Training Mile2

Training goals

code: C)PSH | version: v1

This C)PSH - Certified PowerShell Hacker course  is  an  intense  few  days covering   the   keys   to   hacking   with PowerShell. We    know    that    most companies  have  an  Active  Directory infrastructure that manages authentication   and   authorization   to most  devices  and  objects  within  the organization.  Many  use  PowerShell  to speed  up  and  simplify  management, which only makes sense. Did youknow that  a  large  percentage  of  hacks  over the   last   year   included   PowerShell based  attacks? Well they  did,  which  is why  we  spend 4days  learning  how  to hack  like  the  pros  using  nothing  but what   is   already   available to us   in Windows  or  now  in  open  source  code on Mac and Linux! The course is based on   real   world   implementations   of   a windows  infrastructure  along  with  real world  penetration  testing  techniques. You will leave with a real strong skill set to help test your windows environment like never before. An attendee will also walk away with a strong skill set on how to   help   prevent   these   attacks   from happening in the first place! Here are just a few things you will take away from this course:

  • Detailed Lab Manual
  • VMs for performing labs on your own
  • New ideas on testing your own AD infrastructure
  • Attacks you can use immediately
  • How to secure against PowerShell attacks

Upon Completion:

Upon completion, the Certified PowerShell Hacker candidate will be able to competently take the CPSH exam.

Who Should Attend:

  • Penetration Testers
  • Microsoft Administrators
  • Security Administrators
  • Active Directory Administrators
  • Anyone looking to learn more about security

Mile2® is:

  • ACCREDITED by the NSA CNSS 4011-4016
  • MAPPED to NIST / Homeland Security NICCS's Cyber Security Workforce Framework
  • APPROVED on the FBI Cyber Security Certification Requirement list (Tier 1-3)

Conspect Show list

  1. Introduction to PowerShell
    • Different Tool Options
    • Installing everything needed
    • Language Basics
    • Using the Windows API and WMI
    • Interacting with the Registry
    • Managing Objects and COM Objects
  2. Introduction to Active Directory and Kerberos
    • Overview of Kerberos
    • The three-headed monster
    • Key Distribution Center
    • Kerberos in Detail
    • Why we care about Kerberos as a Hacker
    • Overview of Active Directory
    • Understanding AD concepts
    • AD Objects and Attributes
  3. Pen Testing Methodology Revisited
    • Introduction to the methodology
    • The Plan!!
    • Vulnerability Identification
    • Client-side attacks with and without PowerShell
  4. Information Gathering and Enumeration
    • What can a domain user see?
    • Domain Enumeration
    • Trust and Privileges Mapping
    • After the client exploit
  5. Privilege Escalation
    • Local Privilege Escalation
    • Credential Replay Attacks
    • Domain Privilege Escalation
    • Dumping System and Domain Secrets
    • PowerShell with Human Interface Devices
  6. Lateral Movements and Abusing Trust
    • Kerberos attacks (Golden, Silver Tickets and more)
    • Delegation Issues
    • Attacks across Domain Trusts
    • Abusing Forest Trusts
    • Abusing SQL Server Trusts
    • Pivoting to other machines
  7. Persistence and Bypassing Defenses
    • Abusing Active Directory ACLs
    • Maintaining Persistence
    • Bypassing Defenses
    • Attacking Azure Active Directory
  8. Defending Against PowerShell Attacks
    • Defending an Active Directory Infrastructure
    • Detecting Attacks
    • Logging
    • Transcripts
    • Using Certificates
    • Using Bastion Hosts
    • Using AppLocker
Download conspect training as PDF

Additional information

Prerequisites
  • General Understanding of Pen Testing
  • General Understanding of Active Directory
  • General Understanding of scripting and programming
Difficulty level
Duration 4 days
Certificate

The participants will obtain certificates signed by Mile2 (course completion).

This course will help prepare you for the Certified PowerShell Hacker exam, which is available through the on-line Mile2’s Assessment and Certification System (“MACS”), and is accessible on your mile2.com account. The exam will take 2 hours and consist of 100 multiple choice questions.

Each participant in an authorized training C)PSH - Certified PowerShell Hacker will receive a free CPSH exam voucher.
Trainer

Certified Mile2 Instructor.
Additional informations

We also recommend further training and certification:

Other training Mile2 | Pen Testing & Ethical Hacking

Mile2 show more courses
Training thematically related

Security

Security | Aruba

Network Security | Broadcom

Java Programming | Capstone Courseware

Java EE | Capstone Courseware

Open-Source Frameworks | Capstone Courseware

XML and Web Services | Capstone Courseware

Core Training | Check Point

Infinity Specializations | Check Point

ICS/OT security | Compendium CE

Security+ | CompTIA

CySA+ | CompTIA

PenTest+ | CompTIA

SecurityX (formerly CASP+) | CompTIA

Certified Ethical Hacker | EC-Council

Advanced WAF (AWAF) | F5

Access Policy Manager (APM) | F5

Advanced Firewall Manager (AFM) | F5

Fortinet Certified Professional (FCP) | Fortinet

Fortinet Certified Solution Specialist (FCSS) | Fortinet

Cyber security | ISC2

Microsoft 365 | Microsoft

Security | Microsoft

Pen Testing & Ethical Hacking | Mile2

Information Systems Management | Mile2

Incident Handling | Mile2

Web Application Security | Mile2

Cloud Security | Mile2

Forensics | Mile2

Disaster Recovery | Mile2

Healthcare | Mile2

Risk Management | Mile2

Auditing | Mile2

Cyber Range | Mile2

Security Awareness | Mile2

Cyber Threat Analyst | Mile2

Network Security | Palo Alto Networks

SASE | Palo Alto Networks

Security Operations | Palo Alto Networks

ISO/IEC 27001 Information Security Management Systems | PECB®

LinkProof | Radware

DefensePro | Radware

AppDirector | Radware

Alteon | Radware

Fundamentals | SCADEMY

C# | SCADEMY

C/C++ | SCADEMY

Java | SCADEMY

PHP | SCADEMY

Python | SCADEMY

WEB | SCADEMY

Cloud | SCADEMY

Cryptography | SCADEMY

Finance | SCADEMY

Healthcare | SCADEMY

Telecome | SCADEMY

Software design | SCADEMY

Software testing | SCADEMY

Dark Web | SECO-Institute

Cyber Defence | SECO-Institute

Crisis Management | SECO-Institute

Data Protection | SECO-Institute

Kubernetes | SUSE

Linux | The Linux Foundation

E-learning | The Linux Foundation

Exam | The Linux Foundation

Contact form

Please fill form below to obtain more info about this training.






* Fields marked with (*) are required !!!

Information on data processing by Compendium - Centrum Edukacyjne Spółka z o.o.

TRAINING PRICE FROM 1300 EUR

  • In order to propose a date for this training, please contact the Sales Department

Upcoming Mile2 training

Training schedule Mile2