# Empire

Empire is a powerful post-exploitation and adversary emulation framework designed to aid Red Teams and Penetration Testers. Built with flexibility and modularity in mind, Empire enables security professionals to conduct sophisticated operations with ease.

The Empire server is written in Python 3, providing a robust and extensible backend for managing compromised systems. Operators can interact with the server using Starkiller, a graphical user interface (GUI) that enhances usability and management.

## Key Features

* [x] **Server/Client Architecture** – Supports multiplayer operations through Starkiller.
* [x] **REST API Support** – Automate operations or integrate custom tooling through the Empire API.
* [x] **Fully Encrypted Communications** – Ensures secure C2 channels
* [x] **Diverse Listener Support** – Communicate over HTTP/S, Malleable HTTP, and PHP.
* [x] **Extensive Module Library** – Over 400 tools in PowerShell, C#, and Python for post-exploitation and lateral movement.
* [x] **Donut Integration** – Generate shellcode for execution.
* [x] **Modular Plugin Interface** – Extend Empire with custom server features.
* [x] **Flexible Module Framework** – Easily add new capabilities.
* [x] **Advanced Obfuscation** – Integrated [ConfuserEx 2](https://github.com/mkaring/ConfuserEx) and [Invoke-Obfuscation](https://github.com/danielbohannon/Invoke-Obfuscation) for stealth.
* [x] **In-Memory Execution** – Load and execute .NET assemblies without touching disk.
* [x] **Customizable Bypasses** – Evade detection using JA3/S and JARM evasion techniques.
* [x] **MITRE ATT\&CK Integration** – Map techniques and tactics directly to the framework.
* [x] **Built-in Roslyn Compiler** – Compile C# payloads on the fly (thanks to Covenant).
* [x] **Broad Deployment Support** – Install on Docker, Kali Linux, Ubuntu, and Debian.

## Sponsors

[![](https://github.com/user-attachments/assets/604fbb97-4641-4a15-a6ba-039f67694f15)](https://www.route4me.com/)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://bc-security.gitbook.io/empire-wiki/readme.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.