RangeForce Content Rewind | May 2021
Welcome to the RangeForce Content Rewind. In May, we added 26 modules to the RangeForce platform to continue supporting your cybersecurity training needs. With all-new training being added to the RangeForce platform each week, we wanted to take a moment and highlight some of the new modules available on the platform.Take a look at the list below to get acquainted with our top additions from the past month. Be sure to give our new modules a try and let us know what you think!
New Training Modules
Splunk: Filters and Queries | An addition to our Splunk course in the Security Solutions category, Learners will be able to filter data by using the date and query fields in the tool.
Deploy an Incident Handling and Response Architecture | A lesson broken into three parts, these modules discuss how to map a company’s reaction to any harmful events:
- Part 1 – Looking at how SOC plays a part in disaster recovery planning, as well as the Computer Security Incident Response Team (CSIRT) and how each individual fits into their role.
- Part 2 – Planning and identifying incidents and how each one is evaluated, analyzed, and contained.
- Part 3 – Incident mitigation, eradication, and recovery, including After Action Plans (AAR) and post-incident tasks.
Apply a Forensic Investigation | A two-part module in which Learners can gain the skills needed to conduct a forensic investigation as an analyst, including how it applies to the entire investigation scope and authentication of evidence.
MITRE ATT&CK Overview | Representing Adversarial Tactics, Techniques, & Common Knowledge, behaviors of offensive cyber actors by the MITRE research corporation are categorized in this foundational, hands-on module. These behaviors will help identify common threats you will see in your organization.
Objdump | This utility is part of the GNU binutils programming tools with which you can view the headers of an executable and disassemble the code contained in the file. In this particular instance, you will learn to use objdump to work with PE, ELF, and raw binary files.
Windows Active Directory Escalation: Kerberoasting | Learn a privilege escalation attack on Active Directory, called Kerberoasting. Using this method, learners will extract service account credentials as low-privileged domain users without sending any packets to the target system.
CVE-2018-7600 Drupalgeddon2 RCE | A remote code execution vulnerability in Drupal, Drupalgeddon2 allows any user to execute code without requiring the attacker to be logged in or authenticated. With this knowledge, Learners will learn how Drupalgeddon2 works and how to exploit it.
Windows – System Services – Service Execution Exercise | Experience using Service Execution in a Windows domain in both typical cases and examples of how malicious actors can misuse it.
Contain and Mitigate Incidents | Understanding your organization’s Incident Response (IR) plan in two parts, highlighting methods to contain and mitigate security incidents.
Prevent Unvalidated Redirects and Forwards | Expose unvalidated redirects and forwards in web application configurations, including how they can be exploited and possibly prevented.
Securely Collect and Analyze Electronic Evidence | Recognizing how files can be stored and maintained to help securely collect and analyze electronic evidence.
Housekeeping After a Pentest | Covering the tasks necessary once a pentest has been completed, such as reviewing notes, cleanup, evidence, and deleting.
Additional Modules
Additional modules added in the last month include Introduction to Vulnerability Scanning, Prevent Cross-Site Scripting Flaws, Integrating Documentation into Risk Management (Part 2), Cybersecurity Teams, Cyber Readiness Assessment, Prevent Session Management Flaws, Prevent Cross-Site Request Forgery Flaws, Prepare for Forensic Investigation as a CSIRT, Follow-up On the Results of an Investigation, Complying with State, Federal, and National Legislation, Stack and Heap Basics, and Identify the Need to Protect IoT Resources.
As RangeForce adds new content, we also make platform enhancements to improve the experiences of our learners and admins. Our user feedback is critical to these changes. Here’s a few highlights from the past month:
-
Admins will now see a view of their Learners in the Members tab filtered by either Active or Inactive. This will allow Admins to clearly understand who is currently participating in training and who is not.
-
Admins now have the ability to assign training plans to an entire team in addition to individual learners. Training plans can still include full courses as well as individual modules. They can also be assigned with or without a due date. Training plans are a great way to engage users in our wide range of content.