Initial Access with Luckystrike

By Josh Stroschein
Malicious office documents are an effective way to gain an initial foothold into a network. In this course, you will learn how to use Luckystrike to create custom malicious office documents, manage multiple payloads, and utilize custom templates.
Get started
Play course overview
Course info
Level
Intermediate
Updated
Aug 3, 2020
Duration
34m
Table of contents
Course Overview
Course Overview 1m
Creating Malicious Office Documents with Luckystrike
Introduction 5m Demo: Installing and Configuring Luckystrike 6m Demo: Understanding Payloads and Catalogs 7m Demo: Creating Templates 4m Demo: Utilizing Payloads from Other Frameworks 10m
Resources
Additional Resources 1m
Description
Course info
Level
Intermediate
Updated
Aug 3, 2020
Duration
34m
Your 10-day individual free trial includes:

Expert-led courses

Keep up with the pace of change with thousands of expert-led, in-depth courses.
Start a 10-day free trial
Description

Creating and managing malicious office documents is a common red team task. However, it can become very tedious managing all of the payloads, templates, and potential anti-virus bypasses. In this course, Initial Access with Luckystrike, you will gain the ability to not only create malicious office documents, but manage them in a straight-forward framework. First, you will learn how to build your catalog to add a variety of payloads. Next, you will discover how to import templates to help create custom malicious office documents. Finally, you will explore how integrate custom payloads from other red team tools. When you are finished with this course, you will have the skills and knowledge of Luckystrike needed to manage all of your malicious document needs.

About the author
Josh Stroschein
About the author

Dr. Josh Stroschein is an Assistant Professor at Dakota State University where he teaches malware analysis, software exploitation, reverse engineering, and penetration testing. Josh also works as a malware analyst for Bromium, an end-point security company and is the Director of Training for the Open Information Security Foundation (OISF).

More from the author
Installing the Elastic Stack
Beginner
1h 30m
Aug 17, 2021
Dridex Banking Trojan
Intermediate
1h 57m
May 11, 2021
Network Analysis with Arkime
Intermediate
45m
Dec 11, 2020
More courses by Josh Stroschein
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Welcome to Pluralsight and this Red Team Tools course featuring Luckystrike, the open source tool developed and maintained by Jason Lang. Luckystrike is a tool that penetration testers and ethical hackers could use to create malicious Office documents to gain initial access into a network. Luckystrike has the ability to create malicious Word and Excel documents and includes a number of techniques to help avoid antivirus detection. Luckystrike's name represents your overall use of malicious Office documents and that it only takes one person to fall victim to your malicious Office doc and you've gained a shell. Come join me as we explore the different uses of Luckystrike and how to create malicious Office documents for red team operations.

You're the smartest person in the room

PROVE IT

Your team won't just close the skills gap

THEY'LL HURDLE IT

Course info
Level
Intermediate
Updated
Aug 3, 2020
Duration
34m
Pluralsight IQ
Know exactly where everyone on your team stands with assessments and analytics.
Try our full library including this course free for your whole team for 14-days.