Defense Evasion with Invoke-Obfuscation

Focused View

Ricardo Reimao

24:15

70 View

Exercise Files

defense-evasion-invoke-obfuscation.zip

Module 1 - Course Overview

1. Course Overview.mp4

00:56

Module 2 - Bypassing Anti-virus Detection with Invoke-Obfuscation

1. Understanding Obfuscation Techniques and the Invoke-Obfuscation tool.mp4

07:12

2. Installing the Invoke-Obfuscation Tool in Kali Linux.mp4

06:44

3. Evading Anti-virus Detection and Running Malicious Code.mp4

06:06

Module 3 - Resource

1. Resources.mp4

03:17

Description

Staying undetected is essential in a red team engagement. In this course, you will learn how to obfuscate malicious scripts to bypass anti-virus solutions using the Invoke-Obfuscation tool.

What You'll Learn?

One of the main objectives of a red team engagement is to not get caught by the client detection mechanisms. If you simply run your malicious code in a production server, you will most likely get caught by the Windows defender or the anti-virus solution. For this reason, obfuscating scripts to bypass those detection mechanisms is essential. In this course, Detection Evasion with Invoke-Obfuscation, you will explore how to bypass detection tools such as anti-virus solutions by obfuscating your malicious scripts. First, you will learn what script obfuscation is and how you can use it in your red team engagement. Then, you will see how to install the tool in Kali Linux. Finally, you will explore how to use the Invoke-Obfuscation tool to bypass the anti-virus and run a malicious payload in a fully patched Windows server. By the end of this course, you will know how to use the Invoke-Obfuscation PowerShell tool to obfuscate other PowerShell scripts, with the intent of evading detection. This course covers two important tactics from the Mitre Att&ck framework: Obfuscated Files or Information (T1027) and Deobfuscate/Decode Files or Information (T1140).

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Ethical Hacking

Penetration Testing

Ricardo Reimao

Instructor's Courses

Ricardo is a Cybersecurity Consultant based in Toronto (Canada). He has 14+ years of IT experience, 10 of them in the IT Security field. His main interests are: SIEM solutions (IBM QRadar), Enterprise Security Risk, Penetration Testing, Security processes/procedures and Network Security.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.