Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/EmpireProject/Empire
Empire is a PowerShell and Python post-exploitation agent.
https://github.com/EmpireProject/Empire
Last synced: about 1 month ago
JSON representation
Empire is a PowerShell and Python post-exploitation agent.
- Host: GitHub
- URL: https://github.com/EmpireProject/Empire
- Owner: EmpireProject
- License: bsd-3-clause
- Archived: true
- Created: 2015-08-05T18:25:57.000Z (over 9 years ago)
- Default Branch: master
- Last Pushed: 2020-01-19T22:50:59.000Z (almost 5 years ago)
- Last Synced: 2024-05-23T03:18:11.991Z (7 months ago)
- Language: PowerShell
- Homepage: http://www.powershellempire.com/
- Size: 21.5 MB
- Stars: 7,310
- Watchers: 490
- Forks: 2,783
- Open Issues: 101
-
Metadata Files:
- Readme: README.md
- Changelog: changelog
- Contributing: .github/CONTRIBUTING.md
- License: LICENSE
Awesome Lists containing this project
- awesome-windows-domain-hardening - Empire - PowerShell and Python post-exploitation agent (Uncategorized / Uncategorized)
- awesome-mitre-attack - Empire - Post-exploitation framework that includes a pure-PowerShell2.0 Windows agent, and a pure Python 2.6/2.7 Linux/OS X agent. (Red and Purple Team / Tools)
- awesome-termux-hacking - Empire - Empire is a PowerShell and Python post-exploitation agent..[![->](https://img.shields.io/github/stars/EmpireProject/Empire.svg?style=social&label=Star&maxAge=2592000)](https://github.com/EmpireProject/Empire/stargazers/) (Uncategorized / Uncategorized)
- awesome-hacking-lists - EmpireProject/Empire - Empire is a PowerShell and Python post-exploitation agent. (PowerShell)
- cybersources - Empire
- cybersources - Empire
README
# Empire
## This project is no longer supported
Empire is a post-exploitation framework that includes a pure-PowerShell2.0 Windows agent, and a pure Python 2.6/2.7 Linux/OS X agent. It is the merge of the previous PowerShell Empire and Python EmPyre projects. The framework offers cryptologically-secure communications and a flexible architecture. On the PowerShell side, Empire implements the ability to run PowerShell agents without needing powershell.exe, rapidly deployable post-exploitation modules ranging from key loggers to Mimikatz, and adaptable communications to evade network detection, all wrapped up in a usability-focused framework. PowerShell Empire premiered at [BSidesLV in 2015](https://www.youtube.com/watch?v=Pq9t59w0mUI) and Python EmPyre premeiered at HackMiami 2016.
Empire relies heavily on the work from several other projects for its underlying functionality. We have tried to call out a few of those people we've interacted with [heavily here](http://www.powershellempire.com/?page_id=2) and have included author/reference link information in the source of each Empire module as appropriate. If we have failed to improperly cite existing or prior work, please let us know.
Empire is developed by [@harmj0y](https://twitter.com/harmj0y), [@sixdub](https://twitter.com/sixdub), [@enigma0x3](https://twitter.com/enigma0x3), [rvrsh3ll](https://twitter.com/424f424f), [@killswitch_gui](https://twitter.com/killswitch_gui), and [@xorrior](https://twitter.com/xorrior).
Feel free to join us on Slack! https://bloodhoundgang.herokuapp.com
## Install
To install, run `sudo ./setup/install.sh` script or use the corresponding docker image `docker pull empireproject/empire`.
There's also a [quickstart here](http://www.powershellempire.com/?page_id=110) and full [documentation here](http://www.powershellempire.com/?page_id=83).
## Quickstart
Check out the [Empire wiki](https://github.com/EmpireProject/Empire/wiki/Quickstart) for instructions on getting started with Empire.
## Contribution Rules
Contributions are more than welcome! The more people who contribute to the project the better Empire will be for everyone. Below are a few guidelines for submitting contributions.
* Beginning with version 2.4, we will only troubleshoot issues for Kali, Debian, or Ubuntu. All other operating systems will not be supported. We understand that this is frustrating but hopefully the new docker build can provide an alternative.
* Submit pull requests to the [dev branch](https://github.com/powershellempire/Empire/tree/dev). After testing, changes will be merged to master.
* Depending on what you're working on, base your module on [./lib/modules/powershell_template.py](lib/modules/powershell_template.py) or [./lib/modules/python_template.py](lib/modules/python_template.py). **Note** that for some modules you may need to massage the output to get it into a nicely displayable text format [with Out-String](https://github.com/PowerShellEmpire/Empire/blob/0cbdb165a29e4a65ad8dddf03f6f0e36c33a7350/lib/modules/situational_awareness/network/powerview/get_user.py#L111).
* Cite previous work in the **'Comments'** module section.
* If your script.ps1 logic is large, may be reused by multiple modules, or is updated often, consider implementing the logic in the appropriate **data/module_source/*** directory and [pulling the script contents into the module on tasking](https://github.com/PowerShellEmpire/Empire/blob/0cbdb165a29e4a65ad8dddf03f6f0e36c33a7350/lib/modules/situational_awareness/network/powerview/get_user.py#L85-L95).
* Use [approved PowerShell verbs](https://technet.microsoft.com/en-us/library/ms714428(v=vs.85).aspx) for any functions.
* PowerShell Version 2 compatibility is **STRONGLY** preferred.
* TEST YOUR MODULE! Be sure to run it from an Empire agent before submitting a pull to ensure everything is working correctly.
* For additional guidelines for your PowerShell code itself, check out the [PowerSploit style guide](https://github.com/PowerShellMafia/PowerSploit/blob/master/README.md).