Creating an IR Nightmare Drop Box
A common objective of physical assessments is placement of a drop box to establish communication out of the network environment. A few years ago, the choices were limited to NUC or a Raspberry [...]
A common objective of physical assessments is placement of a drop box to establish communication out of the network environment. A few years ago, the choices were limited to NUC or a Raspberry [...]
Today, we're releasing a new tool called SharpWSUS. This is a continuation of existing WSUS attack tooling such as WSUSPendu and Thunder_Woosus. It brings their complete functionality to .NET, in a way that [...]
During red team operations the goal is often to compromise a system of high value. These systems will ideally be segmented from the wider network and locked down to prevent compromise. However, the [...]
I recently read an interesting article by Elastic. It provides new analysis of a sophisticated, targeted campaign against several organizations. This has been labelled 'Bleeding Bear'. The articles analysis of Bleeding Bear tactics, [...]
We're thrilled to announce a new release of PoshC2 packed full of new features, modules, major improvements, and bug fixes. This includes the introduction of a brand-new native Linux implant and the capability [...]
Download our whitepaper and tool This blog is a condensed version of a whitepaper we've released, called "Process Hiving". It comes with a new tool too, "RunPE". You can download these at [...]
Over the past few years, we have seen an increase in the number of macOS environments we are asked to assess. While PoshC2 has “supported” macOS by way of Python since the very [...]
Over the past few years, we have found a few edge cases where the traditional lateral movement communication methods contained within PoshC2 did not suit particular client environments. To solve this problem, we [...]
Red team operators need detailed and accurate C2 report output in order to conduct high quality work. Consequently, reporting has always been a key element of PoshC2. With this update, PoshC2s reporting engine [...]
There have been some big improvements and new features added to PoshC2 and we're excited to announce the release of PoshC2 v7.0. More and more people have started contributing to the project and [...]