Skip to content
Antisyphon Training

Antisyphon Training

  • Home
  • About
    • Mission
    • FAQ
    • Giving Back
    • Our Instructors
    • Testimonials
    • Updates
  • Live Training
    • Antisyphon Summit 2023
    • Course Catalog
    • Pay What You Can Training
    • Live Training Calendar
    • Training Roadmap
    • Cybersecurity Training for Businesses
    • The Vault Program
  • On-Demand Training
    • Course Catalog
    • Training Roadmap
    • Cybersecurity Training for Businesses
    • The Vault Program
  • MSP Training
  • Cyber Range
    • About Our Cyber Range
    • Purchase Subscription
    • ACE-T™ Certification
    • ACE-T™ Level Lookup
  • Contact Us
  • Toggle search form
PowerShell for InfoSec: What You Need to Know! with Carrie Roberts

PowerShell for InfoSec: What You Need to Know!

Instructor: Carrie Roberts
Course Length: 16 Hours
Format: Live Online or On-Demand

Includes: Twelve months of complimentary access to the Antisyphon Cyber Range, certificate of participation, six months access to class recordings.

View Live/Online Course Schedule
Register for On-Demand Training

Course Description

PowerShell is an excellent cross-platform shell for executing commands and scripts on both local and remote machines. It is installed on Windows by default and is widely used by both network defenders and attackers. This course will cover key PowerShell concepts that both blue and red teamers should understand including logging, credential management, remote administration, security bypass techniques and popular PowerShell attack tools.


Syllabus

  • PowerShell Usage Fundamentals
    • Profiles
    • Environment Variables
    • Aliases
    • PowerShell Gallery
    • History Files
    • Encoded commands
    • Help System
    • Objects and Piping
  • Modules and Module Load Hijacking
  • Logging: Script Block, Module and Transcription
  • PS Remoting
  • Secure Administration Options:
    • Just Enough Admin (JEA)
    • Desired State Configuration (DSC)
    • Constrained Language Mode
  • Antimalware Scan Interface (AMSI) Bypass
  • Execution Policy Bypass
  • Credential Management
  • PowerShell without PowerShell
  • Download Cradles
  • PowerShell Core
  • Popular PS Attack Tools
  • Obfuscation

Key Takeaways

  • General understanding of PowerShell
  • In-Depth knowledge of PowerShell execution logging options
  • Understanding of PowerShell security features from both an offensive and defensive perspective

Who Should Take This Course

Anyone interested in learning more about PowerShell and it’s use as both an offensive and defensive tool.

Audience Skill Level

All

Student Requirements

A laptop and a smile!

What Each Student Should Bring

  • A computer with VMware Player/Workstation/Fusion installed
    • Note: Administrative Access required for install
    • You can use other virtualization platforms if you prefer but specific instructions won’t be provided.
  • At least 8GB RAM and 50 GB free disk space
  • Lab VMs Installed as described here
  • Solid internet access

About Antisyphon Training Options

Live Online

Learn via live stream from instructors that are in the field utilizing the techniques they teach. Classes are split into four training days that are each four hours long. Live Online training includes six months access to dedicated class channels in the Antisyphon Discord server, six months access to live class recordings, a certificate of participation, and 12 months complimentary access to the Antisyphon Cyber Range.

On-Demand

Learn at your own pace with access to course content, lectures, and demos in the Antisyphon On-demand learning platform. Most courses are offered with lifetime access to the course and content updates. All On-demand courses include content update alerts, access to dedicated support channels in the Antisyphon Discord server, a certificate of participation, and 12 months complimentary access to the Antisyphon Cyber Range.

Live Online w/ On-Demand Bundle

This is the best of both worlds! Attend the live online class at its next scheduled interval and gain access to the online training modules in the Antisyphon On-demand training platform. Bundle also includes six months access to dedicated class channels in the Antisyphon Discord server, six months access to live class recordings, a certificate of participation, and 12 months complimentary access to the Antisyphon Cyber Range.


Trainer & Author

Carrie Roberts
Carrie Roberts

Carrie Roberts is a programmer, turned pentester, turned red teamer, turned blueish purple. She is currently a Defense Engineer at Walmart. She loves to learn and give back to the community. She is one of the primary Atomic Red Team project maintainers and developers and has developed many of her own open-source tools. She holds master’s Degrees in both Computer Science and Information Security Engineering. She has earned 12 GIAC certifications including the prestigious “Security Expert” (GSE) certification. She has spoken at numerous security conferences including DerbyCon and Wild West Hackin’ Fest, published many blog posts on topics ranging from social engineering to bypassing anti-virus, and contributed new research on the VBA Stomping maldoc technique.


Live Training Events

This class will be taught as part of
the Antisyphon Most Offensive Con that Ever Offensived! Summit,
March 1-3, 2023.

Register for the Most Offensive Con that Ever Offensived!
Summit Event using the buttons below.

Summit + Training
Summit Only
Join the Antisyphon Training Discord Server!
  • Twitter
  • LinkedIn
  • Mastodon
PROMPT#

Copyright © 2023 Antisyphon

Powered by PressBook Dark WordPress theme