C2 Framework

What is a C2 Framework

What is a C2 Framework?

C2 is the acronym for Command and Control (C&C can also be used).

A C2 Framework is a collection of tools and tactics used by attackers(Red teamers here) to keep in touch with compromised devices after the initial exploitation. Although the different possibilities differ widely across framework, C2 typically includes of one or more covert communication channels between exploited devices (VM from the homelab) and a platform controlled by the attacker (The windows host).

These channels are used to send commands to the infected devices, download further malicious payloads, pivot in the network and exfiltrate stolen data back to the attacker.

Choice of a C2 Framework

Here I'm going to use two different one:

  • Cobalt Strike, a commercial framework (The most often professionally use)

  • Covenant, a collaborative .NET C2 framework for red teamers

I still encourage you to explore the others one or even develop your own.

A good reference to choose your c2 is the C2 matrix Project, it's goal is to point you to the best C2 framework for your needs based on your adversary emulation plan and the target environment.

C2 Introduction

First I recommend to follow up to these two resources:

C2 Installation

Last updated