Is PowerShell a vulnerability?
With the introduction in mind, this question frequently comes up. The answer to this question is very often given as yes by enterprise companies, and therefore we are seeing many enterprise companies disallowing the use of PowerShell and PowerShell remoting, and even trying even to prevent the execution of PowerShell at all. But blocking PowerShell doesn’t address the real security problem. It just removes your most secure shell and scripting language.
PowerShell is a powerful programming language, completely object-oriented and based on .NET. Many cmdlets have been created for nearly every Microsoft technology to manage, administrate, and automate tasks, which would normally take much more time being implemented manually. But PowerShell is always executed with the rights the user already has. PowerShell does not provide any new capabilities that would not be usable in a different way. Every attack that uses PowerShell could also be accomplished with other languages...