Tweet
Target Audience: Offense, Defense
Short Abstract:
The ultimate goal for any security team is to increase resiliency within an organization and adapt to the modern threat. Starkiller aims to provide red teams with a platform to emulate Advanced Persistent Threat (APT) tactics. Starkiller is a frontend for the post-exploitation framework, PowerShell Empire, which incorporates a multi-user GUI application that interfaces with a remote Command and Control (C2) server. Empire is powered by Python 3 and PowerShell and includes many widely used offensive security tools for Windows, Linux, and macOS exploitation. The framework's flexibility to easily incorporate new modules allows for a single solution for red team operations. Both red and blue teams can utilize Starkiller to emulate and defend against the most used APT attack vectors.
Detailed Explanation of Tool:
Starkiller is a cross-platform UI available in Linux, Windows, and macOS thanks to the power of ElectronJS for interacting with the Empire post-exploitation framework. Starkiller enables a red team to share any instance of Empire during an engagement for instant collaboration and efficient event tracking. All tasks are tracked in a master database which can be queried to track progress and generate post-engagement reports.
Short Developer Bio:
Vincent "Vinnybod" Rose is a software engineer with experience in cloud services. He has a decade of experience in software development and networking. Recently, his focus has been on building ad-serving technologies, web and server-side applications. He is the lead developer for Starkiller, the graphical user interface for the Empire framework.