PowerShell Exploitation, PowerSploit, Bloodhound, PowerShellMafia, Obfuscation, PowerShell Empire, the Empire has fallen, you CAN detect PowerShell exploitation presented at BSidesSatX 2018

by Michael Gough,

Summary : PowerShell is all the rage for the Red Team and the criminals. There are many tools or frameworks now available to Pentesters and the criminal elements. Utilizing PowerShell in attacks and exploit systems without requiring the addition of malicious binaries, rather live of the land and use the built-in Windows PowerShell functionality to get the job done is the Red Teams goal, so what about the Blue Team?