You're reading from PowerShell Automation and Scripting for Cybersecurity Hacking and defense for red and blue teamers

Product type Paperback

Published in Aug 2023

Publisher Packt

ISBN-13 9781800566378

Length 572 pages

Edition 1st Edition

Languages

PowerShell

Tools

PowerShell

Concepts

Cybersecurity

Author (1):

Miriam C. Wiesner

View More author details

Table of Contents (19) Chapters

Preface

1. Part 1: PowerShell Fundamentals

2. Chapter 1: Getting Started with PowerShell FREE CHAPTER

3. Chapter 2: PowerShell Scripting Fundamentals

4. Chapter 3: Exploring PowerShell Remote Management Technologies and PowerShell Remoting

5. Chapter 4: Detection – Auditing and Monitoring

6. Part 2: Digging Deeper – Identities, System Access, and Day-to-Day Security Tasks

7. Chapter 5: PowerShell Is Powerful – System and API Access

8. Chapter 6: Active Directory – Attacks and Mitigation

9. Chapter 7: Hacking the Cloud – Exploiting Azure Active Directory/Entra ID

10. Chapter 8: Red Team Tasks and Cookbook

11. Chapter 9: Blue Team Tasks and Cookbook

12. Part 3: Securing PowerShell – Effective Mitigations In Detail

13. Chapter 10: Language Modes and Just Enough Administration (JEA)

14. Chapter 11: AppLocker, Application Control, and Code Signing

15. Chapter 12: Exploring the Antimalware Scan Interface (AMSI)

16. Chapter 13: What Else? – Further Mitigations and Resources

17. Index

Why subscribe?

18. Other Books You May Enjoy

Summary

In this chapter, you have learned what language modes are and how they differ from JEA. You have also learned what JEA is and how to set it up.

You now know which parameters you can use to create your own customized JEA role capability and session configuration files (or at least where to go in the book to look for them) and how to register and deploy your JEA endpoints.

Following the examples from this book’s GitHub repository, you have managed to create and explore your own JEA sessions, and you have been provided with an option on how to create a simple first configuration out of your own environment, using JEAnalyzer. Of course, you will still need to fine-tune your configuration, but the first step is done easily.

You have explored how to interpret logging files to correlate JEA sessions over different event logs and what kinds of risks to look out for when creating your JEA configurations.

JEA is a great step to define which commands can be executed...

The rest of the chapter is locked

You're reading from PowerShell Automation and Scripting for Cybersecurity Hacking and defense for red and blue teamers

Table of Contents (19) Chapters

Summary

Authors (1)

Personalised recommendations for you

You're reading from PowerShell Automation and Scripting for Cybersecurity Hacking and defense for red and blue teamers

Table of Contents (19) Chapters

Summary

Unlock this book and the full library FREE for 7 days

Authors (1)

Personalised recommendations for you