PowerShell and Windows for Red Teamers - Penetration Testing Course Online

What skills will you gain?​​ ​​​ ​​ ​ ​​​​​

• Understand models and frameworks such as Cyber Kill Chain and MITRE ATT&CK;
• Understand the phases of a cyber attack;
• Use native Windows system tools for offensive activities;
• Identify vulnerabilities in Windows systems;
• Use offensive tools for Exploitation activities on Windows systems;
• Perform Post-Exploitation activities;
• Hide Post-Exploitation activities using stealth techniques;
• Scaling privileges;
• Extract access credentials in memory;
• Perform lateral movement activities;
• Establish persistence mechanisms;
• Use C2 tools and establish a communication channel;
• Data Exfiltration from a system;
• Mapping the structure of Active Directory environments;
• Perform Active Directory attacks;
• Use adversary emulation tool.

DURATION: 18 hours

CPE POINTS: On completion you get a certificate granting you 18 CPE points. 

Course launch date: September 30th, 2022

Course format: 

• Self-paced
• Pre-recorded
• Accessible even after you finish the course
• No preset deadlines
• Materials are video, labs, and text
• All videos captioned

What will you need?

Students will use their own infrastructure and workstations (Windows, Linux or Mac OS) with the ability to run 02 to 03 Virtual Machines simultaneously.

• Minimum configuration of 8GB of RAM, 60 GB of free disk space, USB port and network card (RJ45 or wireless) for Internet access.
• Virtualization software that has the functionality to create snapshots such as VMWare or Oracle virtual box.
• During some offensive activities the Kali Linux distribution will be used, but the student can use any Linux OS.

What should you know before you join?

• Basic knowledge of Windows and Linux Operating Systems;
• Active directory basic structure, basic shell commands, network configuration, services and processes, management of local users;
• Basic knowledge of computer network and protocols;
• Familiarity with the Kali Linux distribution;
• Familiarity with virtual machine tools.

Module 1 covered topics:

• Windows CLI, like systeminfo, netstat, tasklist, net user, net use, netsh, net localgroup, net session, sc, schtasks, certutil and others used in offensive activities;
• Recon and information gathering;
• Living Off The Land (LOTL) Attacks.

Module 1 exercises:

• Get information gathering without PowerShell.

Module 2 covered topics:

• Basic offensive PowerShell commands;
• Working with Windows CLI and PowerShell scripts to collect important information about network and domain.

Module 2 exercises:

• Get information gathering with PowerShell.

Module 3 covered topics:

• Demonstration of using the tools used to compromise Windows operating systems, and the use of components, such as MSFVenom and other payloads;
• Demonstration of privilege elevation techniques; follina vulnerability (CVE-2022-30190) is one of the techniques that will be taught in this module.

Module 3 exercises:

• Conducting Windows privilege escalation using Metasploit framework, non-Metasploit payloads, advanced techniques and tricks.

Module 4 covered topics:

• Lateral Movement Techniques with exploitation of remote services;
• Privilege Escalation;
• Pillaging;
• Creating persistence and maintaining access and weaponization;
• Offensive techniques;
• Password dump;
• Obfuscation and Data Exfiltration;
• and clearing tracks and logs.

Module 4 exercises:

• Perform attacks using Metasploit advanced features;

• Persistence techniques;

• Meterpreter module;

• Obfuscation and encoding payloads;

• Stealth strategies;

• Dumping password hashes;

• Port redirection and forwarding for pivoting and tunneling.

Module 5 covered topics:

• Information mapping with specific active directory recognition scripts;
• Use of a graphical interface tool called Bloodhound.

Module 5 exercises:

• Installation and setup of Bloodhound to get information gathering from Active Directory.

Module 6 covered topics:

• Detailed and step-by-step demonstration of Active Directory attack techniques.

Module 6 exercises:

• Perform attacks to the AD environment like: Kerberos Attacks, Pass-the-Hash, golden and silver ticket.

Module 7 covered topics:

• How to install and configure a command and control channel called Empire;
• The installation of your listeners;
• Sending remote commands and other post-exploitation modules.

Module 7 exercises:

• Installation and setup C2 of application to use in Windows environment.