Session

Behind the curtain of PowerShell cmdlets

PowerShell is widely used, but a few thinks about how cmdlets work behind the scenes.
This knowledge allows IT administrators find hidden capabilities even in built-in cmdlets, developers create their own, and better understand PowerShell-based attacks for security engineers.

The session sheds light on well-known cmdlets and how to overcome some built-in limitations.

Demo-based session contains:
- Win32 API intro
- Monitoring Built-in Cmdlets API Calls
- Analyzing API Calls in a source code
- Abstract Win32 API functions with PSReflect
- Customize Built-in Cmdlets

Sergey Chubarov

Security Expert

Paço de Arcos, Portugal

Actions

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top