-ExecutionPolicy Bypass" Living off the land with Powershell and WMI presented at Hackmiami 2017

by Evan Wagner,

Summary : Multi staged exploitation techniques using Powershell. Presentation will go over capabilities to subvert execution restrictions, credential stealing, reconnaissance, passing tickets, setting up persistence and at the end presenter will show a C2 that uses only powershell to issue and setup encrypted tunnels to issue commands and remotely control machines in real time over different types of DNS queries.