How to install Empire on Ubuntu?

Run the install script with sudo ./setup/install.sh or use the Docker image empireproject/empire, as per the README's quickstart guide. Ensure you're on a supported OS like Kali, Debian, or Ubuntu for best results.

Is Empire still maintained in 2024?

No, the project is explicitly marked as no longer supported in the README, meaning it lacks active development, updates, and security patches, so use it cautiously in modern environments.

Empire vs Cobalt Strike for red teaming?

Empire is open-source and focuses on stealth with pure agents, but it's unsupported and outdated. Cobalt Strike is commercial, actively maintained, and offers more features, making it better for professional teams with budgets.

How to create custom modules in Empire?

Base your module on the provided PowerShell or Python templates in the lib/modules directory, cite previous work in comments, and test thoroughly with an Empire agent before submitting, as outlined in the contribution rules.

Can Empire agents evade antivirus detection?

Yes, it uses techniques like pure-PowerShell agents without powershell.exe and cryptologically-secure communications to enhance stealth, but effectiveness may vary due to its outdated code and lack of updates.

What operating systems does Empire support?

Empire provides agents for Windows and Linux/OS X, but troubleshooting is only officially supported for Kali, Debian, or Ubuntu, as noted in the contribution guidelines.

Open-Awesome

PowerShellEmpire

BSD-3-ClausePowerShell2.5

A post-exploitation framework with PowerShell and Python agents for security testing and red team operations.

Visit Website GitHub

7.8k stars2.9k forks0 contributors

What is PowerShellEmpire?

Empire is a post-exploitation framework that provides PowerShell and Python agents for Windows and Linux/OS X systems. It enables security professionals to maintain access, execute modules, and conduct red team operations with cryptologically-secure communications and evasion capabilities. The framework solves the problem of stealthy post-exploitation during authorized security assessments.

Target Audience

Security professionals, penetration testers, and red team operators conducting authorized security assessments and post-exploitation activities.

Value Proposition

Developers choose Empire for its pure agents that don't require powershell.exe, rapid deployment of post-exploitation modules, and adaptable communications that evade network detection, all wrapped in a usability-focused framework.

Overview

Empire is a PowerShell and Python post-exploitation agent.

Use Cases

Best For

Conducting red team operations with stealthy post-exploitation agents
Penetration testing on Windows environments using PowerShell agents
Security assessments on Linux/OS X systems with Python agents
Deploying post-exploitation modules like keyloggers and credential dumpers
Maintaining persistent access during authorized security testing
Evading network detection with cryptologically-secure communications

Not Ideal For

Organizations requiring actively maintained tools with regular security updates
Environments where Python 3.x is mandatory and Python 2.x is unavailable
Operating systems other than Kali, Debian, or Ubuntu for reliable troubleshooting
Projects needing vendor-backed support for compliance or legal auditing

Pros & Cons

Pros

Stealthy Pure Agents

Provides PowerShell agents that run without powershell.exe and Python agents for Linux/OS X, enhancing evasion in post-exploitation as highlighted in the README.

Rapid Module Deployment

Offers a wide range of quickly deployable post-exploitation modules, from keyloggers to Mimikatz, for various attack scenarios as described in the key features.

Secure Flexible Communications

Uses cryptologically-secure communications and adaptable channels to evade network detection, a core part of the framework's philosophy.

Usability-Focused Design

Designed for ease of use while maintaining powerful capabilities, making it accessible for security professionals during authorized assessments.

Cons

Unsupported Project

Explicitly marked as no longer supported in the README, meaning no updates, bug fixes, or security patches, which poses operational risks.

Outdated Dependencies

Relies on deprecated technologies like Python 2.6/2.7 and PowerShell 2.0, limiting compatibility and security in modern environments.

Limited OS Troubleshooting

Only supports Kali, Debian, or Ubuntu for issue resolution per the contribution rules, restricting its use on other operating systems.

Frequently Asked Questions

Related Projects

PowerSploit

PowerSploit - A PowerShell Post-Exploitation Framework

Stars13,009

Forks4,717

Last commit5 years ago

BloodHound

Six Degrees of Domain Admin

Stars10,552

Forks1,790

Last commit3 months ago

Nishang

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

Stars9,939

Forks2,544

Last commit2 years ago

Invoke-Obfuscation

PowerShell Obfuscator

Stars4,263

Forks806

Last commit2 years ago

Community-curated · Updated weekly · 100% open source

Found a gem we're missing?

Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.

Submit a project Star on GitHub

PowerShellEmpire

BSD-3-ClausePowerShell2.5

A post-exploitation framework with PowerShell and Python agents for security testing and red team operations.

Visit Website GitHub

7.8k stars2.9k forks0 contributors

What is PowerShellEmpire?

Target Audience

Security professionals, penetration testers, and red team operators conducting authorized security assessments and post-exploitation activities.

Value Proposition

Overview

Empire is a PowerShell and Python post-exploitation agent.

Use Cases

Best For

Conducting red team operations with stealthy post-exploitation agents
Penetration testing on Windows environments using PowerShell agents
Security assessments on Linux/OS X systems with Python agents
Deploying post-exploitation modules like keyloggers and credential dumpers
Maintaining persistent access during authorized security testing
Evading network detection with cryptologically-secure communications

Not Ideal For

Organizations requiring actively maintained tools with regular security updates
Environments where Python 3.x is mandatory and Python 2.x is unavailable
Operating systems other than Kali, Debian, or Ubuntu for reliable troubleshooting
Projects needing vendor-backed support for compliance or legal auditing

Pros & Cons

Pros

Stealthy Pure Agents

Provides PowerShell agents that run without powershell.exe and Python agents for Linux/OS X, enhancing evasion in post-exploitation as highlighted in the README.

Rapid Module Deployment

Offers a wide range of quickly deployable post-exploitation modules, from keyloggers to Mimikatz, for various attack scenarios as described in the key features.

Secure Flexible Communications

Uses cryptologically-secure communications and adaptable channels to evade network detection, a core part of the framework's philosophy.

Usability-Focused Design

Designed for ease of use while maintaining powerful capabilities, making it accessible for security professionals during authorized assessments.

Cons

Unsupported Project

Explicitly marked as no longer supported in the README, meaning no updates, bug fixes, or security patches, which poses operational risks.

Outdated Dependencies

Relies on deprecated technologies like Python 2.6/2.7 and PowerShell 2.0, limiting compatibility and security in modern environments.

Limited OS Troubleshooting

Only supports Kali, Debian, or Ubuntu for issue resolution per the contribution rules, restricting its use on other operating systems.

Frequently Asked Questions

Related Projects

PowerSploit

PowerSploit - A PowerShell Post-Exploitation Framework

Stars13,009

Forks4,717

Last commit5 years ago

BloodHound

Six Degrees of Domain Admin

Stars10,552

Forks1,790

Last commit3 months ago

Nishang

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

Stars9,939

Forks2,544

Last commit2 years ago

Invoke-Obfuscation

PowerShell Obfuscator

Stars4,263

Forks806

Last commit2 years ago

Community-curated · Updated weekly · 100% open source

Found a gem we're missing?

Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.

Submit a project Star on GitHub