September 2018
Intermediate to advanced
480 pages
9h 45m
English
Content preview from Hands-On Red Team Tactics
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Phase 5 – Post Module Operations
Once the agent is connected back to the Empire C2, we can start with our post exploitation process using the Empire modules. The post exploitation modules can be categorized into two parts:
- PowerShell-based post modules
- Python-based post modules
Let's see the following table to get more clarity about the post modules in Empire and how they are further categorized:
| Module category | PowerShell | Python |
| Code Execution | √ | × |
| Collection | √ | √ |
| Credentials | √ | × |
| Exfiltration | √ | × |
| Exploitation | √ | √ |
| Lateral Movement | √ | √ |
| Persistence | √ | √ |
| Management | √ | √ |
| Privilege Escalation | √ | √ |
| Situational Awareness | √ | √ |
| Trollsploit | √ | √ |
| Recon | √ | × |
Every module category mentioned in the preceding table has sub-modules ...