Mythic : A Collaborative, Multi-Platform, Red Teaming Framework

Mythic is a cross-platform, post-exploit, red teaming framework built with python3, docker, docker-compose, and a web browser UI. It’s designed to provide a collaborative and user friendly interface for operators, managers, and reporting throughout red teaming.

Installing Agents and C2 Profiles

The Mythic repository itself does not host any Payload Types or any C2 Profiles. Instead, Mythic provides a command, ./mythic-cli install github <url> [branch name] [-f], that can be used to install agents into a current Mythic instance.

Payload Types are hosted on the MythicAgents organization and C2 Profiles are hosted on the MythiC2Profiles organization.

To install an agent, simply run the script and provide an argument of the path to the agent on GitHub:

sudo ./mythic-cli install github https://github.com/MythicAgents/apfell

The same is true for isntalling C2 Profiles:

sudo ./mythic-cli install github https://github.com/MythicC2Profiles/http

This is a slight departure from previous Mythic versions which included a few default Payload Types and C2 Profiles within this repository. This change allows the agents and c2 profiles to be updated at a much more regular pace and finally separates out the Mythic Core components from the rest of Mythic.

Mythic Container Configurations & PyPi Packages

Mythic uses Docker and Docker-compose for all of its components, which allows Mythic to provide a wide range of components and features without having requirements exist on the host. However, it can be helpful to have insight into how the containers are configured. All of Mythic’s docker containers are hosted on DockerHub under itsafeaturemythic.

Additionally, Mythic uses a number of custom PyPi packages to help control and sync information between all of the containers as well as providing an easy way to script access to the server.

All of this can be found on the MythicMeta:

• Dockerfile configurations for all Docker images uploaded to DockerHub
• PyPi source code for all packages uploaded to PyPi
• Scripting source code

Current Container PyPi Package Requirements

Supported payload types must have the mythic_payloadtype_container PyPi package of 0.0.43.

• The Payload Type container reports this as version 7.

Supported c2 profiles must have the mythic_c2_container PyPi package of 0.0.22.

• The C2 Profile container reports this as version 3.

Supported translation containers must have the mythic_translator_containter PyPi package of 0.0.10.

• The Translator container reports this as version 3.