Advanced Powershell Threat: Lethal Client Side Attacks using Powershell presented at DeepSec 2014

by Nikhil Mittal,

Summary : APT - A buzzword which refuses to die. Lets have some fun with it, lets move it to powershell. This talk would focus on using powershell for Client Side Attacks.
Powershell is an ideal platform for client side attacks as it is available on all the Windows machines. We would see how easy and effective it is to use powershell for various client side attacks like drive-by-downloads, malicious attachments, Java applets, Human Interface Devices etc.
The payloads which would be used with these attacks include in-memory code execeution, dump passwords and system secretsin plain text, backdoors, keyloggers, moving to other systems, reverse shells etc.
The code used in the above talk will be released as open source. The talk would be full of live demonsrations.