Quick Reference: Empire Persistence Modules

During a penetration test you may find yourself in a situation where your foothold in the network is tenuous and […]

Obfuscating Launchers to Limit Detection

Last time, I provided a method for encrypting macro payloads (https://warroom.securestate.com/encrypt-macros-bypass-sandboxes/)  to prevent them from executing correctly in the event […]

Bypassing Gmail’s Malicious Macro Signatures

Malicious macros in Excel spreadsheets are one of the most common methods of delivery in phishing attacks. If the premise […]

Leveraging MS16-032 with PowerShell Empire

It’s not very often in the life of a pentester that you find a point-and-click exploit that works right out […]

No RDP, No Problem!

The Setup I conducted some phishing for a pentest this past week. My ulterior motive was to have an opportunity […]

Empire: An Elegant Weapon for a More Civilized Age

  Empire, developed by @harmj0y, @sixdub, and @enigma0x3, debuted earlier this month at BSides Las Vegas.  In the words of […]