itsMe Posted August 28, 2023 Share Posted August 28, 2023 This is the hidden content, please Sign In or Sign Up Empire 4.0 is a post-exploitation framework that includes a pure-PowerShell 2.0 Windows agent, and compatibility with Python 2.x/3.x Linux/OS X agents. It is the merger of the previous PowerShell Empire and Python EmPyre projects. The framework offers cryptologically-secure communications and flexible architecture. On the PowerShell side, Empire implements the ability to run PowerShell agents without needing powershell.exe, rapidly deployable post-exploitation modules ranging from key loggers to Mimikatz, and adaptable communications to evade network detection, all wrapped up in a usability-focused framework. PowerShell Empire premiered at BSidesLV in 2015 and Python EmPyre premiered at HackMiami 2016. BC-Security presented updates to further evade Microsoft Antimalware Scan Interface (AMSI) and JA3/S signatures at DEF CON 27. Features Server/Client Architecture for Multiplayer Support Supports GUI & CLI Clients Fully encrypted communications HTTP/S, Malleable HTTP, OneDrive, Dropbox, and PHP Listeners Massive library (400+) of supported tools in PowerShell, C#, & Python Donut Integration for shellcode generation Modular plugin interface for custom server features Flexible module interface for adding new tools Integrated obfuscation using ConfuserEx 2 & Invoke-Obfuscation In-memory .NET assembly execution Customizable Bypasses JA3/S and JARM Evasion MITRE ATT&CK Integration Integrated Roslyn compiler (Thanks to Covenant) Docker, Kali, ParrotOS, Ubuntu 20.04/22.04, and Debian 10/11 Install Support This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
Recommended Posts