LogoLogo
EmpireStarkillerBlogDiscord
  • Empire
  • Quickstart
    • Installation
    • Server
  • Starkiller
    • Introduction
    • Agent Tasks
  • Listeners
    • Dropbox
    • OneDrive
    • HTTP
    • Malleable C2
  • Stagers
    • multi_generate_agent
  • Plugins
    • Development
      • Imports
      • Lifecycle Hooks
      • Execution
      • Hooks and Filters
      • Plugin Tasks
      • Notifications
      • Database Usage
      • Settings
      • Migration
  • Modules
    • Autorun Modules
    • Module Development
      • PowerShell Modules
      • Python Modules
      • C# Modules
      • BOF Modules
  • Agents
    • Python
      • Main Agent Class
      • Stage Class
      • Packet Handler Class
      • Extended Packet Handler Class
    • Go
      • Main Agent Class
      • Packet Handler Class
      • Main.go Template
    • Staging
  • RESTful API
  • Settings
    • Logging
    • Bypasses
    • IP Filtering
Powered by GitBook
On this page

Was this helpful?

  1. Settings

Bypasses

Bypasses are stored in yamls found in /empire/server/bypass/ and uses a similar formatting as modules. Bypasses are currently only available to PowerShell modules and require a minimum version of PowerShell 3. Earlier version of PowerShell did not contain protections that require bypasses.

When Empire first loads, it will wrie the data from the yamls to the database. The bypasses can then be edited via Starkiller or the API with the changes going only to the version stored in the database.

Example Bypasses YAML

name: ''
authors:
  - ''
description: ''
comments:
  - ''
language: powershell
min_language_version: '3'
script: ''

PreviousLoggingNextIP Filtering

Last updated 3 years ago

Was this helpful?