Agents
Last updated
Was this helpful?
Last updated
Was this helpful?
This page provides an in-depth overview of the different agents available within Empire, including their capabilities, features, and usage scenarios.
IronPython brings the Python language to the .NET framework. The IronPython agent leverages this to execute Python scripts using .NET, bypassing restrictions on native Python interpreters. Additional documentation on the agent can be found .
Executes in a .NET context, allowing for unique evasion techniques.
Can interface with .NET libraries directly from Python code.
Runs Python, C#, and PowerShell taskings.
The Python agent offers cross-platform capabilities for targeting non-Windows systems, such as Linux and macOS. Additional documentation on the agent can be found .
Cross-platform for Linux and macOS.
The Go agent (Gopire) is designed for use in environments where Go is advantageous for performance and portability. It is lightweight and suitable for Windows systems. Currently, the Go agent only supports Windows and the HTTP listener. Future updates may include cross-platform support.
Currently only Windows compatible.
Written in Go, providing performance and portability benefits.
Can run taskings such as C#, PowerShell, and shell commands.
Reflectively loaded to evade detection.
Supports only the HTTP listener.
The PowerShell agent is the original agent for Empire.
Reflectively loads into memory.
Can run C# and PowerShell taskings.
Can run C# and PowerShell taskings.
Additional documentation on the agent can be found .
The C# agent leverages as the implant.