Course length: 4-days

Course Description

Intense four days covering the key to hacking with PowerShell. We know that most companies have an Active Directory Infrastructure that manages authentication and authorization to most devices and objects within the organization. Many use PowerShell to speed up and simplify management, which only makes sense. Did you know that a large percentage of hacks over the last year include PowerShell based attacks? Well they did which is why we spend four days learning how to hack like the pros using nothing but what is already available in Windows or now in open source code on Mac or Linux! This course is based on real world implementations of a Windows infrastructure along with real world-implementation testing techniques. You will leave with a really strong skill set to help test your Windows environment like never before. An attendee will also walk away with a strong skill set on how to help prevent these attacks from happening in the first place!

Here are a few things you will take away from this course:

  • Detailed lab manual
  • VMs for performing labs on your own
  • New ideas on testing your own AD infrastructure
  • Attacks you can use immediately
  • How to secure against PowerShell attacks
  • Exam information

Upon completion of the course the student will be able to sit for the CPSH exam


  • General understanding of Pen Testing
  • General understanding of Active Directory
  • General Understanding of scripting and programming

Target Audience

  • Active Directory Administrators
  • Anyone looking to learn more about security
  • Penetration testers
  • Microsoft Administrator
  • Security Administrators

Course Outline

Lesson 1: Introduction to PowerShell

Lesson 2: Introduction to Active Directory and Kerberos

Lesson 3: Pen Testing methodology revised

Lesson 4: Information gathering and enumeration

Lesson 5: Privilege escalation

Lesson 6: Lateral movements and abusing trust

Lesson 7: Persistence bypassing defenses

Lesson 8: Defending against PowerShell attacks


The Certified PowerShell Hacker exam is taken online through Mile2’s Assessment and Certification System (“MACS”), which is accessible on your account.