node.js Applications Against Business Logic Error for Input Validation


10 Minutes
Advanced

LAB 218 – Defending C# Applications Against Business Logic Error for Input Validation


10 Minutes
Advanced

LAB 224 – Defending Java Applications Against Forceful Browsing


10 Minutes
Advanced

LAB 225 – Defending Python Applications Against Forceful Browsing


10 Minutes
Advanced

LAB 226 – Defending Node.js Applications Against Forceful Browsing


10 Minutes
Advanced

LAB 227 – Defending C# Applications Against Forceful Browsing


10 Minutes
Advanced

LAB 310 – ATT&CK: File and Directory Permissions Modification


12 Minutes
Elite

LAB 311 – ATT&CK: File and Directory Discovery


12 Minutes
Elite

LAB 312 – ATT&CK: Testing for Network Services Identification (NEW)


12 Minutes
Elite

LAB 313 – ATT&CK: Testing for Vulnerability Identification Using Vulnerability Databases (NEW)


12 Minutes
Elite

LAB 315 – ATT&CK: Updating Vulnerable Java Web Application Server Software


12 Minutes
Elite

LAB 321 – ATT&CK: Password Cracking


5 Minutes
Elite

LAB 322 – ATT&CK: Exploiting Windows File Sharing Server with External Remote Services


20 Minutes
Elite

LAB 323 – ATT&CK: Exploiting Vulnerable Java Web Application Server Software


12 Minutes
Elite

LAB 324 – ATT&CK: Exploiting Java Web Application Server Misconfiguration


12 Minutes
Elite

LAB 330 – ATT&CK: Exploiting Java SQL Injection to Extract Password Hashes


15 Minutes
Elite

LAB 331 – ATT&CK: Network Service Discovery


12 Minutes
Elite

LAB 332 – ATT&CK: Network Share Discovery


12 Minutes
Elite

LAB 334 – ATT&CK: Create Account


12 Minutes
Elite

LAB 335 – ATT&CK: Unsecured Credentials


12 Minutes
Elite

LAB 336 – ATT&CK: Data from Local System


12 Minutes
Elite

LAB 337 – ATT&CK: Valid Accounts


12 Minutes
Elite

Security Innovation

Company Links

  • Training
  • Services
  • Solutions
  • Resources
  • About Us

Offices

Headquarters – Boston, MA
187 Ballardvale Street, Suite A195
Wilmington, MA 01887

Phone: +1.877.839.7598
Sales: 1.877.839.7598 x1
Support: 1.877.839.7598 x2
Email: Support
Email: PR

Pune, India
516 World Trade Center – Tower 2
Kharadi, Pune, MH 411014
Phone: +91 820 840 1411
Email: India Sales

Seattle, WA
1511 3rd Ave #808
Seattle, WA 98101

Copyright © Security Innovation, Inc. All Rights Reserved.
Privacy Policy  |  Vulnerability Disclosure  |