A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:


A Year in the Empire - Will Schroeder, Matt Nelson Derbycon 2016 (Hacking Illustrated Series InfoSec Tutorial Videos)

A Year in the Empire
Will Schroeder, Matt Nelson
Derbycon 2016

PowerShell is an ideal platform for building a new class of offensive toolsets and parties on both sides of the red and blue divide have begun to take notice. Driving some of this newfound awareness is the Empire project - a pure PowerShell post-exploitation agent that packages together the wealth of new and existing offensive PowerShell tech into a single weaponized framework. Since its release a year ago, the Empire project has garnered dozens of additional modules from the offensive community in addition to signatures and mitigations on the defensive side. This presentation will take you through the design considerations for Empire, the community contributions, its enhanced capabilities, its redesigned C2 system, and the new RESTful API. Welcome to the Empire.

Will Schroeder (@harmj0y) is security researcher and red teamer. He has presented at a number of conferences including ShmooCon, DEF CON, DerbyCon and several Security BSides conferences on topics spanning AV-evasion, post-exploitation, red teaming tradecraft, and offensive PowerShell. Will is a co-founder of the Veil-Framework, developed PowerView and PowerUp, is an active developer on the PowerSploit project, and is a co-founder and core developer of Empire. Matt Nelson (@enigma0x3) is a red teamer and penetration tester. He performs a variety of offensive services for a number of government and private sector clients, including advanced red team assessments. Matt has a passion for offensive PowerShell, is an active developer on the Empire project, and helps build offensive toolsets to facilitate red team engagements.

Will - @harmj0y, Matt - @enigma0x3

Back to Derbycon 2016 video list

Printable version of this article

15 most recent posts on Irongeek.com:

If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast