Live Cyber Attack Lab 🎯 Watch our IR team detect & respond to a rogue insider trying to steal data! Choose a Session

X

PowerShell

Articles

PowerShell Variable Scope Guide: Using Scope in Scripts and Modules

PowerShell uses variables to store information that can be useful later on. Variables also make it easy to change values in multiple places by changing the variable’s definition. You can...

Read More

How to Merge in Git: Remote and Local Git Repositories Tutorial

In my previous article “How to Revert a Commit in Git” (a PowerShell Git tutorial), I showed how you can use a local PowerShell Git repository and utilize the benefits...

Read More

How to Revert a Commit in Git (PowerShell Git Tutorial)

Whether you write scripts in isolation or work with a team, the ability to track versions of code is essential. You may add code that ends up not working out,...

Read More

Exfiltrate NTLM Hashes with PowerShell Profiles

The privilege escalation method shown in this article is a variant used by Russian-based espionage groups. It outlines an attacker’s ability to leverage built-in PowerShell features to execute arbitrary commands...

Read More

How to Connect to Office 365 PowerShell: Azure AD Modules

This post will cover how to connect PowerShell to Office 365 (Azure Active Directory (Azure AD)), which manages Microsoft 365 tenant identities and licenses. I will also cover connecting to...

Read More

Windows Management Instrumentation (WMI) Guide: Understanding WMI Attacks

Windows Management Instrumentation (WMI) is a subsystem of PowerShell that gives admins access to powerful system monitoring tools. Though this system has been designed to allow for fast, efficient system...

Read More

PowerShell Array Guide: How to Use and Create

Arrays are a fundamental feature of PowerShell. Arrays make it possible to ingest, manipulate and output true data structures (and not just raw strings). This capability makes PowerShell different and...

Read More

Insider Threats: Hard Lessons From WMI Eventing and Surveillance

Last time, we explored how a hypothetical insider could use the Windows Management Interface (WMI) and its eventing system to surveil other employees. No, I’m not the first person to...

Read More

Windows PowerShell Scripting Tutorial For Beginners

Windows PowerShell is a powerful tool for automating tasks and simplifying configuration and can be used to automate almost any task in the Windows ecosystem, including active directory and exchange....

Read More

How To Use PowerShell for Privilege Escalation with Local Computer Accounts

Privilege escalation is when an attacker is able to exploit the current rights of an account to gain additional, unexpected access. While this can be caused by zero-day vulnerabilities, state-level...

Read More
 

Does your cybersecurity start at the heart?

Get a highly customized data risk assessment run by engineers who are obsessed with data security.