π [ JasonFossen, Jason Fossen ]
How to host the PowerShell engine inside of Python and then run PowerShell code inside Python (and not spawn an external process):
https://t.co/kDal7LhP1e
#PowerShell #Python #SEC573 #SEC505 @MarkBaggett
π https://devblogs.microsoft.com/powershell/hosting-powershell-in-a-python-script/
π₯ [ tweet ]
How to host the PowerShell engine inside of Python and then run PowerShell code inside Python (and not spawn an external process):
https://t.co/kDal7LhP1e
#PowerShell #Python #SEC573 #SEC505 @MarkBaggett
π https://devblogs.microsoft.com/powershell/hosting-powershell-in-a-python-script/
π₯ [ tweet ]
π [ cfalta, Christoph Falta ]
I wrote something to compare the content of two volume shadow copies. Let's hope that's useful π #dfir #PowerShell
https://t.co/ip15QPFaTq
π https://github.com/cfalta/vsctool
π₯ [ tweet ]
I wrote something to compare the content of two volume shadow copies. Let's hope that's useful π #dfir #PowerShell
https://t.co/ip15QPFaTq
π https://github.com/cfalta/vsctool
π₯ [ tweet ]
π [ vinopaljiri, JiΕΓ Vinopal ]
Using #Powershell based on .NET >= 5 or .NET Core (so also latest Powershell Linux/Windows) you can easily natively manipulate with PE and do things like in the picture below (ML processing of .data section strings using #StringSifter) πππ
π₯ [ tweet ]
Using #Powershell based on .NET >= 5 or .NET Core (so also latest Powershell Linux/Windows) you can easily natively manipulate with PE and do things like in the picture below (ML processing of .data section strings using #StringSifter) πππ
π₯ [ tweet ]
π [ last0x00, last ]
After a few weeks of development, I'm happy to share my new work: PersistenceSniper. It is a #Powershell module that allows #BlueTeams, #IncidentResponders and #Sysadmins to hunt persistences implanted in their Windows machines. Check it out!
https://t.co/oma0h8gFfF
π https://github.com/last-byte/PersistenceSniper/
π₯ [ tweet ]
After a few weeks of development, I'm happy to share my new work: PersistenceSniper. It is a #Powershell module that allows #BlueTeams, #IncidentResponders and #Sysadmins to hunt persistences implanted in their Windows machines. Check it out!
https://t.co/oma0h8gFfF
π https://github.com/last-byte/PersistenceSniper/
π₯ [ tweet ]
π [ JoelGMSec, Joel GM ]
Nueva herramienta (con la colaboraciΓ³n de @3v4Si0N) y entrada en el #blog!π
Transfiriendo ficheros en entornos restringidos con #InvokeTransfer
https://t.co/rJYxbvdOgm
https://t.co/0ZEgI0TTK2
#Darkbyte #Hacking #PowerShell #Clipboard #DataTransfer
π https://darkbyte.net/transfiriendo-ficheros-en-entornos-restringidos-con-invoke-transfer
π https://github.com/JoelGMSec/Invoke-Transfer
π₯ [ tweet ]
Nueva herramienta (con la colaboraciΓ³n de @3v4Si0N) y entrada en el #blog!π
Transfiriendo ficheros en entornos restringidos con #InvokeTransfer
https://t.co/rJYxbvdOgm
https://t.co/0ZEgI0TTK2
#Darkbyte #Hacking #PowerShell #Clipboard #DataTransfer
π https://darkbyte.net/transfiriendo-ficheros-en-entornos-restringidos-con-invoke-transfer
π https://github.com/JoelGMSec/Invoke-Transfer
π₯ [ tweet ]
π [ Gi7w0rm, Gi7w0rm ]
Just released a new #blogpost, where I analyze the initial stages of a #vbs / #powershell based #GuLoader / #CloudEye infection.
Shoutout to @malware_traffic for being the first to find this sample (which I noticed after analyzing it myself ^^).
1/2
π https://gi7w0rm.medium.com/cloudeye-from-lnk-to-shellcode-4b5f1d6d877
π₯ [ tweet ]
Just released a new #blogpost, where I analyze the initial stages of a #vbs / #powershell based #GuLoader / #CloudEye infection.
Shoutout to @malware_traffic for being the first to find this sample (which I noticed after analyzing it myself ^^).
1/2
π https://gi7w0rm.medium.com/cloudeye-from-lnk-to-shellcode-4b5f1d6d877
π₯ [ tweet ]
π₯2
π [ PrzemysΕaw KΕys @PrzemyslawKlys ]
If you're into #ActiveDirectory, keep it clean from stale objects. CleanupMonster, my new #PowerShell module, can help you with that. I wrote a blog post about it to make it easier to implement.
It has fancy reporting and lots of customizations:
π https://evotec.xyz/mastering-active-directory-hygiene-automating-stale-computer-cleanup-with-cleanupmonster/
π₯ [ tweet ]
If you're into #ActiveDirectory, keep it clean from stale objects. CleanupMonster, my new #PowerShell module, can help you with that. I wrote a blog post about it to make it easier to implement.
It has fancy reporting and lots of customizations:
π https://evotec.xyz/mastering-active-directory-hygiene-automating-stale-computer-cleanup-with-cleanupmonster/
π₯ [ tweet ]
π6