I'm studying EMPIRE in my lab ENV and I'm trying to kill/remove an agent/infected computer to delete whatever it has done (registry keys for auto startup and such) and kill itself, basically i want it to stop trying to connect back and kill it too
but the problem is even when i remove or kill it, or type exit inside my agent, it still connects back after rebooting!
so how do red teamers remove their stuff after the mission is done? because I'm sure they are not gonna leave their agents behind after its finished, so how should i remove it completely? don't tell me i have to manually remove registry keys and such for it to stop, because if so, then what if I'm using a different persistent methods!