Featured resource
2025 Tech Upskilling Playbook
Tech Upskilling Playbook

Build future-ready tech teams and hit key business milestones with seven proven plays from industry leaders.

Check it out
  • Course
    • Libraries: If you want this course, consider one of these libraries.
    • Security

Exfiltration with Powershell-RAT

In this course, you will learn exfiltration over alternative protocol: exfiltration over unencrypted/obfuscated non-C2 protocol using Powershell RAT.

Uzair Ansari - Pluralsight course - Exfiltration with Powershell-RAT
Uzair Ansari
What you'll learn

PowerShell is an important subject of which to have a working knowledge. In this course, Exfiltration with Powershell-RAT, you’ll cover how to utilize Powershell-RAT tool to execute [backdoor attack] in a red team environment. First, you’ll go through some of the scripts that perform specific task that enables you to perform the attack. Next, you’ll apply necessary configurations to facilitate transmission of user activity screenshots as an email attachment that will be sent to the attacker. Finally, you’ll simulate the attack by executing the python script. When you’re finished with this course, you’ll have the skills and knowledge to execute these techniques • T1113 - Screen Capture • T1053.005 - Scheduled Task/Job: Scheduled Task • T1020 - Automated Exfiltration • T1048.003 - Exfiltration Over Alternative Protocol: Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol using Powershell RAT.

More importantly, knowing how these techniques can be used against you, will ultimately lend to your ability as an organization, or an individual, to detect and defend against specific attack vectors.

Table of contents

About the author
Uzair Ansari - Pluralsight course - Exfiltration with Powershell-RAT
Uzair Ansari

A DevOps Engineer by profession, passionate about technologies, Uzair Ansari has expertise in Windows PowerShell, Windows Active Directory, public key infrastructure and Windows Servers. He likes to learn and share his knowledge with others.

Get access now

Sign up to get immediate access to this course plus thousands more you can watch anytime, anywhere.

Get started with Pluralsight