# Command & Control Frameworks

### Command & Control Frameworks

#### C2 Matrix

The [C2 Matrix ](https://howto.thec2matrix.com/)is a tool built by [SANS](https://www.sans.org/tools/the-c2-matrix/) for security professionals looking to integrate a Command & Control framework within their workflow. It has a list of near up-to-date C2's (Commercial and otherwise), as well as their capabilities, the language it was built in, and more.

The matrix also features a virtual machine - [Slingshot ](https://howto.thec2matrix.com/slingshot-c2-matrix-edition)- which can be used to test out C2s within a virtualised lab environment.&#x20;

<figure><img src="/files/SjQM846V0VlWQdhwlI15" alt=""><figcaption><p><a href="https://docs.google.com/spreadsheets/d/1b4mUxa6cDQuTV2BPC6aA-GR4zGZi0ooPYtBe4IgPsSc/edit?usp=sharing">C2 Matrix Spreadsheet</a></p></figcaption></figure>

#### Commercial C2 Frameworks

C2 Frameworks varies in price based on their capabilities, Operational Security, and Support - ranging from affordable to an SME, to 5 kidneys and some change.

**Cobalt Strike (CS)**

Probably one of the most recognisable C2s on the market. The C2 was created by Raphael Mudge as a paid version of [Armitage ](https://www.kali.org/tools/armitage/)- a GUI version of Metasploit. Due to its stability, malleability and long history of success, CS is used in many red team & penetration testing engagements - and by threat actors - to achieve domain dominance over client environments. The easy to navigate GUI and customisable features makes it a great choice for those that can afford it.

**Courses that utilise CS in their labs:**

There are some courses that offer training with CS which makes it more accessible to learn and use a commercial C2

* [Certified Red Team Operator/Lead](https://training.zeropointsecurity.co.uk/bundles/red-team-courses)
* [Advanced Red Team Operations](https://training.whiteknightlabs.com/advanced-red-team-operations/)
* [Offensive Development](https://training.whiteknightlabs.com/offensive-development-training/)

#### Open Source C2 Frameworks

**Metasploit Framework**

**Mythic Framework**

**Havoc Framework**


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://blog.securescape.cc/offensive-security/red-team/offensive-development/infrastructure-development-wip/command-and-control-infrastructure/command-and-control-anatomy/command-and-control-frameworks.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.