PowerShell.org

Community Hub

Podcast

Episode 207 – Dave Kennedy on security and the Social-Engineer Toolkit

Jonathan Walz
2 min read
Share:

Listen to this Episode

Audio available

A Podcast about Windows PowerShell.** Listen:

In This Episode


Tonight on the PowerScripting Podcast, we talk to Dave Kennedy about security and the Social-Engineer Tooklit!

**

News


** **





- 


    There is a new [Dutch PowerShell users group](http://powershellgroup.org/dutch)





- 


    The [Charlotte PowerShell Users Group](http://powershellgroup.org/charlotte.nc) is meeting on December 6th





- 


    [PowerShell People](http://mikefrobbins.com/2012/11/13/meet-the-people-of-powershell-at-powershell-orgpeople-and-powershell-net/)





- 


    [Honorary Scripting Guys have been announced](http://blogs.technet.com/b/heyscriptingguy/archive/2012/11/04/announcing-the-2012-honorary-scripting-guys.aspx)





- 


    [Scripting Games info!](https://powershell.org/games/)


** **


Interview


** **





Guest - Dave Kennedy


Links


** **





- 


    [Artillery](https://www.trustedsec.com/downloads/artillery/)





- 


    [Social-Engineer Toolkit](https://www.trustedsec.com/downloads/social-engineer-toolkit/)





- 


    [http://pentest-standard.org](http://pentest-standard.org/)





- 


    [backtrack-linux](http://www.backtrack-linux.org/)





- 


    [Mimikatz](http://blog.gentilkiwi.com/mimikatz)





- 


    http://www.offensive-security.com/





- 


    [http://trustedsec.com](http://trustedsec.com/)





- 


    [Metasploit: The Penetration Tester's Guide](http://www.amazon.com/Metasploit-Penetration-Testers-David-Kennedy/dp/159327288X/ref=sr_1_1?s=books&ie=UTF8&qid=1353529508&sr=1-1&keywords=metasploit)





- 


    [@trustedsec](https://twitter.com/trustedsec)





- 


    [@dave_rel1k](https://twitter.com/dave_rel1k)


Chatroom buzz





<1mwjcomputing> I have to say the live demos of SET's PowerShell Attack vectors were amazing the first time I saw them.





16[2012-11-08 21:39:47] <9ScriptingWife> episode 174 22http://powerscripting.wordpress.com/2012/01/31/episode-174-matt-graeber-using-powershell-in-infosec/





16[2012-11-08 21:59:44] <4kobeckman> "Hey, I'm the copier guy."





16[2012-11-08 22:00:01] <1mwjcomputing> PDF Exploits....yum





16[2012-11-08 22:08:10] <5AaronHoover> understatement of the day...





16[2012-11-08 22:09:16] <1mwjcomputing> i think applocker will help the second (fall back) but not the powershell attack





16[2012-11-08 22:09:26] <1mwjcomputing> but i might try that tonight





16[2012-11-08 22:09:58] <1mwjcomputing> pivoting FTW





16[2012-11-08 22:10:19] <4kobeckman> well, it sounds like if you don't have Java, the initial attack fails and then falls back to an executable if I understand correctly





16[2012-11-08 22:10:34] <4ReL1K> yea applocker would stop second attack not first





16[2012-11-08 22:22:53] <9ScriptingWife> BTW last week I said what the carp on Porpoise 🙂





21[2012-11-08 22:28:59]  this cold is messing with my brain





21[2012-11-08 22:29:16]  I can't get my thoughts together. 🙁





16[2012-11-08 22:29:45] <11mwjcomputing> DefCon 18 VIdeo with ReL1K was good!





16[2012-11-08 22:30:04] <11mwjcomputing>  22http://vimeo.com/15540900





16[2012-11-08 22:30:08] <11mwjcomputing> that is the video





16[2012-11-08 22:38:31] <9ericcourville> SANS.org newsletter is a good resource too





16[2012-11-08 21:54:32] <1mwjcomputing> that is what ReL1K gets for talking about the government.





16[2012-11-08 21:54:36] <2GeekJimmy> lol





16[2012-11-08 21:54:37] <1mwjcomputing> lol





16[2012-11-08 21:54:48] <2GeekJimmy> the black helicopters turned on the jammer!





16[2012-11-08 21:54:56] <2GeekJimmy> **dons tinfoil hat**


The Question - Mission to Mars - MacBook Pro