Harnessing PowerShell and Collaborative Security Practices

This chapter explores the benefits of PowerShell over traditional Linux command-line tools, emphasizing the user-friendly syntax and its impact on security. It also highlights the importance of internal security meetups and introduces an interactive card game designed to improve incident response readiness.

Transcript

chevron_right

Play full episode

chevron_right

Transcript

Episode notes

In this episode of the PowerShell Podcast, we sit down with renowned security researcher John Hammond. Recorded in person in Utah, we delve into John's unique insights on PowerShell and its role in cybersecurity. John shares his experiences with PowerShell attacks, discussing how it’s used in various malware and the importance of implementing security features like constrained language mode and script block logging. He highlights practical tips for making PowerShell environments more secure and emphasizes the need for continuous learning and experimenting within safe environments. We also explore how to transition into security-focused roles, with John providing valuable advice for those looking to combine their PowerShell skills with a career in cybersecurity.

Guest Bio and links:

John Hammond is a cybersecurity researcher, educator and content creator. As part of the Research & Development Threat Operations team at Huntress, John spends his days analyzing malware and making hackers earn their access. Previously, as a Department of Defense Cyber Training Academy instructor, he taught the Cyber Threat Emulation course, educating both civilian and military members on offensive Python, PowerShell, other scripting languages and the adversarial mindset. He has developed training material and information security challenges for events such as PicoCTF and competitions at DEFCON US. John speaks at security conferences such as BsidesNoVA, to students at colleges such as the US Naval Academy, and other online events including the SANS Holiday Hack Challenge/KringleCon. He is an online YouTube personality showcasing programming tutorials, CTF video walkthroughs and other cyber security content.

PowerShell Podcast Home page: https://www.pdq.com/resources/the-powershell-podcast/

PowerShell Pro Tips - https://www.youtube.com/watch?v=K95ovoMh170

https://underthewire.tech/

https://www.huntress.com/

https://devblogs.microsoft.com/powershell/powershell-constrained-language-mode/

https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_logging_windows?view=powershell-7.4

https://www.amazon.com/PowerShell-Automation-Scripting-Cybersecurity-Hacking/dp/1800566379

https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_language_modes?view=powershell-7.4

https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_execution_policies?view=powershell-7.4

https://learn.microsoft.com/en-us/windows/win32/amsi/how-amsi-helps

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!

Get the app

Home Top podcasts Popular guests