Starkiller is a Frontend for Powershell Empire. It is an Electron application written in VueJS. If you'd like to contribute please follow the Contribution guide. If you'd like to request a feature or report a bug, please follow the Issue template. Starkiller represents a huge step forward for red teams trying to operate together on engagements. It comes with a lot of functionality that we will get into shortly, first let’s give a shout out to Vinnybod. He has been a core member of the BC-Security team and leads the development of Starkiller from behind the scenes. Now let’s get into all the features that are packed into our new application.
Setting Up Empire
In order to utilize Starkiller with Empire, you have to start the server slightly different than usual. The standard way to start Empire is to simply run ./empire from the Empire folder. To setup the RESTful API with Empire, you will run ./empire --rest. This will start a command line instance of Empire on the C2 server as well as the RESTful API.
The default port that the API starts on is 1337 with the default username: empireadmin and password: password123. The username and password can be changed using --username <username> and --password <password>. The empire instance can also be run in a headless configuration without the command line by running ./empire --headless.
For full documentation on the various options, see the Wiki. It should also be noted that a minimum Empire version of 3.1.1 is recommended for the best user experience.
Getting Started with Starkiller
- To run Starkiller, you can download the installers for Mac, Linux, and Windows on the Releases page.
- For more info on running AppImage builds in Linux check out their website
- If you want to build from source or run in development mode, instructions are below.
Compile and hot-reload for development
Compile and minify for production
yarn electron:build # Or to target a specific OS. yarn electron:build:lin yarn electron:build:win yarn electron:build:mac
Detailed changes for each release are documented in the release notes.
Full tutorial of Starkiller:
Stay In Touch
- Hakin9 is a monthly magazine dedicated to hacking and cybersecurity. In every edition, we try to focus on different approaches to show various techniques - defensive and offensive. This knowledge will help you understand how most popular attacks are performed and how to protect your data from them. Our tutorials, case studies and online courses will prepare you for the upcoming, potential threats in the cyber security world. We collaborate with many individuals and universities and public institutions, but also with companies such as Xento Systems, CATO Networks, EY, CIPHER Intelligence LAB, redBorder, TSG, and others.
- Blog2022.12.13What are the Common Security Weaknesses of Cloud Based Networks?
- Blog2022.10.12Vulnerability management with Wazuh open source XDR
- Blog2022.08.29Deception Technologies: Improving Incident Detection and Response by Alex Vakulov
- Blog2022.08.25Exploring the Heightened Importance of Cybersecurity in Mobile App Development by Jeff Kalwerisky