-
Notifications
You must be signed in to change notification settings - Fork 6
/
tool--3433a9e8-1c47-4320-b9bf-ed449061d1c3.json
53 lines (53 loc) · 2.78 KB
/
tool--3433a9e8-1c47-4320-b9bf-ed449061d1c3.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
{
"external_references": [
{
"url": "https://attack.mitre.org/software/S0363",
"source_name": "mitre-attack",
"external_id": "S0363"
},
{
"source_name": "EmPyre",
"description": "(Citation: Github PowerShell Empire)"
},
{
"source_name": "PowerShell Empire",
"description": "(Citation: Github PowerShell Empire)"
},
{
"source_name": "NCSC Joint Report Public Tools",
"url": "https://s3.eu-west-1.amazonaws.com/ncsc-content/files/Joint%20report%20on%20publicly%20available%20hacking%20tools%20%28NCSC%29.pdf",
"description": "The Australian Cyber Security Centre (ACSC), the Canadian Centre for Cyber Security (CCCS), the New Zealand National Cyber Security Centre (NZ NCSC), CERT New Zealand, the UK National Cyber Security Centre (UK NCSC) and the US National Cybersecurity and Communications Integration Center (NCCIC). (2018, October 11). Joint report on publicly available hacking tools. Retrieved March 11, 2019."
},
{
"source_name": "Github PowerShell Empire",
"description": "Schroeder, W., Warner, J., Nelson, M. (n.d.). Github PowerShellEmpire. Retrieved April 28, 2016.",
"url": "https://github.com/PowerShellEmpire/Empire"
},
{
"description": "Stepanic, D. (2018, September 2). attck_empire: Generate ATT&CK Navigator layer file from PowerShell Empire agent logs. Retrieved March 11, 2019.",
"url": "https://github.com/dstepanic/attck_empire",
"source_name": "GitHub ATTACK Empire"
}
],
"created_by_ref": "The MITRE Corporation",
"name": "Empire",
"description": "[Empire](https://attack.mitre.org/software/S0363) is an open source, cross-platform remote administration and post-exploitation framework that is publicly available on GitHub. While the tool itself is primarily written in Python, the post-exploitation agents are written in pure [PowerShell](https://attack.mitre.org/techniques/T1086) for Windows and Python for Linux/macOS. [Empire](https://attack.mitre.org/software/S0363) was one of five tools singled out by a joint report on public hacking tools being widely used by adversaries.(Citation: NCSC Joint Report Public Tools)(Citation: Github PowerShell Empire)(Citation: GitHub ATTACK Empire)",
"id": "tool--3433a9e8-1c47-4320-b9bf-ed449061d1c3",
"type": "tool",
"labels": [
"tool"
],
"modified": "2020-03-30T02:08:26.536Z",
"created": "2019-03-11T14:13:40.648Z",
"x_mitre_version": "1.1",
"x_mitre_aliases": [
"Empire",
"EmPyre",
"PowerShell Empire"
],
"x_mitre_platforms": [
"Linux",
"macOS",
"Windows"
]
}