'=?utf-8?Q?Endpoint=20Security=20Got=20You=20Down=3F=20No=20PowerShell=3F=20No=20Problem.?='

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       pauldotcom
Subject:    =?utf-8?Q?Endpoint=20Security=20Got=20You=20Down=3F=20No=20PowerShell=3F=20No=20Problem.?=
From:       John - Black Hills Information Security <john () blackhills
Date:       2019-02-11 22:40:09
Message-ID: e12efe2af6573cc76c90fc019.4d2a03277b.20190211223936.b3d142ccbf.84efdddc () mail109 ! suw15 ! mcsv ! net
[Download RAW message or body]

Hello BHIS webcast email getters,
 
Do your PowerShell scripts keep getting caught? Tired of dealing with EDRs & Windows \
Defender every time you need to pop a box? 


In this one-hour webcast, we'll introduce a somewhat new Red Team approach that we \
call BYOI (Bring Your Own Interpreter). 


Turns out, by harnessing the powah of C# and the .NET framework you can embed entire \
interpreters inside of a C# binary. This allows you to dynamically access all of the \
.NET API from a scripting language of your choosing without going through Powershell \
in any way! 


We will also cover some basic .NET & C# concepts in order to understand why this is \
possible and all the hype surrounding offensive C# tradecraft. 


Additionally, we will demo SILENTTRINITY, a post-exploitation tool we have developed \
that attempts to weaponize the BYOI concept *AND* drop a pretty huge update for it \
live during the webcast!

 
This webcast will be from 2-3 ET this Thursday with our very own Marcello.

Please register below:

https://attendee.gotowebinar.com/register/7989228905573054722


See you then!

John Strand


p.s you can get SILENTTRINITY here:

https://github.com/byt3bl33d3r/SILENTTRINITY

Also, you can now register for our Cyber Deception class at Black Hat 2019 here:

https://www.blackhat.com/us-19/training/schedule/index.html#a-guide-to-active-defense-cyber-deception-and-hacking-back-14124



==============================================

Unsubscribe pauldotcom@marc.info from this list:
https://blackhillsinfosec.us15.list-manage.com/unsubscribe?u=e12efe2af6573cc76c90fc019&id=b7b017ed3a&e=4d2a03277b&c=b3d142ccbf



[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic