This is a brief outline of the configuration steps used to build the hands on lab. After building this in your own VM environment, you should be able to do these same labs after the conference.
Once you get the machines built, just copy over the PS1 files from this repo to a local folder C:\Labs on the Windows boxes.
- Windows Server 2016
- Domain controller role
- Group policies linked to the root of the domain with the link disabled
- Enable PowerShell logging and transcription
- Disable Defender
- PowerShell remoting enabled by default
- Windows 10
- Joined to domain
- RSAT pre-installed (or download here)
- An SSH client
- Empty local folder
C:\badness
- Kali Linux or any Debian distro
- PowerShell Core 6.2 installed
- PowerShell Empire installed and left at defaults
- sshd configured for remote access with password authentication
- PowerShell policy JSON template file from about_Logging_Non-Windows
If you have any question ping Ashley McGlone on Twitter @GoateePFE.