Empire

​​
​ ​
​ ​
​ ​
​ ​
​ ​
​​
Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers. The Empire server is written in Python 3 and is modular to allow operator flexibility. Empire comes built-in with a client that can be used remotely to access the server. There is also a GUI available for remotely accessing the Empire server, Starkiller.
Features
Server/Client Architecture for Multiplayer Support
Supports GUI & CLI Clients
Fully encrypted communications
HTTP/S, Malleable HTTP, OneDrive, Dropbox, and PHP Listeners
Massive library (400+) of supported tools in PowerShell, C#, & Python
Donut Integration for shellcode generation
Modular plugin interface for custom server features
Flexible module interface for adding new tools
Integrated obfuscation using ConfuserEx 2 & Invoke-Obfuscation​
In-memory .NET assembly execution
Customizable Bypasses
JA3/S and JARM Evasion
MITRE ATT&CK Integration
Integrated Roslyn compiler (Thanks to Covenant)
Docker, Kali, Ubuntu, and Debian Install Support
Agents
PowerShell
Python 3
C#
IronPython 3
Modules
​Assembly Execution​
​BOF Execution​
​Mimikatz​
​Seatbelt​
​Rubeus​
​SharpSploit​
​Certify​
​ProcessInjection​
And Many More
Sponsors
       ​
​ 
      ​
​    
Help us Improve!
This documentation was organized and built by the PowerShell Empire development team. It is neither complete nor perfect, so any suggestions, corrections, or additions from the community would be greatly appreciated. Please submit any changes as a pull request to the empire-docs repository.
Quickstart
Last modified 1mo ago