daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/http/exposed-panels/c2/empire-c2.yaml

27 lines
1.0 KiB
YAML
Raw Normal View History

Empire C2 - Detect
2023-06-14 14:14:53 +00:00
id: empire-c2
info:
name: Empire C2 - Detect
author: pussycat0x
severity: info
description: |
Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers. The Empire server is written in Python 3 and is modular to allow operator flexibility. Empire comes built-in with a client that can be used remotely to access the server. There is also a GUI available for remotely accessing the Empire server.
reference: |
lint -fix
2023-06-14 14:26:33 +00:00
- https://github.com/thehappydinoa/awesome-censys-queries#security-applications
Empire C2 - Detect
2023-06-14 14:14:53 +00:00
- https://bc-security.gitbook.io/empire-wiki/
metadata:
censys-query: bc517bf173440dad15b99a051389fadc366d5df2 || dcb32e6256459d3660fdc90e4c79e95a921841cc
TemplateMan Update [Wed Jun 21 21:03:53 UTC 2023] :robot:
2023-06-21 21:03:53 +00:00
max-request: 1
verified: "true"
Empire C2 - Detect
2023-06-14 14:14:53 +00:00
tags: c2,ir,osint,empire
http:
- method: GET
path:
- "{{BaseURL}}"
matchers:
- type: dsl
dsl:
lint -fix
2023-06-14 14:26:33 +00:00
- "(\"bc517bf173440dad15b99a051389fadc366d5df2\" == sha1(body)) || (\"dcb32e6256459d3660fdc90e4c79e95a921841cc\" == sha1(body))"