BlueCommand: Dashboarding and Tooling front-end for PowerShell Empire
BlueCommand
BlueCommand is a dashboard and tooling front-end for PowerShell Empire using PowerShell Universal Dashboard from Adam Driscoll.
WARNING: This project does not nearly scratch the surface of interacting with all the capabilities of PowerShell Empire. This was a project to help me learn/play around with PowerShell Empire and its’ REST API. You will be much better served in life but actually learning how to use PowerShell Empire 🙂
Features
- Web Dashboard / Controller for PowerShell Empire!
- Utilizes the Empire REST API and PowerShell Universal Dashboard
- PowerShell Empire Integration
- Rest Integration to retrieve Empire Instance Information (Agents, Modules Downloads)
- Rest Integration to Execute Modules on Agents.
- SCP to Download Agent Results / Downloads
Searching and Executing Modules on Empire Agents 
Retrieving Agent Downloads 
Install
Prereqs
- Install Universal Dashboard Install-Module UniversalDashboard -AccecptLicense
- Install PoshSSH Install-Module -Name Posh-SSH
- PoshSSH is used to run SCP commands to extract agent artifacts.
- Install PowerShell Credential Manager Install-Module -Name CredentialManager
- Credential Manager allows users to easily use Windows Credential Manager to auth to our Empire Server
- Setup PowerShell Empire
- Run Empire with –rest command
- Generate a Listener / Stager
- Deploy Agents
- Make a Note of Rest Key and Empire Server IP.
Download
git clone https://github.com/leeberg/BlueCommand.git
Use
- Populate your environment variables in the start.ps1 Script
- Run the Start Script
- Connect to your Empire Server on the Empire Configuration Page using your Empire Server IP, and Rest API Key.
- BlueCommand will try and utilize POSH-SSH to SCP Download the Empire Agents Downloads/Logs – This requires a stored a “Generic Credential” in your windows credential manager to facilitate this.
Source: https://github.com/leeberg/
