We have seen PowerShell gain attention and adoption in the last few years. People are beginning to realize that there is more to PowerShell than another scripting language. With the adoption comes more tools and resources for both the offensive and defensive sides of security. This talk is designed to give you a first hand look of using PowerShell in both an offensive attacking scenario as well as a defensive scenario. In this talk I will be focusing on the tools, methods, and techniques that are being used from both offensive and defensive mindsets. Tools that were created by Carlos Perez, Matt Graeber, Chris Campbell, Will Steele, and Matt Johnson. I will highlight these existing tools as well as teach you how to write some custom tools yourself. We will dive into the more complex ideas with PowerShell and the .NET Framework. I'll highlight how to detect the attacks and strategies for avoiding detection. Regardless of what color hat you wear, or if you wear nothing at all, this talk will allow you to leverage PowerShell to your advantage.

I am a Senior Security Consultant. I have been doing security things for over 14 years. If there is ever a situation where someone had to be undercover at an elementary school, I'd be the guy for the job. I've been carded for trying to purchase Sparklers. I've been Photoshopped on a baby carrier on C-3P0. I am a hugger. Hugs are okay. Especially long ones. All of these things allow me to be better at Security. Some how.

@ben0xa

Back to Derbycon 2015 video list