PowerShell for Penetration Testers Foundation (PPTF) – Perfil

Esquema Detallado del Curso

Module 1: PowerShell Essentials and Getting a foothold

  • Introduction to PowerShell Language Essentials
    • Use ISE
    • Help system
    • Syntax of cmdlets and other commands
    • Variables, Operators, Types, Output Formatting
    • Conditional and Loop Statements
    • Functions
    • Modules
    • PowerShell Remoting and Jobs
    • Write simple PowerShell scripts
  • Extend PowerShell with .Net
  • WMI with PowerShell
  • Play with the Windows Registry
  • COM Objects with PowerShell
  • Recon, Information Gathering and the likes
  • Vulnerability Scanning and Analysis Exploitation
  • Get a foothold
    • Exploit MSSQL Servers
    • Client Side Attacks with PowerShell
    • PowerShell with Human Interface Devices
    • Using Metasploit and PowerShell together

Module 2: Post Exploitation and Lateral Movement

  • Post-Exploitation – What PowerShell is actually made for
    • Enumeration and Information Gathering
    • Privilege Escalation
    • Dump System and Domain Secrets
    • Kerberos attacks (Golden, Silver Tickets and more)
    • Backdoors and Command and Control
  • Pivot to other machines
    • Posh the hashesTM
    • Replay credentials
    • Network Relays and Port Forwarding
  • Achieve Persistence
  • Detect and stop PowerShell attacks
  • Quick System Audits with PowerShell
  • Security controls available with PowerShell