RangeForce Training Update – Fall 2020

RangeForce Training Update – Fall 2020

With the fall upon us and winter just around the corner, RangeForce has 16 new training modules for our learners to tackle. We now have over 350 hands-on training modules for Security, IT, and DevOps professionals. Here are the 16 newest.

Security Tools Modules

Yextend (YARA tool)

Yextend is a Yara augmentation tool that can scan for malware inside archives, like tarballs and zip files. In our training module, you will learn how to use Yextend by scanning different archive files and analyzing the output. 

Investigations with Wireshark

Wireshark is a widely used open-source packet analyzer. It is excellent for network troubleshooting and traffic analysis. In our training module, you will investigate real-time attacks with Wireshark. You will learn how to capture network traffic remotely with triggers and capture filters, and analyze real-time port scan, brute-force, and flooding attacks.

Introduction to Netcat

Netcat is a powerful networking utility used for port scanning, transferring packets and files, and port listening. Netcat can also be run as a server to create backdoors. In this module, you will learn the basics of the Netcat utility and its many capabilities.

Splunk: Visualizations

The 8th module in our hands-on Splunk training series, Creating Visualizations in Splunk, allows you to visualize data, understand what the logs are telling you, and surface data patterns that are likely IOCs. In this module, you get hands-on with Splunk visualizations and learn how to create a SOC Dashboard with live events in Splunk. 

NPM Audit

Your website is being attacked, but you know that your code is not at fault. NPM Audit is a tool that looks through your node dependencies and lists all known vulnerabilities. In this module, you will learn how to use NPM Audit to find vulnerabilities in your website's dependencies and stop the attacker from crashing your site.

Cloud Security Modules

AWS Instance Metadata SSRF

Amazon Web Services is known to be a powerful and widely used cloud computing platform. What is less known is that all the Amazon Elastic Compute Cloud instances also have an instance metadata API attached to them. Allowing requests to be made to this instance metadata API can leak sensitive information. In this AWS module,  you steal sensitive data from an AWS instance using SSRF and, in doing so, learn how to use SSRF to query the instance metadata API and access sensitive data.

Cybersecurity Essentials Modules

Firewall Policies: IPTables

In this training module, you will learn how to create and manage Firewall Policies with Linux Iptables. The training covers both theoretical and practical objectives. The theoretical objectives teach the basics of Iptables structure (chains, policies, rules, tables) and rule syntax. Then you will apply your knowledge and fix firewall configuration mistakes via custom Iptables through both a web interface and command line.

DevSecOps

Insecure PRNG

Random number generation is widely used in computing — for unpredictable tokens, random key generation, cryptography, etc. However, generating truly random numbers takes more time and computing power; thus, we often rely on pseudorandom number generators (PRNGs) to create numbers that are considered random enough. These generators are often cryptographically insecure and can be cracked. Python uses the Mersenne Twister to generate random numbers. RandCrack is a script intended for predicting numbers generated with the Python random module. This module will learn how to use the RandCrack Python module to predict pseudorandom numbers.

Snyk

Snyk is a unique developer-focused tool that enables users to continuously find & fix vulnerable dependencies and offers seamless integration into Dev & DevOps workflows. In this module, you will learn how to install and configure the Snyk-CLI tool, analyze reports and dependencies generated by the Snyk, and mitigate vulnerabilities automatically in the dependencies.

Ansible Introduction

Ansible is open-source software that is used for application deployment, configuration management, and infrastructure orchestration. This module will configure your first inventory file and install software on a remote server using an Ansible playbook.

Kubernetes YAML File

This module is part of our Kubernetes training series. YAML or "Yet Another Markup Language" is a text format used to specify data related to Kubernetes configurations. In this module, you'll be exploring an example YAML file that's used in Kubernetes.

Kubernetes Manifests

Manifests are used to create, modify, or delete Kubernetes resources such as pods, deployments, services, etc. To get all Kubernetes benefits, you need to use a declarative management style. YAML Manifests are used by Kubernetes to build, modify, or delete your server or application. In this training module, you get an overview of YAML manifests. You'll learn how to create a deployment manifest, a service manifest, annotations, and how to roll back a configuration.

Kubernetes Secrets: Environment Variables

Secrets are used for storing small amounts of sensitive data like usernames and passwords, and you can use Secrets to set environment variables. In this module, you will learn about Kubernetes Secrets, create a secret manifest, encode secrets, configure persistent storage, and create environment variables using secrets.

Introduction to Linux Log Management with the Systemd Journal

Knowing how to find information in log messages can be crucial for system administration tasks such as troubleshooting, auditing, forensics, or monitoring. Systemd journal is the default tool for handling these tasks in Linux. In this introductory module, you learn how to use systemd journal to store and filter log messages while also safeguarding them.

Docker Persistent Data: Named Volumes

Volumes are the best option to persist data in Docker. Volumes are fully managed by Docker and stored in the host filesystem. In this module, you will learn how to pull images from Docker Hub, inspect Docker images, inspect containers, how volumes persist data, and how to create and delete a named volume.

Microsoft Security 

Weak and Reused Credentials (Advanced)

Hackers often use what's known as a password spraying attack, which consists of using lists of common and leaked passwords to hack into and take over their user accounts. In this module, you will learn to match password hashes from active directory to lists of weak passwords and how to reset any weak passwords to prevent spraying attacks.

Learn more about our training platform and modules here. We are happy to send you a full list of our courses. Email us at info@rangeforce.com.

Follow us on LinkedIn to be alerted when our next training module blog is released!

Subscribe to the Newsletter

Subscribe Here!

See how RangeForce can help your team hone their cyber security skills, train up new team members, and make running blue/red team exercises a snap!

Request a Demo

Related posts

Guides, Research & More