PowerShell is a shell and scripting language for use on the Microsoft Windows platform. With it, one can do a crazy amount of cool stuff in an automated fashion: audit local users on Windows machines, create service accounts in Active Directory that have passwords automatically randomized/managed by the domain, query members of a variety of AD groups, and more.
Not only is it awesome for auditors and blue teams, but red teams have discovered the power of it. When hacking, pivoting, and owning Windows environments? PowerShell is becoming a huge tool in their toolbelt.
Attend this presentation if you are someone who has been interested in PowerShell, but hasn’t known where to start, or what it can be capable of doing. We will be going over the huge benefits of PowerShell, and will show examples of how powerful simple commands can be. Cheat sheets will be provided to attendees, along with resource links for getting started with PowerShell.
- History of PowerShell and Why It's Important
- Using PowerShell for Basic Auditing of Active Directory
- Security Benefits of Using PSRemoting vs old-school PSExec and RDP
- Ease of Generating Audit Reports from PowerShell
About Derek Ardolf
Derek Ardolf is a DevOps Evangelist who has taught PowerShell at Century College, Minnesota, and served as Vice President of Twin Cities PowerShell Automation. He utilizes his familiarity with both the Linux and Windows OS platforms so that he can automate all the things. Derek is a big proponent of infrastructure being represented as code in order to sustain largely auditable environments, and eliminating nasty GUIs from residing on the server side.
Systems Development Engineer, Amazon
AAS Linux Administration
Verified Effective Windows PowerShell Toolmaker
Linux Foundation Certified System Administrator
Microsoft Certified Technology Specialist