Post Exploitation with PowerShell

Focused View

Ricardo Reimao

1:48:02

32 View

1. Course Overview

1. Course Overview.mp4

01:20

2. Local Privilege Escalation

1. Understanding Post-exploitation.mp4

09:21

2. Finding Misconfigured Permissions.mp4

08:29

3. Unquoted Service Paths.mp4

06:24

4. Finding Missing Patches and Outdated Software.mp4

03:35

5. Leveraging Credentials and Hashes with PowerShell.mp4

05:46

6. Escalating from Administrator to System.mp4

03:55

7. Using PowerShell Frameworks.mp4

05:01

3. Creating Persistence

1. Understanding Persistence with PowerShell.mp4

03:44

2. Creating Scheduled Tasks.mp4

05:30

3. Creating Hidden Services.mp4

03:50

4. WMI Backdoors.mp4

04:42

5. WinRM for Remote Code Execution.mp4

04:36

6. Persistent Remote Web Shells.mp4

03:40

7. Exploring PowerShell Frameworks.mp4

05:41

4. Collection and Exfiltration

1. Understanding Collection and Exfiltration.mp4

04:40

2. Eavesdropping on Network Traffic with PowerShell.mp4

04:13

3. Collecting Users, Groups, and Sensitive Files.mp4

07:25

4. PowerShell Post Exploitation.mp4

05:00

5. Exfiltrating Files Over HTTP and DNS.mp4

07:53

6. Course Closure.mp4

03:17

Description

After gaining access to a server in a red team engagement, your next step is to escalate your privileges and establish persistence. This course will teach you post-exploitation techniques with PowerShell.

What You'll Learn?

In a red team engagement, after getting initial access to your target environment, you need to escalate your privileges, establish persistence and execute your goals. As your objective is to stay stealthy, the best option is to leverage Windows native features, such as PowerShell, to conduct your post-exploitation activities. In this course, Post-Exploitation with PowerShell, you’ll learn how to execute all your post-exploitation activities using only Windows native commands. First, you’ll explore how to escalate your privileges in the compromised system. Next, you’ll discover how to create persistence so you can access the system at any time. Finally, you’ll learn how to collect and exfiltrate sensitive data. When you’re finished with this course, you’ll have the skills and knowledge of PowerShell needed to perform post-exploitation on a red team.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

PowerShell

Ricardo Reimao

Instructor's Courses

Ricardo is a Cybersecurity Consultant based in Toronto (Canada). He has 14+ years of IT experience, 10 of them in the IT Security field. His main interests are: SIEM solutions (IBM QRadar), Enterprise Security Risk, Penetration Testing, Security processes/procedures and Network Security.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.