đź“”
eCPPTv2 Notes
  • About
  • 1-System Security
    • Architecture Fundamentals
      • Security Implementations
      • References
    • Assembler Debuggers and Tool Arsenal
      • Compiler
      • NASM
      • Tool Arsenal
      • References
    • Buffer Overflow
      • Finding Buffer Overflows
      • Exploiting Buffer Overflow
      • Security Implementations
      • References
    • Shellcoding
      • Types of Shellcode
      • Encoding of Shellcode
      • Debugging a Shellcode
      • Creating our First Shellcode
      • More Advanced Shellcode
      • Shellcode and Payload Generators
      • References
    • Cryptography and Password Cracking
      • Cryptography Hash Function
      • Public Key Infrastructure
      • Pretty Good Privacy (PGP)
      • Secure Shell (SSH)
      • Cryptographic Attack
      • Security Pitfalls
      • Windows 2000/XP/2k3/Vista/7/8 Passwords
      • References
    • MALWARE
      • Techniques Used by Malware
      • How Malware Spreads
      • Samples
      • References
  • 2-Network Security
    • Information Gathering
      • Search Engines
      • Social Media
      • Infrastructures
      • Tools
      • References
    • Scanning
      • Detect Live Hosts and Ports
      • Service and OS detection
      • Firewall/IDS Evasion
      • References
    • Enumeration
      • NetBIOS
      • SNMP
      • References
    • Sniffing and MitM Attacks
      • What is Sniffing
      • Sniffing in Action
      • Basic of ARP
      • Sniffing Tools
      • Man in the Middle Attacks
      • Attacking Tools
      • Intercepting SSL Traffic
      • References
    • Exploitation
      • Vulnerability Assessment
      • Low Hanging Fruits
      • Exploitation
      • References
    • Post Exploitation
      • Privilege Escalation and Maintaining Access
      • Pillaging / Data Harvesting
      • Mapping the internal network
      • Exploitation through Pivoting
      • References
    • Anonymity
      • Browsing Anonymously
      • Tunneling for Anonymity
      • References
    • Social Engineering
      • Types of Social Engineering
      • Samples of Social Engineering Attacks
      • Pretexting Samples
      • Tools
      • References
  • 3-Powershell for Pentesters
    • Introduction
      • Why PowerShell ?
      • References
    • PowerShell Fundamentals
      • Cmdlets
      • Modules
      • Scripts
      • Objects
      • References
    • Offensive PowerShell
      • Downloading & Execution
      • Obfuscation
      • Information Gathering & Recon
      • Post-Exploitation With Powershell
      • References
Powered by GitBook
On this page

Was this helpful?

  1. 3-Powershell for Pentesters
  2. Introduction

Why PowerShell ?

PreviousIntroductionNextReferences

Last updated 4 years ago

Was this helpful?

1.2 Why PowerShell ?

Powershell is a powerful built-in Command Line Interpreter or “shell,” and task-oriented scripting language environment found on most current Windows Operating Systems starting with Windows 7, and through to Windows 2008 R2 and onward.

Powershell is typically used by administrators as it provides great functionality and flexibility in regards to managing Windows systems and automating tasks, which is mostly the reason why it’s the perfect tool when it comes to our process as penetration testers.

Powershell is tightly integrated with the .NET framework (built on top of it actually). It also provides convenient access to the .NET Framework API, Component Object Model (COM) and Windows Management Instrumentation (WMI), which is another plus in regard to persistence methods and ways we can gather information as we’ll see later.

Most of the time, we’ll either be working with scripts commonly identified by the “.ps1” file extension, or through what are known as “Cmdlets” (native Powershell commands) of which we can also create our own, and other times, we’ll be interacting directly with via the Powershell CLI.

An important point to note as we navigate through the upcoming topics is that more recent versions of Powershell, specifically 5.0 and onward, introduce some potential hurdles in regards to detection, logging and more restrictive modes, which we will cover workarounds for briefly. For the most part, we will be working with version 1.0 or 2.0

Advancements in the “freedom” of Powershell:

In 2016, Powershell 6.0 (Powershell Core) was made available as an open source project and is available for several different platforms, including some major Linux distributions, MacOS, and also as a Docker container image. You can learn more about Open source Powershell, and it can be downloaded from the following github page:

https://github.com/powershell/powershell