Names | EmpireProject Empire EmPyre PowerShell Empire | |
Category | Tools | |
Type | Backdoor | |
Description | Empire is a post-exploitation framework that includes a pure-PowerShell2.0 Windows agent, and a pure Python 2.6/2.7 Linux/OS X agent. It is the merge of the previous PowerShell Empire and Python EmPyre projects. The framework offers cryptologically-secure communications and a flexible architecture. On the PowerShell side, Empire implements the ability to run PowerShell agents without needing powershell.exe, rapidly deployable post-exploitation modules ranging from key loggers to Mimikatz, and adaptable communications to evade network detection, all wrapped up in a usability-focused framework. PowerShell Empire premiered at BSidesLV in 2015 and Python EmPyre premeiered at HackMiami 2016. | |
Information | <https://github.com/EmpireProject> | |
MITRE ATT&CK | <https://attack.mitre.org/software/S0363/> |
Last change to this tool card: 22 April 2020
Download this tool card in JSON format
Previous: EmpireDNSAgent
Next: Enfal
Changed | Name | Country | Observed | ||
APT groups | |||||
![]() | APT 19, Deep Panda, C0d0so0 | ![]() | 2013-May 2019 | ![]() | |
![]() | APT 33, Elfin, Magnallium | ![]() | 2013-Nov 2019 | ||
CopyKittens, Slayer Kitten | ![]() | 2013-Jan 2017 | |||
FIN10 | [Unknown] | 2016 | |||
![]() | MuddyWater, Seedworm, TEMP.Zagros, Static Kitten | ![]() | 2017-Dec 2020 ![]() | ![]() | |
![]() | Turla, Waterbug, Venomous Bear | ![]() | 1996-Jun 2020 | ||
WIRTE Group | [Middle East] | 2018 | |||
Other groups | |||||
![]() | Indrik Spider | ![]() | 2014-Jul 2020 | ![]() |
8 groups listed (7 APT, 1 other, 0 unknown)
Thailand Computer Emergency Response Team (ThaiCERT) Follow us on![]() ![]() |
Report incidents |
|
![]() |
+66 (0)2-123-1234 | |
![]() |
report@thaicert.or.th | |
![]() |
Download PGP key |