I published the following diary on isc.sans.edu: “Powershell Payload Stored in a PSCredential Object“:
An interesting obfuscation technique to store a malicious payload in a PowerShell script: In a PSCredential object! The PSCredential class can be used to manage credentials in a centralized way. Just have a look at this example. First, let’s encrypt our strong password… [Read more]
One comment