BlueCommand is a dashboard and tooling front-end for PowerShell Empire using PowerShell Universal Dashboard from Adam Driscoll
WARNING: This project does not nearly scratch the surface of interacting with all the capababilites of PowerShell Empire. This was a project to help my learn / play around with PowerShell Empire and its' REST API. You will be much better served in life but actually learning how to use PowerShell Empire :)
- Web Dashboard / Controller for PowerShell Empire!
- Utilizes the Empire REST API and PowerShell Universal Dashboard
- PowerShell Empire Integration
- Rest Integration to retrieve Empire Instance Information (Agents, Modules Downloads)
- Rest Integration to Execute Modules on Agents.
- SCP to Download Agent Results / Downloads
Searching and Executing Modules on Empire Agents
Retrieving Agent Downloads
- Install Universal Dashboard
Install-Module UniversalDashboard -AccecptLicense - Install PoshSSH
Install-Module -Name Posh-SSH- PoshSSH is used to run SCP commands to extract agent artifacts.
- Install PowerShell Credential Manager
Install-Module -Name CredentialManager- Credential Manager allows use to easily use Windows Credential Manager to auth to our Empire Server
- Setup PowerShell Empire
- Run Empire with --rest command
- Generate a Listener / Stager
- Deploy Agents
- Make a Note of Rest Key and Empire Server IP.
- Populate your environment variables in the
start.ps1Script - Run the Start Script
- Connect to your Empire Server on the Empire Configuration Page using your Empire Server IP, and Rest API Key.
- BlueCommand will try and utilze POSH-SSH to SCP Download the Empire Agents Downloads/Logs - This requires a stored a "Generic Credential" in your windows credential manager to facilitate this.
