The PowerShell For Penetration Testers (PFPT) is an online course designed for teaching PowerShell to penetration testers, system administrators and other security professionals. You will be able to use and write tools in PowerShell which is installed by default of all modern Windows operating systems. The course will be of interest for anyone who wants to know more about using PowerShell for security research, penetration testing and red teaming. The course covers various phases of a penetration testing and PowerShell is used to enhance techniques in the each phase.

Course Syllabus

  • Introduction to PowerShell
  • Basics of PowerShell
  • Scripting
  • Advanced Scripting Concepts
  • Modules
  • Jobs
  • PowerShell with .Net
  • Using Windows API with PowerShell
  • PowerShell and WMI
  • Working with COM objects
  • Interacting with the Registry
  • Recon and Scanning
  • Exploitation
    • Brute Forcing
    • Client Side Attacks
    • Using existing exploitation techniques
    • Porting exploits to PowerShell – When and how
    • Human Interface Device
  • PowerShell and Metasploit
    • Running PowerShell scripts
    • Using PowerShell in Metasploit exploits
  • Post Exploitation
    • Information Gathering and Exfiltration
    • Backdoors
    • Privilege Escalation
    • Getting system secrets
  • Post Exploitation
    • Passing the hashes/credentials
    • PowerShell Remoting
    • WMI and WSMAN for remote command execution
    • Web Shells
    • Achieving Persistence
  • Using PowerShell with other security tools
  • Defense against PowerShell attacks

Is this Course for Novices or only for the Experts?

It is for both. The language basics and PowerShell programming, which form almost half of the course, are covered with patiently and keeping in mind students with no or very little prior programming experience. During the part where application of PowerShell in penetration testing is discussed, the course gathers speed and even expert users will learn new concepts and applications of Offensive PowerShell.