Penetration Tests and Red Team operations for secured environments need altered approaches. You cannot afford to touch disk, throw executables and use memory corruption exploits without the risk of being ineffective as a simulated adversary. To enhance offensive tactics and methodologies, PowerShell is the tool of choice.
PowerShell has changed the way Windows networks are attacked. It is Microsoft’s shell and scripting language available by default in all modern Windows computers. It could interact with .Net, WMI, COM, Windows API, Registry and other computers on a Windows Domain. This makes it imperative for Penetration Testers and Red Teamers to learn PowerShell.
This training is aimed towards attacking Windows network using PowerShell and is based on real world penetration tests and Red Team engagements for highly secured environments. The course runs as a penetration test of a secure environment with detailed discussion and use of custom PowerShell scripts in each phase.
Some of the techniques (see the course content for details), implemented using PowerShell, used in the course:
- In-memory shellcode execution using client side attacks
- Exploiting SQL Servers (Command Execution, trust abuse, lateral movement)
- Using Metasploit payloads with no detection
- Active Directory trust mapping, abuse and Kerberos attacks
- Dump Windows passwords, Web passwords, Wireless keys, LSA Secrets and other system secrets in plain text
- Using DNS, HTTPS, Gmail, etc. as communication channels for shell access and exfiltration
- Network relays, port forwarding and pivots to other machines
- Reboot and Event persistence
- Bypass security controls like Firewalls, HIPS and Anti-Virus
The course is a mixture of demonstrations, exercises, hands-on and lecture. The training focuses more on methodology and techniques than tools. Attendees will get free one month access to a complete Active Directory environment after the training. Attendees would be able to write own scripts and customize existing ones for security testing after this training. This training aims to change how you test a Windows based environment.
Click here to register for this course.
Early Bird Discount $2,000 + 4.712% HI GET + Eventbrite Processing & Payment Handling Fees for the first 5 registrants
Regular Price $2,500 + 4.712% HI GET + Eventbrite Processing & Payment Handling Fees
July 5, 2016
Day 1 – July 11, 2016
[table “18” not found /]
Day 2 – July 12, 2016
[table “19” not found /]
- Basic understanding of how penetration tests are done
- Basic understanding of a programming or scripting language could be helpful but is not mandatory
- An open mind
About Nikhil Mittal
Nikhil Mittal is a hacker, infosec researcher, speaker and enthusiast. His area of interest includes penetration testing, attack research, defense strategies and post exploitation research. He has 7+ years of experience in Penetration Testing for his clients which include many global corporate giants. He is also a member of Red teams of selected clients.
He specializes in assessing security risks at secure environments which require novel attack vectors and “out of the box” approach. He has worked extensively on using Human Interface Device in Penetration Tests and PowerShell for post exploitation. He is creator of Kautilya, a toolkit which makes it easy to use HIDs in penetration tests and Nishang, a post exploitation framework in PowerShell. In his spare time, Nikhil researches on new attack methodologies and updates his tools and frameworks.
Nikhil has held trainings and boot camps for various corporate clients (in US, Europe and SE Asia), and at the world’s top information security conferences.
He has spoken/trained at conferences like DefCon, BlackHat USA, BlackHat Europe, RSA China, Shakacon, Troopers, DeepSec, PHDays, BlackHat Abu Dhabi, Hackfest, ClubHack, EuSecWest and more.