PowerShell for InfoSec: What You Need to Know with Carrie Roberts
Overview
- Course Length: 16 hours
- Support from expert instructors
- Includes a certificate of completion
- 12 months access to Cyber Range
This course covers PowerShell fundamentals, execution logging options, and security features for both offensive and defensive applications in IT environments.
PowerShell is an excellent cross-platform shell for executing commands and scripts on both local and remote machines. It is installed on Windows by default and is widely used by both network defenders and attackers. This course will cover key PowerShell concepts that both blue and red teamers should understand including logging, credential management, remote administration, security bypass techniques and popular PowerShell attack tools.
- PowerShell Usage Fundamentals
- Profiles
- Environment Variables
- Aliases
- PowerShell Gallery
- History Files
- Encoded commands
- Help System
- Objects and Piping
- Modules and Module Load Hijacking
- Logging: Script Block, Module and Transcription
- PS Remoting
- Secure Administration Options:
- Just Enough Admin (JEA)
- Desired State Configuration (DSC)
- Constrained Language Mode
- Antimalware Scan Interface (AMSI) Bypass
- Execution Policy Bypass
- Credential Management
- PowerShell without PowerShell
- Download Cradles
- PowerShell Core
- Popular PS Attack Tools
- Obfuscation
Who Should Take This Course
- Anyone interested in learning more about PowerShell and its use as both an offensive and defensive tool
Audience Skill Level
- All
- A computer with VMware Player/Workstation/Fusion installed
- Note: Administrative Access required for install
- You can use other virtualization platforms if you prefer but specific instructions won’t be provided
- At least 8GB RAM and 50 GB free disk space
- Lab VMs Installed as described here
- Solid internet access
There are no scheduled live dates for this course at this time. Private training may be available.
On Demand Training
-
Train at your own pace with no set course schedule
-
Access to all course resources, including slides and VMs
-
Subject Matter Expert support through Discord
- Tips, tools, and techniques that can be applied immediately upon returning to work
- Strengthen your skills by solving challenges within the Antisyphon Cyber Range
- Become part of a community driven to educate and share knowledge