{"id":13454405,"url":"https://github.com/nettitude/PoshC2","last_synced_at":"2025-03-24T05:33:55.129Z","repository":{"id":37819393,"uuid":"141987967","full_name":"nettitude/PoshC2","owner":"nettitude","description":"A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.","archived":false,"fork":false,"pushed_at":"2025-03-06T11:10:20.000Z","size":120154,"stargazers_count":1886,"open_issues_count":25,"forks_count":336,"subscribers_count":62,"default_branch":"master","last_synced_at":"2025-03-15T07:09:45.276Z","etag":null,"topics":["c2","csharp","nettitude","payloads","poshc2","poshc2-installation","powershell","proxy-aware","python3","redteam"],"latest_commit_sha":null,"homepage":"","language":"PowerShell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nettitude.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-07-23T08:53:32.000Z","updated_at":"2025-03-12T23:34:31.000Z","dependencies_parsed_at":"2023-02-19T07:45:52.488Z","dependency_job_id":"88628267-18e7-42c3-b329-7ed95dd38ff1","html_url":"https://github.com/nettitude/PoshC2","commit_stats":{"total_commits":874,"total_committers":42,"mean_commits":20.80952380952381,"dds":0.6109839816933638,"last_synced_commit":"869822e15c01f2057bbcee66f0807a484d9d68c1"},"previous_names":["nettitude/poshc2_python"],"tags_count":26,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nettitude%2FPoshC2","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nettitude%2FPoshC2/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nettitude%2FPoshC2/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nettitude%2FPoshC2/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nettitude","download_url":"https://codeload.github.com/nettitude/PoshC2/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245217434,"owners_count":20579291,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["c2","csharp","nettitude","payloads","poshc2","poshc2-installation","powershell","proxy-aware","python3","redteam"],"created_at":"2024-07-31T08:00:53.797Z","updated_at":"2025-03-24T05:33:50.104Z","avatar_url":"https://github.com/nettitude.png","language":"PowerShell","funding_links":[],"categories":["\u003ca id=\"1233584261c0cd5224b6e90a98cc9a94\"\u003e\u003c/a\u003e渗透\u0026\u0026offensive\u0026\u0026渗透框架\u0026\u0026后渗透框架","PowerShell","PowerShell (153)","\u003ca id=\"5dd93fbc2f2ebc8d98672b2d95782af3\"\u003e\u003c/a\u003e工具","🧪 C2 Frameworks \u0026 Support Tools","Pentesting","Tools"],"sub_categories":["\u003ca id=\"98a851c8e6744850efcb27b8e93dff73\"\u003e\u003c/a\u003eC\u0026C","Red Team","Open Source"],"readme":"![PoshC2 Logo](https://raw.githubusercontent.com/nettitude/PoshC2/master/resources/images/PoshC2Logo.png)\n\n![Docker Image CI](https://github.com/nettitude/PoshC2/workflows/Docker%20Image%20CI/badge.svg?branch=master)\n\nPoshC2 is a proxy aware C2 framework used to aid penetration testers with red teaming, post-exploitation and lateral\nmovement.\n\nPoshC2 is primarily written in Python3 and follows a modular format to enable users to add their own modules and tools,\nallowing an extendible and flexible C2 framework. Out-of-the-box PoshC2 comes PowerShell/C# and Python2/Python3 implants\nwith payloads written in PowerShell v2 and v4, C++ and C# source code, a variety of executables, DLLs and raw shellcode\nin addition to a Python2/Python3 payload. These enable C2 functionality on a wide range of devices and operating\nsystems, including Windows, *nix and OSX.\n\nOther notable features of PoshC2 include:\n\n* Consistent and Cross-Platform support using Docker.\n* Highly configurable payloads, including default beacon times, jitter, kill dates, user agents and more.\n* A large number of payloads generated out-of-the-box which are frequently updated.\n* Shellcode containing in-build AMSI bypass and ETW patching for a high success rate and stealth.\n* Auto-generated Apache Rewrite rules for use in a C2 proxy, protecting your C2 infrastructure and maintaining good\n  operational security.\n* A modular and extensible format allowing users to create or edit C#, PowerShell or Python3 modules which can be run\n  in-memory by the Implants.\n* Notifications on receiving a successful Implant via Pushover or Slack.\n* A comprehensive and maintained contextual help and an intelligent prompt with contextual auto-completion, history and\n  suggestions.\n* Fully encrypted communications, protecting the confidentiality and integrity of the C2 traffic even when communicating\n  over HTTP.\n* Client/Server format allowing multiple team members to utilise a single C2 server.\n* Extensive logging. Every action and response is timestamped and stored in a database with all relevant information\n  such as user, host, implant number etc. In addition to this the C2 server output is directly logged to a separate\n  file.\n* PowerShell-less implants that do not use System.Management.Automation.dll using C# or Python2/Python3.\n* A free and open-source SOCKS Proxy using [SharpSocks](https://github.com/nettitude/SharpSocks)\n* HTTP(S) and SMB named-pipe comms for implants combined with Implant Daisy-chaining for reaching networks that do not\n  have access to the internet\n\n## Documentation\n\nWe maintain PoshC2 documentation over at https://poshc2.readthedocs.io/en/latest/\n\nFind us on #Slack - [poshc2.slack.com](poshc2.slack.com) (to request an invite send an email to labs@nettitude.com)\n\n## Install\n\nYou can install PoshC2 directly or use the Docker images, instructions for both are below.\n\n### Direct install on Kali hosts\n\nAn install script is provided for installing PoshC2:\n\n```\n*** PoshC2 Install script ***\nUsage:\n./Install.sh -b \u003cgit branch\u003e -p \u003cDirectory to clone PoshC2 to\u003e\n\nDefaults are master branch to /opt/PoshC2\n```\n\nElevated privileges are required as the install script performs `apt` updates and installations.\n\n```bash\ncurl -sSL https://raw.githubusercontent.com/nettitude/PoshC2/master/Install.sh | sudo bash\n```\n\nAlternatively the repository can be cloned down and the install script manually run.\n\n```\nsudo ./Install.sh\n```\n\nYou can manually set the PoshC2 installation directory by passing it to the Install.sh script as the `-p` argument. The\ndefault is **/opt/PoshC2**:\n\n```\ncurl -sSL https://raw.githubusercontent.com/nettitude/PoshC2/master/Install.sh | sudo bash -s -- -p /root/PoshC2\n```\n\n### Cutting Edge Features\n\nWe want to keep the `master` branch stable to ensure that users are able to rely on it when required and for this reason\nchanges can often be feature-complete but not yet present on `master` as they have not been tested completely and\nsigned-off yet.\n\nIf you want to look at upcoming features in PoshC2 you can check out the `dev` branch, or any individual feature\nbranches branched off of `dev`.\n\nAs features **are** tested before they are merged into `dev` this branch should still be fairly stable and operators can\nopt in to using this branch or a particular feature branch for their engagement.\nThis does trade stablity for new features however so do it at your own discretion.\n\nTo use `dev` or a feature branch pass the branch name to the Install.sh script as the `-b` argument:\n\n```bash\ncurl -sSL https://raw.githubusercontent.com/nettitude/PoshC2/dev/Install.sh | sudo bash -s -- -b dev\n```\n\nNote the URL includes the branch name also (here `dev` instead of `master`).\n\n## Installing for Docker\n\nYou can also run PoshC2 using Docker, this allows more stable and running and enables PoshC2 to easily run on other\noperating systems.\n\nThe Docker install does not clone PoshC2 as the PoshC2 images on Docker Hub are used, so only a minimal install of some\ndependencies and scripts are performed.\n\nTo start with, install Docker on the host and then add the PoshC2 projects directory to Docker as a shared directory if\nrequired for your OS. By default this is **/var/poshc2** on *nix and **/private/var/poshc2** on Mac.\n\n### Kali based hosts\n\nInstall script:\n\n```\n*** PoshC2 Install script for Docker ***\nUsage:\n./Install-for-Docker.sh -b \u003cgit branch\u003e\n\nDefault is the master branch\n```\n\nElevated privileges are required as the install script performs script installations.\n\n```bash\ncurl -sSL https://raw.githubusercontent.com/nettitude/PoshC2/master/Install-for-Docker.sh | sudo bash\n```\n\nTo use the `dev` or feature branches with Docker curl down the `Install-for-Docker.sh` on the appropriate branch and\npass the branch name as an argument:\n\n```bash\ncurl -sSL https://raw.githubusercontent.com/nettitude/PoshC2/BRANCHNAME/Install-for-Docker.sh | sudo bash -s -- -b BRANCHNAME\n```\n\n### Windows\n\nOn Windows, import the PoshC2.psm1 PowerShell module.\n\n```powershell\nImport-Module -DisableNameChecking C:\\PoshC2\\resources\\scripts\\PoshC2.psm1\nposh-project -PoshC2Dir \"C:\\PoshC2\" -LocalPoshC2ProjectDir \"C:\\PoshC2_Project\" -Arg1 \"-n\" -Arg2 \"newproject\"\nposh-config -PoshC2Dir \"C:\\PoshC2\" -LocalPoshC2ProjectDir \"C:\\PoshC2_Project\"\nposh-server -PoshC2Dir \"C:\\PoshC2\" -LocalPoshC2ProjectDir \"C:\\PoshC2_Project\"\nposh -PoshC2Dir \"C:\\PoshC2\" -LocalPoshC2ProjectDir \"C:\\PoshC2_Project\" username\n```\n\n## Running PoshC2\n\nCreate a new project:\n\n```bash\nposh-project -n \u003cproject-name\u003e\n```\n\nProjects can be switched to or listed using this script:\n\n```bash\n[*] Usage: posh-project -n \u003cnew-project-name\u003e\n[*] Usage: posh-project -s \u003cproject-to-switch-to\u003e\n[*] Usage: posh-project -l (lists projects)\n[*] Usage: posh-project -d \u003cproject-to-delete\u003e\n[*] Usage: posh-project -c (shows current project)\n\n```\n\nEdit the configuration for your project:\n\n```bash\nposh-config\n```\n\nLaunch the PoshC2 server:\n\n```bash\nposh-server\n```\n\nAlternatively start it as a service:\n\n```bash\nposh-service\n```\n\nSeparately, run the ImplantHandler for interacting with implants:\n\n```bash\nposh -u \u003cusername\u003e\n```\n\nSee https://poshc2.readthedocs.io/en/latest/ for full documentation on PoshC2.\n\n### Specifying a Docker tag\n\nIf you are using Docker you can specify the Docker image tag to run with the `-t` option to `posh-server` and `posh`.\n\nE.g.\n\n```bash\nposh-server -t latest\n\n```\n\n## Updating PoshC2 Installations\n\n**It is not recommended to update PoshC2 during an engagement. Incoming changes may be incompatible with an existing\nproject and can result in erratic behaviour.**\n\nWhen using a git cloned version of PoshC2 you can update your PoshC2 installation using the following command:\n\n```\n*** PoshC2 Update Script ***\nUsage:\nposh-update -b \u003cgit branch\u003e\n\nDefault is the master branch\n```\n\n## Using older versions\n\nYou can use an older version of PoshC2 by referencing the appropriate tag. Note this only works if you have cloned down\nthe repository.\nYou can list the tags for the repository by issuing:\n\n```bash\ngit tag --list\n```\n\nIf you have a local clone of PoshC2 you can change the version that is in use while offline by just checking out the\nversion you want to use:\n\n```bash\ngit reset --hard \u003ctag name\u003e\n```\n\nFor example:\n\n```bash\ngit reset --hard v4.8\n```\n\nHowever note that this will overwrite any local changes to files, such as changes to the configuration files, and you\nmay have to re-run the install script for that version or re-setup the environment appropriately.\n\n## License / Terms of Use\n\nThis software should only be used for **authorised** testing activity and not for malicious use.\n\nBy downloading this software you are accepting the terms of use and the licensing agreement.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnettitude%2FPoshC2","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnettitude%2FPoshC2","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnettitude%2FPoshC2/lists"}