We may earn an affiliate commission when you visit our partners.
Ricardo Reimao

After getting initial access to a machine, one of your main tasks is to escalate privileges to get admin access. In this course, you will learn privilege escalation using SharpUp.

Read more

After getting initial access to a machine, one of your main tasks is to escalate privileges to get admin access. In this course, you will learn privilege escalation using SharpUp.

In a red team engagement, after getting initial access to your machine, you need to escalate privileges to achieve admin-level permissions. In this course, Privilege Escalation with SharpUp, you'll learn how to utilize the SharpUp tool to enumerate potential privilege escalation vulnerabilities in a red team environment. First, you’ll explore the basics of privilege escalation in Windows and how to compile and run the SharpUp tool. Next, you'll see how to use SharpUp to map potential privilege escalation vulnerabilities in a server. Finally, you’ll learn how to escalate your privileges using two common techniques: Over-permissive auto-installers and over-permissive administrative logon scripts. When you’re finished with this course, you’ll have the skills and knowledge to execute these techniques Hijack Execution Flow (T1574) and Boot or Logon Autostart Execution (T1547) using SharpUp. More importantly, knowing how these techniques can be used against you will ultimately lend to your ability as an organization, or an individual, to detect and defend against specific attack vectors.

Enroll now

What's inside

Syllabus

Course Overview
Privilege Escalation with SharpUp
Resources

Good to know

Know what's good
, what to watch for
, and possible dealbreakers
Teaches techniques and strategies of the Red Team in an engaging manner
Develops skills in privilege escalation testing, a crucial skill for Red Teamers
Taught by experienced Ricardo Reimao, who is highly regarded in the field of cybersecurity
Utilizes the industry-recognized SharpUp tool, ensuring relevance to real-world scenarios
Provides hands-on experience through live demonstrations and exercises
Course materials are regularly updated to reflect the evolving landscape of cybersecurity

Save this course

Save Privilege Escalation with SharpUp to your list so you can find it easily later:
Save

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in Privilege Escalation with SharpUp with these activities:
Practice using SharpUp
Run practice scenarios using SharpUp to familiarize yourself with its capabilities and potential vulnerabilities.
Browse courses on Privilege Escalation
Show steps
  • Download and install SharpUp
  • Run basic privilege escalation commands
  • Test potential vulnerabilities in a lab environment
Follow tutorials on SharpUp usage
Enhance your understanding of SharpUp's features and techniques through guided tutorials from reputable sources.
Browse courses on Privilege Escalation
Show steps
  • Identify comprehensive tutorials on SharpUp
  • Follow the tutorials step-by-step, taking notes on key concepts
  • Practice implementing the techniques learned in the tutorials
Conduct regular practice exercises
Engage in regular practice exercises to reinforce your understanding of SharpUp's capabilities and potential vulnerabilities.
Browse courses on Privilege Escalation
Show steps
  • Create a list of common privilege escalation scenarios
  • Use SharpUp to test and resolve these scenarios
  • Document your findings and lessons learned
Four other activities
Expand to see all activities and additional details
Show all seven activities
Participate in hands-on workshops
Immerse yourself in practical training sessions to enhance your skills in utilizing SharpUp for privilege escalation and red team engagements.
Browse courses on Privilege Escalation
Show steps
  • Research and identify reputable workshops led by experienced practitioners
  • Register for the workshop and prepare for active participation
  • Fully engage in the hands-on exercises and discussions
  • Network with fellow participants and instructors
Develop a cheat sheet or reference guide on SharpUp
Create a personalized resource that summarizes key SharpUp commands, techniques, and potential vulnerabilities for quick reference during your red team engagements.
Browse courses on Privilege Escalation
Show steps
  • Gather information and resources on SharpUp
  • Organize and synthesize the information into a cheat sheet or reference guide
  • Customize the resource to include your own notes and insights
Attend industry conferences and meetups
Connect with professionals in the field to exchange knowledge, share experiences, and stay updated on the latest advancements in privilege escalation techniques.
Browse courses on Privilege Escalation
Show steps
  • Identify relevant conferences and meetups in your area or online
  • Prepare topics for discussion or questions to ask experts
  • Network with attendees, exchange contact information, and follow up
Develop a custom tool or script
Enhance your learning experience by creating your own tool or script that automates or simplifies privilege escalation tasks, tailored to your specific needs and interests.
Browse courses on Privilege Escalation
Show steps
  • Identify a specific privilege escalation problem or need
  • Design and develop a tool or script that addresses the problem
  • Test and refine the tool or script to ensure its effectiveness
  • Document the tool or script, including its usage and limitations

Career center

Learners who complete Privilege Escalation with SharpUp will develop knowledge and skills that may be useful to these careers:
Security Engineer
Security Engineers develop and implement security solutions to protect an organization’s computer networks and systems. The skills you learn in this course can help you to enumerate potential privilege escalation vulnerabilities in a red team environment.
Information Security Analyst
Information Security Analysts plan and implement security measures to protect an organization’s computer networks and systems. As an Information Security Analyst, you can use the skills you learn in this course to help an organization detect and defend against specific attack vectors.
Penetration Tester
Penetration Testers assess the security of an organization’s computer networks and systems by simulating attacks. This course will help you build a foundation in privilege escalation, which is crucial for Penetration Testers.
Cybersecurity Analyst
Cybersecurity Analysts analyze and interpret data to identify and mitigate cybersecurity threats. This course can help you understand how attackers use privilege escalation to gain access to systems and data.
Network Security Engineer
Network Security Engineers design, implement, and maintain network security solutions. The skills you learn in this course will help you identify and mitigate network-based privilege escalation vulnerabilities.
Cybersecurity Consultant
Cybersecurity Consultants provide advice and guidance to organizations on how to improve their cybersecurity posture. This course will provide you with the knowledge and skills to help organizations address privilege escalation vulnerabilities.
Security Architect
Security Architects design and implement security solutions for complex systems. This course will help you understand the principles of privilege escalation and how to design systems that are resistant to these attacks.
Cyber Threat Intelligence Analyst
Cyber Threat Intelligence Analysts collect and analyze data to identify and assess cyber threats. This course will help you understand how attackers use privilege escalation to exploit systems and data.
Cloud Security Engineer
Cloud Security Engineers design and implement security solutions for cloud-based systems. This course will help you understand the unique challenges of privilege escalation in the cloud and how to mitigate these risks.
DevSecOps Engineer
DevSecOps Engineers integrate security into the software development process. This course will help you understand how to identify and mitigate privilege escalation vulnerabilities in software applications.
Security Researcher
Security Researchers identify and develop new techniques for detecting and mitigating cybersecurity threats. This course may help you develop new methods for detecting and preventing privilege escalation attacks.
Digital Forensics Analyst
Digital Forensics Analysts investigate and analyze digital evidence to identify and prosecute cybercriminals. This course may help you understand how attackers use privilege escalation to gain access to systems and data.
Incident Responder
Incident Responders investigate and mitigate security incidents. This course will help you build a foundation in privilege escalation, which is a common technique used by attackers in security incidents.
Security Operations Center Analyst
Security Operations Center Analysts monitor and respond to security events. This course will help you understand how attackers use privilege escalation to gain access to systems and data.
Threat Intelligence Analyst
Threat Intelligence Analysts collect and analyze data to identify and assess cyber threats. This course may help you develop new methods for detecting and preventing privilege escalation attacks.

Reading list

We've selected seven books that we think will supplement your learning. Use these to develop background knowledge, enrich your coursework, and gain a deeper understanding of the topics covered in Privilege Escalation with SharpUp.
A comprehensive text on Windows kernel programming. It is useful if you wish to learn about the deeper internals of Windows.
A broad overview of hacking and exploitation techniques. It is useful to provide additional context and background for the techniques that you will learn in this course.
A comprehensive textbook on computer security. It is useful to provide additional context and background on the techniques that you will learn in this course.
Provides insights into memory forensics techniques, including those used to detect privilege escalation attempts, offering a valuable perspective on the defensive side of cybersecurity.
Offers a broad overview of hacking techniques, including privilege escalation, and provides a comprehensive understanding of the attacker's mindset and methodologies.

Share

Help others find this course page by sharing it with your friends and followers:
Our mission

OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.

Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.

Find this site helpful? Tell a friend about us.

Affiliate disclosure

We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.

Your purchases help us maintain our catalog and keep our servers humming without ads.

Thank you for supporting OpenCourser.

© 2016 - 2024 OpenCourser