Take Advantage of Anti-Forensic Techniques

Skillable
Learn On Demand Pro Series
New

Learn about a variety of anti-forensic techniques that attackers might potentially use against your network: Use meterpreter to create files, modify file timestamps, and clear Windows event logs; Use meterpreter to impersonate an administrator, plant false evidence in Windows event logs, and remotely reboot a Windows system; and hide files by using...

Time
30 minutes
Difficulty
Beginner
Share
NEED TO TRAIN YOUR TEAM? LEARN MORE
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Overview

Note: Once you begin a challenge you will not be able to pause, save, or return to your progress. Please ensure you have set aside enough time to complete the challenge before you start.

Understand the Scenario

You are a network and security administrator. As part of your penetration testing program, you need to learn about a variety of anti-forensic techniques that attackers might potentially use against your network. First, you will use meterpreter to create files, modify file timestamps, and clear Windows® event logs. Next, you will use meterpreter to impersonate an administrator, plant false evidence in Windows event logs, and remotely reboot a Windows system. Finally, you will hide files by using New Technology File System (NTFS) alternate data streams (ADS).

Understand Your Environment

You will be using a Kali Linux™ virtual machine named Kali Linux 2021. Your attack target will be a Windows Server® 2012 virtual machine named WinServer 2012 R2. You will also be using a Windows 10 virtual machine named WIN 10-CL-1.