Privilege Escalation with PEASS-NG

Focused View

Rishalin Pillay

20:09

71 View

Exercise Files

peass-ng-privilege-escalation.zip

Module 1 - Course Overview

1. Course Overview.mp4

01:04

Module 2 - Privilege Escalation with LinPEAS

1. Tool Introduction.mp4

02:38

2. T1548.001 SETUID SETGID.mp4

05:56

Module 3 - Privilege Escalation with WinPEAS

1. T1055.001-DLL Injection.mp4

04:29

2. T1547.001 Registry Keys.mp4

04:57

Module 4 - Resources

1. Resources.mp4

01:05

Description

Adversaries frequently use unprivileged access to enter and browse a network, but they need privileged access to complete their tasks. In this course, you will learn privilege escalation using the PEASS-NG suite.

What You'll Learn?

Manually looking for privilege escalation paths can become a timely activity. Sometimes you may miss misconfigurations that are easily exploitable and at times you may not be looking at all possibilities. In this course, Privilege Escalation with PEASS-NG, you’ll cover how to utilize WinPEAS and LinPEAS to execute privilege escalation in a red team environment. First, you’ll explore using LinPEAS to discover excessive permissions related to SETUID/SETGID. Next, you’ll apply WinPEAS to discover dll’s that can be exploited. Finally, you’ll simulate the task of finding valuable registry keys which enable you to install services with elevated permissions. When you’re finished with this course, you’ll have the skills and knowledge to execute these techniques [T1548.001, T1055.001, T1547.001] using the PEASS-NG suite. More importantly, knowing how these techniques can be used against you, will ultimately lend to your ability as an organization, or an individual, to detect and defend against specific attack vectors.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Ethical Hacking

Network Engineering

Rishalin Pillay

Instructor's Courses

Rishalin is an active author, who has authored a number of courses found on Pluralsight. In addition to video courses, he has authored two books titled "Learn Penetration Testing" and "Offensive Shellcode from Scratch". He serves as a technical contributor to many books ranging from Dark Web Analysis, Kali Linux, Offensive Security, SECOPS, and study guides across Networking and Microsoft technologies. He holds the Microsoft Content Publisher Gold and Platinum awards for his contributions made towards the Cybersecurity Industry. At present he is a security specialist at Google (Chronicle) where he works as part of the Google Threat Intelligence team.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.