Learn PowerShell!

John Hammond · Beginner ·🔐 Cybersecurity ·4mo ago

Key Takeaways

Teaches PowerShell skills for cybersecurity applications

Full Transcript

Learn cyber security and focus technical training with just hacking.com where allstar instructors and industry experts provide hands-on, affordable, and practical learning across courses, free upskill challenges, hackalong training videos, and capture the flag competitions. There's always something to hack. With new content twice a month, all throughout the year, plus bimonthly live streams, you can sharpen your skills in our ondemand and interactive lab environments. Advance your career and level up regardless of your experience or budget. Forget all the noise and get to just hacking. Sign up now at just hacking.com. Woo! Hello everybody. Goodness gracious. Welcome. Happy Friday. Hey, forgive me. I think I was just a few moments, minutes, seconds to spare. A little bit late today. My fault. Running around, staying busy. But thank goodness it is Friday. Look. Hey, thank you all. Thank you all so much for coming to hang out with us. Uh it is the third week of the month. And hey, for those that are tracking over on the JHT or just hacking training world and realm that we're in, uh, you know, the usual tradition is, hey, we're doing some live streams usually about the first week of every month and the third week of every month. So, it's time for another JHT, Just Hacking Training live stream. Uh, look, we have a super duper special guest today. Uh, we'll be teeing up Andrew Plaw to dig into some awesome PowerShell stuff. But if you're willing, uh, you know, I usually just roll through the announcements, try to cruise through maybe 10, hopefully not more than that. Uh, 15. Hopefully it doesn't take me too long. But I do want to tell you about all the sweet stuff that we've been up to and the crew over at JHT and uh, things that we've got to show for you. So, look, if I may, I'm going to go ahead and share my screen because I can bring up home base HQ headquarters for all things just hacking training. and uh we'll just kind of dive in. There is a lot of sweet stuff to talk about today. So, I'm hoping I'm at the right place. I'm hoping I'm over at justing.com. You all know that is where the party is. And look, in case folks aren't familiar, if you're just diving into this live stream, if you've never seen one of these things before, look, JHT just hacking training is the extra endeavor, the other initiative to get more cyber security education, more awareness, more hands-on training, like real practical applicationbased stuff across the industry of cyber security with more incredible people like it. It can't be just me. It's not just me anymore. So, we know what, you know, we'll we'll we'll shine the spotlight on a handful of other incredible folks in the industry and industry experts that are doing awesome cyber security stuff. And that's what JHT has really become all about, which I love. Like, it's it's amazing to see how much it has grown. But, uh, we do these live streams just about all the time, staying busy with it. And look, I gotta be honest. If you are not able to catch the live stream, if you got a dash, yes, the answer to the question is it is being recorded. We we do have our live streams page that you could track down on the events PE section here that uh talks a little bit about all the stuff that we're up to. And let me jump right back to the live stream page. You'll have another section there for the conferences or the real world events that we're at. But in case you're digital, in case you're online, the live stream section is really where you get the whole archive of everything that we're up to, all of the other live streams that we've done in the past. So whether or not we're hanging out with Andrew, whether or not we're hanging out with Adrian, whether or not we're hanging out with Rob or hey Trevor or Michelle or Katie, there are so many awesome and incredible people and it's really really sweet to be able to uh showcase these all here. That's the resource. That is the events page for our live streams. And yes, answer to the question, this is being recorded. [laughter] Hey, let me tell you about another awesome thing. And I know I'm moving quick. I am trying to cruise through the announcements, but we have something really, really special. Something that I am just genuinely happy about, like super stoked. We've got an awesome strategic partnership all throughout 2026 with uh women in cyber security. And I love their mission. I love the init initiative, the effort that they're all doing. We have some incredible things planned for March coming up next month for Women's History Month. And something that we're stoked about is actually a little bit of a contest. We thought it would be fun to get a little bit some more engagement, some more activity here. So, we will have a contest with a little bit more details probably announced at the next live stream. Um, looking at the calendar, I think that is Friday, March 6th. So very very cool things to get together withis women in cyber security. The contest that we're doing in that live stream on March 6th is a little bit of an early celebration for International Women's History Day. Excuse me, International Women's Day on March 8th. I believe that's a Sunday, but we normally do our live streams on a Friday. So March 6th is that. But let me say, I got to admit, the following live stream, if you're tracking the weeks, if you're tracking the dates, you totally don't have to. You're going to see it on the internet, social media. You know, I'll be screaming and shouting about it. We'll do the contest winners announcing on uh the live stream on March 19th. But for anyone tracking the calendar, I said, "Oh, we normally do these on Friday." Uh March 19th is a Thursday. But the reason we're doing that is because again, we all want to get all the timing here for Weissus and the sweet partnership and collaboration that we have. But one of the coolest things, as I was alluding to, those conferences, those events, those real world activities, we're going to be off over at RSA and Bside San Francisco. So we'll get together with themus for the live stream on Thursday, March 19th because pretty soon after that we're going to be over at RSA and besides San Francisco, I'll be in San Francisco for that whole week. It is going to be a long time in San Francisco, but we're going to have some fun and I'm just stoked to be able to get together with all of them. This is the conferences page. again accessible from the events tab in the navigation and you'll be able to get a quick little glimpse at everything that we're up to for the year. Um I you know like someone that we really love to be able to get out and about in the community is a sweet collaboration uh partnership and work with IoT Village or the internet of things. Um that is an annual sponsorship that we do to be able to be with them be part of the party for all the events that we're kind of up and about together. So, I am stoked to be able to be there in person and get some of the sweet signage, to get some of the the stickers and have some t-shirts to hand out. Like, it feels so cool and so real that hey, just hack and training JHT is is moving and shaking. So, I hope you'll be there. I hope you'll come say hi. I hope we can get a cool little selfie, take a pic together. Uh maybe get some swag. We'll hand out the t-shirts, the stickers, maybe do some sweet lock pickicking. We've done that in the past for some of their Bides events. And we actually have for besides NRSA a new hands-on workshop which uh we're pretty excited about. I don't know if you were tracking last time when we go to events we like to bring this like router reverse engineering like a little bit of internet of things IoT hacking but uh we've got something new cooking up along the same veins along the same line. So really genuinely excited to be with you all in person. But uh that's it. That's the That's the spiel for those events coming up soon. And in case you missed it, last stream together for the first week of the month, we like to announce the new like course launches, the new releases that are, hey, kind of a ticket item to get that beautifully bundled up and packaged education. The third week of the month is when we do some of the free upskill challenges. So, I'll tell you more about those in just a second, but I was stoked to get dark web 2 out the door. I don't want to fall down the rabbit hole on this too much. You know, uh we originally had uh the dark web 1 uh course to talk a little bit more about the culture, the ecosystem, underground cyber crime syndicates, the dark web shenanigans, but DW2 we very intentionally called like CTI researcher or cyber threat intelligence researcher because this one gets a lot more tactical. This is all about getting into the tour onion links, seeing that stuff kind of under the curtain. So, uh, it's been great to see this thing come to life and genuinely for the past couple of weeks, I really just appreciate all your support because it felt good to get this out and, uh, we've seen this really, uh, I hope be really valuable for you all. Uh, I will say that is still running with, I believe, the 20% off discount code. Uh, totally already applied. There's no like coupon or specific code you need to enter, but uh that for dark web 1 and for dark web 2 is running through the very end of the month. So I think February 28th, midnight Eastern time is when that thing will expire. But you can always snag the bundle to get both DW1 and DW2. Uh if you want to fall down the rabbit hole on all of that sweet stuff. But it feels good to be able to get that out the door. And thank you, thank you, thank you genuinely the kind of response and support from that has been phenomenal. So thank you, thank you for all uh letting me continue the party. But today and the third live stream, the third week whenever we do these live streams together, we get to talk a little bit about the free stuff. Hey, the stuff that we just want to make sure it's easily accessible to you uh without some silly price tag, without something that makes it a list item, but this is where we have a lot of fun because we're cranking out what we call these upscale challenges or UC kind of an acronym, right? And those are meant to be the bite-size, totally digestible, simple, and easy stuff that you could go ahead and dive into. And we for today, for realistically the third week of the month, have a lot of really cool new releases. uh some that are still, I'll be honest, in the works. One that we did want to give some love to is uh Nessus. We'll have this one probably out next week. This is like pentesting for the masses. A little bit more introduction to vulnerability scanning and getting a little bit sharper with the Nessus tool. But I didn't want to come out and say, "Oh, hey, we don't we don't really have that to show for you." What we do have is some cool cool stuff for maritime cyber security. And I love this. Like this is genuinely awesome. I feel like just hacking trading. Look, we've hacked satellites. We've hacked quantum computers. We I We're going to do some car hacking. We're going to hack some airplanes and all that, but right now we're hacking boats. [laughter] And that is just so cool. My good friends James Campbell and Dean Mas have been putting together some incredible stuff on ship security. And this is realistically going to become a bit of a bigger series. I think they'll have a little bit more upscale challenges to kind of, hey, keep your toes in the water here. No pun intended, but there will there might be I I don't want to, you know, kiss and tell here. There there there are a lot of good plans for a full-blown course on ship security and maritime cyber security and hacking boats, dude. Like, that's just cool. That's just cool. So really really stoked about this and I'm just so grateful for James and Dean being willing to join the party here. I did want to show you a little bit of a teaser for what the upskill challenge again totally free again $0 no gate. You can just dive in take a look at what this has to offer here. But uh really really really genuinely excited about shipboard security, maritime cyber security and hacking boats. Man, that's awesome. Anyway, the star of the show today is Andrew. And if folks aren't familiar, Andrew is fantastic and phenomenal. He's a PowerShell guru. He's a host of the PowerShell podcast and he's one of the sweet Microsoft MVP. I think we could say it. You know, I'm going to keep mentioning it. I think it's awesome. But Andrew is a great friend. Uh we got together some time ago for some other recordings, some other podcast work together. but he has been putting together some awesome free upskill challenges. This is actually the second of his and he just loves PowerShell which I'm stoked about because I think there is so much opportunity and so many things you can do with PowerShell. Uh both offensive security and defensive security and CIS admin work and you know regular IT stuff you got to get done. But take a look. A couple of his upskill challenges were getting started in PowerShell, a little bit more with specific APIs or interacting with some external resources. So Andrew is just awesome and I am stoked to be able to let him join the party here and I hope you do dive into his upskill challenge. Show him some love and dig into PowerShell 7 and the latest. But anyway, I'm done talking you up, my friend. Andrew, if you're with me, you know, I can't really see behind the scenes. I'll I'll stop my screen share and I'll cross my fingers. Are you here with me? Are you ready to do this thing? Microsoft MVP, host of the PowerShell podcast, Andrew, I'm going to bring you in the show. Andrew Pla. >> Hello. Hello. Hello. You can hear me? Yeah, we're good. >> I got you. Yeah. Yeah. Yeah. >> Sweet. Um, >> how are you doing, my friend? >> Oh my gosh. Well, you said I like PowerShell. Yeah, man. I'm back here trying to not rant about it a little bit. Um, I'm doing well, man. How are you? >> I'm good. I'm good. And hey, you know, we keep it casual. You know, we keep it friendly. So, we can totally nerd out about PowerShell, my friend. >> Yeah. Well, well, good because that's sort of the space I live in. I was thinking about what are we going to do with this? You know, we got a couple courses out there. Do I want to try and show off and be like, oh, invoke REST method and REST API is going to change the world or do I want to take the approach and get people hyped about PowerShell? And I feel like when I what I know about PowerShell and people who learn it, a lot of people know about it. They've seen it. they've watched your videos and see the way that it's used in different uh contexts, but a lot of times they're hesitant to actually start because they maybe think it's a little cumbersome. It's not worth the effort. And for some people it might not be, but I think for a large majority of people, it is a fantastic fit and it is not as complicated as it might look whenever you look at these wild oneliners that are used in certain attacks or these fancy modules that people use. So, I think we're gonna get people a little bit hyped and then show them, you know, how you can take PowerShell from what you're doing here to the world at large using REST APIs and other things like that. So, I'm ready. >> Sweet. What do you think? Do we dive into any like showand tell? You want to go straight into a demo or do we need to banter your pregame a little bit more? What else is on your world? >> I want to show things as we talk, you know, just a little bit. I don't want to hit everyone with everything at the same time. Let me click screen share here. Um, but I, you know, I want to show how PowerShell is kind of cavemanlike in some ways. [laughter] What do I mean by that? I don't know. We'll find out. All right. Screen size looking all good. >> It is. Uh, we'll tune into chat. We might be able to bump it up if control plus or control shift plus, whatever it takes for editor size, but yeah, you got it. >> Yeah, we'll do one more for all time sake. All right, so I'm using uh this thing called VS Code. Okay, if you don't have VS Code set up, you think this is all developer stuff, no worries. You don't need this whole fancy setup to get started with PowerShell. A lot of people use different editors. I think eventually, you know, learning how to use VS Code is going to be worth it, but we can only learn one thing at a time, John. There's a lot out there to learn. Question people have though a lot is what version of PowerShell do I use? And I the default answer for pretty much every Microsoft MVP that they'll say and people who are using PowerShell is you got to be on the latest and greatest. You got to be on PowerShell 7. And I think that's there's a lot of strong arguments for that. But I think that for people who are just getting started, if you are newer to this, it's slightly overwhelming. You should stick with whatever is installed. So if you open up PowerShell and it's Windows PowerShell, use that for the first week or two, you know, as you're getting used to commands. But ultimately, you kind of want to use the latest and greatest that's getting features and is not just kind of in maintenance mode and only gets fixes when there's big security issues. >> Yeah. Normally I feel like I see PowerShell 5 just kind of out of the gate normal natural right is it do you got to bring yourself up to PowerShell 7 but there's a lot of delineation now like it's not just Windows PowerShell now there's PowerShell core it could it could run everywhere right >> yeah and know it's crossplatform and open source and most environments they have Windows PowerShell because Windows devices ship with it so you're going to have that in on your endpoints if you're managing things or you know if you're maybe thinking on the more attacker side Windows PowerShell is installing PowerShell 7 is a choice. So what I normally see is people like me, we're using PowerShell, we're using different tools that are being updated. I will use Windows, sorry, PowerShell 7. And the devices that I may be managing, they'll be on Windows PowerShell. There's a couple quirks here and there, but overall that's definitely the right approach. And PowerShell 7, oh, there's some of the features that are improved are just they'll make you bash your head, especially with invoke rest method. Uh it's way easier in PowerShell 7, which is why I really wanted to tie the two together. Um but there's nothing wrong with rocking Windows PowerShell, and a lot of people do and have great effect to it. It's just worth being aware that there's not any new features kind of coming out to it. And PowerShell 7 is the future of sorts. But you might have a question. Ah, what PowerShell version am I on? Oh, great question, John. For me, I'm on 7.5.4. And for those at home, they want to know, you can call this variable right here PS version table. And no matter what version of PowerShell you're on, it's going to have some good juicy details about it for you. All right. Now, I mentioned caveman earlier. What does caveman mean? you know, it it kind of refers to, and I love it because people are intimidated when they see these wild PowerShell commands, but when we really take a second to pause and look at it, you might discover there's a little bit of a nuance and a beauty to it. So, let's just take a look at this first thing right here. Okay, we got We won't worry about what it does yet, but let's just read. We got this thing get command. Okay. Now, if I were to translate what I think that does, I think it gets commands. You see, we're like a little bit, you know, um like Kevin in the office. Why use many word when few word do good? That's what we're seeing right here. >> It works. >> It it does, but if we worry about all the details, it can get a little overwhelming. But let's see. We got get command verb get. Okay, let's just run this and kind of break things down from there because git command is not only the kind of thing you can read and understand what it generally does, but oh my gosh, it's kind of critical. Uh, so git command, what does it do? It shows you the commands that are available to you. And there's a ton of commands available to you. More than you'll ever learn, more than I'll ever learn. So figuring out what to use, you got to have a way of doing it without having to scroll forever. And that would be where get command comes into things. And I mentioned that verb noun thing. So verb something we do. What are we doing that thing to? That's the noun. So what are we going to do? We're going to get something. What's that thing? We're going to get command or commands. All right. So we specify that right here. We say the verb is get. And we get all of them. Now if we wanted to switch that up and let's say, oh my gosh, uh, I don't even want to use a verb. I don't know anything about anything. I just want to work with processes. Don't know the commands. just start here with a little wild card here and there and you'll see oh my gosh that's that's a lot of processes things that have process in the name rather. >> Yeah. So I love the fact that you can use that if just to figure out how to continue to use PowerShell like discover literally interrogate like okay what else is actually available to me but the asterisks the stars that you're using there are how you're just kind of filling in the gaps look I'm looking for anything with the word process in it right >> yeah and this is a power shell so it's like an interactive shell it's not a C# thing where we save the code once and it runs forever we can mess around with things we can run things as we go so what I like to do generally start with a big net kind of figure out what I'm looking for and bring that net down and down and down and using wild cards for that first step. It is pretty helpful because it's all-encompassing. >> Nice. >> But uh another command Oh yeah, what you said about the get command thing and like helps you find commands. Well, if you are using different machines, different devices, things like that, you might have different commands available, different versions of PowerShell. You want to be able to see what's on your machine and get command does that because like what you're getting back from AI may not account for the situation that you're in with your specific box. So it's uh very helpful to have commands like this. So you can just keep typing commands in the terminal and figure it out for yourself once you get a little bit more proficient. Uh we have this thing called get help. I'll briefly cover it. I think it can be a little confusing to people in the beginning. So I'll show you the default view which is we're going to get help. And what are we going to get help for? that command called get process. Let's see. Okay, so it returns us this long help article, which is awesome. But what I see people do is they they read it. They're like, "Oh, get process." It's the process that they're running. They see this. We got too many weird characters, too many things we haven't seen before. You don't need to understand this part. Okay, you can scroll down. But what I actually do is I'm like lazy, you know? I'm trying to get things done quick. I just go to the examples. I see how other people use this. Okay, so there's you see we're at example um nine right here. So I could scroll up all the way, but use an automatic variable to identify the process hosting the current session. If I were to go through all these examples, I think there's a 90% chance that what you're trying to do as someone in a regular kind of situation with PowerShell, an example will be here for you. So you can almost copy and paste and tweak it a little bit from there. just I'm trying to get people to be productive with PowerShell without needing to memorize all the details of everything because it seriously can be a little overwhelming, especially if you're newer. >> I mean, even just being able to go find and see, hey, yeah, figure out what can I do? What more is there available to me? The examples keep it easy. So, >> absolutely. Some other things that are pretty sweet. All right, let's let's take that little one example of uh caveman speak, right? Get process. Okay, because this is a a bunch of commands one after the other. And this little thing right here, that's our our beautiful friend, the pipe. The pipe because we're dealing with a pipe line. Okay, so if you have one of these at the end of a command, it means we're going to take all the output from get process, which let's see what that looks like. Oh my gosh, a lot of processes and a lot of information about it. We're going to take all of that and send it to the next command which is called wear object. So wear object the CPU and is greater than 10. Okay. So it looks like we're filtering. We're getting something. We're filtering it. It looks like Okay. This is sort. We're going to sort it by CPU. It looks like descending. I don't know. Ascending, descending, it doesn't matter. We'll see at the end. Select object first 10. So maybe we're going to the first 10. And then these look like a couple properties. But again, what do I do? I do one step at a time. So, we ran the get process. We see a ton of output. A little bit too much output. It's not what we want. We want to refine our our quest just a little bit here. Oh my gosh. The these are all the Oh man, some pretty hefty things. These are all of the processes where the CPU is greater than 10. All right. Now, you see they're in various orders. There's a huge one here, a small one. gota we got to massage it, you know? It's like clay. We're like, "Woo!" As we go through, we're kind of giving it into a tool, into a form that we can really use. As you can see, oh my gosh, look at this. Wow. 6,000 1,000. Boom. All the way down. That's brilliant right there. And then to really wrap it up, we figured out what we're looking for. We filtered down for what it is, and we only want certain uh properties because a lot of these other ones that are showing up, I mean, I don't even know what they mean, right? Bada boom. That is that is what we got. And if you were to do this outside of PowerShell, well, there's a lot of things you would have to do textwise when we do that wear object thing. That would be a significant amount of code. And if you wanted to sort it from there, unless you're using a built-in command, it's going to be a lot. And to select from there, even more. So that's where this thing in PowerShell called objects is really powerful cuz you might have heard of this thing called bash and a bunch of other languages out there which are awesome but a lot of them are text based which you know again people have tons of success with these tools so no shame but in PowerShell we have this thing called objects which means it's not just text there's something there without having to specify what the different columns are I can tell PowerShell knows right because it is an object objects are kind of a confusing thing to just hear and like know you got to kind of play around with PowerShell a little bit. But the object-oriented nature means that so like this select object thing if everything's an object John if everything's an object does that mean that I can use select object with pretty much everything pretty much. >> I think so. >> Yeah. So you got commands like that where you know initially we see this select object thing. You're going to have to spend a little bit of time playing with it to really get it underneath your belt and understand what's going on. But once you do that you can use it and take it to every single other command. Get service get 80 computer get something from a rest API. You can filter and do all that stuff which is cool and like productive but also I got to say you know this is just hacking. You feel like a hacker. You get in the zone. You're typing commands. piping them together. It's intuitive. It It can be a little bit uh longer in terms of length like git process is a little bit longer than ps which is another way some people list processes. But there's a benefit to that and that is the fact that it is readable. >> You had some good folks laughing in chat with this like, man, it looks like Chrome has just eaten all the resources. [laughter] >> Listen, yes, that sounds about right. All right, I have uh Chrome's been my friend today. I'll say that when it comes to sharing cameras. >> All right, last one I want to show that's kind of important is is the select object star. Star means everything. So, what properties do we want? >> We're just going to grab all of them. Okay, so we're going to get the process. We're going to just look at the first one. Then we're going to grab all the properties. You can always pipe things together and see what's up. Whoa. A lot of properties, >> right? A lot of properties. A lot of things that you're going to read it. you're not going to really know what it means without having to look it up, right? That's okay. Um, it's important to know that these things exist because if we just run this right here, I'll just get process select object first one. If we just run it, would you look at that? How many properties is that? It's like six or seven. This is a lot more than six or seven. Um, that's because PowerShell, it displays things for you. It tries to be helpful because outputting this every time would just be an insane amount of text if you're querying all your properties um or your uh processes rather. So it does some formatting for you. But those properties still exist. So you have to know that select object is there if you really want to inspect things further. >> If anything I think it's super helpful to figure out and see okay these are the property names. If there's a part or a piece that oh I'm I really just want to know this thing but I don't know what it's called. Hey, having it being able to dump all that can still be pretty helpful. Like, oh, let me see the list of everything that it could know about the object. >> Yeah, because a lot of times what you'll do is you'll look at the value. Now, these are kind of like nothing, but you'll look at the value and you'll be like, "Oh, that's the name of something." And then you can correlate it uh to the actual property name. But again, you just got to try things. You just got to run code. Nothing bad's going to happen if you're querying things. Make it happen. All right. This is a kind of another example of what we already did. We did some sorting and selecting. Um, you get the idea. I'm just going to go through the um caveman thing real quick because let's just break it down. We're getting a service. We're filtering. We're going to where the status is running. We're going to sort it so it like looks nicer. And then we're just going to select the first 10 and a handful of properties that our boss or whatever the incident requires. Simple. Get process. Same thing here. Different uh different first command, right? Okay, this is for services. This is for processes. But the same kind of vibe. We're going to group things by the name. We'll sort them. Then we'll select them. And as you can see, we got the object noun going on. So there is a lot that we can do there. I'm just going to get this real quick. Get command noun object. So every single command that just has noun as a object is a noun. Boom. All these babies right here, they're going to go with you across all the commands that you got. So, just incredible amounts of power in terms of you don't have to learn a ton to be able to apply automation and scripting to so many different domains. It is just Oh, I could geek out about it all day to be honest with you. Let us >> Yeah, I know. We're only even just like scratching the surface. This is the tip of the iceberg, isn't it? >> It absolutely is. I love showing people that you can go from just running this command, right? You're just querying get process and you can just by learning a couple other things. You can create effectively a tool. Let's say you're in an environment where you need a certain if a certain service is running, it's going to be a bad situation. Well, you can create a tool that will automatically, you know, you run the script, it'll check for you kind of thing. Which means that as time goes on, we can kind of build a tool set that makes us more productive, more efficient, and as our skills get better, we can really turn these into uh some tools that we can maybe leverage if we work at a place across the org, across other teams. But you get value really early like just running this right here can be very helpful and other singular commands. I just you get value early on, you get value later on, and the journey keeps going. But it gets fancier. I kind of want to show a cool more like securityoriented example. Uh I don't think we should walk through all the details because something like this it can be confusing if you're a beginner and I think it introduces too many new concepts if you are just learning PowerShell. Um but just know if you're looking at things and the characters are looking weird, you've never seen them before, that's okay. You just need to spend some time, you know, in the language running things and they'll start to shape into something a little bit productive. Um, this right here again, I'm going to try and see if we can caveman through. Let's see. Get net TCP connection. All right, that's we're getting some kind of net TCP connection. If we already know what TCP is, maybe we're in a better state to really understand what's going on. We're doing that filter thing. We only want to get TCP connections with a state of listen. Let's just run a couple things real quick. We'll run this first. Get net TCP connection. Wow, it's a lot of TCP connections. And if we look at one of the properties, listen is one of them. So the state, there's bound, there's listen. I think listen is probably pretty helpful because uh I don't want too many things listening. You know, maybe there's something uh nefarious listening. So you can kind of query that. If we look here though, there's this thing called owning process. Okay, owning process. And it gives us this weird number thing. If you look into the docs, you'll see that this refers to the process ID. So there's a process that sort of is responsible for this. And getting visibility into that is a lot more helpful than just seeing these other things, right? I don't know all the ports and and what they're initially configured to. So we can do this thing where we're not just running the commands one after the other. We can sort of call an extra command. So we're running get net TCP connection here and then yeah we're getting them. We're filtering them. We're going to do something to every single one of them, right? For each object that we get which looks like I don't know maybe like 30 or 40 or something down there. For each one that we get we're going to capture the process ID which is this random number, right? It's not actually random. Then we're going to run get process for the process ID. And that will give us a little bit more information. And we will put it in the output as this right here, the p.process name. We'll skip over what these things do for now. Um, it looks more confusing than it is. Let's give this a little run. Oh my gosh, we got a lot of things going on here. Um, >> I'm starting to get a little bit worried. It looks like PowerShell listing. >> Yeah. What did I do wrong here? P.Process name. Uh, I think that h you know, do I want to troubleshoot this right now live? Um, it's not jumping out to me. What is wrong? But, uh, >> would love to see if anyone catches it in chat. Uh you are setting the P variable to be get process based off of the ID of the owning process. >> Yeah, I mean maybe P ID is wrong. Uh oh, there is no P ID. That's not a variable, right? Where does it say P ID? That's actually like a built-in variable um that we shouldn't use >> for for yourself. Yeah, actually >> that's built in for PowerShell. Whoops. Well, >> that was a really cool learning lesson. [laughter] >> Teachable moment here. >> That's right. You know, and even if you learn things, you will forget them and relearn them. But as we do this, I really have to remind people that if you see red text, if things don't work out, do not just quit and think that you've done something completely wrong. Take your time. Don't panic. Read the error message if there is one because they actually are somewhat helpful despite it being a huge, you know, sea of red that you're going to be swimming in. That's how you're going to make the progress. You know, don't get discouraged if things don't work out the first time. It's all good. But can we look at this output? Oh my goodness, that's a tool. We just created a tool right there. And you use some advanced stuff here. We don't necessarily have to do that for every tool we use, but just that simply. You know, this is going to take you, you can't just sit down and instantly write this, but it's not too far away. And you can have a tool that can tell you about what is going on with your different ports. And if there's some weird uh process that shouldn't be there, well, uh, you can get rid of that. >> That was awesome. I'm super glad we accidentally bumped into that little typo because, forgive me, I don't want to fall down the rabbit hole, but I thought that was, oh yeah, if you were to ever see PowerShell having listening open ports and potentially having network connections, that would be pretty sketchy. That that sounds like malware, but it's totally that dollar sign PID, the like built-in variable for your own PowerShell process ID. Uh because we just had the wrong variable, but that's that happens all the time. I've ran into that wall forever. [laughter] >> Yep. e you'll change it, you'll forget it, you'll typo one of them. Yeah, there's a lot of little things like that that will absolutely catch you early in your career of PowerShell and very late as well. And it just kind of doesn't stop. All right. Um I don't even think we need to cover this one, but you can see we can grab other things outside of of the norm. We can connect with SIM, which creates another bunch of awesome data. Oops. Oops. Whatever. Um but that's PowerShell. There's commands that are built into PowerShell, and that's cool. There's a command for a lot of things, but there's not a command for everything. Sometimes we do have to get outside of our uh, you know, PowerShell toolbox and touch into other things. So, for me, you know, I know there's this thing called testn net connection, but what do I do all the time? I do ping I do ping google.com or ping 8.8.8 as just, you know, I get network issues sometimes. I don't know if anybody else runs those, but there's nothing wrong. All right, you can run that from PowerShell, right? if it's on your path, you can call, you know, ping.exe, target google.com. Nothing wrong with that. I think another cool one is curl, right? So that if you're on Linux, you know, you're probably using it regularly. You've heard of it. And if you're on Windows, I you can have it now, too, which I'm on Windows on this machine. And uh you know, there's an example. You want to do something quick. You already know it. Well, nothing wrong with using it here. Okay, let's see. Oh my gosh, we did a curl which is like a web request to this JSON placeholder type of code.com/posts. Basically, we're querying some posts using curl and it responds right here. Now, we talked about PowerShell being object-oriented. Is curl is ping? No. Now, we can still work around that, but let's let's verify that. There's this command called get member which will tell you all the properties on an object and the type of object. Okay, the type of object is really what we're looking for here. Okay, the type name up here. I see string system string. Okay, string words characters not necessarily objects, right? So that is okay if we're just trying to interactively look at something. But if we want to take that data and do other things with it, we will have to figure out uh how to go about that. So just because I know how APIs work, especially REST ones like this, and I've seen this kind of format before, this is called JSON, which is like a standard thing. You might run into it in other places as well, but uh you know, John, do you know any commands? You know, I kind of just teased it there, but do you know any commands uh for dealing with JSON? >> No, you're totally right. PowerShell does have that quick and easy convenience if you were to look for it. Oh, even if we were to look for that acronym uh using our wild card and stars for JSo, the JavaScript object notation. PowerShell probably has some sweet commandletits to convert from it, right? >> Well, I mean, we're going to find out. I don't know. You know, people ask me questions. I just say, "Hey, run it and find out." So, let's try and run it. Oh my gosh. Would you look that? So we got convert from, convert to JSON and test JSON I guess to validate it. But the convert from and convert to I think we should convert from. So if we have this text looks like JSON. Let's just try this. I don't know if it's going to work. Convert from JSON. Just see if it works, I guess. Tada. Now that looks like PowerShell, right? You can see the kind of columns. It's not just raw text. And if we want to validate that because you know if you're new to this you got to kind of make sure that things are good before you run it in production. Let's just see what's up here. What kind what's the type name here? Oh system. It doesn't say string. Okay. So it's a PS custom object. Don't worry about the details. If it's not a string you can do things to it. And if we look down here we got a couple note properties. Body ID title user ID. So it's okay to tap into other tools. A lot of times there's going to be tools that will output things in JSON. Um there's been a handful that I've used, but they're not coming to mind. But look for those opportunities. If you need external tools to be added to your workflow, if you can output them into like CSV or JSON, you can easily convert them using convert from JSON. And then you have an object you can do anything with. You can put it to other commands. You can pass it along. You can change the properties. You can do the filtering stuff, the selecting, all that good stuff from non uh non PowerShell tools. So, kudos to that. But REST APIs, you know, we talked about a lot of things. We're here. We're getting some coding going, but we aren't dealing with the world out there. The beautiful thing is there's a lot of different ways that we can take these concepts that we've learned dealing with services, dealing with processes on our machine, and interact with these things called APIs. All right? In particular, REST APIs are really awesome, but they're these things that are in like the cloud. They can do all sorts of different things. A lot of them are going to be sort of workrelated, but there's a ton that are just kind of fun. I I think I look at a few examples here that are a little bit off the beaten path. I think in the course in the API course, I do some Pokemon stuff. So, there's just some kind of there's some fun opportunities, but also it's just really practical. Uh oops, I'm on rest. I don't need this part. Let us let us take a gander if we could. Um, and if you do the course, I also break down this and I try and do sort of what I've done with the PowerShell it being like caveman. I try and really break it down into the core parts that you're going to need to know about REST APIs. So whenever you're reading documentation, your eyes kind of know where to go and there's a bit of a formula that can uh push it all together. But let's take a gander at this, shall we? Okay, so what have we done here? we use this command called invoke rest method. Okay, that's the command that's our good friend. That's what we're going to be using for dealing with REST APIs. Um, okay. And then there's this URI here has like a it's basically a URL you've heard. But this thing at the end, it's called an endpoint. So, looks like we're going to be dealing with this is the API JSON placeholder. And what about it are we dealing with? We're going to deal with the posts. Okay. So, I ran that download. Let's see what I got. Posts. Whoa, a lot of great Latin. Oh my gosh, that is too many. I'm gonna just I'm gonna filter it down to the first five. Wow. Truly glorious. And it's readable. But that isn't on our machine. That's a data set that exists elsewhere. Obviously, this is not, you know, unless you're trying to learn Latin, not the most helpful. But that concept applies to so many different services and things all across, I mean, really just everything. um so valuable no matter what industry you're in. Even if you are just someone who likes working on their own stuff and having fun, holy smokes, rest APIs will blow your mind if you've not dabbled. Woo! I don't know, John. Have you used REST APIs? Are you a fan? >> Totally. I mean, being able to know the syntax just Oh, trying to see what is the actual syntactic sugar we need in PowerShell to get some of that external information because that's the whole wide world, right? That could be anything. It's out on the internet, any of the link, any URL. But just being able to pull it down in a PowerShell way to be able to do more processing, that's where the power kicks in. [laughter] >> Boom. It's a powerful day right here. Um, I'll take it a step further if I could. And you know, if you're starting PowerShell now, don't worry about you don't have to do this part tomorrow, but we can call from our machine right here to a REST API. and things like AWS, things like Azure, they have a way that with PowerShell, you can actually sort of create an API that's listening. So with just knowing PowerShell, you can run some code here and you can interact with the cloud from any device anywhere, do some other processing, maybe stuff that requires secrets or whatever, and then pass it back. So you not only can run things and interact with other people's services if you need to and you want to do some cool projects for work, you can uh take it a step further and have your own pivot point that can do anything and they can make other decisions using some data that you may not have on the local machine. So just genuinely this the sky's the limit for what you're going to be able to do. Let's let's do a little bit more filtering here. It's the same vibe when we're dealing with the REST API. So rest APIs are in JSON. Um but invoke rest method will automatically convert it into an object for us. So you remember with the curl example we had to let's see if I got that we had to convert from JSON at the end right that was okay it does work. You don't have to with invoke rest method. Uh and there are other reasons why you should use invoke rest method especially when it comes to like putting together the headers and using it actually in scripts. uh because you know if you just can use curl with forgets that's fine but there's other reasons as well why you should use invoked rest method but part of that requires you to learn this thing called splatting and if you don't like rest APIs don't worry about it if you're reading code examples places you're going to see what you're about to the the little method of putting together parameters and I don't want you to be confused so let's see what we got here it's called splatting by the way splatting like we're splatting the parameters I've never even heard of it consider considered and called splatting, but that's awesome. >> Oh, it's good. I think there might even be help about >> about splatting. No way. >> There you go. >> That's incredible. >> Yes. Describes how to use splatting to pass parameters to commands in PowerShell. >> I've learned something new. Splatting. I'm going to have to say that forever for the rest of my life. >> It does sound kind of fun, right? >> It's so good. >> Uh this is this is not splatting. This is just a what's called a hash table. It's a way to keep track of names and values sort of thing uh to pass to other things. So in this instance of a rest API, it's our payload. It's the body that we're sending. It's the information that we're going to say we're going to pass to the API and the API is going to do something with it. Okay. Um but this thing right here, it's called a hash table. And you see the at and then the curly brace. And you see this kind of a something equals something else, which is what splatting is. So it's just a hash table. Again, hasht is a fancy name if you never heard it before. It's this simple, but you can say it's a hash table and you can sound very smart to your co-workers. But we got this thing. We got a URI. That's the basically the endpoint we're going to talk to. The address. We got the method that tells us what kind of action we're going to take. We're going to post something. Post give it specify the content type, which is important at times. And then we're going to give it a body. So that's four parameters. If we were to, let's just see what that looks like if we were to manually type that out. How long that would look. Invoke rest method dash URI. Oh my gosh. Hopefully it fills out for me. Okay. Oh gosh. Uh, I think that is pretty much everything we'd have. That's a little cumbersome. There are other situations where you're going to add even more parameters to something. You got to be splatting it out because this is a little bit more readable. Um or a lot more readable in my opinion. But let's run it. >> I had no idea. That is so cool. >> It is really cool. I mean this example it's like oh it's more readable and that is totally valid and helpful especially when you're like putting together courses. But also imagine you are doing a script or something like that and you're dynamically putting together the parameters to ultimately call invoke rest method based on certain factors. Well, if you didn't have this method of splatting because later on in the script, let's say uh if get process Chrome, so this will be a true or false. If get process Chrome, this is definitely not a Yes, exactly. That's what I want to do. Sorry, just Okay, there we go. So, splatting headers. So, we can actually modify and add parameters to it as we go. So, if you're writing tools, incredibly helpful. If your things need to be a little bit more flexible, incredibly helpful. Um, and it also is just, you know, more readable early on. And you're going to see this in some code examples. So, get splatting. That is definitely something uh people should take with them. And just remember the name, you know, splatting kind of sweet. That is a great name. No, I've learned. [laughter] >> Yeah, I'm a big fan of it. But, uh, there's there's more that we can do. This is an API that I actually did not cover in the course because I was like, it's a little outside the beaten path. The other ones, uh, I think serve the need, but httbin.org is how you can send and kind of troubleshoot your requests. You're putting together a body, you're trying to figure out how it works, and you want a quick way to see exactly what you're sending. It's a great way right here. So, let's uh take a gander here. Run this bad boy right here. >> Okay, so we have this variable called output one that includes some stuff. Some good stuff. Look at that. >> Oh, yeah. >> Um this thing data I think is is interesting. Uh what did we even send it? Okay. Yeah, it looks like for this we didn't actually send a body. we just sent what's called a query string. So, you've probably seen these in URLs a bunch even on YouTube. It's like youtube.com/watch question mark equals or something like that and then it's the uh question mark video equals whatever the ID is. That's a query string. And a lot of things you see happen on the web are web requests, right? So, you'll see those same things in a REST API. And I just personally love it when you see patterns repeated because it makes uh new topics a little bit more approachable. Let us put together this next example which is a little bit more helpful because we want this body thing right here. We want to pass things to our APIs. We don't just want to query. Querying is awesome and can really get you so far, but eventually there's going to be some that you want to excuse [clears throat] me send things to. Let's check this bad boy out. Bada boom. output two. Okay, now it looks like we passed it some things. We had some headers. Okay, let's uh this was called output two and we want to look at the headers. So I just dot headers to access that specific property or I could do which I'll probably do for this sake. Select object headers. Okay, I'm going to do this thing called expand property because you see how it has a little headers thing at the top. I don't want it like that. I want the raw value. And let's take a gander there. Uh there's an s and header. Headers. Now I can read this. This is a little bit better. Well, except there's headers inside the headers. Well, that's that's uh that's how it goes. But the one that we set right here, Wowee Mama, it is there. X demo equals wowi mama. So if you are putting together your calls and you're wondering why it's not working, you can absolutely sanity check it using HTTP bin and really get some hands-on experience to seeing how what you're running looks on the other end because these are just web requests ultimately. There is uh it's just PowerShell putting together a web request for us. John, I've said a lot. We got any questions? Should I uh repeat anything? >> No man, this is super cool. Hey, it's just getting a little bit familiar with the PowerShell syntax, but seeing all the power, right, and oh, how you can do so much with it. There were a couple sweet comments in chat. Some folks were saying, "Look, you know, it could just as easily not even convert from or convert to just JSON, but it's even got support for XML, right? Like the extensible markup language. You could do a whole lot more processing back and forth with sweet, easy PowerShell." >> Yeah. You know, XML is uh I don't I try to avoid it whenever I can. But yeah, sometimes you have to and you absolutely have tools for that. CSVs is another one. If we're querying a bunch of data, whether it's REST APIs or anything else, a lot of times we want to distribute that and not just send somebody a script to run. We want to give them a resource of some sort. So maybe your bosses, you want to say, "Hey, I ran this test on all these computers and here are the results." Well, you can take all those and export them to, for example, a CSV. And I said export. Let's see. Get command. So, how do you how would I find other commands that exported? I mean, John, I think you know this. You know, what's your guess? >> Well, you know, maybe just add the sweet little uh asterisks around it. Wild card be able to track down. Oh, what could export? >> There you go. That'll So, that would work. Um, because I'm specifying the verb. >> Oh, it can just do it, right? >> But, you know, there's different strokes. There's so many different ways you can do things in PowerShell, which is really why it's fun to learn. You can kind of get in your creative zone and do your thing. So, pretty much same results from both of those except for we got this browser export.exe. But look at that. Exporting certificates, OS images, format data, CSVs, client XML, avoid that one if you can, but sometimes you can't. All kinds of stuff. And uh it's the same kind of vibe like we're importing stuff, whatever. And then we can export it because it's objects using the same commands for a whole bunch of different things. Really scales with you. Well, goodness gracious, Andrew, this is awesome. Thank you so much for the sweet show, a little bit of tour of some of the cool stuff that PowerShell can do. And thank you, thank you, thank you again and again for building out, hey, these upscale challenges, these free resources, sweet education, a little bit more hands-on exercises to be able to see this all in action. So, genuinely, I can't I can never say it enough, but thank you for all your support and everything that you've been up to, man. >> My pleasure, man. And more to come. I'm very excited to see a lot of people learning PowerShell this year and having a lot of wins along the way. So, thank you for the opportunity. >> Heck yeah. Well, anything else? Hey, we could kind of help you showcase I mean PowerShell podcast the incredible stuff that you're up to. Uh I think you got a dash. I know. Oh, top of the hour. You had a hard stop. So, I want to let you scoot out of here, but your your parting shots, your your last words, my friend. Anything? >> I mean, it really comes back to I love seeing people improve their careers. And if you're into hacking, if you're into dabbling with things, well, you got to get hands-on. And if you don't have a language that allows you to poke things, that empowers you to like really learn what's going on, if you're only clicking through the gooies, I mean, goodness gracious, this is a fantastic opportunity for you to learn PowerShell. And as you're going through it, you might get overwhelmed here and there. Like a lot of the stuff I showed, if it's your first time seeing a curly brace and a dollar sign underscore, it's going to absolutely be a little bit confusing. And that's totally fine. You don't need to do this day one to be a PowerSheller. So take advantage of the opportunities you have and you can apply this to a whole bunch of different domains. >> Heck yeah. Well, I guess we can wind this thing down, my friend. We're getting to the top of the hour, but thank you. Thank you. Thank you everybody. Thank you so much for tuning in for another Just Hacking Training live stream. And you know what? Hey, we'll see you at RSA. We'll see you at Bside San Francisco. We'll see you for the women in cyber security little get together coming up soon, the contest, everything for the next live stream. But so much fun stuff. I hope you get a chance to dive in. Hope you forget the noise and get to uh get to just hacking. Thank you, Andrew. Until next time. Cool. I will play the live stream little sizzle reel, the quick little hype video that we've had some fun with everything that we've been up to. But seriously, big thanks again everybody. I know Andrew's got a dash. I've got a dash cuz look, it's the weekend now, right? It's finally Friday. I saw a couple uh comments in chat. Hey, everybody's stoked to order their pizza. [laughter] It is totally pizza Friday. So, I hope you get a chance to take it easy and unwind, but I'll see you for the next one, everybody. Thanks so much. Learn cyber security and focus technical training with just hacking.com, where all-star instructors and industry experts provide hands-on, affordable, and practical learning. Across courses, free upskill challenges, hackalong training videos, and capture the flag competitions. There's always something to hack. With new content twice a month, all throughout the year, plus bimonthly live streams, you can sharpen your skills in our ondemand and interactive lab environments. Advance your career and level up regardless of your experience or budget. Forget all the noise and get to Just Hacking. Sign up now at justacking.com.

Original Description

Just Hacking Training livestream with Andrew Pla! Friday February 20th at 10am PT / 1pm ET. https://justhacking.com/
Watch on YouTube ↗ (saves to browser)
Sign in to unlock AI tutor explanation · ⚡30

Playlist

Uploads from John Hammond · John Hammond · 0 of 60

← Previous Next →
1 Code Commentaries? PHP to JavaScript in Bash and PHP!
Code Commentaries? PHP to JavaScript in Bash and PHP!
John Hammond
2 Tutorials? MySQL connection with PHP and Bash!
Tutorials? MySQL connection with PHP and Bash!
John Hammond
3 Variable Naming in Python! Happy Birthday, Linux! Nokia N900!
Variable Naming in Python! Happy Birthday, Linux! Nokia N900!
John Hammond
4 JavaScript Splits The URL!
JavaScript Splits The URL!
John Hammond
5 HTML Tables in Python!
HTML Tables in Python!
John Hammond
6 HTML, Net Shares, GML!
HTML, Net Shares, GML!
John Hammond
7 Python 08 Programming Style and Comments
Python 08 Programming Style and Comments
John Hammond
8 Python 26 Object Oriented Programming
Python 26 Object Oriented Programming
John Hammond
9 75 Python Tutorials, Out Now!
75 Python Tutorials, Out Now!
John Hammond
10 Batch 14 Mathematical Expressions
Batch 14 Mathematical Expressions
John Hammond
11 Batch 85 Array Append
Batch 85 Array Append
John Hammond
12 Batch 86 Array Count
Batch 86 Array Count
John Hammond
13 Batch 87 Array Index
Batch 87 Array Index
John Hammond
14 Batch 88 Array Insert
Batch 88 Array Insert
John Hammond
15 Batch 89 Array Remove
Batch 89 Array Remove
John Hammond
16 Batch 90 Array Reverse
Batch 90 Array Reverse
John Hammond
17 Python [colorama] 00 Installing on Linux
Python [colorama] 00 Installing on Linux
John Hammond
18 Python [colorama] 09 Cursor Position
Python [colorama] 09 Cursor Position
John Hammond
19 Python [hashlib] 02 Algorithms
Python [hashlib] 02 Algorithms
John Hammond
20 Python 00 Installing IDLE on Linux
Python 00 Installing IDLE on Linux
John Hammond
21 Python [pygame] 11 Rectangular Collision Detection
Python [pygame] 11 Rectangular Collision Detection
John Hammond
22 Python [pygame] 12 Platforming Rectangular Collision Resolution
Python [pygame] 12 Platforming Rectangular Collision Resolution
John Hammond
23 Python [XML-RPC] 01 Research
Python [XML-RPC] 01 Research
John Hammond
24 Python [pyenchant] 03 Personal Word Lists
Python [pyenchant] 03 Personal Word Lists
John Hammond
25 FancyURLopener Authentication and User-Agent [urllib] 03
FancyURLopener Authentication and User-Agent [urllib] 03
John Hammond
26 Python 04: PEP8 Coding
Python 04: PEP8 Coding
John Hammond
27 Python Challenge! 17 COOKIES
Python Challenge! 17 COOKIES
John Hammond
28 Google CTF 2016: Ernst Echidna
Google CTF 2016: Ernst Echidna
John Hammond
29 Google CTF 2016: Spotted Quoll
Google CTF 2016: Spotted Quoll
John Hammond
30 Google CTF 2016: Can you Repo It?
Google CTF 2016: Can you Repo It?
John Hammond
31 Google CTF 2016: No Big Deal
Google CTF 2016: No Big Deal
John Hammond
32 Google CTF 2016: In Recorded Conversation
Google CTF 2016: In Recorded Conversation
John Hammond
33 Homemade CTF Challenge: 01 "Orchestra"
Homemade CTF Challenge: 01 "Orchestra"
John Hammond
34 Homemade CTF Challenge: 02 "Bae's Base"
Homemade CTF Challenge: 02 "Bae's Base"
John Hammond
35 Homemade CTF Challenge: 03 "Web Hunt"
Homemade CTF Challenge: 03 "Web Hunt"
John Hammond
36 Homemade CTF Challenge: 04 "UPX"
Homemade CTF Challenge: 04 "UPX"
John Hammond
37 Homemade CTF Challenge: 05 "The Assumption Song"
Homemade CTF Challenge: 05 "The Assumption Song"
John Hammond
38 Homemade CTF Challenge: 06 "A Brisk Stroll"
Homemade CTF Challenge: 06 "A Brisk Stroll"
John Hammond
39 Homemade CTF Challenge: 06 "I lost my password!"
Homemade CTF Challenge: 06 "I lost my password!"
John Hammond
40 web25 :: Mr. Robot : EKOPARTY CTF 2016
web25 :: Mr. Robot : EKOPARTY CTF 2016
John Hammond
41 web50 : RFC 7230 :: EKOPARTY CTF 2016
web50 : RFC 7230 :: EKOPARTY CTF 2016
John Hammond
42 misc50 : Hidden inside EKO :: EKOPARTY CTF 2016
misc50 : Hidden inside EKO :: EKOPARTY CTF 2016
John Hammond
43 Hack The Vote 2016 CTF: Sander's Fan Club [web100]
Hack The Vote 2016 CTF: Sander's Fan Club [web100]
John Hammond
44 Hack The Vote 2016 CTF Warpspeed [forensics150]
Hack The Vote 2016 CTF Warpspeed [forensics150]
John Hammond
45 Juniors CTF 2016 :: Black Suprematic Square
Juniors CTF 2016 :: Black Suprematic Square
John Hammond
46 Juniors CTF 2016 :: Six Strange Tales
Juniors CTF 2016 :: Six Strange Tales
John Hammond
47 Juniors CTF 2016 :: Lost Code
Juniors CTF 2016 :: Lost Code
John Hammond
48 Juniors CTF 2016 :: Here Goes!
Juniors CTF 2016 :: Here Goes!
John Hammond
49 Juniors CTF 2016 :: Southern Cross
Juniors CTF 2016 :: Southern Cross
John Hammond
50 Juniors CTF 2016 :: Clone Attack
Juniors CTF 2016 :: Clone Attack
John Hammond
51 Juniors CTF 2016 :: Dirty Repo
Juniors CTF 2016 :: Dirty Repo
John Hammond
52 Juniors CTF 2016 :: Hackers Blog
Juniors CTF 2016 :: Hackers Blog
John Hammond
53 Juniors CTF 2016 :: Voting!!!
Juniors CTF 2016 :: Voting!!!
John Hammond
54 Juniors CTF 2016 :: The Good, The Bad and The Junkman
Juniors CTF 2016 :: The Good, The Bad and The Junkman
John Hammond
55 Juniors CTF 2016 :: Stop Thief!
Juniors CTF 2016 :: Stop Thief!
John Hammond
56 Juniors CTF 2016 :: ROFL
Juniors CTF 2016 :: ROFL
John Hammond
57 Juniors CTF 2016 :: Restriced Area
Juniors CTF 2016 :: Restriced Area
John Hammond
58 Juniors CTF 2016 :: Oh SSH!
Juniors CTF 2016 :: Oh SSH!
John Hammond
59 HackCon CTF 2017 TRIVIA and BONUS Challenges
HackCon CTF 2017 TRIVIA and BONUS Challenges
John Hammond
60 HackCon CTF 2017 "Bacche" Challenges
HackCon CTF 2017 "Bacche" Challenges
John Hammond

Related Reads

📰
Australia finds serious gaps in Big Tech’s response to child sexual abuse online
Australia's online safety regulator finds Big Tech's response to child sexual abuse online inadequate, citing existing tools not being utilized
The Next Web AI
📰
The Future of Endpoint Security: Why Visibility, Intelligence, and Automation Will Define the Next…
Learn how visibility, intelligence, and automation will shape the future of endpoint security and why it matters for businesses
Medium · Cybersecurity
📰
Why Every Cybersecurity Product Needs Enterprise-Grade Connectors in 2026
Learn why enterprise-grade connectors are crucial for cybersecurity products in 2026 and how they can improve integration and efficiency
Dev.to · Shivang Patel
📰
Malware Deep Dive: Gandcrab
Learn about Gandcrab ransomware and its analysis to improve cybersecurity knowledge
Dev.to · jordanricky1604-ship-it
Up next
8-Step Cybersecurity Engineer Roadmap 2026 | GenAI Era | #shorts
SCALER
Watch →