PowerShell is one of the most versatile languages in use today and is being used beyond system administration. In today's environment, the language is being used for things such as defensive hunting, forensics, attacker reconnaissance, escalation, exfiltration, or lateral movement. This training event will provide hands-on exposure to the aforementioned areas using PowerShell across the filesystem as well as Enterprise services. Walking away, you will be better postured to identify these tactics or use them for specific purposes without adding anything additional to the network. The workshop requires a system with Windows 10 (PowerShell 5). If needed, a 180-day trial Windows 10 virtual machine instance can be downloaded from https://developer.microsoft.com/en-us/windows/downloads/virtual-machines.