Building an Empire with PowerShell

Presented at BSidesLV 2015, Aug. 5, 2015, 2 p.m. (55 minutes)

Offensive PowerShell had a watershed year in 2014. But despite the multitude of useful projects, many pentesters still struggle to integrate PowerShell into their engagements in a secure manner. The Empire project aims to solve the weaponization problem by providing a robust PowerShell post-exploitation agent built on cryptologically-secure communications and a flexible architecture. Empire implements the ability to run PowerShell agents without needing powershell.exe, rapidly deployable post-exploitation modules ranging from key loggers to Mimikatz, and adaptable communications to evade network detection, all wrapped up in a usability-focused framework. This is the post-exploitation agent you've been waiting for.


  • Will Schroeder / @harmj0y - Security Researcher, Adaptive Threat Division - Veris Group, LLC   as Will Schroeder
    Will Schroeder (@harmj0y) is a security researcher and pentester/red-teamer for Veris Group's Adaptive Threat Division. He is a co-founder of the Veil-Framework, developed PowerView and PowerUp, is an active developer on the PowerSploit project, and is a co-founder and core developer of the PowerShell post-exploitation agent Empire. He has presented at a number of security conferences on topics spanning AV-evasion, post-exploitation, red teaming, offensive PowerShell, and more. A former national lab security researcher, he is happy to finally be in the private sector.
  • Justin Warner - Principal Security Engineer - ICEBRG
    Justin Warner (@sixdub) is a security engineer at ICEBRG focusing on helping customers to gain large visibility into their enterprise and ultimately detect and analyze malicious activity. Justin is an Air Force Academy graduate, former USAF Cyber Ops officer, and former red team lead at a consulting company where he focused on adversary emulation operations against several fortune 100 companies as well a federal, state, and local government organizations. Justin has a passion for threat research, reverse engineering, and red team operations. Justin actively develops on numerous open source projects and has spoken at several conferences including CarolinaCon, BSidesLV and several other BSides events.