Jump to content

Locked Empire 5.1.2 - PowerShell & Python post-exploitation agent


Recommended Posts

This is the hidden content, please

Empire 4.0 is a post-exploitation framework that includes a pure-PowerShell 2.0 Windows agent, and compatibility with Python 2.x/3.x Linux/OS X agents. It is the merger of the previous PowerShell Empire and Python EmPyre projects. The framework offers cryptologically-secure communications and flexible architecture. On the PowerShell side, Empire implements the ability to run PowerShell agents without needing powershell.exe, rapidly deployable post-exploitation modules ranging from key loggers to Mimikatz, and adaptable communications to evade network detection, all wrapped up in a usability-focused framework. PowerShell Empire premiered at BSidesLV in 2015 and Python EmPyre premiered at HackMiami 2016. BC-Security presented updates to further evade Microsoft Antimalware Scan Interface (AMSI) and JA3/S signatures at DEF CON 27.

Empire relies heavily on the work from several other projects for its underlying functionality. We have tried to call out a few of those people we’ve interacted with heavily here and have included author/reference link information in the source of each Empire module as appropriate. If we have failed to properly cite existing or prior work, please let us know at [email protected].

Changelog v5.1.2

    Updated Starkiller to v2.1.1
    Removed thread from IronPython agent (@Hubbl3)
    Fixed foreign listener issue with cookies (@Hubbl3)
    Fixed error message handling for port forward pivot (@Cx01N)
    Fixed upload not reporting error in PowerShell agent (@Cx01N)
    Fixed client not giving option to select upload directory (@Cx01N)
    Fixed persistence/powerbreach/eventlog launcher generation (@Cx01N)

This is the hidden content, please

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.