Skip to content

bneg

If you seek peace, prepare for war

  • Home
  • About
  • Contact

Category: Red Team

Automated Empire Infrastructure

On November 6, 2017November 6, 2017 By Jeremy JohnsonIn Red TeamLeave a comment

A few weeks ago Carrie Roberts submitted a "resource files" PR to Empire Dev which has since been merged into master, or version 2.3. These resource files work much the same way as they do in Metasploit, where you can define actions on startup and for initial agent check-ins. This PR came around the same …

Continue reading Automated Empire Infrastructure

Empire without PowerShell.exe

On July 26, 2017July 26, 2017 By Jeremy JohnsonIn Pentesting, Red Team6 Comments

Problem: The client has blocked Powershell.exe using AppLocker and I don't have the dough for Cobalt Strike. I want to get an Empire payload on a workstation via a phishing campaign and I need payloads ready once I have a foothold. Nearly all of the launcher methods for Empire rely on the ability to use …

Continue reading Empire without PowerShell.exe

Purple Team: About Beacons

On June 9, 2017 By Jeremy JohnsonIn Blue Team, Red TeamLeave a comment

Over at Critical Informatics I wrote a guest blog post about implant beaconing. How and why they're used, and some traffic indicators you might expect to see. 

Athena: The CIA’s RAT vs Empire

On May 22, 2017May 22, 2017 By Jeremy JohnsonIn Commentary, Red TeamLeave a comment

A review of Athena, the CIA's RAT, its features, and how it compares to Empire

Posts navigation

Older posts

Search

Social

  • View beyondnegative’s profile on Twitter
  • View jeremy-johnson-b11a7ab5’s profile on LinkedIn
  • View bneg’s profile on GitHub

Popular Posts

  • iTerm2 Customizations for Hackers
  • Automated Empire Infrastructure
  • Empire without PowerShell.exe
  • Purple Team: Your First Pentest Results
  • Purple Team: About Beacons
  • Empire Post Exploitation – Unprivileged Agent to DA Walkthrough
  • Athena: The CIA's RAT vs Empire
  • Rome Didn’t Fall in a Day: Building A Resilient Empire C2, Part Two
  • Dropbox for the Empire
  • Vulnerabilities in Cohu 3960HD

My Twitter Ramblings

My Tweets

Tags

0-Days empire infrastructure reversing vault7

Category Cloud

Blue Team Commentary Pentesting Red Team Uncategorized Vulnerabilities War Story
Create a website or blog at WordPress.com
  • Follow Following
    • bneg
    • Already have a WordPress.com account? Log in now.
    • bneg
    • Customize
    • Follow Following
    • Sign up
    • Log in
    • Report this content
    • View site in Reader
    • Manage subscriptions
    • Collapse this bar
 

Loading Comments...