There are many different C2 frameworks. They can be hosted in the cloud for collaborative red teams
Empire components:
Listeners are well... listeners. They listen for a connection and facilitate further exploitation
Stagers are essentially payloads generated by Empire to create a robust reverse shell in conjunction with a listener. They are the delivery mechanism for agents
Agents are the equivalent of a Metasploit "Session". They are connections to compromised targets, and allow an attacker to further interact with the system
Modules are used to in conjunction with agents to perform further exploitation. For example, they can work through an existing agent to dump the password hashes from the server
Stop a listener using kill CLIHTTP
Stagers are essentially Empire's payloads used to connect back to the C2 server and create an agent.
Upload and run payload on target machine and check
Hop listeners create files to be copied across to the compromised "jump" server and served from there. The files contain instructions to connect back to our C2 listener
On Attacker machine
On jumpserver
Execute Payload on internal target
PowerUp Invoke-AllChecks example
