با برنامه Player FM !
Episode 348 - PowerShell Script Malware Detection
Manage episode 356428978 series 1854687
Shota Shinogi is a security researcher at Macnica (Japan), pentest tools author and CTF organizer.
He is an expert in writting malware for Red Team purpose and to evade the detection from EDR, sandbox, IPS, antivirus and other security solutions.
He has more than 10 years experience on the Cyber security industries, starting his carrier with HDD Encryption, NAC, IPS, WAF, Sandbox. He has spoken in several security/hacking conferences; Black Hat, DEF CON, BSides.
He is also contributing for the education for the next generation security engineer through the Security Camp from 2015 consecutively in Japan.
In this interview, Shinogi gave highlights of his hackathon session (as an instructor at the Global Cybersecurity Camp 2023) on PowerShell based Malware detection
He shared the key factors behind PowerShell’s potency (a default tools on Windows, file-less, and hundreds of methods to obfuscate the script, making detection even that much harder).
However, with the logging feature built by Microsoft, it is possible to build tools to detect malicious PowerShell script.
Shinogi noted the approaches that the impressive results delivered by the hackathon – there were even AI-based algorithms to filter out malicious PowerShell scripts.
Recorded 16th February 2023, 4.30pm, ASEAN Cybersecurity Centre of Excellence Singapore, at the Global Cybersecurity Camp 2023 Singapore.
155 قسمت
Manage episode 356428978 series 1854687
Shota Shinogi is a security researcher at Macnica (Japan), pentest tools author and CTF organizer.
He is an expert in writting malware for Red Team purpose and to evade the detection from EDR, sandbox, IPS, antivirus and other security solutions.
He has more than 10 years experience on the Cyber security industries, starting his carrier with HDD Encryption, NAC, IPS, WAF, Sandbox. He has spoken in several security/hacking conferences; Black Hat, DEF CON, BSides.
He is also contributing for the education for the next generation security engineer through the Security Camp from 2015 consecutively in Japan.
In this interview, Shinogi gave highlights of his hackathon session (as an instructor at the Global Cybersecurity Camp 2023) on PowerShell based Malware detection
He shared the key factors behind PowerShell’s potency (a default tools on Windows, file-less, and hundreds of methods to obfuscate the script, making detection even that much harder).
However, with the logging feature built by Microsoft, it is possible to build tools to detect malicious PowerShell script.
Shinogi noted the approaches that the impressive results delivered by the hackathon – there were even AI-based algorithms to filter out malicious PowerShell scripts.
Recorded 16th February 2023, 4.30pm, ASEAN Cybersecurity Centre of Excellence Singapore, at the Global Cybersecurity Camp 2023 Singapore.
155 قسمت
모든 에피소드
×به Player FM خوش آمدید!
Player FM در سراسر وب را برای یافتن پادکست های با کیفیت اسکن می کند تا همین الان لذت ببرید. این بهترین برنامه ی پادکست است که در اندروید، آیفون و وب کار می کند. ثبت نام کنید تا اشتراک های شما در بین دستگاه های مختلف همگام سازی شود.