Windows

4,893 views
Reading Time: < 1 minute

Old Trusty

Windows. The punchline of so many computer elitists. Regardless how you feel about the Operating System you will need to know it well to stand out against others in the Information Technology or Information Security field. For example, during incident response regardless if a hacker uses Windows daily or not they will most likely need to know it during investigations to maneuver through the system looking for evil.

Here is table of skills a Windows security ninja should know when starting out:

Windows
  • Registry (5 Hives)
  • Volume Shadow Copies
  • UAC
  • Memory Paging
  • .msi vs .exe
  • DLLs
  • RIDs
  • SIDs
  • Tokens
  • Network Profiles
  • Server vs. Workstation

    Commands:
  • Netstat
  • whoami
  • ping
  • ipconfig
  • Powershell Remoting

    Tools:
  • Sysinternals
  • Process Hacker
  • Some resources to get started:

    WindowsITPro.tv Windows Server Windows 101 - GREAT intro course into Windows Servers and Administration. Comes with the associated E-Book!
    ITPro.tv PoSh Basics - ITPro's take on PowerShell. Great course.
    PoSh-Hunter) - A jeopardy style Capture The Flag game to learn PowerShell for InfoSec nerds.
    Microsoft Video Series on PowerShell - Another great video series on PowerShell.
    Microsoft Virtual Academy Active Directory Course - A video series on Active Directory from Microsoft.
    Cyber Mentors Active Directory Hacking Lab - Admittedly outside the "general studies" path here but a good one on setting the AD lab up and quick intro, then hacking it.

    Remember the targeted fundamentals here... you do not need to be an MCSA (Msoft Certified Systems Admin.) to get started.

    Make sure you check out the whole article for great tips on how to approach slaying this beast!