PoshC2 Logo

PoshC2

0
Free
Visit Website

PoshC2 is a proxy aware C2 framework used for penetration testing, red teaming, post-exploitation, and lateral movement, featuring a modular format, cross-platform support, and highly configurable payloads. It provides a range of out-of-the-box implants and payloads, including PowerShell/C# and Python3, with frequent updates to bypass Anti-Virus products. The framework offers auto-generated Apache Rewrite rules, modular format for custom modules, notifications, and comprehensive logging with timestamped actions and responses. PoshC2 supports multiple team members, has a client/server format, and ensures encrypted communications, protecting the confidentiality and integrity of C2 traffic.

FEATURES

ALTERNATIVES

A powerful penetration testing platform for identifying vulnerabilities and weaknesses in computer systems.

A tool for testing Cross Site Scripting vulnerabilities

A blog post discussing the often overlooked dangers of CSV injection in applications.

GraphSpy is a token management tool that allows users to store and manage access and refresh tokens for multiple users and scopes in one location.

A tool for Local File Inclusion (LFI) exploitation and scanning

CrackMapExec (CME) - A tool for querying internal database for host and credential information in cybersecurity.

Automatic SSRF fuzzer and exploitation tool

Modlishka is a reverse proxy tool for intercepting and manipulating HTTP traffic, ideal for penetration testers, security researchers, and developers to analyze and test web applications.