BC Safety has introduced the discharge of Empire 6.3.0, the newest iteration of the broadly used post-exploitation and adversary emulation framework.
This replace reinforces Empire’s place as a premier device for Crimson Groups and penetration testers, providing a versatile, modular server structure written in Python 3 together with intensive agent assist.
Unified Structure and Expanded Agent Assist
Empire 6.3.0 continues to streamline operations with its server/shopper structure, designed to assist multiplayer engagements.
The framework permits a number of operators to collaborate seamlessly whereas sustaining totally encrypted communications.
A key spotlight of this launch is the sturdy assist for various agent languages, enabling operators to deploy implants throughout numerous environments.
Function CategoryCapabilities and DetailsSupported AgentsPowerShell, Python 3, C#, IronPython 3, GoEvasion & SecurityJA3/S & JARM Evasion, ConfuserEx 2, Invoke-Obfuscation, Encrypted CommsInstallation SupportDocker, Kali, ParrotOS, Ubuntu 22.04/24.04, Debian 11/12Execution ModulesAssembly Execution, BOF Execution, Mimikatz, Rubeus, SeatbeltCompiler IntegrationIntegrated Roslyn compiler (Covenant) for in-memory .NET executionInterfaceCLI Consumer & Starkiller Net GUI (Git submodule)
The inclusion of Go brokers alongside conventional PowerShell and Python 3 brokers considerably broadens the operational scope, permitting for execution on programs the place interpreted languages is perhaps restricted.
The built-in Starkiller GUI, now packaged as a Git submodule, supplies a contemporary net interface for distant server administration.
This eliminates the necessity for advanced unbiased setups, as Starkiller interfaces instantly with Empire’s API to supply a graphical different to the command-line shopper.
Safety evasion stays a precedence in model 6.3.0. The framework incorporates JA3/S and JARM evasion strategies to mix site visitors profiles and bypass community detection logic.
Set up Quickstart:
bashgit clone –recursive
cd Empire
./setup/checkout-latest-tag.sh
./ps-empire set up -y
./ps-empire server
Moreover, built-in obfuscation instruments like ConfuserEx 2 and Invoke-Obfuscation assist masks payloads from antivirus and EDR options.
The module library now boasts over 400 supported instruments, starting from Mimikatz and Seatbelt to customized C# assemblies compiled by way of the built-in Roslyn compiler.
This modular design permits operators to quickly prolong performance by including customized plugins or using the versatile module interface for brand new instruments.
Comply with us on Google Information, LinkedIn, and X for day by day cybersecurity updates. Contact us to function your tales.
