Links

Plugins

Plugins are an extension of Empire that allow for custom scripts to be loaded. This allows anyone to easily build or add community projects to extend Empire functionality. Plugins can be accessed from the Empire client or the API as long as the plugin follows the template example. A list of Empire Plugins is located here.

Empire Plugins

Plugin Name
Description
Preview
Authors
Sponsor Plugin
Self-contained server for Invoke-SocksProxy.
image
@Cx01N, @mjokic
Runs chisels from the Empire CLI.
image
@kevin
AMSI Fail
The AMSI Fail Plugin calls the AMSI.fail API to generate and add a fresh AMSI Bypass to the Empire database.
client gif
@Vinnybod
X
The ATT&CK plugin assists in better threat emulation in Empire by leveraging the MITRE ATT&CK Framework for report generation and module management.
mitre_attack
@Cx01N
X
Creates customizable PDF reports (Empire Report, Module Report, Master Log, Sessions, Credentials)
empire_report
@Cx01N
X
EternalBlue-Plugin uses the EternalBlue exploit (CVE-17-010) to perform remote code execution on SMB.
eternalblue
@Cx01N
X
Nmap-Plugin gives a way to interface directly from Empire to Nmap and send commands through Python3-Nmap.
nmap
@Cx01N
X
The Twilio Plugin is meant to show the possibilities of the Hooks feature implemented in Empire 4.1. It sends a text message every time an agent connects.
@Vinnybod
The purpose of this plugin is to block certain IP addresses from connecting to the server. It is to showcase the event-driven nature of the hook system.
@Vinnybod