Empire

Empire’s RESTful API

This post is part of the ‘Empire Series’ with some background and an ongoing list of series posts [kept here]. [tl;dr] The Empire RESTful API is documented here on the Empire GitHub wiki. Last week, Empire’s 1.5 release included a RESTful API implementation which I hinted about previously. This effort was inspired by a conversation with @antisnatchor from the …

Empire’s RESTful API Read More »

Empire 1.5

Three months have elapsed since the Empire 1.4 release, and we have some awesome new features for our next release! The notes for Empire 1.5 are below, but a quick warning- this release modifies part of the backend database schema, so do not apply this update if you have existing agents on your Empire server. You will need …

Empire 1.5 Read More »

Empire’s CLI

This post is part of the ‘Empire Series’ with some background and an ongoing list of series posts [kept here]. Recently, an Empire user requested that we build a ‘standalone payload generator’, similar to msfvenom’s functionality. The motivation is to provide a scriptable capability that makes integration with other tools relatively easy. This short post will cover …

Empire’s CLI Read More »

Nothing Lasts Forever: Persistence with Empire

This post is part of the ‘Empire Series’ with some background and an ongoing list of series posts [kept here]. Code execution is great and remote control is awesome, but if you don’t have a persistence strategy planned nothing can throw a wrench in your engagement like an unplanned reboot or user logout. This post covers 17 current Empire persistence …

Nothing Lasts Forever: Persistence with Empire Read More »

Expanding Your Empire

The “Empire Series”: 1/21/16 – Expanding Your Empire 1/28/16 – An Empire Case Study 2/4/16 – Nothing Lasts Forever: Persistence with Empire 2/11/16 – Empire & Tool Diversity: Integration is Key 2/25/16 – Empire’s CLI 3/15/16 – Phishing With Empire 3/31/16 – Empire 1.5 4/5/16 – Empire’s RESTful API [Note: This has been cross posted on …

Expanding Your Empire Read More »

Empire, Meterpreter, and Offensive Half-life

A little over a week ago an interesting conversation started on security.stackexchange.com where someone asked about “Metasploit Meterpreter alternatives“. In the ensuing discussion two projects I co-founded and worked on heavily (Veil-Evasion and Empire) were mentioned, so I wanted to throw my .02 into the conversation. Empire was not designed as, not is intended to be, a …

Empire, Meterpreter, and Offensive Half-life Read More »