When I went to Derbycon 3.0 last year, I saw @mattifestation and @obscuresec‘s talk about using pre-existing windows components for post-exploitation. What I absolutely loved was the section on using Powershell and a website for C2 after a compromise. In a nutshell, you gain access to a system and create some way of getting script … Continue reading Command and Control using Powershell and your favorite website