Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Pluralsight

Persistence with Impacket

via Pluralsight

Overview

Maintaining foothold of compromised servers is a key step during a red team engagement. In this course, you will learn persistence using Impacket.

In a red team engagement, after getting access to servers, it is important that you create persistence in your targets. In this way, you can access the servers at anytime, even if the original point of entry is patched. In this course, Persistence with Impacket, you’ll learn how to utilize the Impacket framework to maintain foothold in a red team environment. First, you’ll explore the basics of persistence and how to install the Impacket framework. Next, you'll discover how to use Impacket to create persistence via WMI event triggers. Finally, you’ll learn how to harvest hashes so you can use the accounts to access the environment later. When you’re finished with this course, you’ll have the skills and knowledge of Impacket needed to execute these techniques: Event Triggered Execution (T1546), Valid Accounts (T1078) and Windows Management Instrumentation (T1047).

Syllabus

  • Course Overview 1min
  • Persistence with Impacket 16mins
  • Resources 1min

Taught by

Ricardo Reimao

Reviews

Start your review of Persistence with Impacket

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.