Category Course Module Catalog · Categories contain courses that group training modules based on common topic. For example, in the DevOps category, the Web Hosting course contains

Category/Course/Module Catalog

September 2020

Table of Contents

Category/Course/Module Mapping 5

Tutorial 5

Platform Tutorial 5

Web Application Security Essentials 5

Injection: OS Command Injection 5

Injection: SQL Injection 5

Sensitive Data Exposure 5

Injection: NoSQL Injection 6

Security Misconfiguration Cookie Security 6

Cross-Site Scripting XSS 6

Insecure Deserialization 6

Broken Access Control: Insecure Direct Object Reference 7

Broken Access Control: Path Traversal 7

Broken Access Control: Unrestricted File Upload 7

XML External Entities (XXE) 7

Broken Authentication JSON Web Token Security 7

Injection: ReDoS 7

DevOps 8

Linux OS Management 8

Web Hosting 8

Docker 8

Data Backup 8

Kubernetes 8

SOC 9

Credential Access 9

Yara 9

Suricata 9

Regular Expressions 9

Privilege Escalation: SUID Bit 10

Discovery: Nmap 10

Initial Access: Port Knocking 10

Discovery: Miscellaneous 10

Privilege Escalation: Miscellaneous 10

SOC: Miscellaneous 11

2

Lateral Movement 11

Reverse Engineering 11

Microsoft 12

Microsoft OS Management 12

Microsoft Security Operations 12

Commercial Security Solutions 12

SOC Solutions 12

Miscellaneous 12

Challenges 12

Learning Path Assessments 13

BETA Modules 13

Security Awareness 15

Account Security 15

Data Security 15

Email Security 15

Internet Security 15

Physical Security 15

Social Engineering 15

Malware 15

Course Descriptions 16

Platform Tutorial 16

Injection: OS Command Injection 16

Injection: SQL Injection 16

Sensitive Data Exposure 17

Injection: NoSQL Injection 17

Security Misconfiguration: Cookie Security 17

Cross-Site Scripting XSS 18

Insecure Deserialization 18

Broken Access Control: Insecure Direct Object Reference 19

Broken Access Control: Path Traversal 19

Broken Access Control: Unrestricted File Upload 19

XML External Entities (XXE) 20

Broken Authentication: JSON Web Token Security 20

Injection: ReDoS 20

Linux OS Management 21

3

Web Hosting 21

Docker 21

Data Backup 22

Kubernetes 22

Credential Access 22

Yara 23

Suricata 23

Regular Expressions 23

Privilege Escalation: SUID Bit 24

Discovery: Nmap 24

Initial Access: Port Knocking 24

Discovery: Miscellaneous 25

Privilege Escalation: Miscellaneous 25

SOC: Miscellaneous 26

Lateral Movement 26

Reverse Engineering 26

Microsoft Logging 27

Microsoft Security Operations 27

SOC Solutions 27

Challenges 28

Learning Path Assessments 28

BETA Modules 28

Account Security (Security Awareness) 29

Data Security (Security Awareness) 29

Data Security (Security Awareness) 29

Internet Security (Security Awareness) 29

Physical Security (Security Awareness) 30

Social Engineering (Security Awareness) 30

Malware (Security Awareness) 30

4

Category/Course/Module Mapping Training content in the RangeForce platform is organized into categories, courses, and modules. Categories are created to encompass specific technologies, learning paths, or cybersecurity roles. Categories contain courses that group training modules based on common topic. For example, in the DevOps category, the Web Hosting course contains modules on Apache and Nginx HTTPS security. Below you will find all the available categories, with the courses and associated modules.

Tutorial

Platform Tutorial

● Module Tutorial

Web Application Security Essentials

Injection: OS Command Injection ● Command Injection: Find & Exploit (PHP) ● Command Injection: Fix (PHP) ● Blind Command Injection: Find & Exploit (NodeJS) ● Blind Command Injection: Fix (NodeJS)

Injection: SQL Injection

● SQL Injection: Prelude ● SQL Injection: Authentication ● SQL Injection: Union Select ● Blind SQL Injection: Find & Exploit

Sensitive Data Exposure

● API Security: Exposed Tokens ● Exposed Git Repository ● Path Traversal: Find & Exploit (PHP) ● Path Traversal: Fix (PHP) ● Path Traversal: Find & Exploit (NodeJS) ● Path Traversal: Fix (NodeJS)

5

Injection: NoSQL Injection

● Blind NoSQL Injection: Find & Exploit (Meteor) ● NoSQL Injection 1: Find ● NoSQL Injection 1: Exploit ● NoSQL Injection 1: Fix ● NoSQL Injection 2: Exploit ● NoSQL Injection 2: Fix

Security Misconfiguration Cookie Security

● Cookie Security: HttpOnly: Find & Exploit (PHP) ● Cookie Security: HttpOnly: Fix (PHP) ● Cookie Security: HttpOnly: Find & Exploit (NodeJS) ● Cookie Security: HttpOnly: Fix (NodeJS) ● Cookie Security: Secure: Find & Exploit (PHP) ● Cookie Security: Secure: Fix (PHP) ● Cookie Security: Secure: Find & Exploit (NodeJS) ● Cookie Security: Secure: Fix (NodeJS)

Cross-Site Scripting XSS

● DOM-based XSS: Find & Exploit (JavaScript) ● DOM-based XSS: Fix (JavaScript) ● XSS Filter Evasion: Find & Exploit (PHP) ● XSS Filter Evasion: Fix (PHP) ● XSS: Reflected ● XSS: Stored ● XSS: Stored-based Phishing

Insecure Deserialization

● Insecure Deserialization (Java) ● WASE Learning – PHP Serialization

6

Broken Access Control: Insecure Direct Object Reference

● Insecure Direct Object References: Find & Exploit (PHP) ● Insecure Direct Object References: Fix (PHP) ● Insecure Direct Object References: Find & Exploit (NodeJS) ● Insecure Direct Object References: Fix (NodeJS) ● Insecure Direct Object References 2: Exploit (PHP) ● Insecure Direct Object References 2: Fix

Broken Access Control: Path Traversal

● Path Traversal: Find & Exploit (PHP) ● Path Traversal: Fix (PHP) ● Path Traversal: Find & Exploit (NodeJS) ● Path Traversal: Fix (NodeJS)

Broken Access Control: Unrestricted File Upload

● Unrestricted File Upload: Find & Exploit (PHP) ● Unrestricted File Upload: Fix (PHP) ● Unrestricted File Upload: Find & Exploit (NodeJS) ● Unrestricted File Upload: Fix (NodeJS)

XML External Entities (XXE)

● XML External Entities (Java) ● XXE RCE Using PHP Expect

Broken Authentication JSON Web Token Security

● JSON Web Token Security ● JWT 1 (Challenge) ● JWT 2 (Challenge) ● JWT 3 (Challenge)

Injection: ReDoS

7

● ReDos

DevOps

Linux OS Management

● User Management ● File Management ● Software Management ● DevOps – System Info Gathering ● DevOps – Basic Bash Scripting ● Linux CLI Fundamentals (Challenge)

Web Hosting

● Web Hosting Basics (Apache) ● HTTPS Security: Introduction ● HTTPS Security: Apache ● HTTPS Security: Nginx

Docker

● Docker Introduction ● Docker Dockerfile ● Docker Networking ● Docker RunC Container Escape CVE-2019-5736 ● Docker RunC Container Escape ● Privilege Escalation: Docker Group ● Docker: Run Container as Unprivileged User

Data Backup

● DevOps – Backup & Recovery: Rsync ● DevOps – Backup & Recovery: BorgBackup

Kubernetes

● Kubernetes Overview

8

● Kubernetes Introduction

SOC

Credential Access

● Brute-force Defense ● Password Cracking ● Password Cracking 2 ● Exposed and Reused Credentials – Basic ● Exposed and Reused Credentials – Advanced: Phishing ● Exposed and Reused Credentials – Advanced: SSH Pass ● Security Tools – Password Spraying ● SOC Challenge - Exposed and Reused Credentials (Challenge)

Yara

● Yara Overview ● Yara Introduction ● Yara Rule Management ● Yara Rule Generation ● Yara Rule Writing

Suricata

● IDS/IPS: Suricata Basics ● IDS/IPS: Suricata IDS Rules ● IDS/IPS: Suricata IPS Rules ● IDS/IPS: Suricata Rule Management ● Bulkhead (Challenge)

Regular Expressions

● Regular Expressions: Basic ● Regular Expressions: Intermediate ● Regular Expressions: Advanced

9

Privilege Escalation: SUID Bit

● Privilege Escalation: SUID Bit 1 ● Privilege Escalation: SUID Bit 2 ● Privilege Escalation: SUID Bit 3 ● Privilege Escalation: SUID Bit (Challenge)

Discovery: Nmap

● Nmap: Basics ● Nmap: SMB Enumeration ● Nmap: SNMP Enumeration ● Nmap: SSH Enumeration ● Security Tools – Nmap: NFS Enumeration ● SOC Challenge – Mountaineer (Challenge) ● Grasshopper (Challenge)

Initial Access: Port Knocking

● Port Knocking ● Port Knock Sniffing ● Port Knox (Challenge)

Discovery: Miscellaneous

● GoBuster ● Nikto ● NoSQLMap ● PCAP Forensics: Wireshark ● SSH – Audit ● Sudo Killer ● TruffleHog ● Security Tools - TCPDump ● TShark Basics

Privilege Escalation: Miscellaneous

● Docker RunC Container Escape CVE-2019-5736 ● Privilege Escalation: Docker Group ● Privilege Escalation: Kernel Exploit (Dirty Cow) CVE-2016-5195

10

● Privilege Escalation: Linux Capabilities ● Privilege Escalation: LXD Group ● Privilege Escalation: Misconfigured PATH ● Privilege Escalation: Wildcard Injection ● SOC – Privilege Escalation: Misconfigured Cron Script Permissions ● Docker Privileged Container Escape ● Shellshock

SOC: Miscellaneous

● Security Introduction ● Malware Analysis ● Visual Spoofing ● OpenSMTPD Remote Code Execution CVE-2020-7247 ● Metasploit Basics ● OpenVPN AS ● KeePassXC ● Keygen ● PCAP Forensics TShark ● Privilege Escalation: Overprivileged Process ● Auto-Compression ● GnuTLS CVE-2020-13777 ● Kernel Exploit (Chocobo Root) CVE-2016-8655 ● Linux Syslog ● Introduction to the SOC

Lateral Movement

● ProxyChains ● Grasshopper (Challenge) ● Port Knox (Challenge)

Reverse Engineering

● SOC – Reverse Engineering 1 ● SOC – Reverse Engineering 2 ● SOC – Reverse Engineering 3 ● SOC Challenge – Keygen (Challenge)

11

Microsoft

Microsoft OS Management

● MS DevOps – PowerShell Introduction ● MS DevOps – PowerShell Basics – Part 1 ● MS SOC – Windows Event Logs ● MS SOC – PowerShell Logging

Microsoft Security Operations

● NTLM Authentication ● Pass the Hash ● Fiddler ● Active Directory Rights Management ● PowerShell Introduction ● PowerShell Basics – Part 1 ● Sysinternals Sysmon ● Active Directory GPO ● Sysinternals Procmon ● Voidtools Everything

Commercial Security Solutions

SOC Solutions

● Security Tools - Recorded Future: Browser Extension ● Security Tools - Malware Analysis: VirusTotal ● Security Tools - Splunk Basics ● Security Tools - Splunk: Fields and Transforms ● Security Tools - Splunk: Alerts

Miscellaneous

Challenges

● Backdoor 1 ● Backdoor 2 ● Backdoor 3 ● Beta

12

● Botnet Takedown ● Bulkhead ● Daikon ● Fl4gPrint3r ● Joker ● LabTube ● System Compromised ● Uncontained ● Visual Spoofing ● Webmin ● Alpha LVL1 ● Alpha LVL2 ● Alpha LVL3 ● Delta LVL1 ● Delta LVL2 ● Delta LVL3 ● Delta LVL4 ● Gamma LVL1 ● Gamma LVL2 ● Gamma LVL3 ● Kappa ● Phone ● Spider ● Linux Networking Fundamentals ● Security and Protection Fundamentals ● Socat ● Privilege Escalation: Miscombobulations ● PHP Serialization

Learning Path Assessments

● SOC Level 1 Assessment ● SOC Level 2 Assessment ● Threat Hunter Assessment ● OWASP Assessment

BETA Modules

● PowerShell Code Signing ● Sysmon: Process Injection ● Ansible Introduction

13

● Wireshark Basics ● Kubernetes Deployment and Scaling ● AWS Instance Metadata SSRF ● Apache Struts CVE-2017-5638 ● Blind XML External Entities ● Remote Code Execution Introduction ● PKI Web Cert Template ● Insecure PRNG ● npm audit ● Splunk: Alerts ● Docker Persistent Data: Named Volumes ● Introduction to Injection Attacks ● FIrewall Policies: IPTables ● Netcat Introduction ● Password Security In-Depth ● Carbon Black Endpoint Security - Analyst 1 ● PKI Web Server Cert Enrollment ● Snyk ● LOKI IOC Scanner ● Splunk Webapp IR: Brute Force Detection ● Kubernetes: NodePort and LoadBalancer Services ● Kubernetes ClusterIP Service ● Carbon Black Endpoint - Analyst 2 ● Understanding the Threat Landscape ● Introduction to SIEM and SOAR ● Kubernetes Generators ● Privilege Escalation Introduction ● Powershell Basics - Part 2 ● WASE Challenge - OWASP Capstone ● SOC - PostgreSQL Arbitrary Code Execution CVE-2019-9193 ● Kubernetes YAML File ● Docker Persistent Data: Bind Mounts ● Splunk: Visualizations ● Yextend ● Investigations with Wireshark ● Introduction to Password Cracking Countermeasures ● Introduction to Log Management with the Systemd Journal ● Weak and Reused Credentials ● Introduction to Email Based Threats ● Ransomware Overview ● The Building Blocks of Infosec ● Lateral Movement Overview

14

Security Awareness

Account Security

● Passwords ● Passphrases ● Multi-Factor Authentication

Data Security

● Data Leaks ● GDPR ● Handling Confidential Material

Email Security

● Spear Phishing ● Malicious Attachments ● Spyware in Attachments

Internet Security

● HTTPS

Physical Security

● HTTPS

Social Engineering

● Tailgating ● Unattended Computers

Malware

● Ransomware ● Spyware

15

Course Descriptions If you require more information about the courses detailed in the Category/Course/Module Mapping section, you can reference the overview, prerequisites, and learning outcomes here.

Platform Tutorial Introduction to the RangeForce platform and the Virtual Teaching Assistant.

PREREQUISITES

● None

LEARNING OUTCOMES

● Learner understands how to navigate the Virtual Teaching Assistant.

Injection: OS Command Injection Command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application. This course will teach you about command injection and blind command injection.

PREREQUISITES

● Basic knowledge on how to use the Linux CLI. ● Knowledge on how to use a Linux CLI text editor such as nano or vim.

LEARNING OUTCOMES

● Learner understands the concept of command injections. ● Learner understands the concept of blind command injections. ● Learner understands how to find, exploit and fix command injection vulnerabilities.

Injection: SQL Injection This course will teach you about the SQL injection vulnerability. An SQL injection attack consists of insertion or “injection” of an SQL query via the input data from the client to the application. A successful SQL injection exploit can read sensitive data from the database, modify database data and even execute administration operations on the database.

PREREQUISITES

● Basic knowledge of the Structured Query Language (SQL).

16

● Basic knowledge on how to use the Linux CLI.

LEARNING OUTCOMES

● Learner understands the concept of an SQL injection. ● Learner understands how to find, exploit and fix SQL injection vulnerabilities.

Sensitive Data Exposure Sensitive Data Exposure occurs when an application does not adequately protect sensitive information. This course will teach you about API security and also about the dangers of exposed repositories.

PREREQUISITES


LEARNING OUTCOMES

● Learner understands the concept of sensitive data exposure. ● Learner understands how to find, exploit and fix the vulnerabilities and misconfigurations presented

in this course.

Injection: NoSQL Injection This course will teach you about the NoSQL injection vulnerability. NoSQL injection attacks may execute in different areas of an application than traditional SQL injection. The NoSQL injection vulnerability can be used by a malicious actor to access and modify sensitive data, including usernames, email addresses, password hashes and login tokens. Chained with other vulnerabilities it can lead to a full site takeover.

PREREQUISITES

● Basic knowledge of the Structured Query Language (SQL). ● Basic knowledge on how to use the Linux CLI.

LEARNING OUTCOMES

● Learner understands the concept of a NoSQL injection. ● Learner understands how to find, exploit and fix NoSQL injection vulnerabilities.

Security Misconfiguration: Cookie Security Security Misconfiguration is simply defined as failing to implement all the security controls for a server or web application, or implementing the security controls, but doing so with errors. In this course, you will learn about the dangers of misconfigured cookies.

PREREQUISITES

17

● Knows how to use Wireshark. ● Basic knowledge on the concept of XSS. ● Basic programming knowledge on Javascript. ● Basic programming knowledge on PHP.

LEARNING OUTCOMES

● Learner understands the concept of cookies and cookie security. ● Learner knows how to find, exploit and fix vulnerabilities related to misconfigured cookies.

Cross-Site Scripting XSS Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. This course will teach you about different forms of XSS.

PREREQUISITES

● Basic knowledge on how to use the Linux CLI. ● Knowledge on how to use a Linux CLI text editor such as nano or vim. ● Basic programming knowledge on Javascript.

LEARNING OUTCOMES

● Learner understands the concept of Cross-Site Scripting (XSS). ● Learner understands how to find, exploit and fix various forms of XSS vulnerabilities.

Insecure Deserialization Serialization is the process of turning some object into a data format that can be restored later. Deserialization is the reverse of that process, taking data structured from some format, and rebuilding it into an object. Insecure deserialization is a vulnerability in which an untrusted or unknown data is used to either inflict a denial of service attack (DoS attack), execute code, bypass authentication or further abuse the logic behind an application. In this course, you will learn about the Insecure deserialization vulnerability.

PREREQUISITES

● Basic knowledge on how to use the Linux CLI. ● Knowledge on how to use a Linux CLI text editor such as nano or vim. ● Basic knowledge on scripting.

LEARNING OUTCOMES

● Learner understands the concept of insecure deserialization. ● Learner understands how to find and exploit an insecure deserialization vulnerability.

18

Broken Access Control: Insecure Direct Object Reference This course will teach you about Insecure Direct Object References (also known as IDOR). Insecure Direct Object References happen when it’s possible to get direct access to different data objects within a web application which are exposed to users. As a result of this vulnerability it is possible for potential attackers to bypass authorization or access data like files or database records in the system directly.

PREREQUISITES

● Basic programming knowledge on Javascript. ● Basic programming knowledge on PHP.

LEARNING OUTCOMES

● Learner understands the concept of Insecure Direct Object References. ● Learner understand how to find, exploit and fix IDOR vulnerabilities.

Broken Access Control: Path Traversal This course will teach you about Path Traversal. A path traversal attack (also known as directory traversal) aims to access files and directories that are stored outside the web root folder.

PREREQUISITES


LEARNING OUTCOMES

● Learner understands the concept of Path Traversal. ● Learner understands how to find, exploit and fix a Path Traversal vulnerability.

Broken Access Control: Unrestricted File Upload Uploaded files represent a significant risk to applications. The first step in many attacks is to get some code to the system to be attacked. Then the attack only needs to find a way to get the code executed. Using a file upload helps the attacker accomplish the first step. In this course, you will learn about the Unrestricted File Upload vulnerability.

PREREQUISITES


LEARNING OUTCOMES

● Learner understands the concept of the Unrestricted File Upload vulnerability. ● Learner understands how to find, exploit and fix an Unrestricted File Upload vulnerability.

19

XML External Entities (XXE) An XML External Entity attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts. In this course, you will learn about the XXE vulnerability.

PREREQUISITES

● Basic knowledge of Java. ● Basic knowledge on how to use the Linux CLI.

LEARNING OUTCOMES

● Learner understands the concept of XXE. ● Learner understands how to find, exploit and fix XXE vulnerabilities.

Broken Authentication: JSON Web Token Security JSON Web Tokens (JWT) are commonly used to implement authentication and authorization on websites and APIs. In this course, you will learn how to identify, decode and create tokens, and also how to exploit common vulnerabilities in JSON Web Token implementations.

PREREQUISITES


LEARNING OUTCOMES

● Learner understands the concept of JSON Web Tokens. ● Learner understands how to identify, decode and exploit common vulnerabilities in JSON Web Token

implementations.

Injection: ReDoS In this course, you will learn about Regular expression Denial of Service (ReDoS). ReDoS is a Denial of Service attack, that exploits the fact that most Regular Expression implementations may reach extreme situations that cause them to work very slowly (exponentially related to input size). An attacker can then cause a program using a Regular Expression to enter these extreme situations and then hang for a very long time.

PREREQUISITES

● Basic knowledge on how to use the Linux CLI. ● Knowledge on how to use a Linux CLI text editor such as nano or vim. ● Basic programming knowledge on Javascript.

20

Linux OS Management This course will teach you the basic skills of Linux administration.

PREREQUISITES

● Basic knowledge on how to use the Linux CLI. ● Knowledge of how to use a Linux CLI text editor such as nano or vim.

LEARNING OUTCOMES

● Learner understands the basics of Linux administration. ● Learner understands how to manage users, files and software using the Linux CLI.

Web Hosting In this course, you will learn how to set up a web server. In addition to that, you will learn about the importance of using Hypertext Transfer Protocol Secure (HTTPS) and how to configure your web application to use it as well.

PREREQUISITES

● Basic knowledge on how to use the Linux CLI. ● Knowledge on how to use a Linux CLI text editor such as nano or vim. ● Knows how to use Wireshark.

LEARNING OUTCOMES

● Learner understands how to set up a web server. ● Learner understands the importance of using HTTPS over HTTP. ● Learner understands how to configure a web application to use HTTPS.

Docker This course will teach you the basics of how to use Docker. Docker is a software platform for building applications in small and lightweight execution environments called containers, which are isolated from other processes, operating system resources and kernel. Containers are assigned resources that no other process can access, and they cannot access any resources not explicitly assigned to them.

PREREQUISITES


LEARNING OUTCOMES

● Learner understands what Docker is and what it is used for. ● Learner understands how to use Docker.

21

● Learner understands the concept of containerization.

Data Backup A data backup is the result of copying or archiving files and folders for the purpose of being able to restore them in case of data loss. In this course, you will learn how to use tools like Rsync and BorgBackup for your backups.

PREREQUISITES


LEARNING OUTCOMES

● Learner understands the concept of data backups. ● Learner understands how to use different tools to back up their data.

Kubernetes This course will teach you how to use Kubernetes (K8s), an open-source system for automating deployment, scaling, and management of containerized applications.

PREREQUISITES

● Basic knowledge on how to use the Linux CLI. ● Basic knowledge about containers. ● Basic knowledge about orchestration.

LEARNING OUTCOMES

● Learner knows what is Orchestration. ● Learner knows about Kubernetes. ● Learner knows about configuring a local Kubernetes Cluster.

Credential Access This course will teach you the basics of password cracking, the dangers of exposed and reused passwords, and how to use different IPS software to protect a website from brute-force attacks.

PREREQUISITES


LEARNING OUTCOMES

● Learner understands how to use IPS software to defend against brute force attacks. ● Learner understands the dangers of exposed and reused passwords.

22

● Learner understands the basics of password cracking.

Yara In this course you will learn about YARA. YARA is a tool that identifies malware by creating descriptions that look for certain characteristics. Each description can be either a text or a binary pattern. These descriptions are called “rules”. And by using rules that specify regex patterns, YARA enables the detection of specific patterns in files that might indicate that the file is malicious.

PREREQUISITES


LEARNING OUTCOMES

● Learner understands what Yara is and what it is used for. ● Learner understands how to use Yara.

Suricata This course will teach you about Suricata. Suricata is a real-time threat detection engine that helps protect your network against threats by actively monitoring network traffic and detecting malicious behavior based on written rules. It can operate in a network security monitoring (NSM) mode and can also be configured as an intrusion prevention system (IPS) or intrusion detection system (IDS).

PREREQUISITES


LEARNING OUTCOMES

● Learner understands what Suricata is and what it is used for. ● Learner understands how to use Suricata.

Regular Expressions This course teaches you about Regular expressions. Regular expressions (regex or regexp) is an awesome technique that can be used in a variety of ways. At first it may seem a bit intimidating, especially for those without a formal education in Computer Science, but with a little practice, it can become a really fast and powerful tool.

PREREQUISITES

● Basic awareness of mathematical operators. ● Basic familiarity with programming.

23

LEARNING OUTCOMES

● Learner understands the concept of regular expressions. ● Learner understands how to use regular expressions of varying difficulty levels.

Privilege Escalation: SUID Bit This course will teach you about the SUID bit and the risks it holds if not used carefully. The SUID bit is a flag on a file which states that whoever runs the file will have the privileges of the owner of the file. So, if you are student and the file is owned by root, then when you run that executable, the code runs with the permissions of the root user.

PREREQUISITES


LEARNING OUTCOMES

● Learner understands what the SUID bit is and what it is used for. ● Learner understands how to find and exploit SUID executables.

Discovery: Nmap This course will teach how to use Nmap! Nmap, also known as network mapper, is a free and open-source security tool widely known for its powerful network discovery, enumeration and security auditing abilities. Network administrators utilize Nmap to establish a network map and get more information about what’s going on inside the network: which hosts are online, what ports are open, which services are offered, and more.

PREREQUISITES


LEARNING OUTCOMES

● Learner understands what Nmap is and what it is used for. ● Learner understands how to

Initial Access: Port Knocking This course will teach you about port knocking. Port knocking is a method of externally opening ports. Once a server receives a secret sequence of ‘knocks’ on a closed port or ports, the server will execute a pre-configured set of actions. Actions may vary from opening ports for quick access to a full reboot of the system.

24

PREREQUISITES

● Knows how to use Wireshark.

LEARNING OUTCOMES

● Learner understands the concept of port knocking. ● Learner understands how to use port knocking.

Discovery: Miscellaneous This course will teach you how to use various discovery, analysis and enumeration tools to perform web scans, analyse files, search through repositories and exploit various found vulnerabilities.

PREREQUISITES


LEARNING OUTCOMES

● Learner understands how to use various security tools to discover, analyse and exploit known vulnerabilities.

● Learner understands how to defend against the vulnerabilities and misconfigurations presented in the content of this course.

Privilege Escalation: Miscellaneous This course will teach you about a variety of privilege escalation methods. The content ranges from misconfigurations in the Linux system to exploiting CVE-s.

PREREQUISITES


LEARNING OUTCOMES

● Learner understands the concepts of the various privilege escalation techniques presented in this course.

● Learner understands how to use the various privilege escalation techniques presented in this course. ● Learner understands how to defend against the various privilege escalation techniques presented in

this course.

25

SOC: Miscellaneous In this course, you will learn about threat analysis techniques and the basic Linux command line tools used for that. In addition, this course will teach you about the concept of visual spoofing.

PREREQUISITES


LEARNING OUTCOMES

● Learner understands the concept and different methods of basic threat analysis. ● Learner understands the concept of visual spoofing.

Lateral Movement Lateral Movement consists of techniques that adversaries use to enter and control remote systems on a network. Following through on their primary objective often requires exploring the network to find their target and subsequently gaining access to it. This course will teach you how to use ProxyChains and will challenge your skills in gaining access to private networks.

PREREQUISITES

● Knows how to use Nmap. ● Knows about port knocking.

LEARNING OUTCOMES

● Learner understands how to use ProxyChains. ● Learner understands the concept of lateral movement

Reverse Engineering Reverse engineering is a process that hackers use to figure out a program’s components and functionalities in order to find vulnerabilities in the program. In this course, you will learn how to analyze a simple program with basic command-line tools and Ghidra.

PREREQUISITES

● Basic knowledge on the C programming language. ● Basic knowledge on how to use the Linux CLI.

LEARNING OUTCOMES

● Learner understands the concept of reverse engineering. ● Learner understands how to use different tools to find vulnerabilities in a program.

26

Microsoft Logging This course will introduce the Microsoft Logging system including how to enable and search advanced logging features.

PREREQUISITES

● Basic Windows PowerShell

LEARNING OUTCOMES

● Learner understands types of Windows event logs. ● Learner understands how to search Windows event logs. ● Learner understands how to enable PowerShell logging.

Microsoft Security Operations This course will teach you Windows security concepts and give you a chance to explore various attacker methods for exploiting weaknesses.

PREREQUISITES

● Windows event log searching ● Windows user administration

LEARNING OUTCOMES

● Learner understands NTLM authentication ● Learner understands how to detect pass-the-hash lateral movement

SOC Solutions These modules will introduce you into select tools and solutions commonly used in the SOC. You will learn how to use these solutions and understand how to apply them to your work in defending your organization against attacks.

PREREQUISITES

● Understanding of security concepts

LEARNING OUTCOMES

● Learn what different security solutions are used for ● Learn how to use various security solutions in your everyday workflow

27

Challenges This course contains a wide selection of challenges that require knowledge in many different areas of expertise to complete them. These challenges are designed to test and validate your knowledge of the given subject.

It is recommended to complete modules as presented within relevant learning courses or learning paths rather than access them through this course. No learning materials and minimal hints/solutions are available in these challenges as you are expected to have already learned the applicable concepts.

PREREQUISITES

● Knowledge from Rangeforce modules related to the subject of the challenge or equivalent experience from other systems.


LEARNING OUTCOMES

● Learner demonstrates application of techniques and knowledge needed to complete the challenges.

Learning Path Assessments Skill assessments for Rangeforce learning paths.

PREREQUISITES

● None

LEARNING OUTCOMES

● Know where your skills stack up!

BETA Modules This course contains early access into the latest RangeForce modules. Remember to use the Feedback tab to submit feedback and suggestions.

PREREQUISITES

● Hacker mentality

LEARNING OUTCOMES

● Better RangeForce modules!

28

Account Security (Security Awareness) These security awareness videos are designed to help you learn to better secure your accounts.

PREREQUISITES

● None

LEARNING OUTCOMES

● Learn password best practices ● Understand the concepts of multi-factor authentication

Data Security (Security Awareness) These security awareness videos are designed to help you learn concepts pertaining to data security.

PREREQUISITES

● None

LEARNING OUTCOMES

● Understand what data leaks are ● Learn how to handle sensitive information

Data Security (Security Awareness) These security awareness videos are designed to help you learn more about email based threats.

PREREQUISITES

● None

LEARNING OUTCOMES

● Understand how threat actors leverage email in their attacks ● Learn core concepts and terminology surrounding email security

Internet Security (Security Awareness) These security awareness videos are designed to help you learn how to use the internet more safely.

PREREQUISITES

● None

LEARNING OUTCOMES

● Understand the threats that exist on the internet ● Learn how to identify secure sites

29

Physical Security (Security Awareness) These security awareness videos are designed to help you learn how to better secure physical locations and your workspace.

PREREQUISITES

● None

LEARNING OUTCOMES

● Understanding of tailgating ● Learn the problems that can occur from leaving a computer unattended

Social Engineering (Security Awareness) These security awareness videos are designed to help you learn how to spot social engineering attacks.

PREREQUISITES

● None

LEARNING OUTCOMES

● Understanding of how social engineering works ● Demonstrate knowledge regarding the different types of social engineering attacks

Malware (Security Awareness) These security awareness videos are designed to help you understand what malicious software is and the threat it presents.

PREREQUISITES

● None

LEARNING OUTCOMES

● Understanding of the different types of malware ● Knowledge of the different ways malware infects computers ● Understanding of what the different malware attacks do

30

Documents

Category Course Module Catalog · Categories contain courses that group training modules based on common topic. For example, in the DevOps category, the Web Hosting course contains