As an IT administrator, it’s important to be aware of the tools potential adversaries are likely to use against your networks and your applications.

Not only will this help you prepare for attacks and better secure your systems, it can also identify weaknesses, misconfigurations, or unknown services on your network. And as new vulnerabilities are discovered every day, routine scanning of your network and its services lets you see whether any newly-discovered vulnerabilities apply in your configuration. Labs in this category focus on systems-level scanning and exploitation.

For vulnerabilities specific to web-based applications, also consider labs in our Web Application Security Analysis category.

Questions about which lab is right for you? Contact cyrin@atcorp.com.

### Introduction to Metasploit

Students will gain experience with the widely-used open source Metasploit® framework for exploiting vulnerable software. The exercise includes launching attacks against well-known, unpatched software on multiple platforms—including examples of unauthorized administrator access on a remote system. By seeing the tools available to potential attackers, students will gain a greater appreciation for the need to keep software up-to-date and securely configured.

##### Prerequisites
• Familiarity with the Unix/Linux command line
• Basic networking concepts (TCP/IP, DNS, etc.)
##### Expected Duration

2 hours, self-paced. Pause and continue at any time.

2 CPEs awarded on successful completion.

$79 for 6 months of access. Free if you are a subscriber to any package that includes this lab. The course is also available as part of the CYRIN Vulnerability Scanning Package as well as the CYRIN Cyber Range All Access Package. ### Vulnerability Scanning with OpenVAS Students will use the free OpenVAS web tool suite to identify vulnerabilities in services available on an unknown network. The network will include several targets with known-vulnerable software versions and/or configurations. ##### Prerequisites • Familiarity with the Unix/Linux command line • Basic operating system security concepts • Basic networking concepts (TCP/IP, DNS, etc.) ##### Expected Duration 2 hours, self-paced. Pause and continue at any time. 2 CPEs awarded on successful completion. ##### Cost$79 for 6 months of access. Free if you are a subscriber to any package that includes this lab.

This lab is also available as part of the CYRIN Vulnerability Scanning Package as well as the CYRIN Cyber Range All Access Package.

### Automating Security Analysis with SPARTA

Students will build on the results of labs in the Web Application Security Analysis and Network Monitoring categories by using the SPARTA network infrastructure penetration testing tool, a graphical application that automates many common vulnerability assessment tasks. Students will use SPARTA within a graphical Kali Linux environment, scanning multiple unknown target systems and exploring found weaknesses.

##### Prerequisites
• Familiarity with the Unix/Linux command line
• Basic web application knowledge (HTTP, URL parameters, etc.)
• Basic networking concepts (TCP/IP, DNS, etc.)
##### Expected Duration

2 hours, self-paced. Pause and continue at any time.

2 CPEs awarded on successful completion.

##### Cost

\$79 for 6 months of access. Free if you are a subscriber to any package that includes this lab.

This lab is also available as part of the CYRIN Vulnerability Scanning Package as well as the CYRIN Cyber Range All Access Package.