SILENTTRINITY
An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR (by byt3bl33d3r)
Empire
Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers. (by BC-SECURITY)
| SILENTTRINITY | Empire | |
|---|---|---|
| 2 | 8 | |
| 2,230 | 4,534 | |
| 1.3% | 2.5% | |
| 3.4 | 9.4 | |
| over 1 year ago | about 16 hours ago | |
| Boo | PowerShell | |
| GNU General Public License v3.0 only | BSD 3-clause "New" or "Revised" License |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
SILENTTRINITY
Posts with mentions or reviews of SILENTTRINITY.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2021-10-11.
- Guidance on certs in Cybersecurity Field
-
Cobalt Strike detection
You're certainly right that it doesn't need an XML extension. But it also frequently will due to many tools using it by default (e.g. line 13 in https://github.com/byt3bl33d3r/SILENTTRINITY/blob/master/silenttrinity/core/teamserver/stagers/msbuild.py).
Empire
Posts with mentions or reviews of Empire.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-04-03.
- Opinion on best c2 to learn for resume (open sourced)
-
Why doesn't Empire start??
Is the new version. The original Empire one was discontinued Old: https://github.com/EmpireProject/Empire New: https://github.com/BC-SECURITY/Empire
-
C/C++/C# for Red team
C# for Windows, EDR bypassing. Windows API and native API calls, undocumented API calls and similar. Look at things like this blog here https://www.inversecos.com/2022/03/windows-event-log-evasion-via-native.html and other resources such as the Windows Internals. Sektor7 would be good with their AV bypass courses, but I have only heard of reviews being good, but not done the courses so DYOR. Try the PentesterAcademy courses on Windows. PowerShell pentesting. Frameworks like Empire in Kali, https://www.kali.org/tools/powershell-empire/ && https://github.com/BC-SECURITY/Empire
-
Using Empire4 without Kali
First of all, Empire4 is a post-exploitation framework, such as Cobalt Strike, Covenant or Meterpreter. It actually rely a lot on Meterpreter, as I will explain later. This means it allows you to deploy listeners in your server and configure attacks connected to them. Empire itself was active for so many years and became deprecated, then Empire4 came up using updated resources. It's open source and it's used for both threat actors (cybercriminals) and offensive security auditors, as well as students of course.
-
Guidance on certs in Cybersecurity Field
Empire: https://github.com/BC-SECURITY/Empire/
-
If Empire made a comeback....
Unless I am mistaken it is being maintained here by another team. They are also working on a frontend for it called Starkiller. https://github.com/BC-SECURITY/Empire
-
"Modern" Pentest Frameworks
Metasploit and Merlin are the larger post-exploitation frameworks that come to mind. As an FYI there's a forked version of Empire now actively in development too - https://github.com/BC-SECURITY/Empire.
- BC-SECURITY/Empire - Empire is a PowerShell and Python 3.x post-exploitation framework.
What are some alternatives?
When comparing SILENTTRINITY and Empire you can also consider the following projects:
Covenant - Covenant is a collaborative .NET C2 framework for red teamers.
PoshC2 - A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
bzar - A set of Zeek scripts to detect ATT&CK techniques.
caldera - Automated Adversary Emulation Platform
Atomic-Red-Team-C2 - ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.
empire-db - Mirror of Apache Empire-db