just read an article that might be interesting for those who are into Security .
The article was posted almost half a year ago but it’s still more then interesting enough to share it here.
The Original post was made on Computerweekly.com
Empire was made for pen testing but as with everything else made it can also be used with bad intent.
The most noticeable i’ve got from it is that we should not depend on powershell’s execution policy as there are so many ways around it. Empire has builtin privilege escalation features.
For those running older OS’ ( Pre Windows 10 ) this may also be a reason to upgrade as in Windows 10 powershell integrates with applocker which should give you whitelisting capabilities.
It’s but one sample of what can be done with powershell. There are many more variants of this that haven’t surfaced yet. It’s better to know before and to secure you then to suffer things like this.