Responding to PowerShell

Sign in to queue

Description

Red Team tools exist for PowerShell. Older ones, like PoshSec and PowerSploit, and newer ones like PowerShell Empire. Meantime, criminals weaponized PowerShell scripts with malware like PowerSniff and PowerWare. So in this talk, we discuss monitoring PowerShell and integrating it with incident response.

Embed

Download

Download this episode

The Discussion

Add Your 2 Cents