Decepticon vs Empire
GitHub Stats
About Decepticon
Decepticon is an AI-powered autonomous red team framework that executes complete attack chains from initial reconnaissance through command and control establishment. It uses a Neo4j knowledge graph to track discovered assets, vulnerabilities, and successful exploitation paths. Every action maps to MITRE ATT&CK technique IDs, making it useful for both offensive testing and detection engineering. Includes configurable rules of engagement to prevent out-of-scope actions, automated reporting, and integration with common C2 frameworks.
About Empire
Empire is a post-exploitation and adversary emulation framework maintained by BC-Security. It provides PowerShell, Python, and C# agents (called stagers) with cryptologically-secure communications and a flexible architecture. Empire includes hundreds of post-exploitation modules for privilege escalation, credential harvesting, lateral movement, persistence, and situational awareness across Windows, Linux, and macOS. The framework features a RESTful API, collaborative multi-operator support via Starkiller GUI, and malleable C2 profiles for traffic blending. It maps operations to MITRE ATT&CK for adversary emulation reporting.
Platform Support
Tags
Decepticon only
Empire only