YoVDO

Building an Empire with PowerShell

Offered By: BSidesLV via YouTube

Tags

Security BSides Courses Cybersecurity Courses PowerShell Courses Offensive Security Courses Malware Development Courses

Course Description

Overview

Explore the world of PowerShell exploitation in this BSidesLV 2015 conference talk. Delve into red teaming, malware motivations, and the offensive potential of PowerShell. Learn about existing technologies, weaponization challenges, and staging problems. Discover the Empire framework's features, including server capabilities, execution methods, listeners, and agent contexts. Examine module development, management techniques, and the powerful Invoke-Mimikatz tool. Witness a live demonstration and discuss detection methods, including memory analysis and Windows 10 considerations. Gain valuable insights into building a robust PowerShell empire for both offensive and defensive purposes.

Syllabus

Intro
First Things First
Red Teaming
Malware Motivations
In Defense of Offense
Why PowerShell
Bad Guys
Existing Tech
The Weaponization. Problem
The Staging Problem
Extensibility
Server Features
Methods of Execution
Listeners
Additional Listener. Stuff
Empire Staging
In the Agent: Contexts
Modules
Module Development
management/ psinject
Invoke-Mimikatz
Demo
Detection
Memory Analysis
Windows 10 :


Taught by

BSidesLV

Related Courses

Early Detection through Deception
YouTube Hack for Show, Report for Dough - Brian King
YouTube Blue Teamin on a Budget of Zero - Kyle Bubp
YouTube Windows Event Logs - Zero to Hero
YouTube Weaponizing Splunk - Using Blue Team Tools for Evil
YouTube