Owning MS Outlook with PowerShell

Presented at NolaCon 2016, May 20, 2016, 5 p.m. (Unknown duration)

Most companies, businesses, and organizations rely on Microsoft Outlook for managing email. This talk explores how Outlook can be leveraged for the benefit of red teams and penetration testers using only Windows PowerShell. Going beyond the basics of mere data mining, we will explore manipulating exchange rules to better enable client-side exploitation opportunities and gain further access. From there we’ll move on to maintaining access, to include automation techniques.

Presenters:

• Andrew Cole
  Andrew Cole (@colemination) is a security researcher with an obsessive passion for Windows PowerShell. In a past life he was a Military Intelligence Systems Maintainer, a Cryptologic Network Warfare Specialist, and Journeyman Interactive Operator for the US Army. He currently works for Chiron Technology Services’ Information Operations Team as a Computer Network Exploitation (CNE) instructor and content developer.

Links:

• https://nolacon.com/talk/owning-ms-outlook-with-powershell

Similar Presentations:

• DerbyCon 6.0 Recharge (2016) / Outlook and Exchange for the Bad Guys
• DeepSec 2016 „Ten“ / Offensive PowerShell for Red and Blue Teams (closed)
• DeepSec 2015 „DeepSec No. 9“ / PowerShell for Penetration Testers