Empire

Building an Empire with PowerShell

Credits

Empire draws heavily from the following projects to implement much of its agent’s functionality:

And thank you to @ben0xa, @mwjcomputing, and the rest of the offensive PowerShell community! We’ve tried out best to call out everyone involved here and in author sections of Empire modules as appropriate, but if we’ve forgotten to properly cite someone involved please let us know and it will be corrected.

Origins

Empire is a pure PowerShell post-exploitation agent built on cryptologically-secure communications and a flexible architecture. Empire implements the ability to run PowerShell agents without needing powershell.exe, rapidly deployable post-exploitation modules ranging from key loggers to Mimikatz, and adaptable communications to evade network detection, all wrapped up in a usability-focused framework. It premiered at BSidesLV in 2015.

Get Empire

Github
@harmj0y

@harmj0y

Developer

Will is a security researcher and red teamer with the Adaptive Threat Division of Veris Group.
@sixdub

@sixdub

Developer

Justin is the Red Team Capability Lead with the Adaptive Threat Division of Veris Group
@enigma0x3

@enigma0x3

Developer

Matt is a red teamer with the Adaptive Threat Division of Veris Group.