[Update Course] Adversary Tactics: PowerShell | SpecterOps


Adversary Tactics: PowerShell | SpecterOps
English | Size: 87 MB
Genre: eLearning

Automation is necessary to be efficient and successful in security for both offensive and defensive teams. Furthermore, with the rapid pace of migration to cloud infrastructure, the need to interact with infrastructure through automation is more important than ever. PowerShell is the language and shell that drives automation across the Windows and Azure ecosystem. Sitting on top of the massive .NET class library, there is very little that cannot be done in PowerShell. Today, PowerShell is relied upon by red teams, threat hunters, incident responders, penetration testers, criminals, and nation-state adversaries alike. Before robust detection capabilities were widely deployed, PowerShell was also the tool of choice for attackers to evade detection. Between the modern security features offered and the fact that most AV/EDR solutions have a PowerShell prevention/detection component, it is imperative that both red teamers and blue teamers understand the defensive landscape when building and using tools within the language.

Topics covered include:
OPSEC-aware PowerShell tradecraft principals
PowerShell Remoting
Execution of PowerShell in non-traditional host processes
Configuration, auditing, analysis, and evasion of preventive and detective security controls including PSv5 logging, constrained language mode, and AMSI
Windows Management Instrumentation and Active Directory deep dives
Low-level, Win32 interop and .NET internals for host artifact evasion and stealth
Code injection discovery, exploitation, and prevention

DOWNLOAD FROM RAPIDGATOR

rapidgator.net/file/cac03c0742eb642f5d8b9a3dfe06cef5/SpecterOps-AdversaryTacticsPowerShell.rar.html

DOWNLOAD FROM TURBOBIT

tbit.to/t1ppsrzozfkq/SpecterOps-AdversaryTacticsPowerShell.rar.html

If any links die or problem unrar, send request to
forms.gle/e557HbjJ5vatekDV9

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.