A Survey of Powershell Enabled Malware

DerbyCon V - Unity

Presented by: Tyler Halfpop
Date: Saturday September 26, 2015
Time: 14:30 - 14:55
Location: Track 5
Track: Stable Talks

Powershell has extremely powerful capabilities and is built-in to modern versions of Windows. Penetration testers and red teams have been using Powershell to pillage networks for years now, but it is not often talked about how malware authors are abusing Powershell in real attacks. This talk examines several cases of Powershell malware seen in the wild and looks at what we can expect in the future. Recommendations will also be given on how to defend against Powershell attacks.

Tyler Halfpop


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats