id: mythic-c2 info: name: Mythic C2 - Detect author: pussycat0x severity: info description: | A cross-platform, post-exploit, red teaming framework built with python3, docker, docker-compose, and a web browser UI. It's designed to provide a collaborative and user friendly interface for operators, managers, and reporting throughout red teaming. reference: | https://www.socinvestigation.com/shodan-filters-to-hunt-adversaries-infrastructure-and-c2/ metadata: verified: "true" shodan-query: 'ssl:Mythic port:7443' tags: c2,ir,osint,mythic requests: - method: GET path: - '{{BaseURL}}/new/login' matchers-condition: and matchers: - type: word part: body words: - 'Mythic<' - type: status status: - 200