PoshC2

Description

PoshC2 is an open source remote administration and post-exploitation framework that is publicly available on GitHub. The server-side components of the tool are primarily written in Python, while the implants are written in PowerShell. Although PoshC2 is primarily focused on Windows implantation, it does contain a basic Python dropper for Linux/macOS.

Names

Name
PoshC2

Type

Backdoor

Information

https://github.com/nettitude/PoshC2/
https://www.prodefence.org/poshc2-red-teaming-post-exploitation-tool/
https://www.fireeye.com/blog/threat-research/2018/12/overruled-containing-a-potentially-destructive-adversary.html

Mitre Attack

https://attack.mitre.org/software/S0378/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.poshc2

Alienvault Otx

https://otx.alienvault.com/browse/pulses?q=tag:poshc2

Other Information

Uuid

18ebfad6-64bd-4c68-9339-3352d14a982e

Last Card Change

2020-05-14

Threat Intelligence Garden

Explorer

PoshC2

PoshC2

Description

Names

Category

Type

Information

Mitre Attack

Malpedia

Alienvault Otx

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks