Some PowerShell Goodies

12
PowerShell 10 reasons why it’s scary

Transcript of Some PowerShell Goodies

Page 1: Some PowerShell Goodies

PowerShell

10 reasons why it’s scary

Page 2: Some PowerShell Goodies

#10PowerShell is installed by default on all new Windows computers.

Page 3: Some PowerShell Goodies

#9It can execute payloads directly from memory, making it stealthy.

Page 4: Some PowerShell Goodies

#8It generates few traces by default, making it difficult to find under forensic analysis.

Page 5: Some PowerShell Goodies

#7PowerShell has remote access capabilities by default with encrypted traffic.

Page 6: Some PowerShell Goodies

#6As a script, it is easy to obfuscate and difficult to detect with traditional security tools.

Page 7: Some PowerShell Goodies

#5PowerShell can bypass application-whitelisting tools depending on the configuration.

Page 8: Some PowerShell Goodies

#4Many gateway sandboxes do not handle script-based malware well.

Page 9: Some PowerShell Goodies

#3It has a growing community with ready available scripts.

Page 10: Some PowerShell Goodies

#2Many system admins use and trust the framework, allowing PowerShell malware to blend in with regular administration work.

Page 11: Some PowerShell Goodies

#1Defenders often overlook it when hardening their systems.

Page 12: Some PowerShell Goodies

Fileless Malware: An Evolving Threat on the Horizon

In order to better protect your environment, it is critical to understand how attackers are manipulating these tools, and using them to gain access and create a launching pad for their malicious operation…

more

https://www.cybereason.com/fileless-malware-an-evolving-threat-on-the-horizon-2/

Html goodies

Html goodies

PowerShell Studio 2020 is the premier Windows PowerShell ...

PowerShell Studio 2020 is the premier Windows PowerShell ...

Royance wine goodies

Royance wine goodies

Foodies Goodies

Foodies Goodies

PowerShell Functions

PowerShell Functions

Prelude Some Microsoft Goodies Bernard Liengme bliengme@stfx.ca.

Prelude Some Microsoft Goodies Bernard Liengme [email protected].

Automation Azure with PowerShell - files.informatandm.comfiles.informatandm.com/...with_PowerShell_Beyond_the_Azure_PowerShell... · #ITDEVCONNECTIONS | ITDEVCONNECTIONS.COM PowerShell

Automation Azure with PowerShell - files.informatandm.comfiles.informatandm.com/...with_PowerShell_Beyond_the_Azure_PowerShell... · #ITDEVCONNECTIONS | ITDEVCONNECTIONS.COM PowerShell

PowerShell Shenanigans

PowerShell Shenanigans

Introduction to PowerShell€¦ · Title: Introduction to PowerShell Author: Peter McEldowney Subject: PowerShell, Active Directory Keywords: powershell, power shell, active directory,

Introduction to PowerShell€¦ · Title: Introduction to PowerShell Author: Peter McEldowney Subject: PowerShell, Active Directory Keywords: powershell, power shell, active directory,

Section 6: Using Windows PowerShell to Manage Group Policy Introducing Windows PowerShell Windows PowerShell Library for Group Policy Windows PowerShell-Based.

Section 6: Using Windows PowerShell to Manage Group Policy Introducing Windows PowerShell Windows PowerShell Library for Group Policy Windows PowerShell-Based.

Automate successfully with PowerShell 7...PowerShell 7 - Introduction Windows Linux macOS.NET Framework.NET Core Windows PowerShell 2006 - today PowerShell 7 2016 - today It’s open

Automate successfully with PowerShell 7...PowerShell 7 - Introduction Windows Linux macOS.NET Framework.NET Core Windows PowerShell 2006 - today PowerShell 7 2016 - today It’s open

Introduction to PowerShell - Be a PowerShell Hero - SPFest workshop

Introduction to PowerShell - Be a PowerShell Hero - SPFest workshop

Basket of Goodies

Basket of Goodies

PowerShell Studio 2020 is the premier Windows PowerShell ... · PowerShell Studio 2020 is the premier Windows PowerShell integrated scripting and tool-making environment. v Fully-featured

PowerShell Studio 2020 is the premier Windows PowerShell ... · PowerShell Studio 2020 is the premier Windows PowerShell integrated scripting and tool-making environment. v Fully-featured

POWERSHELL SHENANIGANS LATERAL MOVEMENT WITH POWERSHELL KIERAN JACOBSEN READIFY.

POWERSHELL SHENANIGANS LATERAL MOVEMENT WITH POWERSHELL KIERAN JACOBSEN READIFY.

2007 Goodies

2007 Goodies

PowerShell Crash Course - Realtime Publishers · PowerShell Crash Course Don Jones 2 Week 4, Day 1: Error Handling Errors are inevitable. Some of them, however, you can anticipate—things

PowerShell Crash Course - Realtime Publishers · PowerShell Crash Course Don Jones 2 Week 4, Day 1: Error Handling Errors are inevitable. Some of them, however, you can anticipate—things

Sparked People | Sparked Customers Powershell. Agenda 2 Wat is Powershell Wat betekent Powershell voor Sharepoint Powershell Basics Collecties en objecten,

Sparked People | Sparked Customers Powershell. Agenda 2 Wat is Powershell Wat betekent Powershell voor Sharepoint Powershell Basics Collecties en objecten,

Dell Command | PowerShell Provider Version 1.0 …topics-cdn.dell.com/pdf/dell-command-powershell-provider-v1.0_User... · 1 Introduction Dell Command | PowerShell Provider is a PowerShell

Dell Command | PowerShell Provider Version 1.0 …topics-cdn.dell.com/pdf/dell-command-powershell-provider-v1.0_User... · 1 Introduction Dell Command | PowerShell Provider is a PowerShell

Who Should Use Powershell? You Should Use Powershell!

Who Should Use Powershell? You Should Use Powershell!