infosecn1nja
/
Empire
mirror of https://github.com/infosecn1nja/Empire.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,194 Commits
11 Branches
13 Tags
21 MiB
Commit Graph

1194 Commits (4162d54f6f8a50eddddbdcf34a79137af6438578)

Author SHA1 Message Date
Steve Borosh 408782a265 Merge pull request #740 from cobbr/empire-dev 
Improved ScriptBlock logging bypasses
 2017-10-07 16:51:26 -04:00
Steve Borosh 4e1bd45b8d Update changelog 2017-10-07 16:45:29 -04:00
cobbr bcf775cfc0 Improved ScriptBlock logging bypasses 2017-10-07 15:21:13 -05:00
Danny Chrastil 46c670cda0 Fixed comments 2017-10-03 21:10:03 -07:00
Danny Chrastil 4f42c9d2bb Moved slackMessage() to helpers.py 2017-10-03 21:07:14 -07:00
Dakota Nelson 138e29bd83 Update README.md to fix two minor errors 
- Update broken module template link with links to the two existing module templates
 - Change module links to be relative paths
 - Add backticks around filepath
 2017-10-03 23:08:01 +01:00
Danny Chrastil 8b71dd8eb8 Added Slack Notifications 2017-10-02 13:09:40 -07:00
ThePirateWhoSmellsOfSunflowers da3cc8d8e2 Improve Get-ChromeDump 2017-10-02 14:45:42 +02:00
Steve Borosh 1b71b729cc Merge pull request #733 from EmpireProject/revert-721-dev 
Revert "DBX Improvements (SOCKS, Hide window via WindowHandler)"
 2017-09-30 21:04:11 -04:00
Steve Borosh 4fa5708ec6 Revert "DBX Improvements (SOCKS, Hide window via WindowHandler)" 2017-09-30 21:03:07 -04:00
Steve Borosh 5186107756 Update changelog 2017-09-30 20:54:26 -04:00
Steve Borosh 4bafcf8ae1 Merge pull request #721 from IljaSchumacher/dev 
DBX Improvements (SOCKS, Hide window via WindowHandler)
 2017-09-30 20:53:24 -04:00
Steve Borosh e337a1d1cf Update changelog 2017-09-30 20:34:52 -04:00
Steve Borosh 0eb5aa37dd Merge pull request #725 from elitest/AES-Kerberoast 
Aes kerberoast
 2017-09-30 20:32:22 -04:00
rvrsh3ll e03297cf40 Fix indent error in stages.py 2017-09-30 20:18:34 -04:00
Steve Borosh 5e92df645c Merge pull request #722 from hightopfade/dev 
generate_upload function added to Stagers
 2017-09-30 17:05:23 -04:00
Steve Borosh ae9ee2a59c Update changelog 2017-09-30 16:40:45 -04:00
Steve Borosh 9faef56d6d Update changelog 2017-09-30 11:32:29 -04:00
Steve Borosh 223079597c Merge pull request #728 from dirkjanm/dev 
Fixed custom proxy config in launcher code
 2017-09-30 11:31:15 -04:00
Steve Borosh eae352903c Update changelog 2017-09-30 11:28:14 -04:00
Steve Borosh 0f04dd9a0d Merge pull request #730 from clr2of8/dev 
Hide true host name when using domain fronting
 2017-09-30 11:27:11 -04:00
Carrie Roberts d73c4a1d20 Request Root URL from agent when domain fronting 2017-09-29 15:48:45 -06:00
Carrie Roberts add9ef3acb added error handling in case call to root URL returns 403 2017-09-29 14:56:29 -06:00
Carrie Roberts 464bccbdde Hide true host name when using domain fronting, without this change the true host name shows up in the TLS client hello 2017-09-28 16:09:08 -06:00
Dirkjan Mollema effe3954e1 Also fixed proxy in dbx.py 2017-09-28 17:11:32 +02:00
Dirkjan Mollema 6f59ee7b34 Fixed custom proxy config in launcher code 2017-09-28 16:53:11 +02:00
IljaSchumacher 9bc854826d Add "BypassHidden" option to multi/launcher for DBX listeners. 
Many AV detect the "-w 1" or "-w Hidden" option in powershell as suspicious.

Setting the "BypassHidden option in the multi/launcher to True
generates a launcher that will rather use the WindowHandler from User32.dll to
hide the powershell window instead of using "-w hidden".

Also it will remove "-w hidden","-W 1" etc. from the Launcher command string.
 2017-09-27 16:33:41 +02:00
Jim Shaver 7b4e202bab Added in changes from 0ffca14 2017-09-26 17:44:45 -07:00
Jim Shaver 77741b83aa Fix spacing 2017-09-26 16:11:40 -07:00
Jim Shaver 25be0c1e48 Add support for AES Kerberoasting 2017-09-26 16:06:23 -07:00
xorrior eccdbfb7cd Adjust cert path 2017-09-26 11:49:25 -07:00
xorrior 61d62d22da Adjusted cert path 2017-09-26 11:48:23 -07:00
rvrsh3ll b720b7996e Add stager option and bypass uac module 2017-09-26 10:13:21 -04:00
root 930bc09be2 added generate upload function and example code 2017-09-25 10:10:10 -04:00
IljaSchumacher 69fb544cd3 Add SOCKS support to Dropbox listener 2017-09-25 14:14:02 +02:00
Nikaiw 00b8427f9b Fix PR (generate function signature, opsec value) 2017-09-24 19:17:26 +02:00
Steve Borosh a6acedec26 Update changelog 2017-09-23 18:52:52 -04:00
Steve Borosh 1201232241 Merge pull request #702 from athegist/fix-launcher_vbs.py 
Fixes vbscript string literal quoting.
 2017-09-23 18:52:27 -04:00
Steve Borosh d5cadc70e7 Update changelog 2017-09-23 18:42:36 -04:00
Steve Borosh 6b17073504 Merge pull request #681 from ThePirateWhoSmellsOfSunflowers/fix-macro 
Fix macro launcher
 2017-09-23 18:42:11 -04:00
xorrior 52f2618863 Merge branch 'dev' of https://github.com/EmpireProject/Empire into dev 2017-09-23 10:30:07 -04:00
xorrior 3d7a07a114 Fixed killdate for both agents. Fixed working hours for python agent 2017-09-23 10:28:51 -04:00
Steve Borosh 227fb3a631 Update changelog 2017-09-23 08:40:15 -04:00
Steve Borosh 20c17423fd Merge pull request #711 from clr2of8/dev 
Modified the PowerShell keylogger to write to local file instead of stdout
 2017-09-23 08:39:19 -04:00
Chris Ross 08c3e292dc Update changelog 2017-09-22 23:41:28 -04:00
xorrior 7f376077fd Fixed ValidateLength parameter attribute for PSInject.ps1 2017-09-22 23:39:34 -04:00
Carrie Roberts eed3453301 making the keystroke log easier to read 2017-09-22 14:59:57 -06:00
xorrior de03f902ec Repaired function definition for generate() 2017-09-21 22:59:08 -04:00
Chris Ross 71cc81d423 Update changelog 2017-09-21 19:39:03 -04:00
xorrior 4a95b0d6e3 Add whitespace parsing for manual add of passwords 2017-09-21 18:40:08 -04:00