Workshop: The Evolution of PowerShell: Blue and Red Team Tactics

The Evolution of PowerShell: Blue and Red Team Tactics

Instructor: Fernando Tomlinson

Duration: 3 Hours

Course Description:

PowerShell is one of the most versatile languages in use today and is being used beyond system administration. In today's environment, the language is being used for defensive hunting, forensics, attacker reconnaissance, escalation, exfiltration, or lateral movement. This 3-hour training event will provide hands-on exposure to the aforementioned areas all from within PowerShell within the filesystem, Active Directory, Group Policy, and more! Walking away, you will be better postured to identify these tactics or use them for specific purposes without adding anything additional to the network.

Class Requirements:

A developer background is not required

• A willingness to learn and to get your hands dirty in intensive labs!
• A laptop with:
• 8 GBs of RAM
• The workshop requires a system with Windows 10 (PowerShell 5). If needed, a 180-day trial Windows 10 virtual machine instance can be downloaded from https://developer.microsoft.com/en-us/windows/downloads/virtual-machines.
• Installed pre-configured Server 2016 vm (https://drive.google.com/drive/folders/1l4FwEd5Ar7EG9_ON0GsFwrplkIYBVRnH)

About the Instructor:

Fernando Tomlinson has 18 years in cybersecurity and system administration within the Department of Defense. He currently serves as the Technical Director of a Cyber Operations Center. Previously he has lead multi-level Digital Forensics and Incident Response (DFIR) and threat hunting teams. He is also a collegiate cybersecurity Adjunct Professor who enjoys contributing to the community through his blog at www.cyberfibers.com and projects at www.github.com/wiredpulse. Additionally, he does consulting with Reliable Cyber Solutions (www.rcybersolutions.com), a company focused on cybersecurity training and certification.