This workshop is designed to provide you with a solid understanding of IronPython, its integration with the .NET framework, and how it can be used to interact with PowerShell. You will also gain insight into advanced topics like CLR hooks for AMSI bypass.
IronPython is a powerful and flexible programming language that has been increasingly used by attackers due to its ability to bypass security controls. This practical workshop will explore the inner workings of IronPython and its unique features that enable sophisticated offensive techniques. Participants will gain hands-on experience in developing IronPython payloads that can evade modern security controls and execute malicious code on target systems.
- Introduction to IronPython: Understand the basics of IronPython, its installation, and why it's used.
- IronPython Syntax and DataTypes: Get comfortable with the fundamental building blocks of IronPython programming.
- IronPython and .NET: Explore the power of IronPython and .NET integration, and how IronPython interacts with C#.
- IronPython and PowerShell: Learn how to control PowerShell and leverage Runspaces using IronPython.
- CLR Hooks for AMSI Bypass: Delve into advanced topics like using IronPython for CLR hooks to bypass AMSI.
- Hands-On Exercises: Along with theory, this workshop emphasizes practical application. We will work on multiple exercises, each designed to strengthen your understanding of the core concepts and their real-world application.
Basic knowledge of Python and .NET would be helpful. However, we will start from the basics and build up our knowledge step-by-step.