1 00:00:01,200 --> 00:00:03,540 ‫The first question, what is PowerShell? 2 00:00:04,690 --> 00:00:10,240 ‫To give you a better understanding of PowerShell, we should first define what a show is in computer 3 00:00:10,240 --> 00:00:10,660 ‫science. 4 00:00:10,660 --> 00:00:16,330 ‫A show is a user interface that gives you access to various services of an operating system. 5 00:00:17,140 --> 00:00:22,480 ‫A shell can be command line based, or it can include a graphical user interface or UI. 6 00:00:23,370 --> 00:00:26,460 ‫Windows PowerShell is a shell developed by Microsoft. 7 00:00:26,880 --> 00:00:30,340 ‫Purposes of task automation and configuration management. 8 00:00:31,050 --> 00:00:38,340 ‫This powerful shell is based on the dot net framework, and it includes a command line shell and a scripting 9 00:00:38,340 --> 00:00:38,910 ‫language. 10 00:00:40,930 --> 00:00:42,070 ‫Why PowerShell? 11 00:00:43,360 --> 00:00:49,000 ‫PowerShell is a very powerful tool that offers tremendous benefit for querying systems and executing 12 00:00:49,000 --> 00:00:51,910 ‫commands, including on remote machines. 13 00:00:52,930 --> 00:00:59,590 ‫However, it's easily used for malicious purposes because it falls under the radar of traditional endpoint 14 00:00:59,590 --> 00:01:00,670 ‫security products. 15 00:01:01,540 --> 00:01:07,630 ‫PowerShell gives the bad guys a lot of power because it's part of the native Windows operating system, 16 00:01:07,840 --> 00:01:10,450 ‫which makes it difficult for security teams. 17 00:01:11,590 --> 00:01:13,000 ‫What is Empire project? 18 00:01:13,980 --> 00:01:20,930 ‫With their own words, Empire is a pure power shell post exploitation agent built on crypto, logically 19 00:01:20,940 --> 00:01:27,480 ‫secure communications and a flexible architecture empire implements the ability to run PowerShell agents 20 00:01:27,720 --> 00:01:35,040 ‫without needing PowerShell, not exact, rapidly deployable post exploitation modules ranging from the 21 00:01:35,040 --> 00:01:42,210 ‫keyloggers to mimic cats and adaptable communications to evade network detection, all wrapped up in 22 00:01:42,210 --> 00:01:44,190 ‫a usability focused framework. 23 00:01:44,760 --> 00:01:50,310 ‫Since the Empire project is not embedded into Kallie, we need to download and install it. 24 00:01:52,290 --> 00:01:57,420 ‫PowerShell Empire becomes the official site of the team who created the Empire project. 25 00:01:58,110 --> 00:02:00,810 ‫It's a very handy website full of documents and demos. 26 00:02:00,900 --> 00:02:08,310 ‫However, as of this video capturing it's in its early days of 2018, the documents need to be updated 27 00:02:08,310 --> 00:02:10,800 ‫according to the latest version of Empire Project. 28 00:02:17,970 --> 00:02:23,610 ‫The link at the bottom of the home page, Get Empire brings you to the GitHub page of Empire project. 29 00:02:24,620 --> 00:02:28,310 ‫I recommend you read the read me section of the page for details. 30 00:02:31,140 --> 00:02:33,660 ‫From the clone or download buttons at the upper right. 31 00:02:33,810 --> 00:02:35,820 ‫Copy the URL to clone the project. 32 00:02:38,460 --> 00:02:44,610 ‫Opened the terminal window, right Git Clone Paste the URL and hit enter. 33 00:03:07,260 --> 00:03:13,350 ‫Now, the files of the Empire project are being downloaded to our local when the download finishes go 34 00:03:13,350 --> 00:03:21,750 ‫to the set of Folder under the Project Folder Empire using CD Linux Command Run Dogs Install Dot S.H.. 35 00:03:23,500 --> 00:03:27,430 ‫The project had all the required packages are being installed in this moment. 36 00:03:27,820 --> 00:03:28,600 ‫Be patient. 37 00:03:28,960 --> 00:03:30,370 ‫It could take a few minutes. 38 00:03:39,070 --> 00:03:41,950 ‫Now it asks for a password to negotiate with the server. 39 00:03:42,610 --> 00:03:47,800 ‫You can enter a password or if you hit enter directly, will generate a random password for you. 40 00:03:48,400 --> 00:03:50,860 ‫As soon as you hit enter, the setup is complete. 41 00:03:51,580 --> 00:03:55,900 ‫Now use the CD Linux Command to go back to the Project Home folder. 42 00:03:59,390 --> 00:04:02,390 ‫And Typekit slash empire to start the tool. 43 00:04:04,460 --> 00:04:05,840 ‫Welcome to the Empire.