CO Cyber Range

Cybersecurity education and professional development just got a whole lot more accessible in Colorado.


The NCC no longer offers licenses to this cyber range.

At the Colorado Cyber Resource Center, we believe that cybersecurity education and professional development should be as accessible and effective as possible. 

We were excited to partner with RangeForce to launch a statewide cyber range available to career-transitioning adults.

Users were able to sign up for a year-long license that covers the full spectrum of cybersecurity experience levels, from beginner to advanced, for a variety of roles, including security operations (SOC), DevSecOps, WebAppSec, Penetration Testing (including Junior Penetration Testing), and much, much more. 

The license also allowed you access to all of the different Learning Paths, along with ongoing module additions throughout the year. We’ve outlined the Learning Paths in more depth below!

Learning paths

The Cybersecurity Essentials path focuses on foundational components of cybersecurity. Develop a concise understanding of key concepts and practices without diving into too much complexity. This path also covers topics across your security program, including business continuity and networking. Cybersecurity Essentials is designed as a starting point for aspiring cybersecurity professionals or those looking to expand their defensive capabilities within a small or medium-sized organization.

Course Content

Course 1 – Introduction to Cybersecurity/Terminology, History of Cybersecurity, Cybersecurity Teams

Course 2 – Understanding the Threat Landscape, Firewall Overview, IPS/IDS Overview

Course 3 – Endpoint Protection Platforms Overview, Endpoint Detection & Response, Server Protection Overview

Course 4 – Importance of Logs, Windows Event Logs, Linux Syslog

Course 5 – Introduction to the SOC, Blue Team Function and Tasks, Red Team Function and Tasks

Course 6 – Understanding the Cyber Kill Chain, Introduction to SIEM and SOAR, Security Topolgy

Course 7 – Known vs. Unknown Malware, Ransomware Overview, CVE Overview

Course 8 – Introduction to OSI Networking Model, Layer 2 Networking, Layer 3 Networking, Layer 4 Networking

Course 9 – Deploying Enterprise Endpoint Protection, Deploying Enterprise Server Protection, DevOps Security Overview

Course 10 – Physical Security Considerations, Introduction to Governance, Risk, and Compliance, Cybersecurity Essentials Challenge (Capstone)

The SOC Analyst 1 path enables cybersecurity professionals and students to gain live environment experience with the foundational concepts and practices of a security operations center (SOC). Whether it’s understanding event logs, visualizing data, or conducting malware analysis, this curriculum is designed to get you SOC-ready. Work through a series of hands-on modules and related challenges to complete this path. 

Course Content

Course 1 – Introduction to the SOC, Understanding the Threat Landscape, Remote Code Execution Introduction

Course 2 – Windows Procmon, Windows Event Logs: PowerShell Queries and Filters, Pass the Hash, Linux System Info Gathering, Linux Syslog

Course 3 – Splunk: Basics, Splunk: Filters and Queries, Splunk: Fields and Transforms, Splunk: Visualizations, Splunk: Alerts

Course 4 – Malware Analysis Introduction, Recorded Future: Browser Extension, Malware Analysis: VirusTotal, Email Header Analysis, Email URL Analysis, Email Challenge

Course 5 – Introduction to Regular Expressions, Regular Expressions: Basic, YARA Overview, YARA Rule Management, YARA Rule Generation, YARA Rule Writing, Threat Intel Challenge

Course 6 – Wireshark Basics, Suricata: Basics, Suricata: IDS Rules, Suricata: Rule Management

The SOC Analyst 2 path is a great resource for entry-level analysts looking to take their career to the next level. In this path, you’ll work through hands-on modules to develop robust skills, including more sophisticated search capabilities, utilizing APIs and SIEMs to automate repetitive tasks, and incorporating the right tools into incident response. During our course challenges, you’ll demonstrate the resilience you bring to teams by applying your skills to incident response.

Course Content

Course 1 – Basic Shell Scripting, PowerShell Basics 1, PowerShell Basics 2

Course 2 – PowerShell Logging, Linux Log Management: Systemd Journal, Splunk: Input Configuration, Splunk: API

Course 3: – AD Rights Management, Active Directory GPO, Windows: Weak and Reused Creds, Windows NTLM, Traffic Light Protocol Overview

Course 4 – PCAP Forensics: Wireshark, Suricata: IPS Rules, PCAP Forensics 2, Investigations with Wireshark, Firewall Policies: FortiOS, Suricata Challenge

Course 5 – Lateral Movement Overview, Nikto, Sudo Killer, Greenbone Vulnerability Management, OpenSCAP, CVE-2019–151o7 WebMin Unauthorized RCE, Botnet Takedown Challenge

Course 6 – Visual Spoofing, Identifying Linux IOCs, LOKI IOC Scanner, Linux Security Investigation Challenge, Process Injection IR with Splunk

The Web Application Security (OWASP) path is critical instruction for any application engineer mastering the skills need to eliminate the most common application vulnerabilities. Supporting the “shift-left” development strategy, this course covers all ten of the OWASP vulnerabilities with hands-on and interactive exercises. By completing this path, you’ll demonstrate your ability to apply key web application security principles to real world issues. 

Course Content

Course 1 – Command Injection Fix, NoSQL Injection Fix, SQL Injection: Authentication Bypass

Course 2 – Password Cracking, JSON Web Token Security, JSON Web Token Security Challenge 1

Course 3 – HTTPS Security Introduction, API Security: Exposed Tokens, Wireshark Basics

Course 4 – XML External Entities (Java), Blind XML External Entities, XXE RCE Using PHP Expect

Course 5 – Insecure Direct Object References 2 Fix, Path Traversal Fix (NodeJS), Path Traversal Fix (PHP), Unrestricted File Upload Fix (PHP), Unrestricted File Upload Fix (NodeJS)

Course 6 – Cookie Security: HttpOnly: Fix (NodeJS), Cookie Security: HttpOnly: Fix (PHP), Cookie Security: Secure: Fix (NodeJS), Cookie Security: Secure: Fix (PHP), Privilege Escalation: Overprivileged Process

Course 7 – DOM-based XSS Fix (JS), Reflected XXS, XXS Filter Evasion Fix (PHP)

Course 8 – Insecure Deserialization (Java), PHP Serialization, PHP Serialization Challenge

Course 9 – Linux Software Management, CVE-2019-15107 WebbMin 1.890 Exploit Unauthorized RCE, CVE-2017 5638 Apache Struts

Course 10 – Linux Log Management: Systemd Journal, Splunk Webapp IR: Brute Force Detection, Insufficient Loggins: Injection Vulnerabilities

The Secure Coding path provides a hands-on approach for addressing security and privacy throughout the entire software development lifecycle. You will learn about vulnerabilities that undermine security, including how to identify and remediate them in your own projects. This path is designed for software developers, texters, and architects who design and develop in various programming languages and platforms, including desktop, web, cloud, and mobile. Secure Coding learners will improve their ability to deliver software that is secure and private.

Course Content

Course 1 – Identify Security Requirements and Expectations, Identify Factors that Undermine Software Security, Find Vulnerabilities in Your Software, Identifying Vulnerabilities in an Application, Cracking a Password Hash, Fixing a Password Hash Vulnerability, Gather Intelligence on Vulnerabilities and Exploits

Course 2 – Preventing Software Defects, Assessing Application Functionality, Examining Source Code and Dependencies, Testing Attack Patterns, Handle Vulnerabilities Due to Human Factors, Handle Vulnerabilities Due to Process Shortcomings

Course 3 – General Principles for Secure Design, Software Development Threat Modeling, Identifying and Raking Threats, Identifying Countermeasures to Threats, OWASP Threat Dragon, Microsoft Threat Modeling Tool

Course 4 – Common General Programming Errors, Buffer Overflow, Vulnerability Prevention: Web, Vulnerability Prevention: Mobile, Vulnerability Prevention, IoT, Vulnerability Prevention: Desktop, Finding Common Web Vulnerabilities, Prevent Privacy Vulnerabilities

Course 5 – Limiting Access, Bypassing Authentication and Authorization, Protect Data in Transit and at Rest, Implementing Encryption, Secure Error Handling and Logging, Practical Secure Logging

Course 6 – Security Testing, Manual Code Review, Static and Dynamic Code Analysis, Linting Code, Automated Testing, Testing with OWASP ZAP

Course 7 – Application Monitoring and Logging, Implementing Application Logging, Application Maintenance


The Microsoft Core Security path is designed to sharpen your skills in Microsoft products. This path will introduce you to key aspects of managing and defending a Windows environment. Gain a working understanding of Active Directory and Group Policy, learn to analyze Windows event logs, and practice common security tasks you can use on the job. Apply your skills through relevant challenges, including how to investigate malware on a Windows computer. 

Course Content

Course 1 – Windows CMD Basics, Active Directory Rights Management, Active Directory GPO

Course 2 – Windows Event Logs, PKI Web Cert Template, PowerShell Introduction

Course 3 – PowerShell Basics 1, PowerShell Basics 2, PowerShell Code Signing

Course 4 – PowerShell Logging, Regular Expressions: Basic, Sysmon

Course 5 – Voidtools Everything, NTLM, Pass the Hash

Course 6 – Windows: Weak and Reused Creds, Sysmon: Process Injection, Windows Information Gathering

Course 7 – PKI Web Server Cert Enrollment, Nmap: SMB Enumeration, Sysmon Capture Clipboard

Course 8 – Windows: Email URL Analysis, Windows: Splunk Basics, Windows: Procmon

Course 9 – Windows: Email Header Analysis, Windows: YARA Introduction, Windows: YARA Rule Writing

Course 10 – Windows: YARA Rule Generation, Windows: YARA Rule Management, Windows: Process Injection IR with Splunk

The Threat Hunter path is the most advanced blue team content for those who have mastered enterprise security operations. In this path, you’re introduced to the practices and techniques employed by attackers, from the tools at their disposal to the way they view and target systems. Exercise your threat hunting skills in the cyber range through a variety of interactive challenges that are designed to give you a better understanding of targeted attacks.

Course Content

Course 1 – Yextend, Malware Analysis Introduction, Linux Advanced Logging

Course 2 – Password Cracking, Identifying NetworkIOCs: DNS Tunneling, IOC Challenge

Course 3 – Netcat Introduction, Adv. Privilege Escalation: Exposed and Reused Credentials, Detecting Privilege Escalation

Course 4 – Metasploit, Basics Reverse Engingeering 1, Proxychains

Course 5 – Reverse Engineering 2, CVE-2020-7247 OpenSMTPD RCE, Exposed and Reused Credentials Challenge

Course 7 – Suricata Challenge, Obfuscation Challenge, Malware Cleanup Challenge

Course 8 – Splunk Lookups, Splunk Input Configuration, Linux Security Investigation Challenge

Course 9 – Web App Exploit Challenge Delta 1, Web App Exploit Challenge Delta 2, Web App Exploit Challenge Delta 3

Course 10 – SSH Backdoor Challenge 1, SSH Backdoor Challenge 2, SSH Backdoor Challenge 3

More content is being added regularly. Some additional learning paths now include: 

Reverse Engineering


Junior Penetration Tester

IoT Security Practitioner

Security Management

Cloud Security


You may cancel your subscription plan at any time by following the instructions in your profile menu on the Website. Cancellation will take effect immediately and you will not be entitled to a refund for the subscription fees already paid. 

Past Users