Windows Server has introduced major advances in remote management hardening in recent years through
PowerShell Just Enough Administration ("JEA"). When set up correctly, hardened JEA endpoints can provide
a formidable barrier for attackers: whitelisted commands, with no administrative access to the underlying
operating system.
In this presentation, watch as we show how to systematically destroy these hardened endpoints by exploiting
insecure coding practices and administrative complexity.