Invoke-EmpireHound - Merging BloodHound & Empire for Enhanced Red Team Workflow

Presented at DerbyCon 8.0 Evolution (2018), Oct. 5, 2018, noon (50 minutes).

Empire & BloodHound are two great Post-Exploitation Tools. Since I am a PowerShell fanboy, I decided to glue them together, just to see what could happen... and so I created 3 modules: EmpireStrike - to control Empire Server(s). CypherDog - to interact with the BloodHound Database. EmpireDog - to automate CypherDog/EmpireStrike interactions. In this presentation I will demonstrate how to add the Empire infrastructure to the BloodHound Graph and control both BloodHound & multiple Empire servers from a single PowerShell prompt, with changes to Empire automatically reflected in the BloodHound Database and Graph.

Presenters:

Links:

Similar Presentations: