-
Course
- Security
Persistence with Impacket
Maintaining foothold of compromised servers is a key step during a red team engagement. In this course, you will learn persistence using Impacket.
What you'll learn
In a red team engagement, after getting access to servers, it is important that you create persistence in your targets. In this way, you can access the servers at anytime, even if the original point of entry is patched. In this course, Persistence with Impacket, you’ll learn how to utilize the Impacket framework to maintain foothold in a red team environment. First, you’ll explore the basics of persistence and how to install the Impacket framework. Next, you'll discover how to use Impacket to create persistence via WMI event triggers. Finally, you’ll learn how to harvest hashes so you can use the accounts to access the environment later. When you’re finished with this course, you’ll have the skills and knowledge of Impacket needed to execute these techniques: Event Triggered Execution (T1546), Valid Accounts (T1078) and Windows Management Instrumentation (T1047).
Table of contents
About the author
Ricardo is a Cybersecurity Consultant based in Toronto (Canada). He has 10+ years of IT experience, 6 of them in the IT Security field. His main interests are: SIEM solutions (IBM QRadar), Enterprise Security Risk, Penetration Testing, Security processes/procedures and Network Security.
More Courses by Ricardo