PowerShell Automation and Scripting for Cybersecurity: Hacking and defense for red and blue teamers
Written by a Microsoft security expert, this practical guide helps you harness PowerShell's offensive and defensive capabilities to strengthen your organization's security. Purchase of the print or Kindle book includes a free PDF eBook

Key Features

  • Master PowerShell for security—configure, audit, monitor, exploit, and bypass defenses
  • Gain insights from a Microsoft expert and creator of PowerShell tools EventList and JEAnalyzer
  • Build stealthy techniques to evade controls while improving detection and response
  • Learn practical techniques from real-world case studies to enhance your security operations

Book Description

Take your cybersecurity skills to the next level with this comprehensive PowerShell security guide! Whether you're on the red or blue team, you'll gain a deep understanding of PowerShell's security capabilities and how to apply them. With years of hands-on experience, the author brings real-world use cases to demonstrate PowerShell’s critical role in offensive and defensive security. After covering PowerShell basics and scripting fundamentals, you'll explore PowerShell Remoting and remote management technologies. You'll learn to configure and analyze Windows event logs, identifying crucial logs and IDs for effective monitoring. The book delves into PowerShell's interaction with system components, Active Directory, and Azure AD, including stealth execution methods. You’ll uncover authentication protocols, enumeration, credential theft, and exploitation, providing strategies to mitigate these risks. A dedicated red and blue team cookbook offers practical security tasks. Finally, you'll delve into mitigations such as Just Enough Administration, AMSI, application control, and code signing, emphasizing configuration, risks, exploitation, bypasses, and best practices. By the end of this book, you’ll confidently apply PowerShell for cybersecurity, from detection to defense, staying ahead of cyber threats.

What you will learn

  • Leverage PowerShell, its mitigation techniques, and detect attacks
  • Fortify your environment and systems against threats
  • Get unique insights into event logs and IDs in relation to PowerShell and detect attacks
  • Configure PSRemoting and learn about risks, bypasses, and best practices
  • Use PowerShell for system access, exploitation, and hijacking
  • Red and blue team introduction to Active Directory and Azure AD security
  • Discover PowerShell security measures for attacks that go deeper than simple commands
  • Explore JEA to restrict what commands can be executed

Who this book is for

This book is for security professionals, penetration testers, system administrators, red and blue team members, and cybersecurity enthusiasts aiming to enhance their security operations using PowerShell. Whether you're experienced or new to the field, it offers valuable insights and practical techniques to leverage PowerShell for various security tasks. A basic understanding of PowerShell and cybersecurity fundamentals is recommended. Familiarity with concepts such as Active Directory, as well as programming languages like C and Assembly, can be beneficial.

1143093628
PowerShell Automation and Scripting for Cybersecurity: Hacking and defense for red and blue teamers
Written by a Microsoft security expert, this practical guide helps you harness PowerShell's offensive and defensive capabilities to strengthen your organization's security. Purchase of the print or Kindle book includes a free PDF eBook

Key Features

  • Master PowerShell for security—configure, audit, monitor, exploit, and bypass defenses
  • Gain insights from a Microsoft expert and creator of PowerShell tools EventList and JEAnalyzer
  • Build stealthy techniques to evade controls while improving detection and response
  • Learn practical techniques from real-world case studies to enhance your security operations

Book Description

Take your cybersecurity skills to the next level with this comprehensive PowerShell security guide! Whether you're on the red or blue team, you'll gain a deep understanding of PowerShell's security capabilities and how to apply them. With years of hands-on experience, the author brings real-world use cases to demonstrate PowerShell’s critical role in offensive and defensive security. After covering PowerShell basics and scripting fundamentals, you'll explore PowerShell Remoting and remote management technologies. You'll learn to configure and analyze Windows event logs, identifying crucial logs and IDs for effective monitoring. The book delves into PowerShell's interaction with system components, Active Directory, and Azure AD, including stealth execution methods. You’ll uncover authentication protocols, enumeration, credential theft, and exploitation, providing strategies to mitigate these risks. A dedicated red and blue team cookbook offers practical security tasks. Finally, you'll delve into mitigations such as Just Enough Administration, AMSI, application control, and code signing, emphasizing configuration, risks, exploitation, bypasses, and best practices. By the end of this book, you’ll confidently apply PowerShell for cybersecurity, from detection to defense, staying ahead of cyber threats.

What you will learn

  • Leverage PowerShell, its mitigation techniques, and detect attacks
  • Fortify your environment and systems against threats
  • Get unique insights into event logs and IDs in relation to PowerShell and detect attacks
  • Configure PSRemoting and learn about risks, bypasses, and best practices
  • Use PowerShell for system access, exploitation, and hijacking
  • Red and blue team introduction to Active Directory and Azure AD security
  • Discover PowerShell security measures for attacks that go deeper than simple commands
  • Explore JEA to restrict what commands can be executed

Who this book is for

This book is for security professionals, penetration testers, system administrators, red and blue team members, and cybersecurity enthusiasts aiming to enhance their security operations using PowerShell. Whether you're experienced or new to the field, it offers valuable insights and practical techniques to leverage PowerShell for various security tasks. A basic understanding of PowerShell and cybersecurity fundamentals is recommended. Familiarity with concepts such as Active Directory, as well as programming languages like C and Assembly, can be beneficial.

49.99 In Stock
PowerShell Automation and Scripting for Cybersecurity: Hacking and defense for red and blue teamers

PowerShell Automation and Scripting for Cybersecurity: Hacking and defense for red and blue teamers

PowerShell Automation and Scripting for Cybersecurity: Hacking and defense for red and blue teamers

PowerShell Automation and Scripting for Cybersecurity: Hacking and defense for red and blue teamers

Overview

Written by a Microsoft security expert, this practical guide helps you harness PowerShell's offensive and defensive capabilities to strengthen your organization's security. Purchase of the print or Kindle book includes a free PDF eBook

Key Features

  • Master PowerShell for security—configure, audit, monitor, exploit, and bypass defenses
  • Gain insights from a Microsoft expert and creator of PowerShell tools EventList and JEAnalyzer
  • Build stealthy techniques to evade controls while improving detection and response
  • Learn practical techniques from real-world case studies to enhance your security operations

Book Description

Take your cybersecurity skills to the next level with this comprehensive PowerShell security guide! Whether you're on the red or blue team, you'll gain a deep understanding of PowerShell's security capabilities and how to apply them. With years of hands-on experience, the author brings real-world use cases to demonstrate PowerShell’s critical role in offensive and defensive security. After covering PowerShell basics and scripting fundamentals, you'll explore PowerShell Remoting and remote management technologies. You'll learn to configure and analyze Windows event logs, identifying crucial logs and IDs for effective monitoring. The book delves into PowerShell's interaction with system components, Active Directory, and Azure AD, including stealth execution methods. You’ll uncover authentication protocols, enumeration, credential theft, and exploitation, providing strategies to mitigate these risks. A dedicated red and blue team cookbook offers practical security tasks. Finally, you'll delve into mitigations such as Just Enough Administration, AMSI, application control, and code signing, emphasizing configuration, risks, exploitation, bypasses, and best practices. By the end of this book, you’ll confidently apply PowerShell for cybersecurity, from detection to defense, staying ahead of cyber threats.

What you will learn

  • Leverage PowerShell, its mitigation techniques, and detect attacks
  • Fortify your environment and systems against threats
  • Get unique insights into event logs and IDs in relation to PowerShell and detect attacks
  • Configure PSRemoting and learn about risks, bypasses, and best practices
  • Use PowerShell for system access, exploitation, and hijacking
  • Red and blue team introduction to Active Directory and Azure AD security
  • Discover PowerShell security measures for attacks that go deeper than simple commands
  • Explore JEA to restrict what commands can be executed

Who this book is for

This book is for security professionals, penetration testers, system administrators, red and blue team members, and cybersecurity enthusiasts aiming to enhance their security operations using PowerShell. Whether you're experienced or new to the field, it offers valuable insights and practical techniques to leverage PowerShell for various security tasks. A basic understanding of PowerShell and cybersecurity fundamentals is recommended. Familiarity with concepts such as Active Directory, as well as programming languages like C and Assembly, can be beneficial.

Product Details

ISBN-13: 9781800566378
Publisher: Packt Publishing
Publication date: 08/16/2023
Pages: 572
Product dimensions: 7.50(w) x 9.25(h) x 1.16(d)

About the Author

Miriam C. Wiesner is a senior security researcher at Microsoft, with over 15 years of experience in IT and IT security. She has held various positions, including administrator/system engineer, software developer, premier field engineer, program manager, security consultant, and pentester. She is also a renowned creator of open source tools based in PowerShell, including EventList and JEAnalyzer. She has been invited multiple times to present the research behind her tools at many international conferences, such as Black Hat (the US, Europe, and Asia), PSConfEU, and MITRE ATT&CK workshop. Outside of work, Miriam is a dedicated wife and mother, residing with her family near Nuremberg, Germany.

Table of Contents

Table of Contents

  1. Getting Started with PowerShell
  2. PowerShell Scripting Fundamentals
  3. Exploring PowerShell Remote Management Technologies and PowerShell Remoting
  4. Detection – Auditing and Monitoring
  5. PowerShell Is Powerful – System and API Access
  6. Active Directory – Attacks and Mitigation
  7. Hacking the Cloud – Exploiting Azure Active Directory/Entra ID
  8. Red Team Tasks and Cookbook
  9. Blue Team Tasks and Cookbook
  10. Language Modes and Just Enough Administration (JEA)
  11. AppLocker, Application Control, and Code Signing
  12. Exploring the Antimalware Scan Interface (AMSI)
  13. What Else? – Further Mitigations and Resources
From the B&N Reads Blog
Page 1 of

Related Subjects

Computers
Computers - General & Miscellaneous
Operating Systems
Windows
Information Systems
Computer Security
Windows/Windows 95 & 98
Information Technology
Windows system administration
Computers
Computers - General & Miscellaneous
Operating Systems
Windows
Information Systems
Computer Security
Windows/Windows 95 & 98
Information Technology
Windows system administration

Customer Reviews