C2 Archives - Page 2 of 3 - LRQA Nettitude Labs

Introducing PoshC2 v7.0

There have been some big improvements and new features added to PoshC2 and we're excited to announce the release of PoshC2 v7.0. More and more people have started contributing to the project and [...]

By Ben Turner and Doug McLeod and Rob Bone|2020-12-07T22:15:41+00:00August 20, 2020|

Detecting PoshC2 – Indicators of Compromise

As a counterpart to the release of PoshC2 version 6.0 we are providing a list of some of its Indicators of Compromise (IoCs), particularly as used out-of-the-box, as well as some other effective methods [...]

By Rob Bone|2020-12-07T22:26:19+00:00June 17, 2020|

Introducing PoshC2 v6.0

We are pleased to release the latest version of PoshC2 - v6.0. Version 6.0 includes a number of significant and exciting features, in addition to the usual plethora of bug fixes and small [...]

By Rob Bone and Ben Turner|2020-12-18T23:18:43+00:00May 18, 2020|

Introducing SharpSocks v2.0

It has been over a year since we released the first version of SharpSocks, our proxy-aware reverse HTTP tunnelling SOCKS proxy. This post aims to provide a State of the Nation update for [...]

By Rob Maslen|2020-12-23T18:35:44+00:00November 14, 2019|

Introducing PoshC2 v5.0

PoshC2 v5.0 is here and there are significant changes and improvements that we’re very excited to reveal! There's been a move to Python3, much improved documentation, significant functionality and quality of life improvements, [...]

By Rob Bone|2021-01-07T19:09:54+00:00November 12, 2019|

Operational Security with PoshC2 Framework

This post describes a new capability that has been deployed within PoshC2, which is designed to assist with revealing a wider set of target environment variables at the dropper stage, as part of [...]

By Doug McLeod|2019-05-23T08:00:57+00:00May 23, 2019|

Introducing PoshC2 v4.8 – includes C# dropper, task management and more! – Part One

We recently released version 4.8 of PoshC2, which includes a number of fixes and improvements that help facilitate simulated attacks. This is the first post in a series of posts that will include [...]

By Rob Bone|2019-04-01T07:58:42+00:00April 1, 2019|

Extending C2 Lateral Movement – Invoke-Pbind

Invoke-Pbind is a mini post exploitation framework written in PowerShell, which builds C2 communications over SMB named pipes using a push rather than a pull mechanism. Pbind was initially created to overcome lateral [...]

By Doug McLeod|2021-08-10T13:58:31+00:00August 16, 2018|

Making PoshC2 More Accessible With a $5 VPS

Users may find it difficult to host a PoshC2 server as it requires a Windows host, either directly connected to the Internet or in a position to be NAT’d through a firewall from [...]

By Ben Turner|2020-12-15T00:35:59+00:00January 31, 2018|

PoshC2 v3 with SOCKS Proxy (SharpSocks)

OVERVIEW We’ve been working on quite a few changes since the release of PoshC2 v2, our public Command & Control framework, back in December 2016. In this blog we’ll talk about the top [...]

By Rob Maslen and Ben Turner|2017-11-15T14:43:34+00:00November 15, 2017|