C2 Archives - LRQA Nettitude Labs

Creating an IR Nightmare Drop Box

A common objective of physical assessments is placement of a drop box to establish communication out of the network environment. A few years ago, the choices were limited to NUC or a Raspberry [...]

By Patrick Matthews|2023-04-21T08:59:37+00:00April 21, 2023|

Introducing SharpWSUS

Today, we're releasing a new tool called SharpWSUS. This is a continuation of existing WSUS attack tooling such as WSUSPendu and Thunder_Woosus. It brings their complete functionality to .NET, in a way that [...]

By Phil Keeble|2022-05-05T12:10:08+00:00May 5, 2022|

Introducing MalSCCM

During red team operations the goal is often to compromise a system of high value. These systems will ideally be segmented from the wider network and locked down to prevent compromise. However, the [...]

By Phil Keeble|2022-05-04T14:19:14+00:00May 4, 2022|

Repurposing Real TTPs for use on Red Team Engagements

I recently read an interesting article by Elastic. It provides new analysis of a sophisticated, targeted campaign against several organizations. This has been labelled 'Bleeding Bear'. The articles analysis of Bleeding Bear tactics, [...]

By Brendan Ortiz|2022-04-07T14:24:00+00:00April 7, 2022|

Introducing PoshC2 v8.0

We're thrilled to announce a new release of PoshC2 packed full of new features, modules, major improvements, and bug fixes. This includes the introduction of a brand-new native Linux implant and the capability [...]

By Charley Celice, Joel Snape, Rob Bone|2022-03-30T15:43:37+00:00March 30, 2022|

Introducing Process Hiving & RunPE

Download our whitepaper and tool This blog is a condensed version of a whitepaper we've released, called "Process Hiving". It comes with a new tool too, "RunPE". You can download these at [...]

By Rob Bone|2021-11-15T20:47:31+00:00September 2, 2021|

PoshC2 – Introducing Native macOS Implants

Over the past few years, we have seen an increase in the number of macOS environments we are asked to assess. While PoshC2 has “supported” macOS by way of Python since the very [...]

By Kirk Hayes|2021-04-14T19:31:47+00:00April 14, 2021|

Introducing FComm – C2 Lateral Movement

Over the past few years, we have found a few edge cases where the traditional lateral movement communication methods contained within PoshC2 did not suit particular client environments. To solve this problem, we [...]

By Richard Hicks|2021-01-27T14:03:13+00:00January 27, 2021|

PoshC2 Improved HTML Reports

Red team operators need detailed and accurate C2 report output in order to conduct high quality work. Consequently, reporting has always been a key element of PoshC2. With this update, PoshC2s reporting engine [...]

By Mike Bone|2021-01-06T18:06:56+00:00January 6, 2021|

Introducing PoshC2 v7.0

There have been some big improvements and new features added to PoshC2 and we're excited to announce the release of PoshC2 v7.0. More and more people have started contributing to the project and [...]

By Ben Turner and Doug McLeod and Rob Bone|2020-12-07T22:15:41+00:00August 20, 2020|