Command & Control Frameworks

Common Command & Control Frameworks used by Professionals and Threat Actors

Command & Control Frameworks

C2 Matrix

The C2 Matrix is a tool built by SANS for security professionals looking to integrate a Command & Control framework within their workflow. It has a list of near up-to-date C2's (Commercial and otherwise), as well as their capabilities, the language it was built in, and more.

The matrix also features a virtual machine - Slingshot - which can be used to test out C2s within a virtualised lab environment.

Commercial C2 Frameworks

C2 Frameworks varies in price based on their capabilities, Operational Security, and Support - ranging from affordable to an SME, to 5 kidneys and some change.

Cobalt Strike (CS)

Probably one of the most recognisable C2s on the market. The C2 was created by Raphael Mudge as a paid version of Armitage - a GUI version of Metasploit. Due to its stability, malleability and long history of success, CS is used in many red team & penetration testing engagements - and by threat actors - to achieve domain dominance over client environments. The easy to navigate GUI and customisable features makes it a great choice for those that can afford it.

Courses that utilise CS in their labs:

There are some courses that offer training with CS which makes it more accessible to learn and use a commercial C2

Open Source C2 Frameworks

Metasploit Framework

Mythic Framework

Havoc Framework

PreviousCommand & Control Anatomy NextMetasploit Framework

Last updated 1 year ago

hashtagCommand & Control Frameworks

hashtagC2 Matrix

hashtagCommercial C2 Frameworks

hashtagOpen Source C2 Frameworks