conf.directory

DEF CON Safe Mode Blue Team Village - Mangatas Tondang - Detecting The Not PowerShell Gang

About this talk

Since the advancement of security features released in PowerShell version 5, Red Team folks are forced to not use PowerShell to have successful and undetectable engagements. Some of them even push the boundary and created their own Not-PowerShell tools and released it to the public. As a Blue Teamer, this means we need to reinforce our perimeter against these tools. This talk will uncovers some of the popular Not-PowerShell tools followed by how the blue teams can still spot these tools and build detection on it.

Stay Updated

Get notified about new features and conference additions.

DEF CON Safe Mode Blue Team Village - Mangatas Tondang - Detecting The Not PowerShell Gang by Mangatas Tondang | conf.directory | conf.directory