Welcome to PowerShell for Hackers! PowerShell is the most advanced and powerful framework inside Windows systems that gives every system user power and ease of use. When Microsoft introduced PowerShell, it was unknown for a long time but once it comes into picture, it shows the power of hacking and system controls. Because PowerShell provides full access to WMI and COM, it enables us to take full control of the systems using commands in a hacking movie style and this course is over the same concept to leverage the power of PowerShell as a Hacker and take over the systems, networks, web servers, remote commanding other systems and even Linux systems.
PowerShell is helpful for: Security researchers, ethical hackers, penetration testers, system administrators and/or for those who want to take complete control or complete compromise of the Windows system as a red team or blue team.
*Get ready to get hacking in a terminal*
Course duration: 18 hours (18 CPE points)
Course is self-paced and pre-recorded
What will you learn?
- PowerShell commands and functions
- Using it for security testing
- Deep insights of PowerShell
- Scripting information and porting as exploits
- Various Windows internals
- Attacking methods
- Interacting with different services of Windows
- Retrieving NTLM hashes
What skills will you gain?
- Commands and the ways to use it
- Various attacks with PowerShell
- Creating PowerShell scripts for attacks
- Hacking web server with PowerShell scripts
- Hacking two factor authentications with PowerShell
- Porting the Exploits to Metasploit for attacks
- Controlling remote systems
- Creating backdoors
- Creating Web Shells
- Persistent attacks
- PowerShell Obfuscation
- Privilege escalation using PowerShell and much more.
What will you need?
- Windows 7 or later versions and internet connection
What should you know before you join?
- Basic understanding of programming and/or scripting but not necessarily required.
Atul Tiwari has over 10 years in security training. He has trained more than 45k students across 162 countries in online mode. Atul has specialized in web security testing and have conducted over hundreds of pentesting, audits, testing of web applications since 2013. He holds CISSP certifications with CEH, cyber laws, CCNA.
He is founder and CTO at gray hat | security (INDIA) www.grayhat.in
Module 1: Introduction
This introductory module will drive you through basics and more useful commands, functions, objects, modules, jobs, cmdlets and syntax of PowerShell. We will see how to create powerful PowerShell scripts to port the exploits further in an attack later. All will be demonstrated in an easy to understand way.
Module 1 covered topics:
- Introduction to PowerShell
- Basics of PowerShell (Includes: syntax, cmdlets and system help)
- PowerShell modules
- PowerShell Jobs
- Functions and pipelining
- PowerShell scripts
- Scripting with PowerShell - Creating PowerShell scripts
Module 1 exercises:
- PowerShell cmdlets
- PowerShell jobs
Module 2: PowerShell hands-on
This is the time to explore what a hacker can actually do with PowerShell. Various Windows features interact with PowerShell that throw some extraordinary results and make it easy for hackers to attack in action and in a fast-paced manner. Understanding how Windows interacts with system internals will give power to do things in such a fashion as it is assumed from a hacker.
Module 2 covered topics:
- PowerShell integration with .NET
- PowerShell and WMI
- WMI Explorer
- Windows API with PowerShell
- COM objects
- PowerShell to Windows Registry
Module 2 exercises:
- Interaction with Registry
- Windows API
- COM Objects
Module 3: Attacks with PowerShell
This module starts with the exploitation of PowerShell from information gathering to recon, client side attacks to brute force attacks, DNS enum to hacking Windows systems with the help of Metasploit and PowerShell scripts. Vulnerability scanning can also be done using PowerShell and at last we will see how one can bypass the two factor authentication using PowerShell alone.
Module 3 covered topics:
- Information gathering
- Scanning and Reconnaissance
- Client-side attacks with PowerShell
- Brute-force attack with PowerShell
- DNS Enumeration
- PowerShell scripts in Metasploit
- Hacking Windows system using HTA web server with Metasploit
- Bypassing two factor authentication (2FA) with PowerShell
Module 3 exercises:
- Information gathering
- Brute forcing
- DNS Enum
- Porting exploits to PowerShell
Module 4: Exploitation and post exploitation
Complete exploitation with PowerShell. We will leverage the power of PowerShell to hack the systems, get the complete systems details, fetch the data, create the backdoors, create the web shells and escalate the privilege to the high level.
Module 4 covered topics:
- Privilege escalation with PowerShell
- Fetching system details
- Creating Web Shells with PowerShell
- Passing the hashes
- Retrieving NTLM hashes without LSASS
- Exfiltration mechanism
- Remote command execution with WMI and WS-Management
- Creating Backdoors with PowerShell
- Walk through of Nishang tool
- Bonus - useful commands and tricks for hackers
Module 4 exercises:
- Privilege escalation
- Creating web shells
- Pass the hash
- The course is self-paced – you can visit the training whenever you want and your content will be there.
- Once you’re in, you keep access forever, even when you finish the course.
- There are no deadlines, except for the ones you set for yourself.
- We designed the course so that a diligent student will need about 18 hours of work to complete the training.
- Your time will be filled with reading, videos, and exercises.
If you have any questions about the course, get in touch with us at Hakin9 by contacting our Course Coordinator Marta at [email protected]