Description
Who Should Attend? Penetration Testers Microsoft Administrators Security Administrators Active Directory Administrators Anyone looking to learn more about security Key Data Course Title: Certified PowerShell Hacker Duration: 4 Days Class Format Options: Prerequisites: General Understanding of Pen Testing General Understanding of Active Directory General Understanding of scripting and programming CPEs: 32 Course Outline
Module 1 Introduction to PowerShell
- Different Tool Options
- Installing everything needed
- Language Basics
- Using the Windows API and WMI
- Interacting with the Registry
- Managing Objects and COM Objects
Module 2 – Introduction to Active Directory and Kerberos
- Overview of Kerberos
- The three-headed monster
- Key Distribution Center
- Kerberos in Detail
- Why we care about Kerberos as a Hacker
- Overview of Active Directory
- Understanding AD concepts
- AD Objects and Attributes
Module 3 – Pen Testing Methodology Revisited
- Introduction to the methodology
- The Plan!!
- Vulnerability Identification
- Client-side attacks with and without PowerShell
Module 4 – Information Gathering and Enumeration
- What can a domain user see?
- Domain Enumeration
- Trust and Privileges Mapping
- After the client exploit
Module 5 – Privilege Escalation
- Local Privilege Escalation
- Credential Replay Attacks
- Domain Privilege Escalation
- Dumping System and Domain Secrets
- PowerShell with Human Interface Devices
Module 6 – Lateral Movements and Abusing Trust
- Kerberos attacks (Golden, Silver Tickets and more)
- Delegation Issues
- Attacks across Domain Trusts
- Abusing Forest Trusts
- Abusing SQL Server Trusts
- Pivoting to other machines
Module 7 – Persistence and Bypassing Defenses
- Abusing Active Directory ACLs
- Maintaining Persistence
- Bypassing Defenses
- Attacking Azure Active Directory
Module 8 – Defending Against PowerShell Attacks
- Defending an Active Directory Infrastructure
- Detecting Attacks
- Logging
- Transcripts
- Using Certificates
- Using Bastion Hosts
- Using AppLocker