Defense Evasion with Invoke-Obfuscation
Offered By: Pluralsight
Course Description
Overview
Staying undetected is essential in a red team engagement. In this course, you will learn how to obfuscate malicious scripts to bypass anti-virus solutions using the Invoke-Obfuscation tool.
One of the main objectives of a red team engagement is to not get caught by the client detection mechanisms. If you simply run your malicious code in a production server, you will most likely get caught by the Windows defender or the anti-virus solution. For this reason, obfuscating scripts to bypass those detection mechanisms is essential. In this course, Detection Evasion with Invoke-Obfuscation, you will explore how to bypass detection tools such as anti-virus solutions by obfuscating your malicious scripts. First, you will learn what script obfuscation is and how you can use it in your red team engagement. Then, you will see how to install the tool in Kali Linux. Finally, you will explore how to use the Invoke-Obfuscation tool to bypass the anti-virus and run a malicious payload in a fully patched Windows server. By the end of this course, you will know how to use the Invoke-Obfuscation PowerShell tool to obfuscate other PowerShell scripts, with the intent of evading detection. This course covers two important tactics from the Mitre Att&ck framework: Obfuscated Files or Information (T1027) and Deobfuscate/Decode Files or Information (T1140).
One of the main objectives of a red team engagement is to not get caught by the client detection mechanisms. If you simply run your malicious code in a production server, you will most likely get caught by the Windows defender or the anti-virus solution. For this reason, obfuscating scripts to bypass those detection mechanisms is essential. In this course, Detection Evasion with Invoke-Obfuscation, you will explore how to bypass detection tools such as anti-virus solutions by obfuscating your malicious scripts. First, you will learn what script obfuscation is and how you can use it in your red team engagement. Then, you will see how to install the tool in Kali Linux. Finally, you will explore how to use the Invoke-Obfuscation tool to bypass the anti-virus and run a malicious payload in a fully patched Windows server. By the end of this course, you will know how to use the Invoke-Obfuscation PowerShell tool to obfuscate other PowerShell scripts, with the intent of evading detection. This course covers two important tactics from the Mitre Att&ck framework: Obfuscated Files or Information (T1027) and Deobfuscate/Decode Files or Information (T1140).
Taught by
Ricardo Reimao
Related Courses
Windows 10 Features for a Mobile Workforce: Managing and Maintaining Devices in the EnterpriseedX Windows PowerShell Fundamentals
Microsoft via edX Install and Use Cloud Tools for PowerShell
Google Cloud via Coursera Advance Your Skills as a Computer Forensics Specialist
LinkedIn Learning AWS CLI: Tips and Tricks
LinkedIn Learning