216.73.217.22

PoshC2

The MITRE Corporation · Published 23/04/2019 14:31 · Modified 27/03/2026 01:07

Essential information

Confidence
100/100
Published
23/04/2019 14:31
Modified
27/03/2026 01:07
Revoked
No
Author / Source
The MITRE Corporation
Related entities
32 attack patterns (mitre), 3 intrusion sets (apt)

Description

[PoshC2](https://attack.mitre.org/software/S0378) is an open source remote administration and post-exploitation framework that is publicly available on GitHub. The server-side components of the tool are primarily written in Python, while the implants are written in [PowerShell](https://attack.mitre.org/techniques/T1059/001). Although [PoshC2](https://attack.mitre.org/software/S0378) is primarily focused on Windows implantation, it does contain a basic Python dropper for Linux/macOS.(Citation: GitHub PoshC2)

Marking (TLP)

Copyright 2015-2025, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation.

External references

Related entities

Attack patterns, malware, vulnerabilities, indicators, intrusion sets, tools and other entities linked to this tool.