[SANS ISC] Powershell Payload Stored in a PSCredential Object

I published the following diary on isc.sans.edu: “Powershell Payload Stored in a PSCredential Object“:

An interesting obfuscation technique to store a malicious payload in a PowerShell script: In a PSCredential object! The PSCredential class can be used to manage credentials in a centralized way. Just have a look at this example. First, let’s encrypt our strong password… [Read more]

[The post [SANS ISC] Powershell Payload Stored in a PSCredential Object has been first published on /dev/random]

Article Link: https://blog.rootshell.be/2020/04/27/sans-isc-powershell-payload-stored-in-a-pscredential-object/