A post-exploitation framework for Linux/Windows
emp3r0r C2 (Linux/Windows) is ready for testing. Please report bugs if you find any.
- Read wiki to get started
- Download from here
- Write modules for emp3r0r with your favorite languages
- Windows support is ready with fully-interactive shell
VIEW screenshots
MORE screenshots/videos
emp3r0r.mp4
Initially, emp3r0r was developed as one of my weaponizing experiments. It was a learning process for me trying to implement common Linux adversary techniques and some of my original ideas.
So, what makes emp3r0r different? First of all, it is the first C2 framework that targets Linux platform including the capability of using any other tools through it. Take a look at the features for more valid reasons to use it.
In fact, emp3r0r has complete python3.9 support, which is less than 7MB with necessary third party packages such as Requests or MySQL.
- Beautiful Terminal UI
- Use tmux for window management
- Multi-Tasking
- Don't have to wait for any commands to finish
- Module Support
- Provides python3.9 environment that can easily run your exploits/tools on any Linux host
- Perfect Shell Experience via SSH
- Compatible with any SSH client and available for Windows
- Bettercap
- Built-in Static Bash Binary
- Auto persistence via various methods
- Post-exploitation Tools
- Similar to Nmap, Socat
- Credential Harvesting (WIP)
- Process Injection
- Shellcode Injection
- ELF Patcher (WIP)
- Packer
- Encrypts and compresses agent binary and runs agent in a covert way
- Hide processes and files (WIP)
- Port Mapping
- From C2 side to agent side, and vice versa
- Agent Side: Socks5 Proxy
- Auto Root
- LPE Suggest
- System Info Collect
- File Management
- Enables resumable downloads/uploads
- Log Cleaner
- Screenshot
- Stealth Connection
- Anti-Antivirus
- Internet Access Checker
- Autoproxy
- For semi-isolated networks
- Reverse Proxy
- To bring every host online
- All of these in HTTP2
- Painlessly encapsulated in Shadowsocks and KCP
- Able to encapsulate in any external proxies such as TOR and CDNs
- Interoperability with Metasploit/Cobalt Strike
- Custom Modules
- and many more :)