Featured resource
pluralsight tech forecast
2025 Tech Forecast

Which technologies will dominate in 2025? And what skills do you need to keep up?

Check it out
Hamburger Icon
  • Course
    • Libraries: If you want this course, consider one of these libraries.
    • Security

Persistence with Impacket

Maintaining foothold of compromised servers is a key step during a red team engagement. In this course, you will learn persistence using Impacket.

Ricardo Reimao - Pluralsight course - Persistence with Impacket
by Ricardo Reimao

What you'll learn

In a red team engagement, after getting access to servers, it is important that you create persistence in your targets. In this way, you can access the servers at anytime, even if the original point of entry is patched. In this course, Persistence with Impacket, you’ll learn how to utilize the Impacket framework to maintain foothold in a red team environment. First, you’ll explore the basics of persistence and how to install the Impacket framework. Next, you'll discover how to use Impacket to create persistence via WMI event triggers. Finally, you’ll learn how to harvest hashes so you can use the accounts to access the environment later. When you’re finished with this course, you’ll have the skills and knowledge of Impacket needed to execute these techniques: Event Triggered Execution (T1546), Valid Accounts (T1078) and Windows Management Instrumentation (T1047).

Table of contents

About the author

Ricardo Reimao - Pluralsight course - Persistence with Impacket
Ricardo Reimao

Ricardo is a Cybersecurity Consultant based in Toronto (Canada). He has 10+ years of IT experience, 6 of them in the IT Security field. His main interests are: SIEM solutions (IBM QRadar), Enterprise Security Risk, Penetration Testing, Security processes/procedures and Network Security.

More Courses by Ricardo