Most companies, businesses, and organizations rely on Microsoft Outlook for managing email. This talk explores how Outlook can be leveraged for the benefit of red teams and penetration testers using only Windows PowerShell. Going beyond the basics of mere data mining, we will explore manipulating exchange rules to better enable client-side exploitation opportunities and gain further access. From there we’ll move on to maintaining access, covering everything from basic and dynamic triggering methods to collection automation techniques.