We may earn an affiliate commission when you visit our partners.
Rishalin Pillay

Adversaries frequently use unprivileged access to enter and browse a network, but they need privileged access to complete their tasks. In this course, you will learn privilege escalation using the PEASS-NG suite.

Read more

Adversaries frequently use unprivileged access to enter and browse a network, but they need privileged access to complete their tasks. In this course, you will learn privilege escalation using the PEASS-NG suite.

Manually looking for privilege escalation paths can become a timely activity. Sometimes you may miss misconfigurations that are easily exploitable and at times you may not be looking at all possibilities. In this course, Privilege Escalation with PEASS-NG, you’ll cover how to utilize WinPEAS and LinPEAS to execute privilege escalation in a red team environment. First, you’ll explore using LinPEAS to discover excessive permissions related to SETUID/SETGID. Next, you’ll apply WinPEAS to discover dll’s that can be exploited. Finally, you’ll simulate the task of finding valuable registry keys which enable you to install services with elevated permissions. When you’re finished with this course, you’ll have the skills and knowledge to execute these techniques [T1548.001, T1055.001, T1547.001] using the PEASS-NG suite. More importantly, knowing how these techniques can be used against you, will ultimately lend to your ability as an organization, or an individual, to detect and defend against specific attack vectors.

Enroll now

What's inside

Syllabus

Course Overview
Privilege Escalation with LinPEAS
Privilege Escalation with WinPEAS
Resources
Read more

Good to know

Know what's good
, what to watch for
, and possible dealbreakers
Learns about privilege escalation using PEASS-NG
Builds on existing knowledge of privilege escalation
Provides hands-on labs for practice
May require some prior experience with privilege escalation

Save this course

Save Privilege Escalation with PEASS-NG to your list so you can find it easily later:
Save

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in Privilege Escalation with PEASS-NG with these activities:
Review Notes on Privilege Escalation Techniques
Refresh understanding of privilege escalation techniques and prepare for future coursework.
Browse courses on Privilege Escalation
Show steps
  • Review your notes from previous courses or materials on privilege escalation techniques.
Follow a Tutorial on Privilege Escalation with PEASS-NG
Supplement course materials with guided tutorials that provide step-by-step instructions on how to use PEASS-NG to escalate privileges.
Browse courses on Privilege Escalation
Show steps
  • Find a tutorial on privilege escalation with PEASS-NG.
  • Follow the steps in the tutorial to learn how to use PEASS-NG.
  • Practice using PEASS-NG in a lab environment.
Review Security Engineering Book
Reinforce concepts of cryptography, network security, system security, and software security by reading a well-regarded book on the topic.
Show steps
  • Acquire the book and read the introduction to get a sense for how it will cover the needed topics.
  • Read each chapter thoroughly, taking notes on the main points of each section.
  • Complete any exercises or questions that are provided at the end of each chapter.
  • Summarize the main points of each chapter in your own words.
  • Discuss the book with a classmate or colleague to compare your understanding of the material.
Six other activities
Expand to see all activities and additional details
Show all nine activities
Participate in a Study Group for Privilege Escalation
Enhance understanding of privilege escalation techniques by discussing them with peers and working together to solve problems.
Browse courses on Privilege Escalation
Show steps
  • Find a study group or create one with classmates.
  • Meet regularly to discuss privilege escalation techniques.
  • Work together to solve problems and answer questions.
Create a Cheat Sheet for Privilege Escalation Techniques
Solidify understanding of privilege escalation techniques by creating a cheat sheet that summarizes the steps involved in each technique.
Browse courses on Privilege Escalation
Show steps
  • Research different privilege escalation techniques.
  • Create a table that lists the name of each technique, a brief description, and the steps involved.
  • Review the cheat sheet regularly to reinforce your understanding of the techniques.
Practice Privilege Escalation Techniques in a Lab Environment
Develop proficiency in privilege escalation techniques by practicing them in a safe and controlled environment.
Browse courses on Privilege Escalation
Show steps
  • Set up a lab environment where you can practice privilege escalation techniques.
  • Choose a privilege escalation technique to practice.
  • Follow the steps of the technique to gain higher privileges on the lab system.
  • Repeat steps 2-3 for different privilege escalation techniques.
Build a Basic Privilege Escalation Tool
Demonstrate an understanding of privilege escalation techniques by building a simple tool that can be used to gain higher privileges on a system.
Browse courses on Privilege Escalation
Show steps
  • Research different privilege escalation techniques.
  • Choose a technique to implement.
  • Develop a plan for how to implement the technique.
  • Implement the technique in a programming language of your choice.
  • Test the tool on a test system.
Participate in a Privilege Escalation CTF
Challenge understanding of privilege escalation techniques and demonstrate skills in a competitive environment.
Browse courses on Privilege Escalation
Show steps
  • Find a privilege escalation CTF.
  • Register for the CTF.
  • Solve the challenges in the CTF.
Contribute to the PEASS-NG Project
Gain a deeper understanding of privilege escalation techniques and contribute to the open-source community by making a contribution to the PEASS-NG project.
Browse courses on Privilege Escalation
Show steps
  • Find an issue to work on or a feature to add.
  • Fork the PEASS-NG repository.
  • Make your changes.
  • Submit a pull request.

Career center

Learners who complete Privilege Escalation with PEASS-NG will develop knowledge and skills that may be useful to these careers:
Data Scientist
Data Scientists use data to solve business problems. They also work to develop and implement machine learning models. This course may be useful for Data Scientists because it can help them to identify and exploit vulnerabilities in computer systems, which can be used to improve the security of their own systems.
Machine Learning Engineer
Machine Learning Engineers design, develop, and maintain machine learning models. They also work to identify and mitigate security risks. This course may be useful for Machine Learning Engineers because it can help them to identify and exploit vulnerabilities in computer systems, which can be used to improve the security of their own systems.
Software Engineer
Software Engineers design, develop, and maintain software applications. They also work to identify and mitigate security risks. This course may be useful for Software Engineers because it can help them to identify and exploit vulnerabilities in computer systems, which can be used to improve the security of their own systems.
Information Security Analyst
Information Security Analysts plan and implement security measures to protect an organization's computer networks and systems. They also monitor and analyze security systems to identify and respond to potential threats. This course may be useful for Information Security Analysts because it can help them to identify and exploit vulnerabilities in computer systems, which can be used to improve the security of their own systems.
DevOps Engineer
DevOps Engineers work to bridge the gap between development and operations teams. They also work to automate and improve the software development process. This course may be useful for DevOps Engineers because it can help them to identify and exploit vulnerabilities in computer systems, which can be used to improve the security of their own systems.
Cloud Engineer
Cloud Engineers design, develop, and maintain cloud-based applications. They also work to identify and mitigate security risks. This course may be useful for Cloud Engineers because it can help them to identify and exploit vulnerabilities in computer systems, which can be used to improve the security of their own systems.
Systems Administrator
Systems Administrators are responsible for managing and maintaining computer systems. They also work to identify and mitigate security risks. This course may be useful for Systems Administrators because it can help them to identify and exploit vulnerabilities in computer systems, which can be used to improve the security of their own systems.
Security Analyst
Security Analysts monitor and analyze security systems to identify and respond to potential threats. They also work to develop and implement security policies and procedures. This course may be useful for Security Analysts because it can help them to identify and exploit vulnerabilities in computer systems, which can be used to improve the security of their own systems.
Network Security Engineer
Network Security Engineers are responsible for designing, implementing, and maintaining the security of computer networks. They also work to identify and mitigate security risks. This course may be useful for Network Security Engineers because it can help them to identify and exploit vulnerabilities in computer systems, which can be used to improve the security of their own systems.
Security Consultant
Security Consultants provide advice and guidance to organizations on how to improve their security posture. They also help organizations to develop and implement security policies and procedures. This course may be useful for Security Consultants because it can help them to identify and exploit vulnerabilities in computer systems, which can be used to improve the security of their clients' systems.
Cybersecurity Engineer
Cybersecurity Engineers design, implement, and maintain security systems for organizations. They also work to identify and mitigate security risks. This course may be useful for Cybersecurity Engineers because it can help them to identify and exploit vulnerabilities in computer systems, which can be used to improve the security of their own systems.
Penetration Tester
Penetration Testers are responsible for testing the security of computer systems and networks. They use a variety of techniques to identify vulnerabilities that could be exploited by attackers. This course may be useful for Penetration Testers because it can help them to identify and exploit vulnerabilities in computer systems, which can be used to improve the security of their own systems.
Malware Analyst
Malware Analysts identify and analyze malware. They also work to develop and implement malware detection and prevention techniques. This course may be useful for Malware Analysts because it can help them to identify and exploit vulnerabilities in computer systems, which can be used to improve the security of their own systems.
Information Security Manager
Information Security Managers are responsible for overseeing the security of an organization's information systems. They also work to develop and implement security policies and procedures. This course may be useful for Information Security Managers because it can help them to identify and exploit vulnerabilities in computer systems, which can be used to improve the security of their own systems.
Security Researcher
Security Researchers identify and exploit vulnerabilities in computer systems. They also work to develop and implement security patches. This course may be useful for Security Researchers because it can help them to identify and exploit vulnerabilities in computer systems, which can be used to improve the security of their own systems.

Reading list

We've selected seven books that we think will supplement your learning. Use these to develop background knowledge, enrich your coursework, and gain a deeper understanding of the topics covered in Privilege Escalation with PEASS-NG.
Provides a comprehensive overview of hacking techniques, including privilege escalation. It valuable resource for anyone interested in learning more about this topic.
Provides a comprehensive overview of the Linux kernel, including privilege escalation. It valuable resource for anyone interested in learning more about this topic.
Provides a comprehensive overview of rootkits, including privilege escalation techniques. It valuable resource for anyone interested in learning more about this topic.
Provides a comprehensive overview of the Windows operating system, including privilege escalation. It valuable resource for anyone interested in learning more about this topic.
Provides a practical guide to memory forensics, including privilege escalation techniques. It valuable resource for anyone interested in learning more about this topic.
Provides a practical guide to Python programming for hackers and pentesters, including privilege escalation techniques. It valuable resource for anyone interested in learning more about this topic.

Share

Help others find this course page by sharing it with your friends and followers:

Similar courses

Here are nine courses similar to Privilege Escalation with PEASS-NG.
Our mission

OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.

Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.

Find this site helpful? Tell a friend about us.

Affiliate disclosure

We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.

Your purchases help us maintain our catalog and keep our servers humming without ads.

Thank you for supporting OpenCourser.

© 2016 - 2024 OpenCourser