Shattering the Glass: Crafting Post Exploitation Tools with PowerShell

DerbyCon 3.0 - All In The Family

Presented by: Matt Johnson
Date: Saturday September 28, 2013
Time: 14:00 - 14:50
Location: Track 1
Track: Break Me

You have achieved your first goal. Shell on a Windows machine. Good. Now the real work is about to start. Where do you go from here? Time to see where we can go and what we can do. PowerShell should be your first place to go. Now included on every Windows machine in the environment this is now the perfect tool for post exploitation. In this talk I will discuss how you can easily use PowerShell to craft tools as part of your post exploitation process that can be reused everywhere with ease. From simple enumeration to data ex-filtration and command and control this talk will dive deep into PowerShell and have you leaving a better infosec pro.

Matt Johnson

Matt Johnson is a systems analyst in the Detroit area. As an avid tinkerer and hacker, Matt spends most of his days behind a keyboard trying to implement PowerShell anywhere he can. While spending most of his time on the defensive side Matt has a strong passion for the offensive side as well. When he is not behind the keyboard he is a member and speaker at #misec meetups, runs the Michigan PowerShell User group and is the lead developer for PoshSec. You can read Matt’s blog at http://www.mwjcomputing.com or message him on Twitter at @mwjcomputing.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats