Coding for Hackers

Languages › PowerShell

PowerShell

Roadmap

The Windows automation language red teams live in.

Learning Path Available — Lessons Currently Being Developed

Overview

PowerShell is the native automation and administration language of Windows, which makes it the natural language of Windows post-exploitation. Living-off-the-land, AD enumeration, and in-memory execution all run through it — and so does the defensive tooling watching for them. Learning PowerShell means operating in, and understanding the detection of, real Windows environments.

Why learn PowerShell

  • It is the native language of Windows automation and post-exploitation.
  • AD enumeration and living-off-the-land techniques are PowerShell.
  • Understanding it means understanding what defenders detect.

Security applications

  • Windows post-exploitation and enumeration
  • Active Directory assessment
  • Living-off-the-land techniques
  • In-memory execution concepts
  • Understanding AMSI and script-block logging

Planned curriculum

  1. PowerShell syntax and objects
  2. The pipeline and cmdlets
  3. Windows and AD enumeration
  4. File and registry operations
  5. Remoting and lateral movement concepts
  6. AMSI and logging awareness
  7. Building enumeration scripts
  8. Defensive detection of PowerShell
This path is on the roadmap. The four live courses (Python, JavaScript, Bash, Regex) will teach you most of what carries over.

Related languages

Bash Live C# Roadmap Python Live