Empire post-exploitation tool added

This commit is contained in:
Alexandre Dulaunoy 2016-11-06 10:51:28 +01:00
parent a5ba63ffab
commit 1e9e44c89d

View file

@ -611,6 +611,11 @@
"value": "Vawtrak", "value": "Vawtrak",
"description": "Vawtrak is an information stealing malware family that is primarily used to gain unauthorised access to bank accounts through online banking websites.", "description": "Vawtrak is an information stealing malware family that is primarily used to gain unauthorised access to bank accounts through online banking websites.",
"refs": ["https://www.sophos.com/medialibrary/PDFs/technical%20papers/sophos-vawtrak-international-crimeware-as-a-service-tpna.pdf"] "refs": ["https://www.sophos.com/medialibrary/PDFs/technical%20papers/sophos-vawtrak-international-crimeware-as-a-service-tpna.pdf"]
},
{
"value": "Empire",
"description": "Empire is a pure PowerShell post-exploitation agent built on cryptologically-secure communications and a flexible architecture. Empire implements the ability to run PowerShell agents without needing powershell.exe, rapidly deployable post-exploitation modules ranging from key loggers to Mimikatz, and adaptable communications to evade network detection, all wrapped up in a usability-focused framework",
"refs": ["https://github.com/adaptivethreat/Empire"]
} }
], ],
"version": 2, "version": 2,