Offensive Security Tool: Starkiller
Reading Time: 3 Minutes
Offensive Security Tool: Starkiller
Starkiller
Starkiller by BC-SECURITY, is a Frontend for Powershell Empire. It is an Electron application written in VueJS. It is an Electron application written in VueJS. Empire is a post-exploitation framework that includes a pure-PowerShell Windows agents, Python 3.x Linux/OS X agents, and C# agents. It is the merger of the previous PowerShell Empire and Python EmPyre projects. The framework offers cryptologically-secure communications and flexible architecture. Was featured in Bsides, Defcon & HackMiami.
Essentially Starkiller works on top giving an intuitive GUI and seamless and easy way to operate post-exploitation with style.
Getting Started
- To run Starkiller, you can download the installers for Mac, Linux, and Windows on the Releases page.
⦿ For Mac and Windows – run the installer how you would any other .exe or .dmg
⦿ For Linux – Change the permissions chmod a+x starkiller-<version>.AppImage, then execute ./starkiller-<version>.AppImage –no-sandbox
- Starkiller is also available via apt install starkiller on Kali. Kali releases are 30 days ahead of the public release.
- If you want to build from source or run in development mode, instructions are below.
See Also: Cyber Attacks do not discriminate when choosing victims.
Build and run from source
Prerequisites:
yarn install
See Also: Check out our Store
(You can find Apparel & Mugs about hacking, especially for Offensive Security)
Compile and hot-reload for development
yarn electron:serve
Compile and minify for production
yarn electron:build
# Or to target a specific OS.
yarn electron:build:lin
yarn electron:build:win
yarn electron:build:mac
Starkiller’s build tool, electron-builder, is not meant to target multiple platforms in a single build. It is also recommended to compile on your target platform. For example, to build for amd64 (on an amd64 machine) with an AppImage, the command would be:
yarn electron:build –arm64 –linux AppImage
Note: To regenerate the icons
npm install -g electron-icon-builder
yarn electron:generate-icons
See Also: Pegasus Spyware Uses iPhone Zero-Click iMessage Zero-Day
Compatibility Table
Starkiller’s new features occasionally depend on new functionality within Empire. Therefore, it is recommended that you follow this release table for syncing up your Starkiller and Empire versions. If you are using an older version of Empire, Starkiller will warn you when logging in, but will allow you to continue. If a there is a new minimum version of Empire required to get all the features out of Starkiller, they will do a minor version bump to Starkiller.
| Starkiller Release | Minimum Empire Version | Notes |
| 1.0.x | 3.1.1 | 3.1.1 is the first version of Empire to include all the user endpoints necessary for Starkiller to function |
| 1.1.x | 3.1.5 | 3.1.5 updated the reporting endpoint to have the same result as running it in the CLI. Starkiller 1.1.x uses that reporting endpoint for the reporting tab |
| 1.2.x | 3.2.0 | 3.2.0 added an endpoint for users that is needed for the UI updates introduced in Starkiller 1.2.0 |
| 1.3.x | 3.3.0 | 3.3.0 categorized all of the modules in Empire with corresponding MITRE techniques |
| 1.4.x, 1.5.x | 3.5.0 | 3.5.0 added real-time notifications for new listeners and agents |
| 1.6.x, 1.7.x | 3.7.0 | 1.6.0 was tested against Empire 3.7.0. There shouldn’t be any breaking changes, but there were a lot of code changes. |
| 1.8.x | 4.0.0 |
Changelog
Detailed changes for each release are documented in the release notes.
See Also: Offensive Security Tool: FFUF
