Empire
Featured⚖️ Dual Use · Python
Empire is a post-exploitation and adversary emulation framework that uses PowerShell (Windows) and Python (Linux/macOS) agents. It features cryptologically-secure communications, a flexible architecture, and a wide range of post-exploitation modules. Empire was originally developed by BC Security and has been used extensively in both red team operations and real-world attacks. It supports credential harvesting, lateral movement, persistence, privilege escalation, and data exfiltration.
Use Cases
- Post-exploitation framework for red team engagements
- PowerShell-based credential harvesting
- Lateral movement through Windows environments
- Persistence mechanism deployment
- Adversary emulation exercises
Tags
Details
- Category
- ⚖️ Dual Use
- Language
- Python
- Repository
- BC-SECURITY/Empire
Platforms
Alternatives & Comparisons
Metasploit Framework
RubyThe world's most used penetration testing framework. Exploit development, payload delivery, post-exploitation.
Sliver
GoOpen-source C2 framework by BishopFox. mTLS, HTTP(S), DNS, WireGuard implants with multi-operator support.
Mythic
GoCollaborative, multi-platform C2 framework. Docker-based with web UI, multiple agent types, and plugin architecture.
More in Dual Use
ProxyChains-ng
CForce any TCP connection through SOCKS4/5 or HTTP proxies. Chain multiple proxies for anonymity.
Socat
CMultipurpose relay tool. Bidirectional data transfer between two data channels — sockets, files, pipes, devices.
ngrok
GoExpose local servers to the internet via secure tunnels. Instant public URLs for localhost services.
Rclone
Gorsync for cloud storage. Sync, copy, and mount 70+ cloud providers. Command-line Swiss army knife for cloud data.
GTFOBins
ShellCurated list of Unix binaries that can be used to bypass security restrictions. Living off the land, documented.
LOLBAS
ShellLiving Off The Land Binaries, Scripts and Libraries for Windows. Documenting every Windows binary with offensive potential.