Podcasts about silenttrinity

Do your PowerShell scripts keep getting caught? Tired of dealing with EDRs & Windows Defender every time you need to pop a box? In this one-hour podcast, originally recorded as a live webcast, we introduce a somewhat new Red Team approach that we call BYOI (Bring Your Own Interpreter). Turns out, by harnessing the powah of C# and the .NET framework you can embed entire interpreters inside of a C# binary. This allows you to dynamically access all of the .NET API from a scripting language of your choosing without going through Powershell in any way! We also cover some basic .NET & C# concepts in order to understand why this is possible and all the hype surrounding offensive C# tradecraft. Additionally, we demo SILENTTRINITY, a post-exploitation tool we have developed that attempts to weaponize the BYOI concept *AND* dropped a pretty huge update for it live during the webcast! This podcast was originally recorded on 2/14/2019 as a live webcast with our very own Marcello Salvati. P.S — You can get SILENTTRINITY here: https://github.com/byt3bl33d3r/SILENTTRINITY Also, you can now register for our Cyber Deception class at Black Hat 2019 here: https://www.blackhat.com/us-19/training/schedule/index.html#a-guide-to-active-defense-cyber-deception-and-hacking-back-14124

This week, we welcome back Marcello Salvati, Security Analyst at our sponsor Black Hills Information Security, to give some updates on his Post Exploitation Tool SILENTTRINITY! In the second interview, we welcome Steve Brown, Keynote Speaker at SecureWorld Boston 2019 to discuss his talk about Building Your Strategic Roadmap for the Next Wave of Digital Transformation! In the Security News, password managers leaking data in memory, security analysts are only human, Splunk changes position of Russian customers, Google admits error over hidden microphone, and a nasty code-execution bug in WinRAR threatened millions of users for 14 years!   Full Show Notes: https://wiki.securityweekly.com/Episode595 To learn more about our sponsor Black Hills Information Security, visit: https://securityweekly.com/bhis To see the SILENTTRINITY code itself on Github, visit: https://github.com/byt3bl33d3r/SILENTTRINITY Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Marcello Salvati, Security Analyst at our sponsor Black Hills Information Security, to give some updates on his Post Exploitation Tool SILENTRINITY! Sign up for the BHIS Mailing List to receive updates about upcoming webcasts, blogs, and open-source tools from our testers at: https://securityweekly.com/bhis Full Show Notes: https://wiki.securityweekly.com/Episode595 Follow us on Twitter: https://www.twitter.com/securityweekly

Marcello Salvati, Security Analyst at our sponsor Black Hills Information Security, to give some updates on his Post Exploitation Tool SILENTRINITY! Sign up for the BHIS Mailing List to receive updates about upcoming webcasts, blogs, and open-source tools from our testers at: https://securityweekly.com/bhis Full Show Notes: https://wiki.securityweekly.com/Episode595 Follow us on Twitter: https://www.twitter.com/securityweekly

This week, we welcome back Marcello Salvati, Security Analyst at our sponsor Black Hills Information Security, to give some updates on his Post Exploitation Tool SILENTTRINITY! In the second interview, we welcome Steve Brown, Keynote Speaker at SecureWorld Boston 2019 to discuss his talk about Building Your Strategic Roadmap for the Next Wave of Digital Transformation! In the Security News, password managers leaking data in memory, security analysts are only human, Splunk changes position of Russian customers, Google admits error over hidden microphone, and a nasty code-execution bug in WinRAR threatened millions of users for 14 years!   Full Show Notes: https://wiki.securityweekly.com/Episode595 To learn more about our sponsor Black Hills Information Security, visit: https://securityweekly.com/bhis To see the SILENTTRINITY code itself on Github, visit: https://github.com/byt3bl33d3r/SILENTTRINITY Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Marcello Salvati is a security consultant at BHIS, and is giving a technical segment on SilentTrinity. Marcello will solve the red team tradecraft problem of gaining dynamic access to the .net api without going through powershell. To learn more about Black Hills Information Security, go to: https://www.blackhillsinfosec.com/PSW Full Show Notes: https://wiki.securityweekly.com/Episode585 Follow us on Twitter: https://www.twitter.com/securityweekly

Marcello Salvati is a security consultant at BHIS, and is giving a technical segment on SilentTrinity. Marcello will solve the red team tradecraft problem of gaining dynamic access to the .net api without going through powershell. To learn more about Black Hills Information Security, go to: https://www.blackhillsinfosec.com/PSW Full Show Notes: https://wiki.securityweekly.com/Episode585 Follow us on Twitter: https://www.twitter.com/securityweekly

This week, how Docker containers can be exploited to mine for cryptocurrency, WordPress sites attacking other WordPress sites, why the Marriott breach is a valuable IT lesson, malicious Chrome extensions, why hospitals are the next frontier of cybersecurity, and how someone is claiming to sell a Mass Printer Hijacking service! In our first Technical Segment, we welcome Marcello Salvati, Security Consultant at BHIS, to talk about SILENTTRINITY, a post-exploitation agent powered by Python, IronPython, C#/.NET! In our second Technical Segment, we air a pre-recorded interview of Lenny Zeltser, VP of Products at Minerva! Lenny will be discussing Evasion Tactics in Malware from the Inside Out!   Full Show Notes: https://wiki.securityweekly.com/Episode585 Visit https://www.securityweekly.com/psw for all the latest episodes!   To learn more about Minerva Labs, go to: https://l.minerva-labs.com/security-weekly To learn more about Black Hills Information Security, go to: https://www.blackhillsinfosec.com/PSW To look more into SILENTTRINITY, go to: https://github.com/byt3bl33d3r/SILENTTRINITY   Visit https://www.activecountermeasures/psw to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, how Docker containers can be exploited to mine for cryptocurrency, WordPress sites attacking other WordPress sites, why the Marriott breach is a valuable IT lesson, malicious Chrome extensions, why hospitals are the next frontier of cybersecurity, and how someone is claiming to sell a Mass Printer Hijacking service! In our first Technical Segment, we welcome Marcello Salvati, Security Consultant at BHIS, to talk about SILENTTRINITY, a post-exploitation agent powered by Python, IronPython, C#/.NET! In our second Technical Segment, we air a pre-recorded interview of Lenny Zeltser, VP of Products at Minerva! Lenny will be discussing Evasion Tactics in Malware from the Inside Out!   Full Show Notes: https://wiki.securityweekly.com/Episode585 Visit https://www.securityweekly.com/psw for all the latest episodes!   To learn more about Minerva Labs, go to: https://l.minerva-labs.com/security-weekly To learn more about Black Hills Information Security, go to: https://www.blackhillsinfosec.com/PSW To look more into SILENTTRINITY, go to: https://github.com/byt3bl33d3r/SILENTTRINITY   Visit https://www.activecountermeasures/psw to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly