What is PoshC2?

github GitHub: https://github.com/nettitude/PoshC2

PoshC2 is a proxy aware C2 framework written primarily in PowerShell to aid with red teaming, post-exploitation and lateral movement. The tools and modules were developed off the back of our successful PowerShell sessions and payload types for the Metasploit Framework. PowerShell was chosen as the base language as it provides all of the functionality and rich features required and is native to Windows.



The latest document ion can always be found at https://poshc2.readthedocs.io/en/latest/.


Find us on #Slack – poshc2.slack.com


PoshC2 has a large array of features.  The latest version and feature set can always be found on GitHub at https://github.com/nettitude/PoshC2.  The following is a flavor of the kind of features you will find:

  • Open Source
  • Written in Powershell
  • Proxy Aware
  • Daisy Chaining of implants
  • Team server allowing multiple operators access to implants
  • Encrypted transport
  • Domain fronting support
  • SOCKS Proxy builtin
  • Custom payload construction
  • Task automation via auto runs
  • Automigration on succesful delivery of new implant
  • Multiple migration methods
  • Fast C# based internal network port scanner
  • Solid reporting capabilities


github GitHub: https://github.com/nettitude/PoshC2