Command & Control Frameworks
Common Command & Control Frameworks used by Professionals and Threat Actors
Last updated
Common Command & Control Frameworks used by Professionals and Threat Actors
Last updated
The C2 Matrix is a tool built by SANS for security professionals looking to integrate a Command & Control framework within their workflow. It has a list of near up-to-date C2's (Commercial and otherwise), as well as their capabilities, the language it was built in, and more.
The matrix also features a virtual machine - Slingshot - which can be used to test out C2s within a virtualised lab environment.
C2 Frameworks varies in price based on their capabilities, Operational Security, and Support - ranging from affordable to an SME, to 5 kidneys and some change.
Cobalt Strike (CS)
Probably one of the most recognisable C2s on the market. The C2 was created by Raphael Mudge as a paid version of Armitage - a GUI version of Metasploit. Due to its stability, malleability and long history of success, CS is used in many red team & penetration testing engagements - and by threat actors - to achieve domain dominance over client environments. The easy to navigate GUI and customisable features makes it a great choice for those that can afford it.
Courses that utilise CS in their labs:
There are some courses that offer training with CS which makes it more accessible to learn and use a commercial C2
Metasploit Framework
Mythic Framework
Havoc Framework
