Certified PowerShell Hacker

Master PowerShell hacking techniques and defend your enterprise with the Certified PowerShell Hacker course, designed for IT professionals aiming to strengthen security in AD environments.

Course Thumbnail

Essential Skills Gained

Checkmark

Understand PowerShell-based attack vectors

Checkmark

Implement security measures against PowerShell threats

Checkmark

Develop real-world skills for penetration testing

Checkmark

Improve Active Directory infrastructure security

Format

  • Instructor-led
  • 5 days with lectures and hands-on labs.

Audience

  • Penetration Testers
  • Microsoft Administrators
  • Security Administrators
  • Active Directory Administrators

Description

C)PSH-Certified PowerShell Hacker Duration: 4 Days CPEs: 32 $3,000 This course is an intense few days covering the keys to hacking with PowerShell. We know that most companies have an Active Directory infrastructure that manages authentication and authorization to most devices and objects within the organization. Many use PowerShell to speed up and simplify management, which only makes sense. Did you know that a large percentage of hacks over the last year included PowerShell based attacks? Well they did, which is why we spend 4 days learning how to hack like the pros using nothing but what is already available to us in Windows or now in open source code on Mac and Linux! The course is based on real world implementations of a windows infrastructure along with real world penetration testing techniques. You will leave with a real strong skill set to help test your windows environment like never before. An attendee will also walk away with a strong skill set on how to help prevent these attacks from happening in the first place! Here are just a few things you will take away from this course:

  • Detailed Lab Manual
  • VMs for performing labs on your own
  • New ideas on testing your own AD infrastructure
  • Attacks you can use immediately
How to secure against PowerShell attacks

Calendar icon

Upcoming Course Dates

September 9-12, 2025

9:00 AM - 5:00 PM

Virtual: Online - US/Eastern

Enroll

$3000

October 13-16, 2025

9:00 AM - 5:00 PM

Virtual: Online - US/Eastern

Enroll

$3000

October 13-16, 2025

9:00 AM - 5:00 PM

Virtual: Online - US/Eastern

Enroll

$3000

Course Outline

Download PDF

Module 0 – Course Introduction

Module 1 – Introduction to PowerShell

  1. Different Tool Options

  2. Installing everything needed

  3. Language Basics

  4. Using the Windows API and WMI

  5. Interacting with the Registry

  6. Managing Objects and COM Objects

Module 2 – Introduction to Active Directory and Kerberos

  1. Overview of Kerberos

  2. The three-headed monster

  3. Key Distribution Center

  4. Kerberos in Detail

  5. Why we care about Kerberos as a Hacker

  6. Overview of Active Directory

  7. Understanding AD concepts

  8. AD Objects and Attributes

Module 3 – Pen Testing Methodology Revisited

  1. Introduction to the methodology

  2. The Plan!!

  3. Vulnerability Identification

  4. Client-side attacks with and without PowerShell

Module 4 – Information Gathering and Enumeration

  1. What can a domain user see?

  2. Domain Enumeration

  3. Trust and Privileges Mapping

  4. After the client exploit

Module 5 – Privilege Escalation

  1. Local Privilege Escalation

  2. Credential Replay Attacks

  3. Domain Privilege Escalation

  4. Dumping System and Domain Secrets

  5. PowerShell with Human Interface Devices

Module 6 – Lateral Movements and Abusing Trust

  1. Kerberos attacks (Golden, Silver Tickets and more)

  2. Delegation Issues

  3. Attacks across Domain Trusts

  4. Abusing Forest Trusts

  5. Abusing SQL Server Trusts

  6. Pivoting to other machines

Module 7 – Persistence and Bypassing Defenses

  1. Abusing Active Directory ACLs

  2. Maintaining Persistence

  3. Bypassing Defenses

  4. Attacking Azure Active Directory

Module 8 – Defending Against PowerShell Attacks

  1. Defending an Active Directory Infrastructure

  2. Detecting Attacks

  3. Logging

  4. Transcripts

  5. Using Certificates

  6. Using Bastion Hosts

  7. Using AppLocker

Your Team has Unique Training Needs.

Your team deserves training as unique as they are.

Let us tailor the course to your needs at no extra cost.