We have had a busy May here at RangeForce with 9 new training modules and challenges released. That brings our total count of modules to over 160 and our total training hours of content to 150. New training covers our Security Operations (SOC), Web Application Security (WASE), and DevOps tracks.
Here are our newest training modules:
New Security Tools Training Modules
We continue to build out our Security Tools Courses, and there are many more including vendor tools coming in the next few months.
Security Tools – Gobuster
Gobuster is an open source tool for brute-forcing to discover subdomains, directories and files (URIs), and virtual hostnames on target web servers. In this training module, you will learn how to use Gobuster to crack open a web server through a brute-force attack and uncover the DNS subdomains, directories, and files, virtual hosts of a target server.
Security Tools – Port Knock Sniffing
Wireshark is one of our favorite open source tools. In this module, you will use Wireshark to search for a port knock sequence in captured network traffic, then use the sequence to open the server port so that you can access the server yourself.
New Security Operations Training Modules
Security Operations is a continued area of focus for our new modules. These courses focus on attack vectors and methodologies as well as incident detection, response, and investigation best practices. Training modules teach you both the red team (offensive) and the blue team (defensive) sides of the attack.
SOC – Visual Spoofing
In this module, you will first learn about Unicode and its incredible framework for storing, transmitting, and presenting information in multiple languages. Then you will learn how it can be exploited with phishing and word filter attack vectors – visual spoofing.
SOC – Exposed and Reused Credentials – Advanced Phishing
Phishing continues to be a common and successful attack vector, so let’s get serious about what attackers can really do with it. In this module, you will use phishing to take over an administrator’s account, gaining root access to the entire company network.
New Security Challenges
Security Challenges are the places where you test your skills. No help here, just dig into the challenge and see if you have what it takes to win.
SOC Challenge – Visual Spoofing
In this challenge, you are tasked with finding a fake web domain that contains multibyte Unicode characters.
SOC Challenge – Exposed and Reused Credentials
You must exploit the users’ tendency to reuse their passwords to gain authority over the network in this red team challenge.
SOC Challenge – Port Knox
Can you break into Port Knox? In this challenge, you must use all your skills to crack open a server that is not only secured but also hidden.
New Secure DevOps and Web Application Security (WASE) Training Modules
Secure DevOps and Web Application Security (WASE) are just as important to your company as our security tracks. The better your code’s security hygiene is, the more bulletproof your company.
DevOps – System Info Gathering
In this introduction module, you will learn how to get information about the Linux operating system and find out what is going on with its software, hardware, and network connections.
WASE Learning – Exposed Git Repo
Companies often make mistakes when deploying websites leaving their git repository exposed is a relatively common error with potentially serious consequences. In this module, you will learn about the dangers of an exposed Git repository and how to fish out extremely valuable credentials from it.
Watch for even more training modules to be launched in June. Remember, as a customer, you get access to all of our modules and any new ones that are delivered for the duration of your license all at an amazingly affordable price. If you want to learn more about our training platform and modules, read more here, and we are happy to send you a full list of courses. Just email us at email@example.com
Follow us on LinkedIn so you will be alerted when our next training module blog is released!