Challenge: Buttercup Get-Help
Course Content
In this challenge, you will operate in an investigative capacity to reveal what is hidden in a mysterious artifact.
> 1. [How to crack Zip passwords](https://dfir.science/2014/07/how-to-cracking-zip-and-rar-protected.html) > 2. [How to decompile CHM help files](https://geekeefy.wordpress.com/2016/07/07/powershell-decompiling-compiled-html-help-chm-files-and-data-wrangling/) > 3. [Microsoft PowerShell deserialization document](https://learn.microsoft.com/en-us/dotnet/api/system.management.automation.psserializer.deserialize?view=powershellsdk-7.0.0) > 4. [Microsoft PowerShell encryption document](https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.security/convertfrom-securestring?view=powershell-7.2) > 5. Protip: . .\myScript leaves variables open in poweshell ISE
Who is this for?
> Intermediate to advance career practitioners. Individuals new to cybersecurity may struggle to complete this as it involves some advanced security concepts. We encourage the use of any internet resources, community/colleague assistance in completion of the challenge.What resources are available to help solve this challenge?
> Online search, Discord community, colleagues or fellow practitioners.Are write ups permitted?
> Yes, write ups are permitted; however, please do not post answers directly. All write ups should include an appropriate link back to Cybrary and the Cybrary Course.Instructed by
Matt has led multiple Red Team engagements, ranging from a few weeks to a year and covering multiple security domains. Outside of Red Teaming, Matt is also a seasoned penetration tester with interests in: AppSec, OSINT, Hardware, Wifi, Social Engineering, and Physical Security. Matt has a Master's degree in Information Assurance and an exhaustive number of certifications ranging from frameworks, management, and hands-on hacking. Matt is a Technical SME at Cybrary, focusing on Adversarial Emulation and Red Teaming for course content.
