Hello fellow PowerShell enthusiasts. I have been missing for a few months with a new child that has occupied most of my extra time! I look forward to get back in the blogging gear soon.
I just wanted to send out a note that we are hosting our first kick off meeting for the Boston PowerShell User Group at the Microsoft MTC in Kendall Square Cambridge, MA. Here are the two topics that will be delivered via Matt Nelson and Will Schroeder.
Offensive Active Directory With PowerShell
Active Directory has been covered from a system administration aspect for as long as it has existed. However, much less information exists on how adversaries abuse and backdoor AD, leaving many defenders blind to the attacks being executed in their own environment. We’ll cover Active Directory from an offensive perspective, illustrating ways that attackers move through Windows networks with ease. PowerView (the PowerShell domain enumeration tool) will be highlighted, including how to use it for local administrator enumeration, domain trust hopping, user hunting, ACL auditing, and more.
Building an Empire With PowerShell
Over the past few years, attackers have started to realize that the same aspects of PowerShell that make it an excellent Windows automation solution also make it an ideal attack platform. The Empire project aims to bring together various offensive projects into a fully-functional malware agent (written purely in PowerShell) that can be used offensively by red teams and used to train blue teams to defend against these types of attacks.
Hope anyone local can make it. Sign up is live over at Meetup.com: http://www.meetup.com/Boston-PowerShell-User-Group/events/230856302/