Post by this author


PowerShell Constrained Language mode and the Dot-Source Operator

DSC Resource Kit Release October 2018

New Look and Features for PowerShell Gallery
NOTE: This post has important information for publishers in the “Accounts and publishing” section.

PowerShell Module Function Export in Constrained Language

PowerShell Injection Hunter: Security Auditing for PowerShell Scripts
In this talk, we went through some of the incredibly powerful ways that administrators can secure their high-value systems (for example, Just Enough Administration) and also dove into some of the mistakes that administrators sometimes make when exposing their PowerShell code to an attacker. The most common form of mistake is script injection, where a script author takes a parameter value (supplied by an attacker) and runs it in a trusted context (such as a function exposed in a Just Enough Administration endpoint).

PowerShell Constrained Language Mode

Defending Against PowerShell Attacks

PowerShell in Azure Cloud Shell (Preview) is now publically available in Azure Portal
