PoshC2
PoshC2 is a proxy aware C2 framework used to aid penetration testers with red teaming, post-exploitation and lateral movement.
PoshC2 is primarily written in Python3 and follows a modular format to enable users to add their own modules and tools, allowing an extendible and flexible C2 framework. Out-of-the-box PoshC2 comes PowerShell/C# and Python3 implants with payloads written in PowerShell v2 and v4, C++ and C# source code, a variety of executables, DLLs and raw shellcode in addition to a Python3 payload. These enable C2 functionality on a wide range of devices and operating systems, including Windows, *nix and OSX.
Linked Threat Actors
C2 Infrastructure
Last 7 days
| Date | C2 Hosts |
|---|---|
| Mar 23, 2026 | 2 |
Further Reading
Here's how to hunt for GetSystem commands, which employ privilege escalation tactics to grant adversaries access to a victim’s SYSTEM account.
Introduction Recent studies show that more than 85% of financial institutions in Central and Western Africa have repeatedly been victimized in multiple, damaging cyberattacks. In a quarter of these...
事件背景 安恒威胁情报中心猎影实验室近期捕获到一起针对疑似位于印度的渣打银行相关人员的攻击。攻击者使用的钓鱼链接中涉及利用社会工程得到的几个肯尼亚渣打银行员工姓... Read More Read More