DEF CON Safe Mode Blue Team Village - Mangatas Tondang - Detecting The Not PowerShell Gang
About this talk
Since the advancement of security features released in PowerShell version 5, Red Team folks are forced to not use PowerShell to have successful and undetectable engagements. Some of them even push the boundary and created their own Not-PowerShell tools and released it to the public. As a Blue Teamer, this means we need to reinforce our perimeter against these tools. This talk will uncovers some of the popular Not-PowerShell tools followed by how the blue teams can still spot these tools and build detection on it.
Topics covered
Stay Updated
Get notified about new features and conference additions.