Exfiltration with Powershell-RAT
Offered By: Pluralsight
Course Description
Overview
In this course, you will learn exfiltration over alternative protocol: exfiltration over unencrypted/obfuscated non-C2 protocol using Powershell RAT.
PowerShell is an important subject of which to have a working knowledge. In this course, Exfiltration with Powershell-RAT, you’ll cover how to utilize Powershell-RAT tool to execute [backdoor attack] in a red team environment. First, you’ll go through some of the scripts that perform specific task that enables you to perform the attack. Next, you’ll apply necessary configurations to facilitate transmission of user activity screenshots as an email attachment that will be sent to the attacker. Finally, you’ll simulate the attack by executing the python script. When you’re finished with this course, you’ll have the skills and knowledge to execute these techniques • T1113 - Screen Capture • T1053.005 - Scheduled Task/Job: Scheduled Task • T1020 - Automated Exfiltration • T1048.003 - Exfiltration Over Alternative Protocol: Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol using Powershell RAT. More importantly, knowing how these techniques can be used against you, will ultimately lend to your ability as an organization, or an individual, to detect and defend against specific attack vectors.
PowerShell is an important subject of which to have a working knowledge. In this course, Exfiltration with Powershell-RAT, you’ll cover how to utilize Powershell-RAT tool to execute [backdoor attack] in a red team environment. First, you’ll go through some of the scripts that perform specific task that enables you to perform the attack. Next, you’ll apply necessary configurations to facilitate transmission of user activity screenshots as an email attachment that will be sent to the attacker. Finally, you’ll simulate the attack by executing the python script. When you’re finished with this course, you’ll have the skills and knowledge to execute these techniques • T1113 - Screen Capture • T1053.005 - Scheduled Task/Job: Scheduled Task • T1020 - Automated Exfiltration • T1048.003 - Exfiltration Over Alternative Protocol: Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol using Powershell RAT. More importantly, knowing how these techniques can be used against you, will ultimately lend to your ability as an organization, or an individual, to detect and defend against specific attack vectors.
Syllabus
- Course Overview 1min
- Exfiltration with Powershell RAT 18mins
- Resources 0mins
Taught by
Uzair Ansari
Related Courses
Network SecurityGeorgia Institute of Technology via Udacity Proactive Computer Security
University of Colorado System via Coursera Identifying, Monitoring, and Analyzing Risk and Incident Response and Recovery
(ISC)² via Coursera Hacker101
HackerOne via Independent CNIT 127: Exploit Development
CNIT - City College of San Francisco via Independent