I will have the honor of speaking at DEFCON 23 about a new tool set I’ll be releasing. If you’re planning on attending DEFCON this year my talk will be on Friday, 7 Aug @ 1600. Hope to see everyone there.
The Harness toolset aims to give penetration testers and red teams the ability to pull a remote powershell interface with all the same features of the native Powershell CLI and more. Several tools and utilities have been released to solve the powershell weaponization problem, but no freely available tool give operators the full capabilities of powershell through a remote interface. We’ll start the talk with a quick survey of the previous methods of weaponizing powershell, and then move into the capabilities of the Harness toolset which includes a fully interactive powershell CLI, and remote importing of modules across the wire without staging. We’ll conclude with taking a look at the underlying code that makes the toolset work, and briefly discuss planned features. The Harness toolset will be released open source in conjunction with this talk.