| Command | Usage | Note |
|---|---|---|
powershell | powershell [commandlet] [arguments] | Execute the command using powershell. Becomes: powershell -nop -exec bypass -EncodedCommand YOURINPUTGOESHERE |
powerpick | powerpick [commandlet] [arguments] | Fork and run command which starts Beacon's spawnto process. |
psinject | psinject [pid] [arch] [commandlet] [arguments] | Same as powerpick, but injects into target process instead of spawning a new one. |
powershell-import | powershell-import C:\LOCAL\SCRIPT.ps1 | Import external PowerShell scripts. Beacon can only hold one imported script at a time. |
execute-assembly | execute-assembly [/path/to/file.exe] [arguments] | Uses reflective DLL to load CLR and execute a .NET assembly from memory. |
inline-execute | inline-execute [/path/to/file.o] [args] | Executes a Beacon Object File (BOF) directly inside the Beacon process. |
shell | shell [args] | Passes arguments into "cmd.exe /c" |
run | run [binary + cmdline] | Direct execution of a program |
RED TEAM / C2 / COBALT STRIKE / COMMANDS