Skip to content

Home

Jump to bottom
Cx01N edited this page Nov 14, 2020 · 10 revisions

Empire

GitHub Release GitHub contributors GitHub commit activity GitHub stars GitHub Twitter URL

Keep up-to-date on our blog at https://www.bc-security.org/blog

Empire

Empire 3 is a post-exploitation framework that includes a pure-PowerShell Windows agent, and compatibility with Python 3.x Linux/OS X agents. It is the merger of the previous PowerShell Empire and Python EmPyre projects. The framework offers cryptologically-secure communications and flexible architecture.

On the PowerShell side, Empire implements the ability to run PowerShell agents without needing powershell.exe, rapidly deployable post-exploitation modules ranging from key loggers to Mimikatz, and adaptable communications to evade network detection, all wrapped up in a usability-focused framework. PowerShell Empire premiered at BSidesLV in 2015 and Python EmPyre premiered at HackMiami 2016. BC-Security presented updates to further evade Microsoft Antimalware Scan Interface (AMSI) and JA3/S signatures at DEF CON 27.

Empire relies heavily on the work from several other projects for its underlying functionality. We have tried to call out a few of those people we've interacted with heavily here and have included author/reference link information in the source of each Empire module as appropriate. If we have failed to properly cite existing or prior work, please let us know at Empire@BC-Security.org.

Empire is currently being developed and maintained by @Cx01N, @Hubbl3, & @Vinnybod. While the main Empire project is no longer maintained, this fork is maintained by @bcsecurity1. Please reach out to us on our Discord if you have any questions or talk about offensive security.

Documentation

Empire maintains a web site version of the documentation at http://www.powershellempire.com.

Help us Improve!

This documentation was organized and built by the PowerShell Empire development team. It is neither complete nor perfect, so any suggestions, corrections, or additions from the community would be greatly appreciated. Please submit any Wiki changes as Empire Pull Requests using the Wiki directory.

contact us by email at Empire@BC-Security.org with any drafted wiki pages or suggested modifications.

Clone this wiki locally