PickleC2: post-exploitation and lateral movements framework
PickleC2
PickleC2 is a post-exploitation and lateral movements framework
PickleC2 is a simple C2 framework written in python3 used to help the community in Penetration Testers in their red teaming engagements.
PickleC2 has the ability to import your own PowerShell module for Post-Exploitation and Lateral Movement or automate the process.
Features
There is one implant for the beta version which is powershell.
- PickleC2 is fully encrypted communications, protecting the confidentiality and integrity of the C2 traffic even when communicating over HTTP.
- PickleC2 can handle multiple listeners and implants with no issues
- PickleC2 supports anyone who would like to add his own PowerShell Module
Install
git clone https://github.com/xRET2pwn/PickleC2.git
cd PickleC2
sudo apt install python3 python3-pip
python3 -m pip install -r requirements.txt
./run.py
FAQ
What will happen if the implant is up and running but the C2 is down?
Do not worry you will not lose your shell and all you need to do is re-run the C2 and load the listener again to interact with your implant
HTTP is no encrypted so why I use it?
Yes, the standard http is not encrypted but all the communication in the PickleC2 is encrypted by AES.
Why I can’t Invoke a powershell script through the powershell command?
Because I uses System.Diagnostics.ProcessStartInfo in the current powershell implant so when you invoke a powershell script it opens a new powershell session to execute your command which is invoked and after executing the command it will close the session. if you want to invoke a powershell script you need to use the module option.
