Mythic C2 Framework - Complete Active Directory Attack Chain
Full demonstration of using Mythic C2 framework to execute a complete Active Directory attack chain, from initial access to domain compromise.
What is Mythic?
Mythic is a collaborative, multi-platform Command & Control (C2) framework designed for red team operations. It provides a web-based interface for managing agents, tracking operations, and executing complex attack chains across enterprise environments.
Attack Chain Overview
This tutorial demonstrates a complete Active Directory compromise using Mythic C2:
Phase 1: Initial Access
- Payload generation and delivery
- Initial foothold establishment
- Beacon callback and session management
Phase 2: Enumeration
- Domain reconnaissance
- User and computer enumeration
- Network mapping
- Privilege discovery
Phase 3: Credential Harvesting
- LSASS dumping
- Kerberoasting
- Password spraying
- Credential extraction techniques
Phase 4: Lateral Movement
- Pass-the-Hash attacks
- WMI/DCOM exploitation
- Remote service execution
- Session hijacking
Phase 5: Privilege Escalation
- Token manipulation
- Service abuse
- Unquoted service paths
- DLL hijacking opportunities
Phase 6: Domain Compromise
- Domain Admin access
- DCSync attacks
- Golden Ticket generation
- Persistence mechanisms
Why Mythic?
- Collaborative Platform: Multi-operator support with real-time updates
- Modular Architecture: Extensive agent support (Apollo, Apfell, Merlin, etc.)
- OPSEC-Focused: Built-in obfuscation and evasion capabilities
- Enterprise Ready: Designed for large-scale Active Directory environments
- Open Source: Free and actively maintained
Key Features Demonstrated
- Web-based C2 interface
- Multiple agent deployment
- Automated credential harvesting
- Lateral movement automation
- Domain takeover techniques
- Comprehensive operational logging
Watch the complete walkthrough above for detailed demonstrations of each attack phase!
Resources
Related Content
Check out my other C2 framework tutorials for alternative attack platforms and techniques!