Home
Talks
CFP Guide
What is BSides?
About
Contact
Light
← All talks
Tool
BSides talks featuring Windows Management Instrumentation
80
talks mention this tool across
37
BSides chapters.
Talks featuring Windows Management Instrumentation
27:37
PowerShell-Fu — Hunting on the Endpoint
Chris Gerritz
BSides Las Vegas
· 2016
Technical
DFIR
Malware Analysis
Threat Intel
Blue
Technical Deep-dives
Talk
Open →
2016-08
43:51
Błędy administratorów w kontekście ostatnich ataków
Mariusz Burdach
BSides Warsaw
· 2017
Open →
2017-10
48:21
PowerShell Security: Defending the Enterprise from the Latest Attack Platform
Sean Metcalf
BSides DC
· 2016
Technical
Active Directory
Blue
Talk
Open →
2016-10
28:57
Abusing WCF Endpoint for RCE and Privilege Escalation
Christopher Anastasio
BSidesSF
· 2019
Technical
Red
Talk
Open →
2019-03
48:23
Koadic C3: Windows COM Command & Control Framework
Sean Dillon
Zach Harding
BSides Las Vegas
· 2017
Technical
Malware Analysis
Advanced
Red
Technical Deep-dives
Demo
Talk
Open →
2017-08
50:58
It, Do it Live (PowerShell Digital Forensics)
Jared Atkinson
BSides DC
· 2015
Technical
Blue
Demo
Talk
Open →
2015-11
26:36
Latest evasion techniques in fileless malware - fl3uryz & Andrew Hay
BSides Las Vegas
Open →
2016-08
49:53
2017 - A Year In The Red by Dominic Chell and Vincent Yiu
BSides Manchester
Open →
2017-08
47:48
Get-Help: An intro to PowerShell and how to use it for evil
Jared Haight
BSides Charleston
· 2015
Technical
Intro
Talk
Open →
2015-12
29:22
Analyzing AutoIt Malware: Tools and Techniques
Chris Neal
Jerome Radcliffe
BSides Las Vegas
· 2021
Technical
Malware Analysis
Reverse Engineering
Intermediary
Blue
Talk
Open →
2021-08
13:28
Abusing WMI Providers For Persistence - Philip Tsukerman
Philip Tsukerman
BSides TLV
· 2018
Technical
Red
Talk
Open →
2018-07
43:20
Eyeing the Onion
Brad Shoop
Chris Rimondi
BSides Augusta
· 2013
Technical
Detection Engineering
Network Security
Blue
Demo
Talk
Open →
2013-09
48:29
DUALITY – Advanced Red Team Persistence through Self-Reinfecting DLL Backdoors... - Faisal Tameesh
Faisal Tameesh
BSides KC
· 2023
Technical
Advanced
Red
Talk
Open →
2023-10
52:47
Owning MS Outlook with Powershell
Andrew Cole
BSides Philly
· 2017
Technical
Red
Talk
Open →
2017-08
7:09:43
BSides Las Vegas 2019 Day Two - Ground 1234!
BSides Las Vegas
Open →
2019-08
37:47
Don't Google 'PowerShell Hunting'
Josh Rykowski
Sean Eyre
BSides Augusta
· 2017
Technical
DFIR
Detection Engineering
Malware Analysis
Talk
Open →
2017-09
48:09
Incident Response Case Study – Living off the Land - Will Hudec & Shawn Newman
BSides Peru
Open →
2023-08
47:32
Up Is Down Black Is White: SCCM for Offense and Defense
Matt Nelson
Will Schroeder
BSides Boston
· 2016
Technical
Active Directory
Tooling
Intermediary
Purple
Talk
Open →
2016-08
59:35
BSidesMCR 2019:Getting Splunky With Lateral Movement Attack,Detect&Evade -Ross Bingham&Tom MacDonald
BSides Manchester
Open →
2019-09
52:07
Purple View
Haydn Johnson
Laura Rafferty
BSides Toronto
· 2015
Technical
Active Directory
Purple
Talk
Open →
2015-11
44:56
FileLess Malware Infections: Malware Tricks for Pentesters
Ramon Pinuaga
BSides Lisbon
· 2017
Technical
Malware Analysis
Reverse Engineering
Red
Case Studies and Incidents Analysis
Technical Deep-dives
Talk
Open →
2017-11
26:10
LoL-Bins Behaving Badly - Andrew Costis
BSides Liverpool
Open →
2019-07
5:20:38
Bsides 2018 Track 2
BSides Vancouver
Open →
2018-03
45:02
Introduction to Fileless Malware
Juan Araya
BSides Dublin
· 2021
Technical
Malware Analysis
Talk
Open →
2021-05
51:55
Isolated to Constrained Language Mode - Living within the Confines
Christopher Truncer
BSides DC
· 2018
Technical
Blue
Red
Talk
Open →
2018-11
56:01
21st Century War Stories
Ben Turner
BSides Manchester
· 2016
War Stories
OSINT
Social Engineering
Threat Intel
Red
Case Studies and Incidents Analysis
Talk
Open →
2016-09
1:34:46
Chris Truncer - Offensive WMI Workshop
BSides Augusta
Open →
2021-10
18:06
This is a serious laptop; No games and chatting possible OK?
Yiannis Koukouras
BSides Athens
· 2018
Technical
Red
Talk
Open →
2018-07
37:38
How Evil Kirk Uses Maltego
Robert McMahon
BSides Delaware
· 2015
Technical
Talk
Open →
2015-11
51:14
Living Off the Land: Windows Post-Exploitation with Built-in Tools
Christopher Campbell
Matthew Graeber
BSides Augusta
· 2013
Technical
Malware Analysis
Post-Exploitation
Red
Talk
Open →
2013-09
26:14
Making a State-Backed Implant Invisible: A New Blind Spot in Modern A/V & HIDS Solutions
Dimitrios Bougioukas
BSides Athens
· 2018
Technical
Advanced
Red
Technical Deep-dives
Demo
Open →
2018-08
38:36
BSides Toronto 2019 Lee Kagan
BSides Toronto
Open →
2019-10
52:15
Exercícios de Red Team: Não simule a ameaça, seja a ameaça
Oliveira Lima
BSides São Paulo
· 2025
Technical
Advanced
Red
Talk
Open →
2025-06
25:40
Red and Blue Ping Pong: Living Off the Land in Windows Attack and Defense
Lee Kagan
Anton Ovrutsky
BSides Toronto
· 2017
Technical
Active Directory
Malware Analysis
Purple
Demo
Talk
Open →
2018-01
40:27
BG - CheckPlease: Payload-Agnostic Sandbox Detection - Brandon Arvanaghi & Christopher Truncer
BSides Las Vegas
Open →
2017-08
47:46
BSidesSLC 2016 -- Preparing 4 PowerShellmageddon -- Chad Tilbury
BSides SLC
Open →
2016-05
53:09
BG - WhyMI So Sexy? WMI attacks, Realtime Defense & Advanced Forensic Analysis - William Ballenthin,
BSides Las Vegas
Open →
2016-12
24:01
Mining Software Vulnerabilities in SCCM with NIST's NVD: Data Challenges and Machine Learning Solutions
Loren Gordon
BSides Las Vegas
· 2017
Technical
Threat Intel
Vulnerability Research
Talk
Open →
2017-09
34:01
Detect the Undetectable with Sysmon and PowerShell Logs
Dimitrios Margaritis
BSides Athens
· 2017
Technical
Detection Engineering
Malware Analysis
Threat Intel
Blue
Talk
Open →
2017-10
20:21
BSidesMCR 2019: Malicious Behavior Detection Using WMI - Ben Lister
BSides Manchester
Open →
2019-09
53:48
Having your pick of the litter: Storing Malware Stagers in Enterprise Services
Fernando Tomlinson
BSides Charleston
· 2019
Technical
Talk
Open →
2019-11
9:24
Technical Tactics: Embedded Linux Software BOM
Daniel Beard
BSides Las Vegas
· 2017
Technical
IoT
Supply Chain Security
Vulnerability Research
Talk
Open →
2017-09
33:30
The Past, Present, And Future Of Supply Chain Attacks - Edmund Brumaghin and Nick Biasini
Edmund Brumaghin
Nick Biasini
BSides Belfast
· 2020
Technical
Supply Chain Security
Talk
Open →
2020-01
43:03
BSides Iowa 2018: "Windows COM from the bottom up"
BSides Iowa
Open →
2018-04
1:04:28
Hashbrowns & BAGELS
Mike Schladt
Chris Boettcher
Andrew Plunkett
BSides Cincinnati
· 2017
Technical
Tooling
Detection Engineering
Malware Analysis
Threat Intel
Talk
Open →
2017-05
31:34
A Journey Through MITRE Evaluation - Alex Davies
Alex Davies
BSides Cymru Wales
· 2019
Talk
Open →
2019-10
42:50
Privilege Escalation Capabilities in AD Certificate Services
Brady McLaughlin
BSides Charlotte
· 2025
Technical
Active Directory
Vulnerability Research
Blue
Red
Technical Deep-dives
Demo
Talk
Open →
2025-05
49:51
Movement After Initial Compromise
Matthew Batten
Collyn Hartley
BSides Augusta
· 2018
Technical
Active Directory
Threat Intel
Red
Talk
Open →
2018-11
25:53
Fileless malware -Jim Van De Ryt
BSides Peru
Open →
2018-06
31:44
2019 - Hidden Agenda The darker side of cryptocurrency botnet mining - Greg Foss
BSides Denver
Open →
2019-09
27:25
GF - Invoke-NoShell - Gal Bitensky
BSides Las Vegas
Open →
2018-09
48:34
Understanding the Modern Attack: A Review of the Adversary's Operational Lifecycle
Jason Rivera
BSides Vancouver
· 2022
Technical
Detection Engineering
Threat Intel
Threat Modeling
Case Studies and Incidents Analysis
Methodology
Talk
Open →
2022-07
32:56
BSides Toronto 2019 Brandon Mesquita
Brandon Mesquita
BSides Toronto
· 2019
Technical
Malware Analysis
Reverse Engineering
Blue
Technical Deep-dives
Talk
Open →
2019-10
31:37
Windows EventLog Persistence: Abusing Event Logs for Undetectable Red Team Access
Fabricio Gimenes
BSides Las Vegas
· 2024
Technical
Malware Analysis
Advanced
Red
Talk
Open →
2024-09
56:11
I Thought I Saw a |-|4X0.-
Thomas Fischer
BSides Lisbon
· 2017
Technical
Talk
Open →
2017-11
41:50
How Adversaries Are Abusing Network Blind Spots - Edmund Brumaghin and Earl Carter
Edmund Brumaghin
Earl Carter
BSides Belfast
Talk
Open →
2020-01
52:03
Two Notify All
David Maynor
Danny Adamitis
BSides Augusta
· 2018
Research
Blue
Case Studies and Incidents Analysis
Talk
Open →
2018-11
34:07
The Cloud is for Launching Cyber Attacks
Raymond Cazanese
BSides Philly
· 2020
Technical
Cloud IAM
Malware Analysis
Threat Intel
Case Studies and Incidents Analysis
Empirical Research
Talk
Open →
2020-12
53:54
BSidesAugusta 2018 - Chris Truncer - Isolated to Constrained Language Mode
BSides Augusta
Open →
2018-10
38:19
Defending Advanced Attacks with IAM Best Practices
Andy Thompson
BSides Cincinnati
· 2017
Technical
Talk
Open →
2017-05
52:59
GF - Don't Bring Me Down: Are You Ready for Weaponized Botnets? - Cheryl Biswas
BSides Las Vegas
Open →
2018-09
48:07
Can You Hear Me Now? Good — Because Volt Typhoon Can, Too
David Branscome
BSides Augusta
· 2025
Technical
Active Directory
Detection Engineering
Threat Intel
Case Studies and Incidents Analysis
Talk
Open →
2025-10
49:51
Movement After Initial Compromise
Matt Batten
Collyn Hartley
BSides RDU
· 2018
Technical
Active Directory
Intermediary
Red
Demo
Talk
Open →
2018-10
29:42
Egregor Awakens: Taking A Tour Of A Threat Actor’s New Digs by Lindsay Kaye
Lindsay Kaye
BSides Dublin
· 2021
Technical
Talk
Open →
2021-05
47:03
Have Your Pick of the Litter
Fernando Tomlinson
BSides Charlotte
· 2019
Open →
2019-11
58:13
Incident Response is HARRRRRD… but it doesn't have to be
Michael Gough
BSides SATX
· 2020
Technical
Blue
Talk
Open →
2020-08
1:00:30
Stolen Laptops: Modern Physical Access Attacks with DMA and Firmware Exploitation
Pierre Nicolas Allard Coutu
BSides Vancouver Island
· 2025
Technical
Hardware Hacking
Physical Security
Reverse Engineering
Advanced
Blue
Red
Technical Deep-dives
+1
Open →
2026-03
58:39
Incident Response Fails – What we see with our clients
Michael Gough
BSides SATX
· 2021
Technical
Blue
Talk
Open →
2021-06
44:06
Taste the Rainbow
BSides NYC
· 2018
Open →
2023-04
33:33
Egregor Awakens: Taking a Tour of a Threat Action New Digs
Lindsay Kaye
BSides Tampa
· 2021
Technical
Case Studies and Incidents Analysis
Technical Deep-dives
Talk
Open →
2021-04
46:26
Catch Me If You Can: How Attackers Outsmart EDR
Marvin Ngoma
BSides Amsterdam
· 2025
Technical
Detection Engineering
Malware Analysis
Reverse Engineering
Blue
Red
Technical Deep-dives
Talk
Open →
2026-03
24:07
What the deuce: Strategies for splitting your alerts
John T. Myers
BSides Philly
Technical
Talk
Open →
2017-08
1:50:16
BSides Idaho Falls 2025 - Track 1 Morning
BSides Idaho Falls
· 2025
Technical
Active Directory
Detection Engineering
Threat Intel
Talk
Open →
2025-09
31:20
Evading C2 Detection with Asymmetry
Andrew Johnston
Anthony Morrow
BSides Philly
· 2018
Technical
Detection Engineering
Threat Intel
Advanced
Red
Talk
Open →
2018-11
24:26
Technical Deep-Dive: Red Canary
BSides Calgary
Open →
2021-12
36:54
Adding Simulated Users to Your Pentesting Lab with PowerShell
Chris Myers
Barrett Adams
BSides Charm
· 2018
Technical
Tooling
Red
Demo
Open →
2021-05
52:22
BSidesCharm - 2018 - Devon Kerr - Quantify your hunt: not your parents’ red teaming
BSides Charm
Open →
2021-05
30:52
Embrace the Red: Enhancing Detection Capabilities with Adversary Simulation
Mauricio Velazco
BSides Charm
· 2019
Technical
Active Directory
Detection Engineering
Threat Intel
Purple
Technical Deep-dives
Talk
Open →
2021-05
25:24
Effective Monitoring for Operational Security
Russell Mosley
Ryan St. Germain
BSides Charm
Technical
Detection Engineering
Threat Intel
Blue
Talk
Open →
2021-05
34:25
MITRE Attack Flow: Laying Foundations for Predictive Intelligence
BSides Edmonton
· 2024
Research
Blue
Case Studies and Incidents Analysis
Technical Deep-dives
Talk
Open →
2025-10
