Defense Evasion with Invoke-Obfuscation
Staying undetected is essential in a red team engagement. In this course, you will learn how to obfuscate malicious scripts to bypass anti-virus solutions using the Invoke-Obfuscation tool.
What you'll learn
One of the main objectives of a red team engagement is to not get caught by the client detection mechanisms. If you simply run your malicious code in a production server, you will most likely get caught by the Windows defender or the anti-virus solution. For this reason, obfuscating scripts to bypass those detection mechanisms is essential. In this course, Detection Evasion with Invoke-Obfuscation, you will explore how to bypass detection tools such as anti-virus solutions by obfuscating your malicious scripts. First, you will learn what script obfuscation is and how you can use it in your red team engagement. Then, you will see how to install the tool in Kali Linux. Finally, you will explore how to use the Invoke-Obfuscation tool to bypass the anti-virus and run a malicious payload in a fully patched Windows server. By the end of this course, you will know how to use the Invoke-Obfuscation PowerShell tool to obfuscate other PowerShell scripts, with the intent of evading detection. This course covers two important tactics from the Mitre Att&ck framework: Obfuscated Files or Information (T1027) and Deobfuscate/Decode Files or Information (T1140).