Informational, Red Team, Red Team Tools, Webcasts .Net, BYOI, EDR, Endpoint, Marcello, Open-Source, PowerShell, Red Team, SILENTTRINITY, Tradecraft, Windows Defender

Webcast: Endpoint Security Got You Down? No PowerShell? No Problem.

Do your PowerShell scripts keep getting caught? Tired of dealing with EDRs & Windows Defender every time you need to pop a box?

In this one-hour webcast, we introduce a somewhat new Red Team approach that we call BYOI (Bring Your Own Interpreter).

Turns out, by harnessing the powah of C# and the .NET framework you can embed entire interpreters inside of a C# binary. This allows you to dynamically access all of the .NET API from a scripting language of your choosing without going through Powershell in any way!

We also cover some basic .NET & C# concepts in order to understand why this is possible and all the hype surrounding offensive C# tradecraft.

Additionally, we demo SILENTTRINITY, a post-exploitation tool we have developed that attempts to weaponize the BYOI concept *AND* drop a pretty huge update for it live during the webcast!

This webcast was recorded on 2/14/2019 with our very own Marcello Salvati.

P.S — You can get SILENTTRINITY here:

https://github.com/byt3bl33d3r/SILENTTRINITY

Ready to learn more?

Level up your skills with affordable classes from Antisyphon!

Pay-What-You-Can Training

Available live/virtual and on-demand