Should You Learn Powershell?

Powershell is a scripting language build on .NET. It enables sys admins and power users to manage computers from the command line. It can also be used to automate tasks and config management. Powershell tasks are generally performed using cmdlets and can handles simple to very complex tasks with relative ease. The difference between Powershell and other languages is that Powershell's pupose is to do things (spin up a server) while other languages are used to create something (mobile app, web app etc).

PowerShell vs Bash

Bash

• Primarily used in Linux
• combines sripting language + native Linux tools to automate and manage Linux devices
• Works with strings
• input & output is plain text, making it easier to move information

Powershell

• Primarily used in Windows
• combines command line shell and scripting language for task automation and configuration management
• works with objects
• Its a complete scripting environment allowing scrips for data commands

Both Bash and Poweshell rely on pipeline concept (passing output of one command as input for another command)

String vs Obects Bash requires alot of string manipulation and parsing but bash having all the tools needed for this task means strings can be passed easily and everywhere Powershell passes objects btwn cmdlets meaning complex data can be moved with very little effort. However, since the objects are not always universal that means they are not readily made accessible outside of Powershell.

Why learn Powershell

• Powershell can automate tasks in a fraction of the time it takes other scripting languages
• Powershell can test outcomes to ensure accuracy which is important to catch mistakes
• Powershell is versatile and available on many platforms.

Who needs malware? IBM says most hackers just Powershell through boxes now, leaving little in the way of footprints

The key takes on this article are:

• There is a large number of attack utilizing locally installed files rather than scripts like powershell scripts
• This changes how admins detect malicious executables because instead of prompting the computer to download, save and execute a trojan, the attack run entirely in memory using powershell.
• Misconfiguration of databases and storage buckets also means it is exposed to the public facing internet and as such attacks are able to gain access to sensitive info.
• Social engineering such as phishing emails are still effective and have become more sophisticated and targeting specific employees.