<

Darupel

Exploit wordpress to compromise and ransom a web server

All scenarios

Scenario overview

An attacker wants to steal data from a company’s web server and makes profits from it. A public-facing Wordpress vulnerability is exploited, then the attacker lateralizes from the DMZ to the web backend database. Company data are not secret anymore!

Labs and Scenarios

M&NTIS Platform, based on Adversary Emulation and Cyber ​​Range technologies, automatically executes attack scenarios within labs. These scenarios reproduce realistic killchains and intrusion sets.

Interactive labs

M&NTIS users can observe – in real time – the progress of the attacker within the lab and can interact with the environment to better understand all attack step effects.

Integrated defense

Labs can be interconnected with defense products, such as network probes, EDRs, or SIEM/XDRs. This allows a SOC to easily receive telemetry data and alerts produced by a running lab.

Realistic trainings

Attack scenarios can be exploited in cyber training where SOC and CERT analysts are faced with realistic attack scenarios. This allows them to challenge their operational efficiency.