This course is an intense few days covering the keys to hacking with PowerShell. We know that most companies have an Active Directory infrastructure that manages authentication and authorization to most devices and objects within the organization. Many use PowerShell to speed up and simplify management, which only makes sense. Did you know that a large percentage of hacks over the last year included PowerShell based attacks? Well, they did, which is why we spend 4 days learning how to hack like the pros using nothing but what is already available to us in Windows or now in open source code on Mac and Linux! The course is based on real-world implementations of a windows infrastructure along with real-world penetration testing techniques. You will leave with a really strong skill set to help test your windows environment like never before. An attendee will also walk away with a strong skill set on how to help prevent these attacks from happening in the first place!
Here are just a few things you will take away from this course:
- Detailed Lab Manual
- VMs for performing labs on your own
- New ideas on testing your own AD infrastructure
- Attacks you can use immediately
- How to secure against PowerShell attacks
The Red Team vs Blue Team is a scenario-based, hands-on lab experience. The goal is to put together items learned during Mile2 courses and apply them in this environment. It consists of two days (four scenarios) ranging from easy to intermediate to advanced problem sets.
As a Blue team individual, you will be given approximately 45 minutes to review the target systems within your scenario and potentially patch vulnerabilities. ***NOTE: You cannot disable any services on the system, but you can patch it***. You are authorized to change the default credentials for the user “playerone”, however, that password will be given to the mile2 range monitor. ***NOTE: If credentials are changed after the start of the Red Team portion, there will be a timeout period up to 15 minutes***.
As a Red team individual, you will be given three hours to attempt to exploit other students’ machines. The intent for the Red team is to gain access to other systems in the network and place their name or team name in the flag.txt file in the root/administrator directory.