PowerShell Empire Download – Post-Exploitation Hacking Tool


PowerShell Empire is a post-exploitation hacking tool built on cryptographically secure communications and a flexible architecture. Empire implements the ability to run PowerShell agents without needing powershell.exe, rapidly deployable post-exploitation modules ranging from key loggers to Mimikatz, and adaptable communications to evade network detection, all wrapped up in a usability-focused framework.

PowerShell Empire Download - Post-Exploitation Hacking Tool


It has a LOT of modules (90+) and is currently in the midst of implementing a RESTful API which will be great.

PowerShell Empire Module Categories

Currently Empire Power Shell has the following categories for modules:

  • Code Execution – Ways to run more code
  • Collection – Post exploitation data collection
  • Credentials – Collect and use creds
  • Exfiltration – Identify egress channels
  • Lateral Movement – Move around the network
  • Management – Host management and auxilary
  • Persistence – Survive reboots
  • Privesc – Privilege escalation capabilities
  • Recon – Test further entry points (HTTP Basic Auth etc)
  • Situational Awareness – Network awareness
  • Trollsploit – For the lulz

Why Empire PowerShell?

PowerShell offers a multitude of offensive advantages, including:

  • Full .NET access
  • Application whitelisting
  • Direct access to the Win32 API
  • Ability to assemble malicious binaries in memor
  • Default installation on Windows 7+.

Powershell for Pentesters had a watershed year in 2014, but despite the multitude of useful projects, many pen-testers still struggle to integrate PowerShell into their engagements in a secure manner.


How PowerShell Empire Hacking Tools Works

Empire has a few components which you can chain together, similar to something like Metasploits.

It has:

Listeners – Think of this like a metasploit handler, this will catch your session.
Stagers – This is your payload, this is what you will execute on your target system.
Agents – This is how you interact with the target system, you can gather stats & info or run shell commands.

It also had fairly robust logging built in.

You can download PowerShell Empire here:

Empire-2.1.zip

Or read more here.

Posted in: Hacking Tools, Windows Hacking

,


Latest Posts:


Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.
Vulhub - Pre-Built Vulnerable Docker Environments For Learning To Hack Vulhub – Pre-Built Vulnerable Docker Environments For Learning To Hack
Vulhub is an open-source collection of pre-built vulnerable docker environments for learning to hack. No pre-existing knowledge of docker is required, just execute two simple commands.
LibInjection - Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) LibInjection – Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS)
LibInjection is a C library to Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) through lexical analysis of real-world Attacks.
Grype - Vulnerability Scanner For Container Images & Filesystems Grype – Vulnerability Scanner For Container Images & Filesystems
Grype is a vulnerability scanner for container images and filesystems with an easy to install binary that supports the packages for most major *nix based OS.
APT-Hunter - Threat Hunting Tool via Windows Event Log APT-Hunter – Threat Hunting Tool via Windows Event Log
APT-Hunter is a threat hunting tool for windows event logs made from the perspective of the purple team mindset to provide detection for APT movements hidden in the sea of windows event logs.
GitLab Watchman - Audit Gitlab For Sensitive Data & Credentials GitLab Watchman – Audit Gitlab For Sensitive Data & Credentials
GitLab Watchman is an app that uses the GitLab API to audit GitLab for sensitive data and credentials exposed internally, this includes code, commits, wikis etc


Comments are closed.