Malicious office documents are an effective way to gain an initial foothold into a network. In this course, you will learn how to use Luckystrike to create custom malicious office documents, manage multiple payloads, and utilize custom templates.
Creating and managing malicious office documents is a common red team task. However, it can become very tedious managing all of the payloads, templates, and potential anti-virus bypasses. In this course, Initial Access with Luckystrike, you will gain the ability to not only create malicious office documents, but manage them in a straight-forward framework. First, you will learn how to build your catalog to add a variety of payloads. Next, you will discover how to import templates to help create custom malicious office documents. Finally, you will explore how integrate custom payloads from other red team tools. When you are finished with this course, you will have the skills and knowledge of Luckystrike needed to manage all of your malicious document needs.
Dr. Josh Stroschein is an Assistant Professor at Dakota State University where he teaches malware analysis, software exploitation, reverse engineering, and penetration testing. Josh also works as a malware analyst for Bromium, an end-point security company and is the Director of Training for the Open Information Security Foundation (OISF).
Course Overview Welcome to Pluralsight and this Red Team Tools course featuring Luckystrike, the open source tool developed and maintained by Jason Lang. Luckystrike is a tool that penetration testers and ethical hackers could use to create malicious Office documents to gain initial access into a network. Luckystrike has the ability to create malicious Word and Excel documents and includes a number of techniques to help avoid antivirus detection. Luckystrike's name represents your overall use of malicious Office documents and that it only takes one person to fall victim to your malicious Office doc and you've gained a shell. Come join me as we explore the different uses of Luckystrike and how to create malicious Office documents for red team operations.