SharpC2

Back in October 2018 (yes, 2018!), I approached begged xpn for a collaboration on an idea I had for a .NET C2 Framework. We worked on the project for about a month or so before real life got in the way and stalled development. In February 2019, cobbr released Covenant which is also a .NET C2 Framework. I subsequently spent some time contributing to, and writing about Covenant - but I’ve always wanted to get back to our original project.

I decided to re-visit SharpC2 (a very creative name on my part) over the 2019 Christmas period to try and get it into a position where we could release a proof of concept. Yet somehow I’m not writing this until May 2020! We can blame my RTO course for that.

This post is intended to provide an overview of SharpC2’s design concepts and some showcase examples of how it can be used. Code can be found on GitHub.


Continue reading

Introduction

Deploying resiliant Red Team infrastructure can be quite a time consuming process. This wiki maintained by Steve Borosh and Jeff Dimmock is probably the best public resource I’ve seen in regards to design considerations and hardening tips.

For someone like myself, who destroys and stands fresh infrastructure up for each engagement, building everything by hand is a long, laborious process. Anything that can be automated is a good thing.


Continue reading

Author's picture

Rasta Mouse

Taylor Swift fan, wannabe Red Teamer & 1337 hax0r (in that order).

Penetration Tester

UK