Купуючи відразу три книги, отримайте знижку - 30% на третю у кошику!

PowerShell Automation and Scripting for Cybersecurity: Hacking and defense for red and blue teamers 281518

Паперова книга
281518
PowerShell Automation and Scripting for Cybersecurity: Hacking and defense for red and blue teamers - фото 1
  • ISBN
    978-1800566378
  • Видавництво
  • Автор
  • Рік
    2023
  • Мова
    Англійська
  • Ілюстрації
    Чорно-білі
1'800
Купити

Все про “PowerShell Automation and Scripting for Cybersecurity: Hacking and defense for red and blue teamers”

Від видавця

Explore PowerShell's offensive and defensive capabilities to strengthen your organization's security with this practical guide

Key Features
  • Master PowerShell for security by configuring, auditing, monitoring, exploiting, and bypassing defenses
  • Research and develop methods to bypass security features and use stealthy tradecraft
  • Explore essential security features in PowerShell and protect your environment against exploits and bypasses
Book Description
Take your cybersecurity skills to the next level with this comprehensive guide to PowerShell security! Whether you're a red or blue teamer, you'll gain a deep understanding of PowerShell's security capabilities and how to use them.

After revisiting PowerShell basics and scripting fundamentals, you'll dive into PowerShell Remoting and remote management technologies. You'll learn how to configure and analyze Windows event logs and understand the most important event logs and IDs to monitor your environment. You'll dig deeper into PowerShell's capabilities to interact with the underlying system, Active Directory and Azure AD. Additionally, you'll explore Windows internals including APIs and WMI, and how to run PowerShell without powershell.exe. You'll uncover authentication protocols, enumeration, credential theft, and exploitation, to help mitigate risks in your environment, along with a red and blue team cookbook for day-to-day security tasks. Finally, you'll delve into mitigations, including Just Enough Administration, AMSI, application control, and code signing, with a focus on configuration, risks, exploitation, bypasses, and best practices.

By the end of this book, you'll have a deep understanding of how to employ PowerShell from both a red and blue team perspective.

What you will learn
  • Leverage PowerShell, its mitigation techniques, and detect attacks
  • Fortify your environment and systems against threats
  • Get unique insights into event logs and IDs in relation to PowerShell and detect attacks
  • Configure PSRemoting and learn about risks, bypasses, and best practices
  • Use PowerShell for system access, exploitation, and hijacking
  • Red and blue team introduction to Active Directory and Azure AD security
  • Discover PowerShell security measures for attacks that go deeper than simple commands
  • Explore JEA to restrict what commands can be executed
Who this book is for
This book is for security professionals, penetration testers, system administrators, and red and blue teams looking to learn how to leverage PowerShell for security operations. A basic understanding of PowerShell, cybersecurity fundamentals, and scripting is a must. For some parts a basic understanding of active directory, C++/C#, and assembly can be beneficial.

About the Author
Miriam C. Wiesner is a senior security researcher at Microsoft, with over 15 years of experience in IT and IT security. She has held various positions, including administrator/system engineer, software developer, premier field engineer, program manager, security consultant, and pentester.

She is also a renowned creator of open source tools based in PowerShell, including EventList and JEAnalyzer. She has been invited multiple times to present the research behind her tools at many international conferences, such as Black Hat (the US, Europe, and Asia), PSConfEU, and MITRE ATT&CK workshop. Outside of work, Miriam is a dedicated wife and mother, residing with her family near Nuremberg, Germany.

Зміст

Table of Contents
  1. Getting Started with PowerShell
  2. PowerShell Scripting Fundamentals
  3. Exploring PowerShell Remote Management Technologies and PowerShell Remoting
  4. Detection - Auditing and Monitoring
  5. PowerShell Is Powerful - System and API Access
  6. Active Directory - Attacks and Mitigation
  7. Hacking the Cloud - Exploiting Azure Active Directory/Entra ID
  8. Red Team Tasks and Cookbook
  9. Blue Team Tasks and Cookbook
  10. Language Modes and Just Enough Administration (JEA)
  11. AppLocker, Application Control, and Code Signing
  12. Exploring the Antimalware Scan Interface (AMSI)
  13. What Else? - Further Mitigations and Resources

Рецензії

0

Всі характеристики

  • Видавництво
  • Автор
  • Категорія
  • Рік
    2023
  • Сторінок
    572
  • Формат
    185х235 мм
  • Обкладинка
    М'яка
  • Тип паперу
    Офсетний
  • Мова
    Англійська
  • Ілюстрації
    Чорно-білі

Товар входить до категорії

  • Безкоштовна доставка від 3'000,00 ₴
Схожі товари
Windows Ransomware Detection and Protection: Securing Windows endpoints, the cloud, and infrastructure using Microsoft Intune, Sentinel, and Defender
281535
Marius Sandbu
1'600 ₴
Windows Forensics Analyst Field Guide: Engage in proactive cyber defense using digital forensics techniques
281536
Muhiballah Mohammed
1'600 ₴
Spring Security - Fourth Edition: Effectively secure your web apps, RESTful services, cloud apps, and microservice architectures 4th ed. Edition
283679
Badr Nasslahsen
1'600 ₴
Security Engineering: A Guide to Building Dependable Distributed Systems
195459
Ross Anderson
1'700 ₴
x86 Software Reverse-Engineering, Cracking, and Counter-Measures
267934
Stephanie DomasChristopher Domas
1'700 ₴
Security Chaos Engineering: Sustaining Resilience in Software and Systems 1st Edition
274007
Kelly ShortridgeAaron Rinehart
1'700 ₴
Zero Trust Networks: Building Secure Systems in Untrusted Network 2nd Edition
275838
Razi RaisChristina MorilloDoug BarthEvan Gilman
1'700 ₴
The Definitive Guide to Security in Jakarta EE. Securing Java-based Enterprise Applications with Jakarta Security, Authorization, Authentication and More. 1st Ed.
244733
Arjan Tijms, Teo Bais, Werner Keil
1'800 ₴
The Reign of Botnets: Defending Against Abuses, Bots and Fraud on the Internet (Tech Today) 1st Edition
280687
David Senecal
1'800 ₴
Cryptography and Cryptanalysis in MATLAB. 1st Ed.
244674
Marius Iulian Mihailescu, Stefania Loredana Nita
1'900 ₴
Windows Security Internals: A Deep Dive into Windows Authentication, Authorization, and Auditing
280690
James Forshaw
1'900 ₴
Black Hat Bash: Creative Scripting for Hackers and Pentesters
283851
Dolev FarhiNick Aleks
1'900 ₴
Engineering Secure Devices: A Practical Guide for Embedded System Architects and Developers
283885
Dominik Merli
1'900 ₴
Serious Cryptography, 2nd Edition: A Practical Introduction to Modern Encryption
283888
Jean-Philippe Aumasson
1'900 ₴
The Hack Is Back: Techniques to Beat Hackers at Their Own Games 1st Edition
286458
Jesse VarsaloneChristopher Haller
1'900 ₴
Kubernetes Security and Observability. A Holistic Approach to Securing Containers and Cloud Native Applications. 1st Ed.
244761
Brendan Creane, Amit Gupta
2'000 ₴
Hacking Kubernetes: Threat-Driven Analysis and Defense. 1st Ed.
244753
Andrew Martin, Michael Hausenblas
2'100 ₴