Today, we are releasing a new tool called SharpConflux, a .NET application built to facilitate Confluence exploration. It allows Red Team operators to easily investigate Confluence instances with the goal of finding credential [...]
A common objective of physical assessments is placement of a drop box to establish communication out of the network environment. A few years ago, the choices were limited to NUC or a Raspberry [...]
Today, we're releasing a new tool called SharpWSUS. This is a continuation of existing WSUS attack tooling such as WSUSPendu and Thunder_Woosus. It brings their complete functionality to .NET, in a way that [...]
During red team operations the goal is often to compromise a system of high value. These systems will ideally be segmented from the wider network and locked down to prevent compromise. However, the [...]
I recently read an interesting article by Elastic. It provides new analysis of a sophisticated, targeted campaign against several organizations. This has been labelled 'Bleeding Bear'. The articles analysis of Bleeding Bear tactics, [...]
We're thrilled to announce a new release of PoshC2 packed full of new features, modules, major improvements, and bug fixes. This includes the introduction of a brand-new native Linux implant and the capability [...]
Download our whitepaper and tool This blog is a condensed version of a whitepaper we've released, called "Process Hiving". It comes with a new tool too, "RunPE". You can download these at [...]
Over the past few years, we have seen an increase in the number of macOS environments we are asked to assess. While PoshC2 has “supported” macOS by way of Python since the very [...]
Over the past few years, we have found a few edge cases where the traditional lateral movement communication methods contained within PoshC2 did not suit particular client environments. To solve this problem, we [...]
Red team operators need detailed and accurate C2 report output in order to conduct high quality work. Consequently, reporting has always been a key element of PoshC2. With this update, PoshC2s reporting engine [...]