-ExecutionPolicy Bypass" Living off the land with Powershell and WMI

No ratings

Presented at Hackmiami 2017 by

Evan Wagner

Multi staged exploitation techniques using Powershell. Presentation will go over capabilities to subvert execution restrictions, credential stealing, reconnaissance, passing tickets, setting up persistence and at the end presenter will show a C2 that uses only powershell to issue and setup encrypted tunnels to issue commands and remotely control machines in real time over different types of DNS queries.