UnderTheWire PowerShell Wargames

Time to highlight some incredible PowerShell war games at UnderTheWire.tech. These games are a great way to help aspiring hacker level up their Windows skills. As you may remember, I've written about how war games like this are great for learning Security and I'm a huge fan of PowerShell. After completing the four games currently available, I recommend them as both a fun and educational way to learn PowerShell. This can best be described as a Blue Team war game, focusing on skills that are useful for any Windows enterprise security professional. Each individual game is 15 levels, remotely hosted, which involves using PowerShell or WMI to manipulate files, network information, and tons of Windows specific challenges (such as parsing Event Logs or querying Active Directory). It's hard to say that any one game focuses on only specific skills other than using PowerShell, as they all bounce around topics often. That said, the games absolutely increase in difficulty as I have them listed bellow, although they don't have to be played in any specific order. The team also has an awesome Slack channel where they are very responsive and helpful with answering questions, although I also hope that these videos can help alleviate some of that burden. Ultimately the war games are short and should take players a few hours each. Below I give a link to each game, a short description the games, some of the skills they highlight, and a video with a walk-through of each game (with detailed answers in the individual YouTube video descriptions). Finally, a huge thanks to the creators for this awesome set of games, as not only did they take time to design and support them, but they are also hosting them and providing them for free! Now, lets jump in!

Century
In my opinion Century is the most basic war game on the site. It focuses on getting users familiar with basic operators they will need for dynamic PowerShell solutions. This game calls on skills such as standard PowerShell commands, the Windows environment, and iterating or parsing generic objects.



Cyborg
This was a more challenging war game and includes exploring all kinds of important and unique Windows features. Cyborg also contains an Easter Egg PowerShell module, which made it pretty fun. This game focuses on introducing users to Active Directory users, groups, web requests, and important local machine settings.



Oracle
Oracle was a blast because it started to introduce functions that are critical for Incident Response or Forensics on a Windows system using PowerShell. The skills to quickly hash files, generate time stamps, and parse files is crucial for any security person. This game focuses on exploring Group Policy, Domain relationships, parsing event logs, and investigating recent connections.



Trebek
This was probably that hardest game in my opinion. It focused on parsing the Security Event Log for for specific events, which in Windows often involves looking up specific Windows Event Log Ids to search for. This game emphasized parsing registry keys, event logs, and exploring generally useful forensic locations.