Skip to content
This repository has been archived by the owner on Jan 29, 2020. It is now read-only.

Home

Jump to bottom
Chris Ross edited this page Apr 25, 2017 · 5 revisions

Empire

Empire is a pure PowerShell post-exploitation agent built on cryptologically-secure communications and a flexible architecture. Empire implements the ability to run PowerShell agents without needing powershell.exe, rapidly deployable post-exploitation modules ranging from key loggers to Mimikatz, and adaptable communications to evade network detection, all wrapped up in a usability-focused framework. It premiered at BSidesLV in 2015.

Empire relies heavily on the work from several other projects for its underlying functionality. We have tried to call out a few of those people we've interacted with heavily here and have included author/reference link information in the source of each Empire module as appropriate. If we have failed to improperly cite existing or prior work, please let us know.

Empire is developed by @harmj0y, @sixdub, @enigma0x3, @xorrior, @rvrsh3ll, and @killswitch-GUI.

Documentation

Empire maintains a web site of version of documentation at http://www.powershellempire.com.

Help us Improve!

This documentation was organized and built by the PowerShell Empire development team. It is neither complete nor perfect, so any suggestions, corrections, or additions from the community would be greatly appreciated. Please contact us by email with any drafted wiki pages or suggested modifications.

PowerShellEmpire | Code

I- Overview

  1. Quick Start
  2. Architecture
  3. Staging
  4. Installation
  5. Configuration

I- Modules

  1. Code Execution
  2. Collection
  3. Credentials
  4. Exfiltration
  5. Exploitation
  6. Lateral Movement
  7. Management
  8. Persistence
  9. Privesc
  10. Recon
  11. Situational Awareness
  12. TrollSploit

I- Advanced

  1. RestFul API
  2. Module Development
Clone this wiki locally