A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Making Everything Old New Again - Andrew Cole and Rich Moulton (BSides Augusta 2015) (Hacking Illustrated Series InfoSec Tutorial Videos)

Making Everything Old New Again
Andrew Cole and Rich Moulton

In post-exploitation operations, using native OS capabilities is always preferred over custom tools to minimize attention from security products. As native OS capabilities go, none surpass Microsoft's PowerShell in providing complete access to the Win32 API.Better still, PowerShell allows us to compile code on-the-fly that will get us the functionality we want regardless of system architecture. In this presentation, we will show you several ways to leverage these capabilities to achieve classic hiding behaviors dynamically, and without regard to 32-bit or 64-bit environments, including hiding processes, files and registry entries.

House Version

Back to BSides Augusta 2015 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast