Persistence with Empire

PowerShell has quickly become the standard in enterprise networks. In this course you will learn how to obtain persistence using Empire.

What you'll learn

Are you looking to obtain persistence using Empire? In this course, you’ll cover how to utilize Empire for persistence in a red team environment. First, you’ll demonstrate how to obtain a high integrity persistent agent. Next, you’ll apply registry and WMI attacks for persistence. Finally, you’ll simulate using a specific user for persistence callbacks. When you’re finished with this course, you’ll have the skills and knowledge to execute these techniques T1547.001, T1548.001, T1546.003, T1136.001 and T1053.002 using Empire.

Course FAQ

What is Windows PowerShell?

Windows PowerShell is a task automation and configuration management framework from Microsoft. PowerShell consists of a command-line shell and the associated scripting language making it easy for users to navigate.

What will I learn in this PowerShell Empire Course?

In this course, you will learn how to establish persistence using Empire. Empire leverages PowerShell which is a commonly used tool by both administrators and attackers.

What are persistence techniques used for?

Persistence is a commonly used technique for an attacker which allows them to maintain an infection or re-infect a machine after events such as: changed credentials, system reboots, and also a re-imaging machine.

What are some of the benefits of PowerShell scripting?

PowerShell is an object-oriented based scripting language, cmd commands work in PowerShell, PowerShell supports automation of tasks, background jobs, is reusable and interactive.

What is a cybersecurity framework?

A cybersecurity framework is a set of documents that define the best practices for a specific organization to follow in order to manage and mitigate their cybersecurity risk.

About the author

Ready to upskill? Get started