Powershell for Penetration Testers

Presented at DeepSec 2014 „Do you want to know more?“, Unknown date/time (Unknown duration).

PowerShell has changed the way how Windows is used, secured and also the way Windows is 0wned. It is an automation platform for everybody; developers, defenders and attackers. PowerShell provides easy access to almost everything in a Windows machine and network. It comes installed by default in modern versions of Windows. During a penetration test, it could be really helpful to use this powerful shell and scripting language for further attacks. This training would help anyone who wants to know more about powershell from a security perspective. If you are a defender, you could learn how this attack vector can be used against a corporate environment. If you are a pen tester you would learn how to use powershell for pen testing in a windows environment. You will learn various techniques like privilege escalation, backdoors, keylogging, data exfiltration, dumping system secrets in plain, persistence, pivoting, in-memory code execution, using top sites as C&C, web shells, bots... the list goes on. Learning how to use a target environment for your purpose is crucial in pen tests. Open source tools which help in achieving this would also be discussed including those written by the trainer. The training aims to bring PowerShell goodness to security professionals and includes hands-on in a lab environment and CTF like exercises. You would be able to write your own scripts for security testing after this training. This training aims to forever change how you pen test a Windows based environment. Course Content 1. Introduction to PowerShell 2. Using ISE, help system, cmdlets and syntax of PowerShell 3. Writing simple PowerShell scripts 4. Functions, Objects, Pipeline, Jobs and Modules 5. Recon, Information Gathering and the likes - Tools written/integrated in powershell 6. Vulnerability Scanning and Analysis - Tools written/integrated in powershell 7. Exploitation - Usage with Metasploit 8. Post-Exploitation - What powershell is actually made for 9. Pivoting to other machines 10. Poshing the hashes™ 11. PowerShell with Human Interface Devices 12. PowerShell for Web App Pen testing 13. Achieving Persistence 14. Owning other MS products - SQL Server, Exchange, AD etc. 15. Clearing Tracks 16. Quick System Audits with Powershell 17. Security controls available with PowerShell

Presenters:

  • Nikhil Mittal - Hacker
    Nikhil Mittal is a hacker, info sec researcher and enthusiast. His area of interest includes penetration testing, attack research, defence strategies and post exploitation research. He has 5+ years of experience in Penetration Testing for his clients which include many global corporate giants. He specializes in assessing security risks at secure environments which require novel attack vectors and "out of the box" approach. He has worked extensively on using Human Interface Devices in Penetration Tests and PowerShell for post exploitation. He is creator of Kautilya, a toolkit which makes it easy to use Human Interface Devices in penetration tests and Nishang, a post exploitation framework in powershell. In his free time, Nikhil likes to do some vulnerability research and works on his projects.

Links:

Similar Presentations: