Workshop: Movement, Pivoting and Persistence For Penetration Testers and Ethical Hackers (VetSec Members Only)

In this workshop we will cover the author’s Movement, Pivoting, and Persistence
for Penetration Testers and Ethical Hackers course on Udemy and TCM
Academy. The author will provide up to 25 seats in the workshop and vouchers
for the course to attendees at no cost to the attendee. Attendees will be required
to install and set up all home lab requirements prior to the workshop. Support
issues prior to the course can be addressed in the course Discord channel
provided with the MP&P documents and materials. No lab setup support will be
provided during the workshop due to time constraints, limitations, and to maintain
flow of the course. Attendees will be provided with a lab setup guide in the
course materials.
The workshop will cover (this also serves as a rough outline – full outline is the
course itself):

  • Introduction to Command and Control
  • Brute forcing an email log in form
  • Basic Email phishing with Word and .hta files
  • Enumerating the Local Machine, Privilege Escalation, and Local Persistence
  • Domain Enumeration and Offensive PowerShell
  • Movement, Pivoting, and Persistence on the Domain

Recommended prerequisites for the course include:

  • Able to set up and provision virtual environments
  • Understand how to run PowerShell, bash, Python, and other scripting
    commands without assistance
  • Understand the basics of Active Directory environments
  • Microsoft Word for malicious Word document phishing (if no subscription, alternative phishing techniques are shown with .hta)
  • Understand how to use Metasploit, msfvenom, and Meterpreter