PowerShell for Pentesters is an introduction to using PowerShell in pentesters. A series of videos that analyze all the techniques that security system analysts can apply and understand how Powershell works.
Scripts are provided for easy installation of the Active Directory directory functionality, however no instructions are given for installing the virtual machines. A guide provided in this repo describes the basics for setting up your network in Virtualbox.
The process is similar in VMWare Workstation and Workstation Pro.
Finally you will need Hashcat, which is available at https://hashcat.net/hashcat/. You can also download it via Kali Linux if you have it installed.
Table of Contents
Installation
git clone https://github.com/dievus/PowerShellForPentesters.git
Specifications
- User, group, and workstation enumeration
- Domain enumeration
- Downloading with PowerShell
- Group Policy Enumeration
- ACL Enumeration
- PowerShell Remoting
- PowerView and other popular offensive PowerShell scripts
- Mimikatz exploitation
Use
- Invoke-ForestDeploy.ps1
The . \ Invoke-ADGenerator.ps1
Invoke -ADGenerator -DomainName
This will install the Windows Active Directory Domain Services toolkit and create the real domain. Follow the instructions on the screen, noting the name of the domain used as this will be needed later.
- Invoke-ADGenerator.ps1
The . \ Invoke-ADGenerator.ps1
Invoke -ADGenerator -DomainName
This will create the appropriate users, groups, permissions and configurations required for the course.
- NameGen.ps1
The . \ NameGen.ps1
executeScript -ComputerName Workstation -01
This runs on the Workstation-01 machine created to properly name the workstation. Be sure to use -ComputerName flag and specify Workstation -01.
You can find the course on YouTube by clicking here.