Hijacking .NET to Defend PowerShell

Hijacking .NET to Defend PowerShell

Security BSides San Francisco via YouTube Direct link

STRONG NAMED ASSEMBLIES

12 of 23

12 of 23

STRONG NAMED ASSEMBLIES

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Hijacking .NET to Defend PowerShell

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 GOALS
  3. 3 CONTENT OVERVIEW FOUNDATIONS
  4. 4 TIMELINE
  5. 5 PHISHING CAMPAIGNS
  6. 6 BAD MALWARE PICKUP LINES
  7. 7 OBFUSCATION
  8. 8 OFFENSIVE FRAMEWORKS
  9. 9 FOUNDATIONS of .NET
  10. 10 COMMON LANGUAGE RUNTIME (CLR)
  11. 11 JUST-IN-TIME COMPILER (JIT) METADATA LOOKUPS
  12. 12 STRONG NAMED ASSEMBLIES
  13. 13 NGEN ASSEMBLIES
  14. 14 POWERSHELL
  15. 15 AMSI BYPASSES
  16. 16 C# DLL INJECTION
  17. 17 NET ROOTKITS BINARY MODIFICATION
  18. 18 CLR PROFILING
  19. 19 SETTING IL HOOK
  20. 20 JIT COMPILER HOOKING
  21. 21 C-BASED METHOD HOOKING
  22. 22 SOLUTION RESULTS COMPARISON
  23. 23 TAKE AWAYS

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.