The aim of this work is to demonstrate how cyber-attacks in a Windows domain network would look like, in the perspective of the attacker as well as the defender's point of view. Who could exploit each other will be one of the main focuses. This work is intended for the defenders to better understand its own vulnerabilities and how to improve the weak points effectively. Empire framework is a collection of tools used by penetration testers to attack Windows domain network using the offensive advantages of PowerShell. Empire framework consists of listeners and agents that build an encrypted communication and implements the ability to deploy post exploitation modules ranging from key loggers to credential stealing. The demonstration consists of the Empire framework executing a set of attacks from a command and control server to a Windows domain network. On the other side, the defender can mitigate Empire framework attacks by monitoring and analyzing the network traffic and host activities for suspicious behavior that leads to the detection of malwares