Loading…
BSidesLV 2016 has ended
Welcome to BSidesLV 2016, our 8th annual BSides in beautiful Las Vegas, Nevada!
Wednesday, August 3 • 17:00 - 18:00
Building an EmPyre with Python.

Sign up or log in to save this to your schedule and see who's attending!

Many companies are deploying an increasing number of OS X hosts in their corporate networks, presenting a challenge to pentesters traditionally accustomed to Windows toolsets and tradecraft. Red teaming begets creativity, however, and if you encounter a Mac-heavy environment on an engagement, one must adapt and rise to the occasion.

This presentation covers our custom remote access tool, EmPyre, that we built in response to this very challenge. EmPyre is a Python-based RAT heavily focused towards OS X and built on the same secure communications and flexible architecture of the PowerShell Empire project. EmPyre features post-ex modules including keylogging, hash dumping, clipboard stealing, network situational awareness, lateral spread and more, as well as stager options ranging from macros to dylibs. We will also cover components of Mac tradecraft and how one can utilize EmPyre to execute a complete engagement in a predominantly OS X environment.

Speakers
SB

Steve Borosh

Penetration Tester /Red Teamer, Veris Group, LLC
avatar for Alexander Rymdeko-Harvey

Alexander Rymdeko-Harvey

Penetration Tester /Red Teamer, Veris Group, LLC
Alex Rymdeko-Harvey (@killswitch_gui) is a previous U.S. Army Soldier who recently transitioned and currently works at the Adaptive Threat Division at Veris Group as a penetration tester and red teamer. Alex has a wide range of skills and experience from offensive to defensive operations... Read More →
avatar for Will Schroeder

Will Schroeder

Security Researcher, Adaptive Threat Division, Veris Group, LLC
Will Schroeder (@harmj0y) is a security researcher and pentester/red-teamer for Veris Group’s Adaptive Threat Division. He is a co-founder of the Veil-Framework, developed PowerView and PowerUp, is an active developer on the PowerSploit project, and is a co-founder and core developer... Read More →


Wednesday August 3, 2016 17:00 - 18:00
Breaking Ground Florentine A