🤘 0 reputation

BladeFireLight

Standard

Joined: 1/8/2019

Last seen: 1/11/2019

Activity
  • I know your scripts are signed, we have yet to trust the publisher. InfoSec is not to keen on you feeing the content of a text file to Invoke-Expression

  • If the PowerShell step did not cut off the last CLCR of the text box when creating user.ps1 you could have signed code in those steps. for curated packages you could use the same publisher you signed the error handling wrapper with. Then document the process of publishing the cert to Trusted Publishers via GPO, so those of us with AllSigned policy will have no issues with PowerShell steps

  • PowerShell Steps and Authenticode