DSCompromised - A Windows DSC Attack Framework
Offered By: Black Hat via YouTube
Course Description
Overview
Explore a PowerShell-based toolkit that exploits Windows Desired State Configuration (DSC) for malicious purposes in this Black Hat conference talk. Learn the fundamentals of DSC, Microsoft's advanced enterprise management technology, and discover how attackers can manipulate it. Follow a step-by-step guide on using the DSCompromised framework to establish a command-and-control server, create payloads, infect targets, and even reinfect remediated systems. Gain insights from both offensive and defensive perspectives, including techniques for detecting and investigating DSC abuse on compromised systems. Benefit from source code examples and live demonstrations of various attack scenarios in this 59-minute presentation by Ryan Kazanciyan and Matt Hastings.
Syllabus
DSCOMPROMISED: A Windows DSC Attack Framework
Taught by
Black Hat
Related Courses
AWS IoT Security Series (French)Amazon Web Services via AWS Skill Builder Python for Command-and-control, Exfiltration and Impact
Infosec via Coursera Cybersecurity Kill Chain™
Cybrary IoT Command and Control (Portuguese)
Amazon Web Services via AWS Skill Builder IoT Command and Control (Simplified Chinese)
Amazon Web Services via AWS Skill Builder