We are sad to infrom you, that Sebastian Garcia cannot participate at #BSidesBUD2017 with his talk due to some personal issues. Good news that we could arrange another great speaker to jump in and we are very excited to have Jeff Hamm on board, who is the technical director of FireEye Mandiant. Jeff will talk about PowerShell forensics, here’s the abstract of his presentation:
What the Shell? Powering through PowerShell Forensics
PowerShell is a remote administration tool built into modern Windows operating systems. The shell is a command line driven tool that can be very powerful for network administration, scripting, and even gathering artifact evidence across an enterprise network. In this session, the attendee will see basic uses of PowerShell to gather data, and what traces the use of PowerShell leave behind and how to analyze the data. Finally, the presentation will walk through a case study of an attack that leveraged only PowerShell and Metasploit PowerShell scripts to compromise a bank’s network, move laterally through multiple domains, and ultimately transfer funds out of the bank using SWIFT transactions.
There are only one week left until the conference! Tomorrow we are going to announce an exciting new program that you will be psyched about! Stay tuned!