Harness: Powershell Weaponization Made Easy (or at least easier)

DEF CON 23

Presented by: Rich Kelley
Date: Friday August 07, 2015
Time: 16:00 - 16:25
Location: Track Two

The Harness toolset aims to give penetration testers and red teams the ability to pull a remote powershell interface with all the same features of the native Powershell CLI and more. Several tools and utilities have been released to solve the powershell weaponization problem, but no freely available tool give operators the full capabilities of powershell through a remote interface. We’ll start the talk with a quick survey of the previous methods of weaponizing powershell, and then move into the capabilities of the Harness toolset which includes a fully interactive powershell CLI, and remote importing of modules across the wire without staging. We’ll conclude with taking a look at the underlying code that makes the toolset work, and briefly discuss planned features. The Harness toolset will be released open source in conjunction with this talk.

Rich Kelley

Rich Kelley (@RGKelley5) is a security researcher and the co-founder of Gray Tier Technologies, a small InfoSec start-up based out of Alexandria, VA. After his time in the military he held positions as a network engineer, software engineer, and penetration tester for various government agencies. He recently moved into exploit development and reverse engineering, and is pretty sure he knows less than when he started. Twitter: @RGKelley5


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats