Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Invoke Obfuscation - PowerShell Obfuscation Techniques and How To Try To Detect Them

nullcon via YouTube

Overview

Explore advanced PowerShell obfuscation techniques and detection methods in this 55-minute conference talk from nullcon 2017. Delve into a dozen never-before-seen obfuscation methods used by sophisticated attackers to evade detection by antivirus and application whitelisting technologies. Learn about three new layers of obfuscation that can be applied to PowerShell commands and scripts, including direct manipulation of cmdlets and functions, string manipulation, and content execution techniques. Discover how these methods can be stacked to create highly evasive payloads. Gain insights into the challenges of detecting obfuscated commands and the importance of PowerShell event logging. Witness a demonstration of Invoke-Obfuscation, an open-source tool for applying these techniques. Presented by Daniel Bohannon, an Incident Response Consultant at MANDIANT with expertise in PowerShell-based attack research and detection techniques.

Syllabus

nullcon 2017 - Invoke Obfuscation: Powershell Obfuscation Techniques n How To Try To Detect Them

Taught by

nullcon

Reviews

Start your review of Invoke Obfuscation - PowerShell Obfuscation Techniques and How To Try To Detect Them

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.