Certified PowerShell Hacker

Overview

This course is an intense few days covering the keys to hacking with PowerShell. We know that most companies have an Active Directory infrastructure that manages authentication and authorization to most devices and objects within the organization. Many use PowerShell to speed up and simplify management, which only makes sense. Did you know that a large percentage of hacks over the last year included PowerShell based attacks? Well they did, which is why we spend 4 days learning how to hack like the pros using nothing but what is already available to us in Windows or now in open source code on Mac and Linux! The course is based on real world implementations of a windows infrastructure along with real world penetration testing techniques. You will leave with a real strong skill set to help test your windows environment like never before. An attendee will also walk away with a strong skill set on how to help prevent these attacks from happening in the first place!

Here are just a few things you will take away from this course:

Detailed Lab Manual

VMs for performing labs on your own

New ideas on testing your own AD infrastructure

Attacks you can use immediately

How to secure against PowerShell attacks

Audience Profile

Penetration Testers

Microsoft Administrators

Security Administrators

Active Directory Administrators

Anyone looking to learn more about security

Prerequisites

General Understanding of Pen Testing

General Understanding of Active Directory

General Understanding of scripting and programming

At Course Completion

Upon completion, the Certified PowerShell Hacker candidate will be able to competently take the CPSH exam

Course Outline

Module 1 – Introduction to PowerShell

Different Tool Options

Installing everything needed

Language Basics

Using the Windows API and WMI

Interacting with the Registry

Managing Objects and COM Objects

Module 2 – Introduction to Active Directory and Kerberos

Overview of Kerberos

The three-headed monster

Key Distribution Center

Kerberos in Detail

Why we care about Kerberos as a Hacker

Overview of Active Directory

Understanding AD concepts

AD Objects and Attributes

Module 3 – Pen Testing Methodology Revisited

Introduction to the methodology

The Plan!!

Vulnerability Identification

Client-side attacks with and without PowerShell

Module 4 – Information Gathering and Enumeration

What can a domain user see?

Domain Enumeration

Trust and Privileges Mapping

After the client exploit

Module 5 – Privilege Escalation

Local Privilege Escalation

Credential Replay Attacks

Domain Privilege Escalation

Dumping System and Domain Secrets

PowerShell with Human Interface Devices

Module 6 – Lateral Movements and Abusing Trust

Kerberos attacks (Golden, Silver Tickets and more)

Delegation Issues

Attacks across Domain Trusts

Abusing Forest Trusts

Abusing SQL Server Trusts

Pivoting to other machines

Module 7 – Persistence and Bypassing Defenses

Abusing Active Directory ACLs

Maintaining Persistence

Bypassing Defenses

Attacking Azure Active Directory

Module 8 – Defending Against PowerShell Attacks

Defending an Active Directory Infrastructure

Detecting Attacks

Logging

Transcripts

Using Certificates

Using Bastion Hosts

Using AppLocker

Class Dates and Times
04/12/2021	Monday	08:00AM - 04:00PM
04/13/2021	Tuesday	08:00AM - 04:00PM
04/14/2021	Wednesday	08:00AM - 04:00PM
04/15/2021	Thursday	08:00AM - 04:00PM

Class Dates and Times
06/01/2021	Tuesday	08:00AM - 04:00PM
06/02/2021	Wednesday	08:00AM - 04:00PM
06/03/2021	Thursday	08:00AM - 04:00PM
06/04/2021	Friday	08:00AM - 04:00PM

Class Dates and Times
06/28/2021	Monday	08:00AM - 04:00PM
06/29/2021	Tuesday	08:00AM - 04:00PM
06/30/2021	Wednesday	08:00AM - 04:00PM
07/01/2021	Thursday	08:00AM - 04:00PM

Class Dates and Times
08/09/2021	Monday	08:00AM - 04:00PM
08/10/2021	Tuesday	08:00AM - 04:00PM
08/11/2021	Wednesday	08:00AM - 04:00PM
08/12/2021	Thursday	08:00AM - 04:00PM