😴
gatari
  • πŸ‘‹root@gatari
  • πŸ”«Active Directory (Boxes)
    • Access Walkthrough
  • πŸ”΄Red Team
    • What is Windows Defender?
    • Post-Exploitation on Disk
    • Command and Control (C2)
      • Signatured by Default
      • Bring Your Own Loader
    • Creating A C2 Framework
      • Prototyping
      • Interfaces
      • Endpoints & Listeners
  • 🚩CTF Writeups
    • 🀑GCTF 2022
      • πŸͺ„ret2secret
      • 🀑login
    • 🀑LNC 2023
      • πŸ‘½Alien Portal
    • 🀑Gryphons Mini-CTF 2023
      • πŸ‘¨β€πŸ’»Web
        • πŸ₯ΆChill
        • πŸͺ Leaked Login
        • πŸͺCookie Monster
        • ✈️Traveller
        • 🀯Headers
      • ☠️Pwn
        • 🐱Netcat
        • πŸ‘¨β€πŸ’»Login
        • πŸ‘©β€πŸ’»Login 2
        • πŸ§‘β€πŸ’»Login 3
      • βͺReverse
        • πŸ”«Valorant Aimbot
        • 🀣WannaLaugh
        • πŸͺšHacksaw
        • 🀫Secret
        • ❓Command & ...POST?
        • πŸ’€Bruh
      • 🧠Sanity Check
        • πŸ‡¨πŸ‡³ζ—©δΈŠε₯½δΈ­ε›½
        • πŸͺ‘Needle in a Haystack(s)
      • πŸ“€Crypto
        • 🀦Ascee? Asskey?
  • πŸ“˜Reviews
    • 😭CRTO - Certified Red Team Operator
Powered by GitBook
On this page
  • What is C2?
  • Cobalt Strike
  • Dropping the Cobalt Implant
  1. Red Team

Command and Control (C2)

Why not load your tools in-memory instead :D

PreviousPost-Exploitation on DiskNextSignatured by Default

Last updated 1 year ago

What is C2?

A command and control (C2) framework is often used by attackers or red teams to maintain communication with a compromised system in a target network. These frameworks allow attackers to laterally move through the network stealthily

Cobalt Strike

For the purposes of this blog, I will be discussing and utilizing Cobalt Strike, a popular software used in penetration testing and red team operations.

Dropping the Cobalt Implant

Unfortunately, we will have to drop something to disk eventually. In this case, in an assumed breach, we will have to deliver cobalt's implant in order to establish a connection with our teamserver.

πŸ”΄