{"product_id":"powershell-automation-and-scripting-for-miriam-c-wiesner-9781800566378","title":"PowerShell Automation and Scripting for Cybersecurity: Hacking and defense for red and blue teamers","description":"\u003cp\u003e\u003cstrong\u003eExplore PowerShell's offensive and defensive capabilities to strengthen your organization's security with this practical guide\u003c\/strong\u003e\u003c\/p\u003e\u003cp\u003e\u003cstrong\u003ePurchase of the print or Kindle book includes a free PDF eBook\u003c\/strong\u003e\u003c\/p\u003eKey Features\u003cul\u003e\n\u003cli\u003eMaster PowerShell for security by configuring, auditing, monitoring, exploiting, and bypassing defenses\u003c\/li\u003e\n\u003cli\u003eResearch and develop methods to bypass security features and use stealthy tradecraft\u003c\/li\u003e\n\u003cli\u003eExplore essential security features in PowerShell and protect your environment against exploits and bypasses\u003c\/li\u003e\n\u003c\/ul\u003eBook Description\u003cp\u003eTake your cybersecurity skills to the next level with this comprehensive guide to PowerShell security! Whether you're a red or blue teamer, you'll gain a deep understanding of PowerShell's security capabilities and how to use them. \u003c\/p\u003e\u003cp\u003eAfter revisiting PowerShell basics and scripting fundamentals, you'll dive into PowerShell Remoting and remote management technologies. You'll learn how to configure and analyze Windows event logs and understand the most important event logs and IDs to monitor your environment. You'll dig deeper into PowerShell's capabilities to interact with the underlying system, Active Directory and Azure AD. Additionally, you'll explore Windows internals including APIs and WMI, and how to run PowerShell without powershell.exe. You'll uncover authentication protocols, enumeration, credential theft, and exploitation, to help mitigate risks in your environment, along with a red and blue team cookbook for day-to-day security tasks. Finally, you'll delve into mitigations, including Just Enough Administration, AMSI, application control, and code signing, with a focus on configuration, risks, exploitation, bypasses, and best practices. \u003c\/p\u003e\u003cp\u003eBy the end of this book, you'll have a deep understanding of how to employ PowerShell from both a red and blue team perspective.\u003c\/p\u003eWhat you will learn\u003cul\u003e\n\u003cli\u003eLeverage PowerShell, its mitigation techniques, and detect attacks\u003c\/li\u003e\n\u003cli\u003eFortify your environment and systems against threats\u003c\/li\u003e\n\u003cli\u003eGet unique insights into event logs and IDs in relation to PowerShell and detect attacks\u003c\/li\u003e\n\u003cli\u003eConfigure PSRemoting and learn about risks, bypasses, and best practices\u003c\/li\u003e\n\u003cli\u003eUse PowerShell for system access, exploitation, and hijacking\u003c\/li\u003e\n\u003cli\u003eRed and blue team introduction to Active Directory and Azure AD security\u003c\/li\u003e\n\u003cli\u003eDiscover PowerShell security measures for attacks that go deeper than simple commands\u003c\/li\u003e\n\u003cli\u003eExplore JEA to restrict what commands can be executed\u003c\/li\u003e\n\u003c\/ul\u003eWho this book is for\u003cp\u003eThis book is for security professionals, penetration testers, system administrators, and red and blue teams looking to learn how to leverage PowerShell for security operations. A basic understanding of PowerShell, cybersecurity fundamentals, and scripting is a must. For some parts a basic understanding of active directory, C++\/C#, and assembly can be beneficial.\u003c\/p\u003eTable of Contents\u003col\u003e\n\u003cli\u003eGetting Started with PowerShell\u003c\/li\u003e\n\u003cli\u003ePowerShell Scripting Fundamentals\u003c\/li\u003e\n\u003cli\u003eExploring PowerShell Remote Management Technologies and PowerShell Remoting\u003c\/li\u003e\n\u003cli\u003eDetection - Auditing and Monitoring\u003c\/li\u003e\n\u003cli\u003ePowerShell Is Powerful - System and API Access\u003c\/li\u003e\n\u003cli\u003eActive Directory - Attacks and Mitigation\u003c\/li\u003e\n\u003cli\u003eHacking the Cloud - Exploiting Azure Active Directory\/Entra ID\u003c\/li\u003e\n\u003cli\u003eRed Team Tasks and Cookbook\u003c\/li\u003e\n\u003cli\u003eBlue Team Tasks and Cookbook\u003c\/li\u003e\n\u003cli\u003eLanguage Modes and Just Enough Administration (JEA)\u003c\/li\u003e\n\u003cli\u003eAppLocker, Application Control, and Code Signing\u003c\/li\u003e\n\u003cli\u003eExploring the Antimalware Scan Interface (AMSI)\u003c\/li\u003e\n\u003cli\u003eWhat Else? - Further Mitigations and Resources\u003c\/li\u003e\n\u003c\/ol\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eAuthor:\u003c\/b\u003e Miriam C. Wiesner\u003cbr\u003e\u003cb\u003eISBN-10:\u003c\/b\u003e 1800566379\u003cbr\u003e\u003cb\u003eISBN-13:\u003c\/b\u003e 9781800566378\u003cbr\u003e\u003cb\u003ePublisher:\u003c\/b\u003e Packt Publishing\u003cbr\u003e\u003cb\u003eLanguage:\u003c\/b\u003e English\u003cbr\u003e\u003cb\u003ePublished:\u003c\/b\u003e 08\/16\/2023\u003cbr\u003e\u003cb\u003ePages:\u003c\/b\u003e 572\u003cbr\u003e\u003cb\u003eFormat:\u003c\/b\u003e Paperback\u003cbr\u003e\u003cb\u003eWeight:\u003c\/b\u003e 2.14lbs\u003cbr\u003e\u003cb\u003eSize:\u003c\/b\u003e 9.25h x 7.50w x 1.16d","brand":"Miriam C. Wiesner","offers":[{"title":"Paperback","offer_id":45476923932927,"sku":"9781800566378","price":49.99,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0662\/2982\/9887\/files\/img_b74b480e-0e49-45c5-bd4b-6c5c9a092660.jpg?v=1715918551","url":"https:\/\/www.whiterainbookhouse.com\/products\/powershell-automation-and-scripting-for-miriam-c-wiesner-9781800566378","provider":"WR Book House","version":"1.0","type":"link"}