e2209606aa
Direct copy/paste of Invoke-Inveigh function from current standalone version of Inveigh. This version contains a number of additions/changes/bug fixes. There are two primary additions that may be useful to Empire users. The first is that 1122334455667788 is no longer used as the default challenge over HTTP since it's now getting flagged by SEP and maybe others. The default behavior is a random challenge for each request. A specific challenge can also be specified through the 'challenge' parameter. The second is the ability to set a run time so that collection/inveigh will auto-exit after a specified number of minutes. On the python side, I have added the additional relevant parameters and flipped the module to opsec safe since no files are created on disk. |
||
---|---|---|
data | ||
lib | ||
setup | ||
.gitignore | ||
LICENSE | ||
README.md | ||
changelog | ||
empire |
README.md
#Empire
Empire is a pure PowerShell post-exploitation agent built on cryptologically-secure communications and a flexible architecture. Empire implements the ability to run PowerShell agents without needing powershell.exe, rapidly deployable post-exploitation modules ranging from key loggers to Mimikatz, and adaptable communications to evade network detection, all wrapped up in a usability-focused framework. It premiered at BSidesLV in 2015.
To install, run the ./setup/install.sh script. There's also a quickstart here and full documentation here.
Empire relies heavily on the work from several other projects for its underlying functionality. We have tried to call out a few of those people we've interacted with heavily here and have included author/reference link information in the source of each Empire module as appropriate. If we have failed to improperly cite existing or prior work, please let us know.
Empire is developed by @harmj0y, @sixdub, and @enigma0x3.