PowerShell for Hackers


PowerShell for Hackers
- پیشرفته
- مسیر قرمز
- ۷ درس
دربارهی این دوره
این دوره به چه افرادی توصیه میشود؟
- کارشناسان ارزیابی امنیت/تست نفوذ/تیم قرمز
- کارشناسان تیم آبی (پاسخ به رخدادها، امنسازی و و شکار تهدید)
- مدیران شبکههای مبتنی بر ویندوز
- مشاورین امنیت سایبری
برای حضور در این دوره چه دانشهایی باید داشته باشم؟
- آشنایی با مفاهیم سرورهای ویندوز و Active Directory
- آشنایی با مفاهیم ابتدایی شبکه و پروتکلهای پرکاربرد
- آشنایی کلی با حملات و تهدیدات سایبری
سرفصلهای دوره
-
Hello PowerShell
-
Introduction to PowerShell
-
What is Cmdlet?
-
PowerShell basic scripting
-
Data types and data structures
-
If- else-switch
-
Loops (for-foreach-while)
-
Objects
-
Outputs
-
Variables
-
Error Handling
-
-
Modules
-
Jobs
-
PowerShell advance scripting
-
PowerShell remoting
-
Introduction to File-Less attacks
-
-
Attack and Defense Strategies
-
Obfuscate PowerShell codes
-
Deobfuscate PowerShell codes
-
Bypass AMSI and AV
-
What is JEA and how to abuse it
-
What is UAC and how to bypass it
-
What is AppLocker and how to bypass it
-
What is PowerShell constrained language mode and how to bypass it
-
Scriptblock logging definition and bypass methodology
-
PowerShell logging and abuse event logging
-
-
Windows Management Instrumentation (WMI)
-
WMI basics and introduction
-
WQL
-
Instance queries
-
Meta queries
-
Event queries
-
Permanent eventing
-
-
Active Directory and Kerberos
-
Overview of Active directory
-
Overview of kerberos
-
Active directory objects
-
Working with GPO
-
Domain trusts
-
Information gathering and exfiltration
-
Active directory ACLs
-
DACLs
-
ACE
-
Exploiting ACL and DACLs
-
Kerberos based attacks
-
Over Pass the hash
-
Pass the ticket
-
Golden Ticket
-
Silver Ticket
-
Kerberoast
-
Constrained Delegation
-
Un-Constrained Delegation
-
ASRepRoast
-
Bruteforce
-
assword Spray
-
-
-
-
Abuse LAPS
-
-
Windows API in PowerShell
-
C# in PowerShell
-
PowerShell in C#
-
Reflection for assembly and DLL
-
Load .net in memory
-
WIN32 API programming in PowerShell
-
Token and memory manipulations
-
Hooking in PowerShell
-
Inject all the things
-
Hard-link and Symlink Attacks
-
-
Persist PowerShell code
-
High and Low privilege persistence
-
Persist using Task scheduler
-
Persist using registry
-
PowerShell profile
-
Some other persist techniques
-
-
Privilege Escalation using PowerShell
-
Abuse services
-
DLL hijacking
-
Phishing attack to escalate privilege
-
Some other privilege escalation attack
-
گواهینامهی دوره
