29 lines
1.1 KiB
YAML
29 lines
1.1 KiB
YAML
id: empire-c2
|
|
|
|
info:
|
|
name: Empire C2 - Detect
|
|
author: pussycat0x
|
|
severity: info
|
|
description: |
|
|
Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers. The Empire server is written in Python 3 and is modular to allow operator flexibility. Empire comes built-in with a client that can be used remotely to access the server. There is also a GUI available for remotely accessing the Empire server.
|
|
reference: |
|
|
- https://github.com/thehappydinoa/awesome-censys-queries#security-applications
|
|
- https://bc-security.gitbook.io/empire-wiki/
|
|
metadata:
|
|
verified: "true"
|
|
max-request: 1
|
|
censys-query: bc517bf173440dad15b99a051389fadc366d5df2 || dcb32e6256459d3660fdc90e4c79e95a921841cc
|
|
tags: c2,ir,osint,empire,panel
|
|
|
|
http:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}"
|
|
|
|
matchers:
|
|
- type: dsl
|
|
dsl:
|
|
- "(\"dcb32e6256459d3660fdc90e4c79e95a921841cc\" == sha1(body))"
|
|
|
|
# digest: 490a0046304402200d609b87d55b23de84d183209f2715d91aee8f2df64415837c8b1b4de725cf99022048f63f0ab4e46d257859d5d5f3bda2271cf1ee153e0f864de26c4c995928806a:922c64590222798bb761d5b6d8e72950
|