Question 1

Empire vs Metasploit: which is better for post-exploitation?

Accepted Answer

Empire excels with pure-PowerShell and Python agents focused on evasion and secure communications, ideal for stealthy operations. Metasploit offers a broader toolkit including exploitation phases, so choose Empire for specialized agent frameworks but Metasploit for comprehensive penetration testing.

Question 2

How to install Empire on Ubuntu?

Accepted Answer

Run the install script with `sudo ./setup/install.sh` or use Docker via `docker pull empireproject/empire`. Refer to the Empire wiki for quickstart instructions on configuring agents and modules.

Question 3

Is Empire still being updated or supported?

Accepted Answer

No, Empire is no longer actively supported as per the README, with the last version being 2.4 and limited OS troubleshooting. Consider alternatives like Cobalt Strike for ongoing projects.

Question 4

Can Empire agents run on modern macOS versions?

Accepted Answer

Empire includes pure Python agents for OS X, but support is limited to older Python 2.7 and may not be tested on recent macOS releases, posing compatibility challenges.

Question 5

What are the main evasion techniques in Empire?

Accepted Answer

Empire uses reflective loading to run PowerShell without powershell.exe, avoiding process-based detection, and employs cryptologically-secure communications to blend with network traffic, as described in its features.

Question 6

Does Empire work with Python 3 or only Python 2?

Accepted Answer

Empire relies on Python 2.6/2.7, as stated in the README, and does not natively support Python 3, which limits its use in environments with modern Python installations.

empire

What is empire?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions