Denver 2018

Denver, CO | Mon, Oct 15 - Sat, Oct 20, 2018
This event is over,
but there are more training opportunities.

Automate Post Exploitation with PowerShell Empire

  • Nick Wiebelhaus
  • Tuesday, October 16th, 7:15pm - 8:15pm

How do we, as penetration testers, show the true risk a vulnerability may present? We first exploit that vulnerability, we then show what data we can access and what we are able to do with that access. The problem that seems to always arise is the length of our engagements do not allow for lengthy post exploitation. That presents a new question: how can we as penetration testers automate our post exploitation attacks? Thatās easy, we utilize PowerShell Empire, DeathStar, and a couple custom PowerShell scripts. Come learn how you can cut your post exploitation efforts in half while still presenting the true risk of a vulnerability to your clients.

Speaker Bio: Nick Wiebelhaus has a diverse background in both offense and defense in the security industry. Nick currently works as a security professional with a diverse business at an enterprise level that engages in loan origination, loan servicing, payment processor, internet service provider, collaboration spaces, software development, and banking. Nick is a subject matter expert in the areas of penetration testing, incident response management, system administration, and security operations center (SOC) management. He has developed enterprise penetration testing methodologies, SOC processes, and incident response processes.

Nick is an active member of the information security community in and around the Denver Colorado area. He teaches information security at the Community College of Aurora and frequently attends conferences and other community events. Nick earned his BS in Information Security from Colorado Technical University and currently holds several certifications including GPEN, GWAPT, GCIH, and Security +.


Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
Monday, October 15
Session Speaker Time Type
General Session - Welcome to SANS Bryan Simon Monday, October 15th, 8:00am - 8:30am Special Events
OODA Security: Taking Back the Advantage Kevin Fiscus Monday, October 15th, 7:15pm - 9:15pm Keynote
Tuesday, October 16
Session Speaker Time Type
Automate Post Exploitation with PowerShell Empire Nick Wiebelhaus Tuesday, October 16th, 7:15pm - 8:15pm SANS@Night
Adversary Emulations - Taking Attack Models and Penetration Testing to the Next Level Jorge Orchilles Tuesday, October 16th, 8:15pm - 9:15pm SANS@Night
Wednesday, October 17
Session Speaker Time Type
Everyone Wants to be a Pen Tester Serge Borso Wednesday, October 17th, 7:15pm - 8:15pm SANS@Night
Malware Analysis - Code of Conduct Anuj Soni Wednesday, October 17th, 8:15pm - 9:15pm SANS@Night
Thursday, October 18
Session Speaker Time Type
State of the Dark Web Matt Edmondson Thursday, October 18th, 7:15pm - 8:15pm SANS@Night