-
-
Notifications
You must be signed in to change notification settings - Fork 275
Home
jm33-m0 edited this page Apr 12, 2026
·
9 revisions
Welcome to the emp3r0r wiki!
emp3r0r is a post-exploitation framework for Linux systems.
This wiki tracks the v4 runtime and command behavior.
- Getting Started
- Workflow - Overview of how to use emp3r0r.
- Console Interface - Guide to the command-line interface.
- Linux Stager - Using the stager for payload delivery.
- Listener - Setting up HTTP listeners.
- Modules - JSON schema and in-memory features.
- Terminal UI
- Customizable Transport - Configuration reference and transport customization.
-
Advanced Stealth: Designed to be stealthy and hard to detect, featuring:
- Shared Memory Execution: Stager-managed agent execution with process resumption.
- Module Stomping: Configurable library stomping for in-memory module execution.
- XOR Obfuscation: Periodic payload rotation to obfuscate the stager while idle.
- Modules: Extensible module system supporting scripts, native binaries, and Linux/Windows BOFs.
- Zero-trust C2 Core: Strict TOFU identity pinning, fail-closed route validation, replay protection, and single-session admission.
-
Pivoting: P2P mesh networking (pluggable hop transport: default
mtls, optionalkcp) plus reverse-tunnel workflows for isolated networks.