Let\\'s Dive into Powershell Obfuscation - SANS@Mic

  • Wednesday, 21 Oct 2020 7:30PM CST (22 Oct 2020 00:30 UTC)
  • Speaker: Xavier Mertens

PowerShell, thanks to its broad availability across Windows systems, remains a very nice infection vector for many attackers. I 'm collecting daily new samples of malicious Powershell code. Most of them are obfuscated using one or multiple techniques. Some of them being very simple but effective, while others are much more complicated to approach.

In this SANS@MIC session, I'll take you by the hand to dive into PowerShell obfuscation techniques and demonstrate some techniques with live examples.