After getting access to a few machines on the network, your next task in a red team engagement is collecting sensitive information. In this course, you will explore the PowerSploit tool, which is one of the main tools of a red team professional.
One of the main differences between a penetration testing and a red team engagement is executing the same attacks as malicious actors to demonstrate the impact a real attack to our clients. Therefore, after getting access to a few machines in the network, your job is to look for sensitive information that could be interesting for hackers.
In this course, Collection with PowerSploit, you will cover one of the most important tools for a red team specialist, the PowerSploit framework. Here, you focus on the collection capabilities of this tool, which includes collecting keystrokes using a stealthy keylogger, collecting screenshots, collecting audio from the victim’s microphone, and even searching for sensitive files in the computers and network shared folders.
This course covers four important tactics from the MITRE ATT&CK framework: Audio Capture (T1123), Input Capture (T1056), Screen Capture (T1113) and Data from Network Shared Drive (T1039).
Ricardo is a Cybersecurity Consultant based in Toronto (Canada). He has 10+ years of IT experience, 6 of them in the IT Security field. His main interests are: SIEM solutions (IBM QRadar), Enterprise Security Risk, Penetration Testing, Security processes/procedures and Network Security.
Course Overview (Tool Introduction) Hey there. Welcome to Pluralsight. In this cybersecurity tools course, you'll learn how to collect sensitive information using the PowerSploit framework. If you've never heard about this tool before, it is one of the most used tools for red team specialists. In a red team engagement, after getting access for a few machines, it is important to start collecting sensitive information so your client can understand the impact of a cyber attack. The PowerSploit framework contains several tools that will help us to automate sensitive data collection. And that's exactly what we will cover in this course. In here, you'll learn how to use PowerSploit to run key loggers in your target machines. You also learn how to use PowerSploit to take time screenshots, so then you can see exactly what your victim is doing. And even creepier, we will use PowerSploit to record the microphone of our victims without their knowing about it. And we'll also be covering how to search for sensitive files in shared folders using this amazing tool. So, whether you're trying to collect sensitive information in the red team engagement or just looking to audit the security of her your company, join me in learning how to collect sensitive information using the PowerSploit tool, here at Pluralsight.