Certified PowerShell Hacker C)PSH

Course Description

This course covers PowerShell-based attacks giving trainees a strong skill set to help counter such attacks.

This course is an intense few days covering the keys to hacking with PowerShell. We know that most companies have an Active Directory infrastructure that manages authentication and authorization to most devices and objects within the organization. Many use PowerShell to speed up and simplify management, which only makes sense. Did you know that a large percentage of hacks over the last year included PowerShell-based attacks? Well, they did, which is why we spend 4 days learning how to hack like the pros using nothing but what is already available to us in Windows or now in open source code on Mac and Linux!

Quote a Price


A student needs to meet the following prerequisites in order to fully benefit from the course:

  • General Understanding of Pen Testing
  • General Understanding of Active Directory
  • General understanding of scripting and programming

Course outcome

Here are just a few things you will take away from this course:

  • Detailed Lab Manual
  • VMs for performing labs on your own
  • New  ideas on testing your own AD infrastructure
  • Attacks you can use immediately
  • How to secure against PowerShell attacks

Who should attend

This course was designed for the benefit of the following organization roles:

  • Penetration Testers
  • Microsoft Administrators
  • Security Administrators
  • Active Directory Administrators
  • Anyone looking to learn more about security

What you’ll learn

  • Conduct high-value penetration testing using PowerShell Empire.
  • Install, operate and maintain PowerShell Empire.
  • Generate Empire payloads that can be used to evade security solutions.
  • Weaponize media including office documents, HTML applications, and CD/DVD/USB drives.
  • Use Empire modules to escalate privileges and gain persistence.
  • Understand how to utilize Empire’s lateral movement and collection modules.

Course Outline

  • Module 1 –  Course Introduction
  • Module 1 –  Introduction to PowerShell
  • Module 2 – Introduction to Active Directory and Kerberos
  • Module 3 – Pen Testing Methodology Revisited
  • Module 4 – Information Gathering and Enumeration
  • Module 5 – Privilege Escalation
  • Module 6 – Lateral Movements and Abusing Trust
  • Module 7 – Persistence and Bypassing Defenses
  • Module 8 – Defending Against PowerShell Attacks

 Accreditations & Acknowledgements

Mile2 is:

  • ACCREDITED by the NSA CNSS 4011-4016
  • MAPPED to NIST / Homeland Security NICCS’s Cyber Security Workforce Framework
  • APPROVED on the FBI Cyber Security Certification Requirement list (Tier 1-3)

Course Highlights

  • PowerShell
  • Pen Testing Methodology Revisited
  • Privilege Escalation
  • Lateral Movements and Abusing Trust
  • Persistence and Bypassing Defenses
  • Defending Against PowerShell Attacks

Get Quote