PowerShell
PowerShell Obfuscation: Stealth Through Confusion, Part II
Mar 29, 2020
Let’s step back a little from the last post’s exercise in jumbling PowerShell commands. Obfuscating code as a technique to avoid detection by malware and virus scanners (or prevent reverse...
How To Use PowerShell for Privilege Escalation with Local Computer Accounts
Mar 29, 2020
Privilege escalation is when an attacker is able to exploit the current rights of an account to gain additional, unexpected access. While this can be caused by zero-day vulnerabilities, state-level...
What is Endpoint Security? A Complete Guide
Oct 17, 2019
Endpoint security is a growing concern for enterprises in every industry, given the value of digital assets and data, and must be a cybersecurity priority.
Practical PowerShell for IT Security, Part V: Security Scripting Platform Gets a Makeover
Aug 22, 2017
A few months ago, I began a mission to prove that PowerShell can be used as a security monitoring tool. I left off with this post, which had PowerShell code...
Disabling PowerShell and Other Malware Nuisances, Part III
Jun 08, 2017
One of the advantages of AppLocker over Software Restriction Policies is that it can selectively enable PowerShell for Active Directory groups. I showed how this can be done in the...
Disabling PowerShell and Other Malware Nuisances, Part II
Jun 02, 2017
Whitelisting apps is nobody’s idea of fun. You need to start with a blank slate, and then carefully add back apps you know to be essential and non-threatening. That’s the...
How to use PowerShell for WannaCry / WannaCrypt cleanup and prevention
May 16, 2017
Use PowerShell to help test and resolve issues from WannaCry / WannaCrypt variants and other ransomware attacks.
Practical PowerShell for IT Security, Part IV: Security Scripting Platform (SSP)
May 10, 2017
In the previous post in this series, I suggested that it may be possible to unify my separate scripts — one for event handling, the other for classification — into...
Practical PowerShell for IT Security, Part II: File Access Analytics (FAA)
Mar 22, 2017
In working on this series, I almost feel that with PowerShell we have technology that somehow time-traveled back from the future. Remember on Star Trek – the original of course...
The Difference Between Bash and Powershell
Sep 13, 2016
You don’t normally talk philosophy and IT when considering Bash and Powershell, but if it’s one thing I’ve learned over the past 20 years of sysadmin work it’s that whether...
The Complete PowerShell Tool Roundup
Sep 06, 2016
A hand-curated list of 70 tools to power up your workflow.
Using PowerShell to Combat CryptoLocker
Oct 17, 2014
On the Varonis blog, we recently wrote about how CryptoLocker—the malware that encrypts your local files and holds them for a Bitcoin ransom—has better marketing than many companies. However, we...
Try Varonis free.
Deploys in minutes.