This guide is part of the HackerSploit Red Team series of guides. In this video, we will cover Exploitation Techniques for Windows systems. Techniques used to gain a foothold include targeted spear phishing and exploiting weaknesses on public-facing web servers. Footholds gained through initial access may allow for continued access, like valid accounts and use of external remote services, or may be limited use due to changing passwords.
0:43 What We’ll Be Covering
1:24 Mitre Attack Initial Access
2:42 A Note About Phishing
3:17 Our Methodologies
6:06 Let’s get Started
6:15 Setting Up Our Infrastructure (Empire & Starkiller)
8:12 Start the Powershell Empire Server
9:18 Start the Powershell Empire Client
9:46 Initializing Starkiller
10:48 Examining the Starkiller UI
11:00 Enable the csharpserver Plugin
12:47 Installing Luckystrike
15:39 Installing Module Invoke-Obfuscation
17:00 Loading the Module into PowerShell
20:14 How to use Luckystrike
22:04 Generating our Payloads
31:32 Download our Payloads
32:06 Working with Luckystrike
38:09 Executing our Payloads
39:46 Remotely Executing Exploits via Modules
43:13 Brief Chat about Phishing
44:05 Brief Chat about Additional Stagers
45:57 Why We Didn’t Talk About Encoding or Obfuscation
New to Linode? Get started here with a $100 credit!
Read the doc for more information on Recon Techniques.
Learn more about Hackersploit.
Subscribe to get notified of new episodes as they come out.
#Linode #Security #RedTeam #Hackersploit
Product: Linode, Security, Red Team; Hackersploit;