Persistence with Empire

by Rishalin Pillay

PowerShell has quickly become the standard in enterprise networks. In this course you will learn how to obtain persistence using Empire.

Preview this course

What you'll learn

Are you looking to obtain persistence using Empire? In this course, you’ll cover how to utilize Empire for persistence in a red team environment. First, you’ll demonstrate how to obtain a high integrity persistent agent. Next, you’ll apply registry and WMI attacks for persistence. Finally, you’ll simulate using a specific user for persistence callbacks. When you’re finished with this course, you’ll have the skills and knowledge to execute these techniques T1547.001, T1548.001, T1546.003, T1136.001 and T1053.002 using Empire.

Table of contents

Course Overview (Tool Introduction)
2mins
Maintaining Persistent Access Using Empire
21mins
Resources
1min

Course FAQ

What is Windows PowerShell?

Windows PowerShell is a task automation and configuration management framework from Microsoft. PowerShell consists of a command-line shell and the associated scripting language making it easy for users to navigate.

What will I learn in this PowerShell Empire Course?

In this course, you will learn how to establish persistence using Empire. Empire leverages PowerShell which is a commonly used tool by both administrators and attackers.

What are persistence techniques used for?

Persistence is a commonly used technique for an attacker which allows them to maintain an infection or re-infect a machine after events such as: changed credentials, system reboots, and also a re-imaging machine.

What are some of the benefits of PowerShell scripting?

PowerShell is an object-oriented based scripting language, cmd commands work in PowerShell, PowerShell supports automation of tasks, background jobs, is reusable and interactive.

What is a cybersecurity framework?

A cybersecurity framework is a set of documents that define the best practices for a specific organization to follow in order to manage and mitigate their cybersecurity risk.

About the author

Rishalin Pillay

Rishalin is an active author, who has authored a number of courses found on Pluralsight. In addition to video courses, he has authored two books titled "Learn Penetration Testing" and "Offensive Shellcode from Scratch". He serves as a technical contributor to many books ranging from Dark Web Analysis, Kali Linux, Offensive Security, SECOPS, and study guides across Networking and Microsoft technologies. He holds the Microsoft Content Publisher Gold and Platinum awards for his contributions made ... more

See more courses by Rishalin Pillay
Ready to upskill? Get started