Course Description
Course contents
Day 1 – PowerShell Essentials
- Introduction to PowerShell
- Language Essentials
- Using ISE
- Help system
- Syntax of cmdlets and other commands
- Variables, Operators, Types, Output Formatting
- Conditional and Loop Statements
- Functions
- Modules
- PowerShell Remoting and Jobs
- Writing simple PowerShell scripts
- Extending PowerShell with .Net
- Accessing Windows API
- WMI with PowerShell
- Playing with the Windows Registry
- COM Objects with PowerShell
Day 2 – Getting a foothold
- Recon, Information Gathering and the likes
- Vulnerability Scanning and Analysis
- Exploitation – Getting a foothold
- Exploiting MSSQL Servers
- Client Side Attacks with PowerShell
- PowerShell with Human Interface Devices
- Writing shells in PowerShell
- Using Metasploit and PowerShell together
Day 3 – Post Exploitation and Lateral Movement
- Post-Exploitation – What PowerShell is actually made for
- Domain Enumeration and Information Gathering
- Privilege Escalation
- Dumping System and Domain Secrets
- Kerberos attacks (Golden, Silver Tickets and more)
- Abusing Forest Trusts
- Pivoting to other machines
- Achieving Persistence
- Detecting and stopping PowerShell attacks
- Bypassing defenses (App whitelisting, AMSI, Advanced Threat Analytics etc.)
Target audience
Red Teamers, Penetration testers, Blue teamers, System administrators and security professionals.
Requirements
- Basic understanding of how penetration tests are done.
- Basic understanding of a programming or scripting language could be helpful but is not mandatory.
- An open mind.
Hardware/Software Requirements
- Ability to RDP to Windows machines
- Ability to install OpenVPN client and connect to VPN networks.
Trainer Biography
Nikhil Mittal is a hacker, infosec researcher, speaker and enthusiast. His area of interest includes penetration testing, attack research, defense strategies and post exploitation research. He has 8+ years of experience in Penetration Testing and Red teaming for his clients which include many global corporate giants.
He specializes in assessing security risks at secure environments which require novel attack vectors and “out of the box” approach. He has worked extensively on using Human Interface Device in Penetration Tests and PowerShell for post exploitation. He is creator of Kautilya, a toolkit which makes it easy to use HIDs in penetration tests and Nishang, a post exploitation framework in PowerShell. In his spare time, Nikhil researches on new attack methodologies and updates his tools and frameworks.
Nikhil has held trainings and boot camps for various corporate clients (in US, Europe and SE Asia), and at the world’s top information security conferences. He has spoken/trained at conferences like Defcon, BlackHat, CanSecWest, Shakacon, BruCON, Troopers, DeepSec, PHDays, Hackfest and more.