Powershell for Pentesters

The PowerShell For Penetration Testers (PFPT) is an online course designed for teaching PowerShell to penetration testers, system administrators and other security professionals. You will be able to use and write tools in PowerShell which is installed by default of all modern Windows operating systems. The course will be of interest for anyone who wants to know more about using PowerShell for security research, penetration testing and red teaming. The course covers various phases of a penetration testing and PowerShell is used to enhance techniques in the each phase.


Course Syllabus

  • Introduction to PowerShell
  • Basics of PowerShell
  • Scripting
  • Advanced Scripting Concepts
  • Modules
  • Jobs
  • PowerShell with .Net
  • Using Windows API with PowerShell
  • PowerShell and WMI
  • Working with COM objects
  • Interacting with the Registry
  • Recon and Scanning
  • Exploitation
    • Brute Forcing
    • Client Side Attacks
    • Using existing exploitation techniques
    • Porting exploits to PowerShell – When and how
    • Human Interface Device
  • PowerShell and Metasploit
    • Running PowerShell scripts
    • Using PowerShell in Metasploit exploits
  • Post Exploitation
    • Information Gathering and Exfiltration
    • Backdoors
    • Privilege Escalation
    • Getting system secrets
  • Post Exploitation
    • Passing the hashes/credentials
    • PowerShell Remoting
    • WMI and WSMAN for remote command execution
    • Web Shells
    • Achieving Persistence
  • Using PowerShell with other security tools
  • Defense against PowerShell attacks

Is this Course for Novices or only for the Experts?

It is for both. The language basics and PowerShell programming, which form almost half of the course, are covered with patiently and keeping in mind students with no or very little prior programming experience. During the part where application of PowerShell in penetration testing is discussed, the course gathers speed and even expert users will learn new concepts and applications of Offensive PowerShell. 


Powershell for Pentesters Course Videos

Nikhil Mittal

Nikhil Mittal is a hacker, infosec researcher, speaker and enthusiast. His area of interest includes penetration testing, attack research, defence strategies and post exploitation research. He has 6+ years of experience in Penetration Testing for his clients which include many global corporate giants. He is also a member of Red teams of selected clients.

He specializes in assessing security risks at secure environments which require novel attack vectors and “out of the box” approach. He has worked extensively on using Human Interface Device in Penetration Tests and PowerShell for post exploitation. He is creator of Kautilya, a toolkit which makes it easy to use HIDs in penetration tests and Nishang, a post exploitation framework in PowerShell. In his spare time, Nikhil researches on new attack methodologies and updates his tools and frameworks.

Nikhil has held trainings and boot camps for various corporate clients (in US, Europe and SE Asia), and at the world’s top information security conferences.He has spoken at conferences like Defcon, BlackHat USA, BlackHat Europe, RSA China, Troopers, DeepSec, PHDays, BlackHat Abu Dhabi, Hackfest, ClubHack, EuSecWest and more. He blogs at Lab of Penetration Tester.