Welcome to the RangeForce Content Rewind. In October, we added 12 modules to the RangeForce platform to continue supporting your cybersecurity training needs.

With all-new training being added to the RangeForce platform each week, we wanted to take a moment and highlight some of the new modules available on the platform.

Take a look at the list below to get acquainted with our top additions from the past month. Be sure to give our new modules a try and let us know what you think!

New Training Modules

Elastic: EQL - Analytics | EQL gives an analyst the power of describing events and event sequences methodically. EQL Analytics Library is a set of analytics created to map against techniques identified in the MITRE ATT&CK framework. These analytics can run against a stream of logs in real time for detection or post collection for threat hunting. This module will give this entire overview and show how to create analytics.

XML External Entities: Find & Exploit | XML External Entities injection (XXE) is a vulnerability which can occur when insecurely parsing XML documents. The impacts of the vulnerability are often the ability to read arbitrary files and perform Server-Side Request Forgery. Learners will learn how to identify and exploit an XXE vulnerability.

Dynamic Analysis Exercise 1 | This expert level module will test the knowledge Learners have gained on reverse engineering. The task given will be to reverse engineer an ELF executable written in C++. Upon completion, users will be given an opportunity to look at the source code.

Tracing with strace and ltrace | When analyzing a program, users need to know exactly how it interacts with the system. To gain this understanding of underlying processes, tracer utilities such as strace and ltrace can be used. These tools are able to intercept and record system and library calls made by a program.

Identifying Binaries | When approaching a binary, it is key to ensure that it does not contain anything malicious before executing it. This process can be done by analyzing the file to see what kind of binary it is and digging deeper into the file to see what it does.

Compiling and Linking | Executable creation from a high-level source code can be divided into two sections: compiling and linking. Compilers convert source code into relocatable object files. Linkers combine object files and libraries into executables. This module will teach the actions performed and considerations taken by both roles.

Junior Penetration Tester Capstone | This capstone challenge will provide a number of targets against which users will perform a penetration test.

Windows – Parent PID Spoofing Exercise | PPID Spoofing, while hard to detect, is still possible and necessary. Users will review practical examples of generated alerts via the use of PPID Spoofing.

Additional Modules

Additional modules added in the last month include Ansible: Advanced Playbooks, Email URL Analysis Basics, Vulnerability Management, and Alerting.

As RangeForce adds new content, we also make platform enhancements to improve the experiences of our Learners and Admins. Our user feedback is critical to these changes. Here’s a few highlights that we’d like to share with you:

• Admins are now able to split their Learners and create their own Teams. This capability can be found in the Organization tab by selecting Teams – Add New Team. Once a parent team and license have been selected, Learners can be invited via email. Teams are a useful way to assign training plans and view separate reporting.
• Admins now have the ability to assign training plans to either an entire Team or individual Learners. Training plans can still include full courses and individual modules with or without a due date. Training plans are a great way to engage users in our wide range of content.

If you’re interested in learning more about the RangeForce platform or seeing our full course catalog, request a demo here or contact our sales team at sales@rangeforce.com.