S0363LinuxmacOSWindows

S0363Empire

Platforms
3
ATT&CK
14.1
References
4

Description

[Empire](https://attack.mitre.org/software/S0363) is an open source, cross-platform remote administration and post-exploitation framework that is publicly available on GitHub. While the tool itself is primarily written in Python, the post-exploitation agents are written in pure [PowerShell](https://attack.mitre.org/techniques/T1059/001) for Windows and Python for Linux/macOS. [Empire](https://attack.mitre.org/software/S0363) was one of five tools singled out by a joint report on public hacking tools being widely used by adversaries.(Citation: NCSC Joint Report Public Tools)(Citation: Github PowerShell Empire)(Citation: GitHub ATTACK Empire)

Platforms· 3

LinuxmacOSWindows

Uses1

TypeTargetConfidenceTier
SubTechniquePowerShellt1059.00195%live

References

  1. https://attack.mitre.org/software/S0363
  2. https://github.com/PowerShellEmpire/Empire
  3. https://github.com/dstepanic/attck_empire
  4. https://www.ncsc.gov.uk/report/joint-report-on-publicly-available-hacking-tools

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
PoshC2
Sub-technique
PowerShell
Software
PowerSploit
Software
SILENTTRINITY
Software
Impacket
Software
Mythic
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.