Skip to content

Latest commit

 

History

History
18 lines (14 loc) · 1.7 KB

README.md

File metadata and controls

18 lines (14 loc) · 1.7 KB

Snakes on a Screen: Taming Offensive IronPython Techniques

Workshop Purpose

This workshop is designed to provide you with a solid understanding of IronPython, its integration with the .NET framework, and how it can be used to interact with PowerShell. You will also gain insight into advanced topics like CLR hooks for AMSI bypass.

Abstract

IronPython is a powerful and flexible programming language that has been increasingly used by attackers due to its ability to bypass security controls. This practical workshop will explore the inner workings of IronPython and its unique features that enable sophisticated offensive techniques. Participants will gain hands-on experience in developing IronPython payloads that can evade modern security controls and execute malicious code on target systems.

Key Topics

  • Introduction to IronPython: Understand the basics of IronPython, its installation, and why it's used.
  • IronPython Syntax and DataTypes: Get comfortable with the fundamental building blocks of IronPython programming.
  • IronPython and .NET: Explore the power of IronPython and .NET integration, and how IronPython interacts with C#.
  • IronPython and PowerShell: Learn how to control PowerShell and leverage Runspaces using IronPython.
  • CLR Hooks for AMSI Bypass: Delve into advanced topics like using IronPython for CLR hooks to bypass AMSI.
  • Hands-On Exercises: Along with theory, this workshop emphasizes practical application. We will work on multiple exercises, each designed to strengthen your understanding of the core concepts and their real-world application.

Prerequisites

Basic knowledge of Python and .NET would be helpful. However, we will start from the basics and build up our knowledge step-by-step.