Empire is a post-exploitation framework that includes a pure-PowerShell2.0 Windows agent, and a pure Python 2.6/2.7 Linux/OS X agent.
The framework offers cryptologically-secure communications and a flexible architecture. On the PowerShell side, Empire implements the ability to run PowerShell agents without needing powershell.exe, rapidly deployable post-exploitation modules ranging from key loggers to Mimikatz, and adaptable communications to evade network detection, all wrapped up in a usability-focused framework.
To install
run the ./setup/install.sh script. There’s also a quickstart here and full documentation here.
To Run Empire Web Interface
Requirements
PHP Curl should be installed to use Empire Web.
Install PHP Curl
sudo apt-get install php5-curl
To check for PHP Curl
Command Line:
root@kali:~# php -i | grep -i curl
/etc/php5/cli/conf.d/20-curl.ini,
curl
cURL support => enabled
cURL Information => 7.47.0
PHP Script:
<?php
echo (function_exists('curl_version') ? "Curl found": "Curl not found");
?>
Important
CSRF protection has not been implemented because it was affecting the working of Empire Web. It will be implemented in the next release.
Stay Calm. Stay Secure. Contribute 🙂
Screenshots
PowerShell Empire Web
PowerShell Empire Web utilizes the Empire REST API Server. It is a web interface for using PowerShell Empire.
Run Empire REST API Server
Get PowerShell Empire: https://github.com/EmpireProject/Empire
./empire --headless --restport port --username empire_username --password empire_password
