With great power(shell) comes great responsibility :)

Since 2015 there is a clear rise in Powershell as the preferred ‘platform of choice’ for post-exploitation techniques (in some reports, Powershell linked to almost 40% of the attacks). And why won’t it be used? It is the most productive tool for launching code without touching the disk even, loading backdoors, using cmd.exe/COM/.NET/WMI and more. minimum syntax, maximum impact. hidden from user sight.

In this one-day intense training you will learn how Windows PowerShell can be used both to hack common windows componenets as well as how to secure and protect your environment against Powershell using… Powershell :) You will take PowerShell to the next level, with tips, best practices & using some advanced & hardly documented techniques.

Main topics:

  • Understand Powershell architecture and main advantages
  • Bypassing script execution policies (running unsigned code)
  • Secure remoting preferences – mitigate attempts & audit sessions
  • Working with tools such as Powersploit, P0wnedshell etc to pen test your environment
  • Exploit scenario – from Scanning -> Penetration -> Elevated privilege attempts -> accessing remote Shell  -> File download and execution  -> inject PowerShell code into applications etc.

Info

  • Seminar ID: 44064
  • Location: Daniel Hotel
  • Date: Sunday 18th of June 2017

Main Speaker

<a href='http://devgeekweek.jbh.co.il/speaker/yossi-sassi/'>Yossi Sassi</a>

מתחילת שנות ה- 90 הספיק סאסי (“סהרון”) לצבור ניסיון בכל תחום אפשרי: תשתיות IT, תקשורת נתונים, ופיתוח יישומים (מתוכן עשור …