Introducing PS>Attack, a portable PowerShell attack toolkit

Presented at CarolinaCon 12 (2016), March 5, 2016, 11 a.m. (Unknown duration).

PS>Attack is a new project being released at CarolinaCon. It is a tool for generating a portable PowerShell attack environment that makes it easy for pentesters to incorporate PowerShell into their bag of tricks. The generated environment is a self contained exe that comes with a lot of the latest and greatest offensive PowerShell tools, including commands for Privilege Escalation, Recon and Data Exfiltration. It uses a couple of techniques to evade antivirus and Incident Response teams, making it suitable for use during live engagements. In this talk we will cover how PS>Attack came about, some of the design decisions behind it and how you can use it to wreck shop on your next assessment.

Presenters:

• Jared Haight
  Jared Haight is a pentester for Gotham Digital Science in Charlotte who has an unnatural love for PowerShell. When he isn't hacking the gibson he enjoys hiking and taking pretty pictures.

Links:

• https://infocon.org/cons/CarolinaCon/CarolinaCon 12 2016/Introducing PS Attack, a portable PowerShell attack toolkit - Jared Haight.mp4
• https://infocon.org/cons/CarolinaCon/CarolinaCon 12 2016/Introducing PS Attack, a portable PowerShell attack toolkit - Jared Haight.srt (subtitles)
• https://www.youtube.com/watch?v=lFCtPdUPdHw

Similar Presentations:

• BSidesDC 2016 / PowerShell Security: Defending the Enterprise from the Latest Attack Platform
• PancakesCon 1 (2020) Virtual / PowerShell and Pickling
• DerbyCon 6.0 Recharge (2016) / Introducing PowerShell into your Arsenal with PS>Attack