Privilege Escalation with SweetPotato
|
Escalating local privileges is an essential step on a red team engagement, it allows you to fully own a target machine. In this course, you’ll learn privilege escalation using SweetPotato.
After getting access to an account in a local machine, your job is to escalate your privileges to system-level so you can fully own the machine and gain access to sensitive data and in-memory passwords. In this course, Privilege Escalation with SweetPotato, you’ll cover how to utilize the SweetPotato tool to execute local privilege escalation attacks in a red team engagement. First, you’ll explore how to leverage SweetPotato to escalate privileges using the Print Spooler service as a way to get system-level privileges. Next, you’ll use the same tool to execute other known privilege escalation exploits. Finally, you’ll use the system-level privileges obtained to dump all the in-memory passwords of the machine. When you’re finished with this course, you’ll have the skills and knowledge to execute Exploitation for Privilege Escalation (T1068) using SweetPotato. More importantly, knowing how these techniques can be used against you will ultimately lend to your ability as an organization, or an individual, to detect and defend against specific attack vectors.
Author Name: Ricardo Reimao
Author Description:
Ricardo is a Cybersecurity Consultant based in Toronto (Canada). He has 14+ years of IT experience, 10 of them in the IT Security field. His main interests are: SIEM solutions (IBM QRadar), Enterprise Security Risk, Penetration Testing, Security processes/procedures and Network Security.
User Reviews
Be the first to review “Privilege Escalation with SweetPotato”
Related Products
GDPR and Privacy Compliance in Salesforce Marketing Cloud
Managing your contacts effectively has grown in importance with the GDPR setting a new standard for data protection. This course will teach you how to manage consent, limit data retention and honor delete requests in Marketing Cloud.
Advanced Web Application Penetration Testing with Burp Suite
Burp suite can help improve your penetration testing. This is an advanced course designed to expand your knowledge of the Burp Suite product to utilize many of the lesser known features offered in the tool.
OWASP Top 10: What’s New
The OWASP Top 10 is a respected guide to critical risks in web applications. The newest release brings fresh categories and consolidates old ones. This course explores the changes and gives guidance on how this affects various security roles.
Sniffing and Spoofing with Kali Linux
Having access to an internal network can provide a wealth of information, if you know how to look for it. This course will teach you Sniffing and Spoofing techniques using Ettercap and TCPDump.
Metasploit: Getting Started
Penetration testing is an exciting way to blend an attacker mindset with the tools needed to identify security problems. This course will teach you the basics of the Metasploit Framework to test and exploit vulnerable systems.
Post Exploitation with Meterpreter
In a penetration test, escalating your privileges and exfiltrating data are some of the most important tasks of the assessment. This course will teach you how to use the Meterpreter tool for post-exploitation tasks.
There are no reviews yet.