We may earn an affiliate commission when you visit our partners.
Ricardo Reimao
Escalating local privileges is an essential step on a red team engagement, it allows you to fully own a target machine. In this course, you'll learn privilege escalation using SweetPotato.
Read more
Escalating local privileges is an essential step on a red team engagement, it allows you to fully own a target machine. In this course, you'll learn privilege escalation using SweetPotato.
Read more
Escalating local privileges is an essential step on a red team engagement, it allows you to fully own a target machine. In this course, you'll learn privilege escalation using SweetPotato.
After getting access to an account in a local machine, your job is to escalate your privileges to system-level so you can fully own the machine and gain access to sensitive data and in-memory passwords. In this course, Privilege Escalation with SweetPotato, you’ll cover how to utilize the SweetPotato tool to execute local privilege escalation attacks in a red team engagement. First, you'll explore how to leverage SweetPotato to escalate privileges using the Print Spooler service as a way to get system-level privileges. Next, you'll use the same tool to execute other known privilege escalation exploits. Finally, you'll use the system-level privileges obtained to dump all the in-memory passwords of the machine. When you’re finished with this course, you’ll have the skills and knowledge to execute Exploitation for Privilege Escalation (T1068) using SweetPotato. More importantly, knowing how these techniques can be used against you will ultimately lend to your ability as an organization, or an individual, to detect and defend against specific attack vectors.
Register for this course and see more details by visiting:
OpenCourser.com/course/ywoz55/privilege
Here's a deal for you
We found an offer that may be relevant to this course.
Save money when you learn.
All coupon codes, vouchers, and discounts are applied automatically unless otherwise noted.
What's inside
Syllabus
Course Overview
Privilege Escalation with SweetPotato
Resources
Good to know
Good to know
Know what's good ,
what to watch for , and
possible dealbreakers
Taught by Ricardo Reimao who are recognized for their work in red team engagements
Develops skills and knowledge which are core for red team engagements
Utilizes SweetPotato tool which is highly relevant to the topic of privilege escalation
Hands-on with interactive materials like labs for privilege escalation
Caveat: Assumes students have prior knowledge of red team engagements
Save this course
Save Privilege Escalation with SweetPotato to your list so you can find it easily later:
Save
Save
Activities
Be better prepared
before
your course. Deepen your understanding
during
and
after
it. Supplement your coursework and achieve mastery of the topics covered
in Privilege Escalation with SweetPotato with these
activities:
Review privilege escalation vectors
Show steps
Sharpen your understanding of various privilege escalation vectors to enhance your ability to recognize and mitigate them.
Browse courses on
Exploitation
Show steps
-
Revisit MITRE ATT&CK techniques related to privilege escalation
-
Explore real-world examples of successful privilege escalation attacks
Review Spooler service
Show steps
Refresh your knowledge of the Spooler service to better understand how privilege escalation occurs via this service.
Show steps
-
Explore the Spooler service configuration
-
Understand the role of Spooler service in privilege escalation
Develop a cheat sheet for SweetPotato commands
Show steps
Create a quick reference guide of the essential SweetPotato commands for easy recall during privilege escalation operations.
Show steps
-
Gather and organize a list of SweetPotato commands
-
Create a well-formatted cheat sheet
Five other activities
Expand to see all activities and additional details
Show all eight activities
Form a study group
Show steps
Collaborate with peers to reinforce concepts, share knowledge, and tackle challenges related to privilege escalation.
Show steps
-
Connect with classmates or fellow professionals
-
Establish regular study sessions
-
Discuss course materials, share experiences, and work on exercises
Practice SweetPotato exploitation
Show steps
Learn to apply SweetPotato's exploitation techniques by practicing on a target machine.
Show steps
-
Set up a lab environment
-
Install and configure SweetPotato
-
Execute privilege escalation exploits using SweetPotato
Contribute to the SweetPotato project
Show steps
Gain practical experience and improve your understanding of SweetPotato by contributing to its development on GitHub.
Show steps
-
Review the SweetPotato documentation and codebase
-
Identify potential areas for contribution
-
Create a pull request with your changes
Attend a red team workshop
Show steps
Immerse yourself in real-world privilege escalation scenarios through a hands-on red team workshop.
Browse courses on
Red Team
Show steps
-
Identify suitable workshops and conferences
-
Register and prepare for the workshop
-
Actively participate in the hands-on exercises
Participate in a CTF challenge
Show steps
Test your skills by participating in a Capture the Flag competition that focuses on privilege escalation challenges.
Browse courses on
Exploitation
Show steps
-
Identify suitable CTF events
-
Form a team or participate individually
-
Solve privilege escalation challenges
Review privilege escalation vectors
Show steps
Sharpen your understanding of various privilege escalation vectors to enhance your ability to recognize and mitigate them.
Browse courses on
Exploitation
Show steps
Show steps
Show steps
- Revisit MITRE ATT&CK techniques related to privilege escalation
- Explore real-world examples of successful privilege escalation attacks
Review Spooler service
Show steps
Refresh your knowledge of the Spooler service to better understand how privilege escalation occurs via this service.
Show steps
Show steps
Show steps
- Explore the Spooler service configuration
- Understand the role of Spooler service in privilege escalation
Develop a cheat sheet for SweetPotato commands
Show steps
Create a quick reference guide of the essential SweetPotato commands for easy recall during privilege escalation operations.
Show steps
Show steps
Show steps
- Gather and organize a list of SweetPotato commands
- Create a well-formatted cheat sheet
Five other activities
Expand to see all activities and additional details
Show all eight activities
Form a study group
Show steps
Collaborate with peers to reinforce concepts, share knowledge, and tackle challenges related to privilege escalation.
Show steps
Show steps
Show steps
- Connect with classmates or fellow professionals
- Establish regular study sessions
- Discuss course materials, share experiences, and work on exercises
Practice SweetPotato exploitation
Show steps
Learn to apply SweetPotato's exploitation techniques by practicing on a target machine.
Show steps
Show steps
Show steps
- Set up a lab environment
- Install and configure SweetPotato
- Execute privilege escalation exploits using SweetPotato
Contribute to the SweetPotato project
Show steps
Gain practical experience and improve your understanding of SweetPotato by contributing to its development on GitHub.
Show steps
Show steps
Show steps
- Review the SweetPotato documentation and codebase
- Identify potential areas for contribution
- Create a pull request with your changes
Attend a red team workshop
Show steps
Immerse yourself in real-world privilege escalation scenarios through a hands-on red team workshop.
Browse courses on
Red Team
Show steps
Show steps
Show steps
- Identify suitable workshops and conferences
- Register and prepare for the workshop
- Actively participate in the hands-on exercises
Participate in a CTF challenge
Show steps
Test your skills by participating in a Capture the Flag competition that focuses on privilege escalation challenges.
Browse courses on
Exploitation
Show steps
Show steps
Show steps
- Identify suitable CTF events
- Form a team or participate individually
- Solve privilege escalation challenges
Career center
Learners who complete Privilege Escalation with SweetPotato will develop knowledge and skills
that may be useful to these careers:
Penetration Tester
Penetration Tester
Penetration Testers simulate attacks on an organization's systems and networks to identify and mitigate security risks. SweetPotato may help you get into this field by exposing you to the kind of techniques that malicious attackers might use. You can use this knowledge to help organizations to protect their data and computer systems from these or similar attacks in the future.
Information Security Engineer
Information Security Engineer
Information Security Engineers design, implement, and maintain security measures to protect an organization's data and computer systems from a variety of different threats. SweetPotato may help you get into this field by exposing you to the kind of techniques that malicious attackers might use. You can use this knowledge to protect data-driven organizations from these or similar attacks in the future.
Security Architect
Security Architect
Security Architects design, implement, and maintain security measures to protect an organization's data and computer systems from a variety of different threats including malicious attackers. SweetPotato may help you get into this field by exposing you to the kind of techniques that malicious attackers might use. You can use this knowledge to protect data-driven organizations from these or similar attacks in the future.
Computer and Information Security Analyst
Computer and Information Security Analyst
Computer and Information Security Analysts help organizations and businesses to protect their data and computer systems from malicious attacks. SweetPotato may help you get into this field by exposing you to the kind of techniques that malicious attackers might use. You can use this knowledge to protect data-driven organizations from these or similar attacks in the future.
Malware Analyst
Malware Analyst
Malware Analysts investigate malware attacks and help organizations to protect their systems from future attacks. SweetPotato may help you get into this field by exposing you to the kind of techniques that malicious attackers might use. You can use this knowledge to help organizations to protect their data and computer systems from these or similar attacks in the future.
Security Researcher
Security Researcher
Security Researchers identify and analyze new security vulnerabilities and threats. SweetPotato may help you get into this field by exposing you to the kind of techniques that malicious attackers might use. You can use this knowledge to help organizations to protect their data and computer systems from these or similar attacks in the future.
Security Consultant
Security Consultant
Security Consultants help organizations to identify and mitigate security risks. SweetPotato may help you get into this field by exposing you to the kind of techniques that malicious attackers might use. You can use this knowledge to help organizations to protect their data and computer systems from these or similar attacks in the future.
Security Analyst
Security Analyst
Security Analysts monitor and analyze an organization's security systems and data to identify and mitigate security risks. SweetPotato may help you get into this field by exposing you to the kind of techniques that malicious attackers might use. You can use this knowledge to help organizations to protect their data and computer systems from these or similar attacks in the future.
Forensic Computer Analyst
Forensic Computer Analyst
Forensic Computer Analysts investigate cyber crimes and help law enforcement organizations. SweetPotato may help you get into this field by exposing you to the kind of techniques that malicious attackers might use. You can use this knowledge to help law enforcement catch and prosecute these attackers, making the internet a safer place for everyone.
Vulnerability Analyst
Vulnerability Analyst
Vulnerability Analysts identify and assess vulnerabilities in an organization's systems and networks. SweetPotato may help you get into this field by exposing you to the kind of techniques that malicious attackers might use. You can use this knowledge to help organizations to protect their data and computer systems from these or similar attacks in the future.
Network Security Engineer
Network Security Engineer
Network Security Engineers design, implement, and maintain security measures to protect an organization's network and data from a variety of different threats including malicious attackers. SweetPotato may help you get into this field by exposing you to the kind of techniques that malicious attackers might use. You can use this knowledge to protect data-driven organizations from these or similar attacks in the future.
Incident Responder
Incident Responder
Incident Responders investigate and respond to security incidents. SweetPotato may help you get into this field by exposing you to the kind of techniques that malicious attackers might use. You can use this knowledge to help organizations to protect their data and computer systems from these or similar attacks in the future.
Systems Administrator
Systems Administrator
Systems Administrators maintain and troubleshoot computer systems and networks to ensure that they are running smoothly and securely. SweetPotato may help you get into this field by exposing you to the kind of techniques that malicious attackers might use. You can use this knowledge to protect data-driven organizations from these or similar attacks in the future.
Chief Information Security Officer (CISO)
Chief Information Security Officer (CISO)
Chief Information Security Officers (CISOs) are responsible for developing and implementing an organization's security strategy. SweetPotato may help you get into this field by exposing you to the kind of techniques that malicious attackers might use. You can use this knowledge to protect data-driven organizations from these or similar attacks in the future.
Data Analyst
Data Analyst
Data Analysts work with big data and use both technical and analytical skills to uncover insights that can help organizations make better decisions, increase revenue, or streamline operations. SweetPotato may help you get into this field by exposing you to the kind of techniques that malicious attackers might use. You can use this knowledge to take steps to protect data-driven organizations from these or similar attacks in the future.
For more career information including salaries, visit:
OpenCourser.com/course/ywoz55/privilege
Reading list
We've selected six books
that we think will supplement your
learning. Use these to
develop background knowledge, enrich your coursework, and gain a
deeper understanding of the topics covered in
Privilege Escalation with SweetPotato.
Provides a broader perspective on hacking techniques, including privilege escalation, offering valuable background knowledge.
Serves as an authoritative reference on the inner workings of Windows, providing a deeper understanding of the underlying system.
Offers a practical guide to hacking techniques, including privilege escalation, with a focus on real-world scenarios.
Serves as a valuable resource for penetration testers, covering privilege escalation techniques using Metasploit.
Provides a foundation in memory forensics, which is relevant to privilege escalation techniques that involve memory manipulation.
Provides a broad overview of ethical hacking techniques, including privilege escalation.
For more information about how these books relate to this course, visit:
OpenCourser.com/course/ywoz55/privilege
Share
Similar courses
Here are nine courses similar to
Privilege Escalation with SweetPotato.
Privilege Escalation with SharpUp
OpenCourser.com/course/q5u5km/privilege
Privilege Escalation with SharpUp
Most relevant
Privilege Escalation with Rubeus
OpenCourser.com/course/48nhsn/privilege
Privilege Escalation with Rubeus
Most relevant
Privilege Escalation with UACMe
OpenCourser.com/course/65ntg9/privilege
Privilege Escalation with UACMe
Most relevant
Credential Access with LaZagne
OpenCourser.com/course/n2bhqk/credential
Credential Access with LaZagne
Most relevant
Post Exploitation with PowerShell
OpenCourser.com/course/583mb7/post
Post Exploitation with PowerShell
Most relevant
Command and Control with PoshC2
OpenCourser.com/course/cyr9jd/command
Command and Control with PoshC2
Most relevant
Privilege Escalation with PEASS-NG
OpenCourser.com/course/ohs5m0/privilege
Privilege Escalation with PEASS-NG
Most relevant
Privilege Escalation with Certify
OpenCourser.com/course/z1ua66/privilege
Privilege Escalation with Certify
Most relevant
Post Exploitation with Meterpreter
OpenCourser.com/course/njw1lh/post
Post Exploitation with Meterpreter
Most relevant
Time
14 hours
Level
Intermediate
Via
Pluralsight
Instructor
Ricardo Reimao
Language
English
Good to know
Taught by Ricardo Reimao who are recognized for their work in red team engagements
Develops skills and knowledge which are core for red team engagements
Utilizes SweetPotato tool which is highly relevant to the topic of privilege escalation
Hands-on with interactive materials like labs for privilege escalation
Caveat: Assumes students have prior knowledge of red team engagements
Our mission
OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.
Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.
Find this site helpful? Tell a friend about us.
Affiliate disclosure
We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.
Your purchases help us maintain our catalog and keep our servers humming without ads.
Thank you for supporting OpenCourser.
© 2016 - 2024 OpenCourser