Bypassing Anti-Virtus & Hacking Windows 10 Using Empire

Most of us have heard of msfvenom or or at least metasploit backdoors, they’re great but they get detected by anti-virus programs, we also know we can use a tool called Veil-Evasion to generate backdoors that bypass most anti-virus programs, the effectiveness of such tools depends on how recently they were updated, therefore sometimes Veil will generate backdoors that will get detected by several AV programs, the way to fix this is to modify the backdoor manually to make it more unique (this is a completely different topic, I actually cover that in my social engineering course), alternatively you can just try to generate the backdoor using another tool, such as Empire.

Empire does not come pre-installed in Kali, follow these simple steps to install it:

  1. Go to the /opt directory (optional).
cd /opt

 

2. Clone the project from github.

git clone https://github.com/EmpireProject/Empire.git

 

3. Navigate to its setup directory

cd Empire/setup

 

4. Run the installer

./install.sh

 

Wait for the installer to finish, and then you can run the tool from its directory in /opt/Empire, so first you’ll have to navigate to it using cd

cd /opt/Empire

 

Then run it

./empire

And that should start the tool for you, so you should see something like this

 

Now you’re ready to use the tool, checkout the following video to learn how to use the tool in general, as an example you will learn how to generate a windows backdoor that bypass anti-virus programs and use this backdoor to hack Windows 10.

author avatar
Zaid Sabih

Ethical Hacker, Pentester & Computer Scientist

Zaid Al-Quraishi is an ethical hacker, computer scientist, and founder of zSecurity. He studied CS at UCD, graduating May 2016.

Zaid has a strong background and experience in ethical hacking, starting with tutorials in 2009 in an ethical hacking community, iSecur1ty. He also worked as a penetration tester (pentester) for this company.

In 2013 he started teaching his first course online in Arabic which received extremely positive feedback. This motivated him to create an English version of the course. The English course became the most popular and top paid course on Udemy for almost a year, which further motivated Zaid to design and teach more courses on ethical hacking.

He now offers a number of courses on ethical hacking and more than 800,000 students on Udemy and other teaching platforms such as StackSocial, StackSkills and zSecurity.

Zaid says: "I just love hacking and breaking the rules but don't get me wrong, I am an ethical hacker!"

You may also like

Next Level Phishing with the Last Mile Reassembly Attacks | Bypass Secure Web Gateways
Advanced Phishing with the Last Mile Reassembly Attacks | Bypass Secure Web Gateways
24 October, 2024
Graphic depicting a hooded figure on a laptop displaying various file icons, promoting the ExtensionSpoofer guide to spoof file extensions.
ExtensionSpoofer: A Practical Guide to Spoof File Extensions
13 September, 2024
7 Ways to Secure Your Facebook Account (3)
7 Ways to Secure Your Facebook Account
16 August, 2024

    16 Comments

  1. Theaftadak
    March 23, 2018

    Hello Zaid when I run ./empire I get importerror missing modules named iptools could you help

    • Adrielle De Guia
      March 28, 2018

      Maybe you should install the required modules first before running empire , you can find them in the setup directory.

      • Theaftadak
        April 8, 2018

        Thanks for the reply but am novice here how do I manoeuvre to the set up directory kindly guide

  2. aliensoldier
    August 21, 2018

    Got a quistion about Empire Powershell may be you should know the answer.

    I was testing Powershell Empire after 9 months and generate a launcher bat.
    But I see my test bat file is getting detected on a lot of AV’S.

    About 9 months a go, if I generate a launcher bat it was FUD. 1/36 or 2/36 max.
    But now i see its detecteble on most of the AV’s

    My quistion: Is Empire getting outdated?
    Or do they update not so often that much any more because people still using scanners that distrubute instead of private av scanners.

    Thanks……

  3. svastik
    October 10, 2018

    The ip I set 10.0.2.15 does not open when I try it on the windows machine. What should I do ?

    • dothekhabib
      March 9, 2019

      did you ever figure this out? I tried doing the same thing putting the ip address in the address bar/evil-files but it says unable to connect…

    • saurav1199
      December 7, 2019

      Even I have been getting the same result. I would love to hear back as soon as possible.

  4. insutama
    January 22, 2019

    I tried running and im getting this error
    Traceback (most recent call last):
    File “./empire”, line 13, in
    from lib.common import empire, helpers
    File “/opt/Empire/lib/common/__init__.py”, line 8, in
    import helpers
    File “/opt/Empire/lib/common/helpers.py”, line 50, in
    import iptools
    ImportError: No module named iptools

    and i did the install.sh

  5. narmert123
    March 2, 2019

    this Trojan which created above maybe no distribute website ain’t catch up basically, but definitely Win Defender catches the trojen, How can you guys anonymous tho ?
    Thank you

  6. techy krish
    August 30, 2019

    it was caught by windows defender

  7. shayam
    February 12, 2020

    Zaid i am having problem in outfile. I didnt understand what to do ?how to create directory please help

  8. patidar09
    April 15, 2020

    File “empire”, line 13, in
    from lib.common import empire, helpers
    File “/opt/Empire/lib/common/empire.py”, line 34, in
    import agents
    File “/opt/Empire/lib/common/agents.py”, line 68, in
    import encryption
    File “/opt/Empire/lib/common/encryption.py”, line 27, in
    import M2Crypto
    ImportError: No module named M2Crypto

    How to fix this error

  9. rishi321
    July 30, 2020

    Traceback (most recent call last):

    File “./empire”, line 13, in
    from lib.common import empire, helpers
    File “/opt/Empire/lib/common/empire.py”, line 34, in
    import agents
    File “/opt/Empire/lib/common/agents.py”, line 68, in
    import encryption
    File “/opt/Empire/lib/common/encryption.py”, line 27, in
    import M2Crypto
    ImportError: No module named M2Crypto

    how to fix it???????

  10. manurunj
    August 14, 2020

    Hi Zaid, thank you for putting this resource on your udemy teaching.

    I installed Empire on my kali on cd directory, but I could not run it successfully as it give me this message.
    root@kali:~/opt/Empire# ./empire
    Traceback (most recent call last):
    File “./empire”, line 5, in
    from flask import Flask, request, jsonify, make_response, abort, url_for
    ImportError: No module named flask

    Thank you for your help.

  11. Muhannad Alahmadi
    November 15, 2020

    شكراً

  12. gtgkartik
    December 24, 2020

    hello zaid i when i run ./empire its showing an error like this..
    Traceback (most recent call last):
    File “./empire”, line 5, in
    from flask import Flask, request, jsonify, make_response, abort, url_for
    ImportError: No module named Flask

    how to resolve this??

Leave A Reply