Skip to content
forked from jm33-m0/emp3r0r

Linux/Windows post-exploitation framework made by linux user

License

Notifications You must be signed in to change notification settings

a7t0fwa7/emp3r0r

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

emp3r0r

A post-exploitation framework for Linux/Windows

Status

  • emp3r0r C2 (Linux/Windows) is ready for testing. Please report bugs if you find any.
  • Read wiki to get started
  • Download from here
  • Write modules for emp3r0r with your favorite languages
  • Windows support is ready with fully-interactive shell
emp3r0r.mp4
MORE screenshots
emp3r0r.mp4

image

image

image

c2


Motivation

Initially, emp3r0r was developed as one of my weaponizing experiments. It was a learning process for me trying to implement common Linux adversary techniques and some of my original ideas.

So, what makes emp3r0r different? First of all, it is the first C2 framework that targets Linux platform including the capability of using any other tools through it. Take a look at the features for more valid reasons to use it.

In fact, emp3r0r has complete python3.9 support, which is less than 7MB with necessary third party packages such as Requests or MySQL.


Features

  • Beautiful Terminal UI
    • Use tmux for window management
  • Stealth
    • Automatically changes argv so you won't notice it in ps listing
    • Built-in Elvish Shell with the same disguise as main process
    • Stealth Connection
    • All of these in HTTP2
    • Painlessly encapsulated in Shadowsocks and KCP
    • Able to encapsulate in any external proxies such as TOR and CDNs
  • Multi-Tasking
    • Don't have to wait for any commands to finish
  • Module Support
  • Perfect Shell Experience via SSH
    • Compatible with any SSH client and available for Windows
  • Bettercap
  • Auto persistence via various methods
  • Post-exploitation Tools
    • Nmap, Socat, Ncat, Bettercap, etc
  • Credential Harvesting (WIP)
  • Process Injection
  • Shellcode Injection
  • ELF Patcher (WIP)
  • Packer
    • Encrypts and compresses agent binary and runs agent in a covert way
  • Hide processes and files (WIP)
  • Port Mapping
    • From C2 side to agent side, and vice versa
  • Agent Side: Socks5 Proxy
  • Auto Root
  • LPE Suggest
  • System Info Collect
  • File Management
  • Log Cleaner
  • Screenshot
  • Anti-Antivirus
  • Internet Access Checker
  • Autoproxy
    • For semi-isolated networks
  • Reverse Proxy
    • To bring every host online
  • Interoperability with Metasploit/Cobalt Strike
  • and many more :)

About

Linux/Windows post-exploitation framework made by linux user

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Go 62.5%
  • Shell 16.9%
  • Python 15.3%
  • C 4.9%
  • Other 0.4%