We may earn an affiliate commission when you visit our partners.
Course image
Ricardo Reimao
One of the main objectives of a red team engagement is to not get caught by the client detection mechanisms. If you simply run your malicious code in a production server, you will most likely get caught by the Windows defender or the anti-virus solution. For this reason, obfuscating scripts to bypass those detection mechanisms is essential. In this course, Detection Evasion with Invoke-Obfuscation, you will explore how to bypass detection tools such as anti-virus solutions by obfuscating your malicious scripts. First, you will learn what script obfuscation is and how you can use it in your red team engagement. Then, you will see...
Read more
One of the main objectives of a red team engagement is to not get caught by the client detection mechanisms. If you simply run your malicious code in a production server, you will most likely get caught by the Windows defender or the anti-virus solution. For this reason, obfuscating scripts to bypass those detection mechanisms is essential. In this course, Detection Evasion with Invoke-Obfuscation, you will explore how to bypass detection tools such as anti-virus solutions by obfuscating your malicious scripts. First, you will learn what script obfuscation is and how you can use it in your red team engagement. Then, you will see how to install the tool in Kali Linux. Finally, you will explore how to use the Invoke-Obfuscation tool to bypass the anti-virus and run a malicious payload in a fully patched Windows server. By the end of this course, you will know how to use the Invoke-Obfuscation PowerShell tool to obfuscate other PowerShell scripts, with the intent of evading detection. This course covers two important tactics from the Mitre Att&ck framework: Obfuscated Files or Information (T1027) and Deobfuscate/Decode Files or Information (T1140).
Enroll now

Good to know

Know what's good
, what to watch for
, and possible dealbreakers
Explores techniques to evade detection, which is used in red team engagements for bypassing anti-virus and security mechanisms
Taught by Ricardo Reimao, who has expertise in red team engagement and detection evasion
Develops skills in obfuscating PowerShell scripts to bypass detection, which is a core skill for red team engagements
Covers important tactics from the Mitre Att&ck framework: Obfuscated Files or Information (T1027) and Deobfuscate/Decode Files or Information (T1140), which are relevant to security professionals and red teamers

Save this course

Save Defense Evasion with Invoke-Obfuscation to your list so you can find it easily later:
Save

Activities

Coming soon We're preparing activities for Defense Evasion with Invoke-Obfuscation. These are activities you can do either before, during, or after a course.

Career center

Learners who complete Defense Evasion with Invoke-Obfuscation will develop knowledge and skills that may be useful to these careers:
Malware Analyst
Malware Analysts are responsible for analyzing malware and developing methods to detect, prevent, and remove it. They work with security teams to investigate security breaches and develop countermeasures. The Defense Evasion with Invoke-Obfuscation course can be useful for those who want to enter this field, as it will give them hands-on experience in analyzing and evading malware.
Penetration Tester
Penetration Testers are responsible for testing the security of an organization's computer networks and systems. They use various tools and techniques to identify vulnerabilities and weaknesses that could be exploited by attackers. The Defense Evasion with Invoke-Obfuscation course can be helpful for those who want to enter this field, as it will give them hands-on experience in using obfuscation techniques to bypass detection tools.
Incident Responder
Incident Responders are responsible for responding to security breaches and other security incidents. They work with security teams to investigate incidents, contain damage, and restore systems to normal operation. The Defense Evasion with Invoke-Obfuscation course can be helpful for those who want to enter this field, as it will give them hands-on experience in analyzing and evading malware.
Vulnerability Researcher
Vulnerability Researchers are responsible for finding and reporting vulnerabilities in software and hardware. They work with vendors to develop patches and fixes for vulnerabilities. The Defense Evasion with Invoke-Obfuscation course may be useful for those who want to enter this field, as it will help them develop skills in bypassing detection tools and running malicious payloads in a fully patched Windows server.
Cybersecurity Consultant
Cybersecurity Consultants provide advice and guidance to organizations on how to protect their computer networks and systems from threats. They work with clients to assess risks, develop security plans, and implement security measures. The Defense Evasion with Invoke-Obfuscation course can be helpful for those who want to enter this field, as it will help them develop skills in bypassing detection tools and running malicious payloads in a fully patched Windows server.
Threat Intelligence Analyst
Threat Intelligence Analysts are responsible for gathering and analyzing information about threats to an organization's computer networks and systems. They work with security teams to develop and implement security measures. The Defense Evasion with Invoke-Obfuscation course may be useful for those who want to enter this field, as it will help them develop skills in bypassing detection tools and running malicious payloads in a fully patched Windows server.
Forensic Analyst
Forensic Analysts are responsible for investigating computer crimes and other security incidents. They work with law enforcement and security teams to collect evidence, analyze data, and develop reports. The Defense Evasion with Invoke-Obfuscation course may be useful for those who want to enter this field, as it will help them develop skills in bypassing detection tools and running malicious payloads in a fully patched Windows server.
Cybersecurity Engineer
Cybersecurity Engineers are responsible for designing, implementing, and maintaining the security of an organization's computer networks and systems. They work with security teams to develop and implement security policies and procedures. The Defense Evasion with Invoke-Obfuscation course may be useful for those who want to enter this field, as it will help them develop skills in bypassing detection tools and running malicious payloads in a fully patched Windows server.
Network Security Engineer
Network Security Engineers are responsible for designing, implementing, and maintaining the security of an organization's computer networks. They work with security teams to develop and implement security policies and procedures. The Defense Evasion with Invoke-Obfuscation course may be useful for those who want to enter this field, as it will help them develop skills in bypassing detection tools and running malicious payloads in a fully patched Windows server.
Security Analyst
Security Analysts are responsible for the protection of an organization's computer networks and data from potential threats. They monitor systems for suspicious activity, investigate security breaches, and develop and implement security measures. The Defense Evasion with Invoke-Obfuscation course may be useful for those who want to enter this field, as it will help them develop skills in bypassing detection tools and running malicious payloads in a fully patched Windows server.

Reading list

We've selected five books that we think will supplement your learning. Use these to develop background knowledge, enrich your coursework, and gain a deeper understanding of the topics covered in Defense Evasion with Invoke-Obfuscation.
Provides a deep dive into the inner workings of Windows, giving learners a strong foundation for understanding how detection mechanisms work and how to bypass them.
Provides a comprehensive overview of memory forensics techniques, which can be applied to detecting and evading evasion techniques.
Although not specifically about PowerShell, it provides a solid foundation in malware analysis, which is highly relevant to understanding and evading detection mechanisms.
Provides practical guidance on pen testing techniques, including methods for evading detection mechanisms.
While not directly related to technical evasion techniques, this book offers valuable insights into the psychology of deception and social engineering, which can be applied to red team engagements.

Share

Help others find this course page by sharing it with your friends and followers:

Similar courses

Similar courses are unavailable at this time. Please try again later.
Our mission

OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.

Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.

Find this site helpful? Tell a friend about us.

Affiliate disclosure

We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.

Your purchases help us maintain our catalog and keep our servers humming without ads.

Thank you for supporting OpenCourser.

© 2016 - 2024 OpenCourser