A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Invoke-GreatBirdOfCommonKnowledge - Gathering what is scattered with ATT&CK, an Atomic Bird, and a bit of homegrown PowerShell... - Walter Legowski Derbycon 2019 (Hacking Illustrated Series InfoSec Tutorial Videos)

Invoke-GreatBirdOfCommonKnowledge - Gathering what is scattered with ATT&CK, an Atomic Bird, and a bit of homegrown PowerShell...
Walter Legowski
Derbycon 2019

IT Security is hard. The landscape moves at a fast pace, and it is important for Red&Blue to stay up to date with the constantly evolving threats, tradecraft, and associated technical knowledge. ATT&CK does a great job at gathering all this and making it available via a wiki and a REST API. The kill-chain encyclopedia of known corporate post-exploitation techniques for the masses... so I made a set of Cmdlets to access this data from a PowerShell prompt, and facing the demo gods, I will show how this first toolset can be used to search and navigate the ATT&CK Knowledge base, document your moves, & automate stuff, and I will then demo how to invoke the Great Bird of Common Knowledge by feeding ATT&CK techniques to an Atomic Canary over a smoking pipe... Really cool stuff. Don't miss it.

Walter Legowski [@SadProcessor] / "Make the world a safer place" @ ERNW [DE] / PowerShell Bad Boy & Noob for life / Likes Tools, Security & Automation / Likes Streets, Cats and Trees / Likes mixing stuff...

@SadProcessor

Back to Derbycon 2019 video list

Printable version of this article

15 most recent posts on Irongeek.com:


    If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

    Copyright 2019, IronGeek
    Louisville / Kentuckiana Information Security Enthusiast