Empire
Last updated
Last updated
Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers. The Empire server is written in Python 3 and is modular to allow operator flexibility. Empire comes built-in with a client that can be used remotely to access the server. There is also a GUI available for remotely accessing the Empire server, Starkiller.
Server/Client Architecture for Multiplayer Support
Supports GUI & CLI Clients
Fully encrypted communications
HTTP/S, Malleable HTTP, OneDrive, Dropbox, and PHP Listeners
Massive library (400+) of supported tools in PowerShell, C#, & Python
Donut Integration for shellcode generation
Modular plugin interface for custom server features
Flexible module interface for adding new tools
Integrated obfuscation using ConfuserEx 2 & Invoke-Obfuscation
In-memory .NET assembly execution
Customizable Bypasses
JA3/S and JARM Evasion
MITRE ATT&CK Integration
Integrated Roslyn compiler (Thanks to Covenant)
Docker, Kali, Ubuntu, and Debian Install Support
PowerShell
Python 3
C#
IronPython 3
And Many More
This documentation was organized and built by the PowerShell Empire development team. It is neither complete nor perfect, so any suggestions, corrections, or additions from the community would be greatly appreciated. Please submit any changes as a pull request to the empire-docs repository.