+-Added credentials/mimikatz/mimitokens to take advantage of Mimikatz’ token listing/elevation
+-Added management/enable_multi_rdp to patch terminal services to allow mutiple connections
+-Fixed bug in write_dllhijacker that prevented the dll from being written out
+Roadmap changelog v-1.2:
The following items have been compiled into this release:
+ ‘Native’ shell commands in agent core ported to WMI equivalents
+ HMAC now uses SHA1 instead of MD5
+ Numerous bug fixes and UI tweaks throughout code
+ Six new modules and WAR stager added, /sids option added to golden_ticket
+ Fixed international locale bug with unicode text in agent.ps1
Empire is a pure PowerShell post-exploitation agent built on cryptologically-secure communications and a flexible architecture. Empire implements the ability to run PowerShell agents without needing powershell.exe, rapidly deployable post-exploitation modules ranging from key loggers to Mimikatz, and adaptable communications to evade network detection, all wrapped up in a usability-focused framework.
Run the ./setup/install.sh script. This will install the few dependencies and run the ./setup/setup_database.py script. The setup_database.py file contains various setting that you can manually modify, and then initializes the ./data/empire.db backend database. No additional configuration should be needed- hopefully everything works out of the box.
Running ./empire will start Empire, and ./empire –debug will generate a verbose debug log at ./empire.debug. The included ./data/reset.sh will reset/reinitialize the database and launch Empire in debug mode.