The platform you are working with (or against) determines the tools you can use. Of course, everyone loves to boot the operating system of choice and hack on familiar grounds. Occasionally you have no choice, and you have to use what’s available. This is especially true for penetration testing. You get to use what you find on the systems of your digital beachhead. And you are well advised to get familiar with the tools you most definitely will find on these systems. This is a reason to look at the PowerShell. It is available on the Microsoft® Windows platform, so it’s the way to go. In his workshop at DeepSec 2015 Nikhil Mittal will teach you all you need to know about the PowerShell.
PowerShell is the ideal tool for penetration testing of a Windows environment. With its tight integration with the Windows Operating System, access to components like .Net, WMI, Windows API, Domain Services, Registry, Filesystem, etc., and the trust countermeasures, OS and system administrators have on it, it is imperative to learn it, no matter if you are from a red team or a blue team. PowerShell is useful in not only the Post Exploitation phase but in all phases of a Penetration Test. In fact, it is an ideal tool for getting a foothold in a target environment.
There has been a lot of work recently on offensive techniques using PowerShell. Much of the attack research on Windows includes PowerShell usage. This training has been updated to cover (almost) all of the new techniques. The course is a mixture of demonstrations, exercises, hands-on and lecture. If you do red teaming, attend this training to sharpen your skills to attack a Windows Domain and if you do blue teaming, attend this training to understand the techniques of attackers.
We strongly recommend this training for anyone doing penetration testing or looking for tools to test their own defences. Most organisations have Microsoft® Windows systems running somewhere. With Nikhil’s expertise you can turn them into mean scripting machines which will do your bidding. Let the machines rise!
Nikhil Mittal is a hacker, infosec researcher, speaker and enthusiast. His area of interest includes penetration testing, attack research, defence strategies and post exploitation research. He has 6+ years of experience in Penetration Testing for his clients, including many global corporate giants. He is also a member of Red teams of selected clients.
He specializes in assessing security risks in secure environments which require novel attack vectors and an “out of the box” approach. He has worked extensively on using Human Interface Devices in Penetration Tests and PowerShell for post exploitation. He is creator of Kautilya, a toolkit which makes it easy to use Teensy in penetration tests and Nishang, a post exploitation framework in PowerShell. In his spare time, Nikhil researches on new attack methodologies and updates his tools and frameworks. Nikhil has held trainings and boot camps for various corporate clients (in US, Europe and SE Asia), and at the world’s top information security conferences. He has spoken at conferences like Defcon, BlackHat USA, BlackHat Europe, RSA China, Troopers, DeepSec, PHDays, BlackHat Abu Dhabi, Hackfest, ClubHack, EuSecWest and more. You can visit his blog.