CVE-2024-53304

An issue in LRQA Nettitude PoshC2 after commit 09ee2cf allows unauthenticated attackers to connect to the C2 server and execute arbitrary commands via posing as an infected machine...

CVE-2024-53303

A remote code execution RCE vulnerability in the uploadfile function of LRQA Nettitude PoshC2 after commit 123db87 allows authenticated attackers to execute arbitrary code via a crafted POST request...

CVE-2024-53303

A remote code execution RCE vulnerability in the uploadfile function of LRQA Nettitude PoshC2 after commit 123db87 allows authenticated attackers to execute arbitrary code via a crafted POST request...

CVE-2024-53304

An issue in LRQA Nettitude PoshC2 after commit 09ee2cf allows unauthenticated attackers to connect to the C2 server and execute arbitrary commands via posing as an infected machine...

CVE-2024-53304

An issue in LRQA Nettitude PoshC2 after commit 09ee2cf allows unauthenticated attackers to connect to the C2 server and execute arbitrary commands via posing as an infected machine...

CVE-2024-53303

A remote code execution RCE vulnerability in the uploadfile function of LRQA Nettitude PoshC2 after commit 123db87 allows authenticated attackers to execute arbitrary code via a crafted POST request...

CVE-2024-53303

A remote code execution RCE vulnerability in the uploadfile function of LRQA Nettitude PoshC2 after commit 123db87 allows authenticated attackers to execute arbitrary code via a crafted POST request...

CVE-2024-53304

An issue in LRQA Nettitude PoshC2 after commit 09ee2cf allows unauthenticated attackers to connect to the C2 server and execute arbitrary commands via posing as an infected machine...

CVE-2024-53304

LRQA Nettitude PoshC2 is affected after commit 09ee2cf , allowing an unauthenticated attacker to connect to the C2 server and execute arbitrary commands by posing as an infected machine. The connected PT-2025-16874 note suggests a temporary workaround: restrict access to the C2 server until a pat...

PT-2025-16874 · Lrqa Nettitude · Poshc2

Name of the Vulnerable Software and Affected Versions: LRQA Nettitude PoshC2 versions after commit 09ee2cf Description: The issue allows unauthenticated attackers to connect to the C2 server and execute arbitrary commands by posing as an infected machine. Recommendations: For versions after commi...

CVE-2024-53303

CVE-2024-53303 is an RCE in LRQA Nettitude PoshC2, triggered by a crafted POST to the upload_file function after commit 123db87. It requires authentication, with PoC availability noted in the analysis metrics. CVSS 3.1 base score 8.8 (HIGH); attack vector NETWORK, attack complexity LOW, privilege...

LRQA Nettitude PoshC2 安全漏洞

LRQA Nettitude PoshC2 is an agent-aware C2 framework from LRQA used to help penetration testers with red teaming, late exploits, and lateral movement. A security vulnerability exists in LRQA Nettitude PoshC2 that stems from allowing an unauthenticated attacker to connect to the C2 server and...

LRQA Nettitude PoshC2 安全漏洞

LRQA Nettitude PoshC2 is an agent-aware C2 framework from LRQA used to help penetration testers with red teaming, late exploits, and lateral movement. A security vulnerability exists in LRQA Nettitude PoshC2 that stems from an uploadfile function that allows execution of arbitrary code via a...

SharpCookieMonster - Extracts Cookies From Chrome

This is a Sharp port of @defaultnamehere's cookie-crimes module - full credit for their awesome work! This C project will dump cookies for all sites, even those with httpOnly/secure/session flags. Usage Simply run the binary. SharpCookieMonster.exe https://sitename.com chrome-debugging-port user...

SharpEDRChecker - Checks Running Processes, Process Metadata, DLLs Loaded Into Your Current Process And The Each DLLs Metadata, Common Inst all Directories, Installed Services And Each Service Binaries Metadata, Installed Drivers And Each Drivers Metadata, All For The Presence Of Known Defensive Products Such As AV's, EDR's And Logging Tools

New and improved C Implementation of Invoke-EDRChecker. Checks running processes, process metadata, Dlls loaded into your current process and each DLLs metadata, common install directories, installed services and each service binaries metadata, installed drivers and each drivers metadata, all for...

UPDATE: PoshC2 v6.0

PoshC2 v6.0 was released a couple of months ago which includes a number of significant and exciting features. Additionally it contains a lot of bug fixes and small improvements as well! What is PoshC2? PoshC2 is a proxy aware C2 framework in Python3, used to aid penetration testers with red...

UPDATE: PoshC2 v5.2

Back in November 2019, PoshC2 v5.0 was released and now, a couple of days ago PoshC2 v5.2 was released as well. This release has significant refactoring changes to make this open source post-exploitation C2 framework more intuitive to use and contribute to. The guys at Nettitude labs have taken...

UPDATE: PoshC2 v5.0

A couple of days ago, PoshC2 v5.0 was released to the public. I briefly mentioned PoshC2 in my post titled – List of Open Source C2 Post-Exploitation Frameworks. Significant changes and improvements have been made to this version, most notably - PoshC2 has been completely rewritten in Python3. Wh...

PoshC2 - C2 Server and Implants

PoshC2 is a proxy aware C2 framework that utilises Powershell and/or equivalent System.Management.Automation.dll to aid penetration testers with red teaming, post-exploitation and lateral movement. Powershell was chosen as the base implant language as it provides all of the functionality and rich...

Proxy Aware PowerShell C2 Framework: PoshC2

PoshC2 is a proxy aware C2 framework written completely in PowerShell to aid penetration testers with red teaming, post-exploitation and lateral movement. The tools and modules were developed off the back of our successful PowerShell sessions and payload types for the Metasploit Framework...