Can we do it on exe that are generated with PyInstaller? what would be the get method main? And what if the PC in a corporate environment doesnt have access to powershell (set through GPO policy)? then it wont work?
hey thanks a lot about the amzing vdieo. i try to that with mimikatz but i an error can do a video that you show how to that with mimikat or answer me how to solve it thanks
@@CyberAttackDefense Didn't say you could do it without EDR or anything else. My opinion is that Windows logging by default sucks and has to be configured before use and you can just use something else instead. Even if it is configured it is not as detailed as 3rd party products or even Sysmon.
Agreed. Windows logging without tuning or sysmon is not good enough for threat detection. Sysmon adds value but doesn't mean you can't do effective detection without it. There are many attacks that just won't make logs though for example responder style attacks
Amazing, thank you
I'm loving these videos. Remember me when you're famous!
No fame seeking here. Just hoping to give back to the community
Amazing video. Very much helpful
Amazing ❤ Do you give full courses any where Sir?
I am going to be teaching for SANS in the offensive security curriculum coming soon!
Can we do it on exe that are generated with PyInstaller?
what would be the get method main?
And what if the PC in a corporate environment doesnt have access to powershell (set through GPO policy)? then it wont work?
I have never attempted that. There is no such thing as no access to PowerShell. Check out powerpick.
Excellent video, subscribed
Thanks for the sub!
hey thanks a lot about the amzing vdieo.
i try to that with mimikatz but i an error can do a video that you show how to that with mimikat or answer me how to solve it thanks
Mimi Katz won’t work with this method. Try invoke mimikatz
Nothing on disk... except a powershell script.
Only if script block logging is turned on. Ottherwise that’s not on disk either.
@@CyberAttackDefense Only if you rely on standard Windows logging capabilities...
I would love to hear how you can do this without Windows logging or EDR. Can you explain?
@@CyberAttackDefense Didn't say you could do it without EDR or anything else.
My opinion is that Windows logging by default sucks and has to be configured before use and you can just use something else instead. Even if it is configured it is not as detailed as 3rd party products or even Sysmon.
Agreed. Windows logging without tuning or sysmon is not good enough for threat detection. Sysmon adds value but doesn't mean you can't do effective detection without it. There are many attacks that just won't make logs though for example responder style attacks