Unmanaged PowerShell - PowerShell without powershell.exe

Name: Unmanaged PowerShell - PowerShell without powershell.exe
Uploaded: May 15, 2016
Duration: 882 s

Cobalt Strike Archive21.2K subscribers

11.5K views

May 15, 2016

14:42

This video demonstrates the unmanaged PowerShell features in Cobalt Strike's Beacon payload. The powerpick command lets you run powershell scripts without powershell.exe. The psinject command lets you inject a PowerShell instance + script into a specific process. The original POC: https://github.com/leechristensen/UnmanagedPowerShell Justin Warner's post on PowerPick and ReflectivePick: https://www.sixdub.net/?p=367 Beacon: https://www.cobaltstrike.com/help-beacon

Download

1 formats

Video Formats

360pmp421.5 MB

Download

Right-click 'Download' and select 'Save Link As' if the file opens in a new tab.