Presentation is loading. Please wait.

Presentation is loading. Please wait.

Pentesting with Powershell

Published byJean-Paul Leblanc Modified over 5 years ago

Similar presentations

Presentation on theme: "Pentesting with Powershell"— Presentation transcript:

1 Pentesting with Powershell
by Rajganesh Pandurangan

2 Rajganesh (Raj) Pandurangan - OSCP, CISSP, CEH, QSA, PA-QSA MCSD.NET
Senior Managing Consultant at U.S.Bank 16 years of security consulting experience Results-driven success across a multitude of Fortune 100 companies Consulting Services Web Application security assessment. Mobile security assessment. Network penetration testing. Wireless security testing. Security code review. Payment Card Industry Assessment Security GAP assessment. Implementing effective security solutions and strategies

3 Web Applications and Exploitation Distro (WAED)
Site: Features: WAED is based on Debian 8.0 distribution. Use Docker to provide sandboxed environment Pre-installed web application testing tools 13 pre-installed vulnerable web application Each application can be started separately DEMO

4 What is Powershell Microsoft attempt to make admins use command line
Task automation and configuration management framework Command line shell and scripting language Built on .NET framework Provides full access to WMI and COM Perform administrative tasks on local and remote windows systems Great for log parsing and WMI queries Available by default on Windows 7 and up

5 Contd.. Security Lot of work in DFIR -http://www.invoke-ir.com
DLL injection WMI Abuse Hard to protect against attacks

6 Pentesting Methodology

7 (Firewall, IDS, IPS, DNS, DHCP)
Host Machine (Mac) Kali Linux External Testing External DMZ PFSENSE -port 80, 443 (Firewall, IDS, IPS, DNS, DHCP) DHCP Windows 2012 Domain Controller, DNS Internal Debian - WAED Kali Linux Internal Testing Windows 7 Windows 8 Windows 10

8 Tools Required for Offensive Powershell
Nishang - Powersploit - Empire - Posh-SecMod - PSAttack - PowerUPSQL - for-attacking-sql-server.html

9 Few Important Scripts Invoke-CredentialsPhish Import-module Port-Scan
out-csv, out-excel Get-help Get-NetComputer Get-NetDomainController Get-Netuser, Get-Netuser -user pentest3 Get-NetLocalGroup Invoke-filefinder Find-LocalAdminAccess Invoke-UserHunter Get-ServiceUnquoted Invoke-TokenManipulation -enumerate Invoke-TokenManipulation -createprocess "cmd.exe" -username "NT AUTHORITY\SYSTEM” (ls hklm:\security) Get-PassHashes Invoke-Mimikatz Invoke-AllChecks Get-GPPPassword Invoke-CredentialsPhish

10 Powershell Empire http://www.powershellempire.com
Powerful post exploitation framework built on PowerShell Integrates tools from Powersploit Easily Extensible

Download ppt "Pentesting with Powershell"

Similar presentations

Approaches to meeting the PCI Vulnerability Management and Penetration Testing Requirements Clay Keller.

Approaches to meeting the PCI Vulnerability Management and Penetration Testing Requirements Clay Keller.
IP ADDRESS MANAGEMENT [IPAM]

IP ADDRESS MANAGEMENT [IPAM]
Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.

Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.
ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.

ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
Uniqueness of user names is enforced Customer information logged to database Require contact information as well as email address Email address will.

Uniqueness of user names is enforced Customer information logged to database Require contact information as well as address address will.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Browser Exploitation Framework (BeEF) Lab

Browser Exploitation Framework (BeEF) Lab
Patching MIT SUS Services IS&T Network Infrastructure Services Team.

Patching MIT SUS Services IS&T Network Infrastructure Services Team.
Firewall and Proxy Server Director: Dr. Mort Anvari Name: Anan Chen Date: Summer 2000.

Firewall and Proxy Server Director: Dr. Mort Anvari Name: Anan Chen Date: Summer 2000.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Nikto LUCA ALEXANDRA ADELA. Nikto  Web server assessment tool  Written by Chris Solo and David Lodge  Released on December 27, 2001  Stable release:

Nikto LUCA ALEXANDRA ADELA. Nikto  Web server assessment tool  Written by Chris Solo and David Lodge  Released on December 27, 2001  Stable release:
Brad Baker CS526 May 7 th, 2008 5/7/2008 1. 1. Project goals 2. Test Environment 3. The Problem 4. Some Solutions 5. ModSecurity Overview 6. ModSecurity.

Brad Baker CS526 May 7 th, /7/ Project goals 2. Test Environment 3. The Problem 4. Some Solutions 5. ModSecurity Overview 6. ModSecurity.
PowerShell Desired State Configuration for Securing Systems Jeffrey Snover Distinguished Engineer (MSFT) Hemant Mahawar Senior Program Manager (MSFT) #devconnections.

PowerShell Desired State Configuration for Securing Systems Jeffrey Snover Distinguished Engineer (MSFT) Hemant Mahawar Senior Program Manager (MSFT) #devconnections.
Honeypot and Intrusion Detection System

Honeypot and Intrusion Detection System
Module 2 Designing Microsoft® Exchange Server 2010 Integration with the Current Infrastructure.

Module 2 Designing Microsoft® Exchange Server 2010 Integration with the Current Infrastructure.
Common Cyber Defenses Tom Chothia Computer Security, Lecture 18.

Common Cyber Defenses Tom Chothia Computer Security, Lecture 18.
Module 14: Configuring Server Security Compliance

Module 14: Configuring Server Security Compliance
Windows Small Business Server 2003 Setting up and Connecting David Overton Partner Technical Specialist.

Windows Small Business Server 2003 Setting up and Connecting David Overton Partner Technical Specialist.
Module 1: Configuring Windows Server 2008. Module Overview Describe Windows Server 2008 roles Describe Windows Server 2008 features Describe Windows Server.

Module 1: Configuring Windows Server Module Overview Describe Windows Server 2008 roles Describe Windows Server 2008 features Describe Windows Server.

Similar presentations

Ads by Google