PowerShell for Offense and Defense

Date: May 19 - 22, 2020
Location: Online

Trainers: Ben Ten and Carlos Perez

Skill Level: All


Course Description:

Whether you are a penetration tester or a defender, there is one common tool that is used heavily by both teams—PowerShell. PowerShell has become an organization’s best friend and potentially its worst enemy. In this course, we will demonstrate how to use PowerShell from both a penetration tester and defender point of view. We will identify ways to attack a lab environment and demonstrate how you can use PowerShell to detect those attacks. We will also look at ways to use PowerShell as a deceptive defensive tool.

This class is designed to simulate a corporate environment and will allow students to attack and detect a wide range of exploits and attacks. This class will cover tactics, techniques, and procedures (TTPs) commonly used by penetration testers and will demonstrate ways to identify those indicators of compromise (IoCs), all within PowerShell.

This course qualifies for 28 hours of CPE credit hours.


Overview/Course Syllabus:

This four-day intensive training course will be held using video-conferencing software with the ability for group and individual instruction.

Day 1

  • PowerShell Primer
  • PowerShell Security
  • Automation Techniques
  • Compiled vs Scripted Cmdlets
  • Lab 1

Day 2

  • PowerShell Best Practices
  • Security Controls
  • Malware Detection
  • Transcription Logging
  • Custom Terminal Prompts
  • PowerShell Version Restrictions
  • Lab 2

Day 3

  • Offensive Discovery
  • Target Selection
  • Exploitation
  • Tools
  • Lab 3

Day 4

  • Common Defense
  • Detections With Event Logs
  • ELK and PowerShell
  • Paths of Least Resistance
  • Lab 4


Key Takeaways:

  • Learn both offensive and defensive techniques, specifically with PowerShell
  • Improve your understanding of detection capabilities
  • Identify automation tips and tricks using PowerShell
  • Learn ways to penetration test only using PowerShell


Who Should Take This Course:

  • Defenders
  • Penetration Testers
  • Beginners to Offense or Defense
  • System Administrators
  • Anyone looking to strengthen their offensive and defensive knowledge


What’s Provided?:

  • A lab environment with a windows VM for students to use with their offensive and defensive PowerShell scripts
  • Free scripts, tools, and custom code to help understand offense and defense using PowerShell
  • All presentation slides and a course handout with all of the commands


Technical Requirements:

  • Internet connection
  • Web browser to access Student Lab
  • Web camera
  • Headphones and microphone

Register before May 1st – $2,500
Register on or after May 1st – $3,000

*Contact us for military discount and group pricing (3 or more students)