Defense Evasion with Invoke-Obfuscation

Staying undetected is essential in a red team engagement. In this course, you will learn how to obfuscate malicious scripts to bypass anti-virus solutions using the Invoke-Obfuscation tool.
Course info
Level
Intermediate
Updated
Apr 10, 2020
Duration
24m
Table of contents
Description
Course info
Level
Intermediate
Updated
Apr 10, 2020
Duration
24m
Description

One of the main objectives of a red team engagement is to not get caught by the client detection mechanisms. If you simply run your malicious code in a production server, you will most likely get caught by the Windows defender or the anti-virus solution. For this reason, obfuscating scripts to bypass those detection mechanisms is essential. In this course, Detection Evasion with Invoke-Obfuscation, you will explore how to bypass detection tools such as anti-virus solutions by obfuscating your malicious scripts. First, you will learn what script obfuscation is and how you can use it in your red team engagement. Then, you will see how to install the tool in Kali Linux. Finally, you will explore how to use the Invoke-Obfuscation tool to bypass the anti-virus and run a malicious payload in a fully patched Windows server. By the end of this course, you will know how to use the Invoke-Obfuscation PowerShell tool to obfuscate other PowerShell scripts, with the intent of evading detection. This course covers two important tactics from the Mitre Att&ck framework: Obfuscated Files or Information (T1027) and Deobfuscate/Decode Files or Information (T1140).

About the author
About the author

Ricardo is a Cybersecurity Consultant based in Toronto (Canada). He has 10+ years of IT experience, 6 of them in the IT Security field. His main interests are: SIEM solutions (IBM QRadar), Enterprise Security Risk, Penetration Testing, Security processes/procedures and Network Security.

More from the author
Credential Access with Responder
Intermediate
20m
Sep 18, 2020
Discovery with ADRecon
Intermediate
22m
Sep 18, 2020
More courses by Ricardo Reimao
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
[Autogenerated] welcome to parasite in the cyber security to scores, you learn how to evade detection solutions using the invoke obfuscation, too. In the Red Team engagement, one of your main objectives is to stay undetected by the security controls of her client. And this means that how your actions should be super stuffy, the vocal provocation to helps you to say, Enter the radar by Oprah Skating your power show's scripts. And this means that will be able to Ramallah. Vicious creates in your target machines and not get detected, even if the machine has Windows Defender or an anti virus solution. So whether you're trying to exploit a super secure server in the Red Team engagement or just testing detection capabilities in your own company, joining learning how to evade detection mechanism with invoke obfuscation, too, here at your side