Not Your Grandfather’s Empire I’ve wanted to put this blog together since returning home from DEFCON. Anytime we ran into someone who recognized our swag, they mentioned how much they loved Empire back in the day and didn’t realize it was being actively maintained. This made me reflect on all [...]
Note: All code samples shown in the post can be found in our repo here In recent years, PowerShell tradecraft has seen a drop in popularity among pentesters, red teams, and to some extent APTs. There are several reasons for this, but at the core, it was the introduction of ...
While giving our talk at the DEF CON Red Team Village a couple of weeks ago, I previewed a PowerShell ScriptBlock logging obfuscation technique. I have been working on it (and a few other techniques) for a while and decided to write a short blog about it. But as I ...
