Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers. The Empire server is written in Python 3 and is modular to allow operator flexibility. Empire comes built-in with a client that can be used remotely to access the server. There is also a GUI available for remotely accessing the Empire server, Starkiller.


  • Server/Client Architecture for Multiplayer Support

  • Supports GUI & CLI Clients

  • Fully encrypted communications

  • HTTP/S, Malleable HTTP, OneDrive, Dropbox, and PHP Listeners

  • Massive library (400+) of supported tools in PowerShell, C#, & Python

  • Donut Integration for shellcode generation

  • Modular plugin interface for custom server features

  • Flexible module interface for adding new tools

  • Integrated obfuscation using ConfuserEx 2 & Invoke-Obfuscation

  • In-memory .NET assembly execution

  • Customizable Bypasses

  • JA3/S and JARM Evasion

  • MITRE ATT&CK Integration

  • Integrated Roslyn compiler (Thanks to Covenant)

  • Docker, Kali, Ubuntu, and Debian Install Support


  • PowerShell

  • Python 3

  • C#

  • IronPython 3



Help us Improve!

This documentation was organized and built by the PowerShell Empire development team. It is neither complete nor perfect, so any suggestions, corrections, or additions from the community would be greatly appreciated. Please submit any changes as a pull request to the empire-docs repository.

Last updated