C2 Matrix

C2 Info
Name License Price GitHub Site

AirStrike NA NA https://github.com/smokeme/airstrike
Alan Created Commons NA https://github.com/enkomio/AlanFramework
Alchimist NA NA https://blog.talosintelligence.com/2022/10/alchimist-off
Ares NA NA https://github.com/sweetsoftware/Ares
AsyncRAT-C# MIT NA https://github.com/NYAN-x-CAT/AsyncRAT-C-Sharp
AtlasC2 MIT NA https://github.com/Gr1mmie/AtlasC2
https://grimmie.net/atlasc2-carrying-the-weight-of-net-a
BabyShark NA NA https://github.com/UnkL4b/BabyShark
Badrats GNU GPL3 NA https://gitlab.com/KevinJClark/badrats
BlackMamba MIT NA https://github.com/loseys/BlackMamba
Brute Ratel Commercial $2,500 https://bruteratel.com/
Bunraku Apache 2 NA https://github.com/theshadowboxers/bunraku
C3 BSD3 NA https://github.com/FSecureLABS/C3
https://labs.f-secure.com/tools/c3/
CALDERA Apache 2 NA https://github.com/mitre/caldera
Callidus GNU GPL3 NA https://github.com/3xpl01tc0d3r/Callidus
CHAOS BSD3 NA https://github.com/tiagorlampert/CHAOS
Cobalt Strike Commercial $5,900 https://www.cobaltstrike.com/
Covenant GNU GPL3 NA https://github.com/cobbr/Covenant
https://cobbr.io/tags#covenant
DaaC2 NA NA https://github.com/crawl3r/DaaC2
Dali MIT NA https://github.com/h0mbre/Dali
https://h0mbre.github.io/Image_Based_C2_PoC/
DarkFinger MIT NA https://github.com/hyp3rlinx/DarkFinger-C2
DBC2 NA NA https://github.com/Arno0x/DBC2
DcRat MIT NA https://github.com/qwqdanchun/DcRat
DeimosC2 MIT NA https://github.com/DeimosC2/DeimosC2
Disctopia GNU GPL3 NA https://github.com/3ct0s/disctopia-c2
Eggshell GNU GPL2 NA https://github.com/neoneggplant/EggShell
emp3r0r MIT NA https://github.com/jm33-m0/emp3r0r
Empire BSD3 NA https://github.com/BC-SECURITY/Empire
EvilOSX GNU GPL3 NA https://github.com/Marten4n6/EvilOSX
Faction C2 BSD3 NA Taken down
FlyingAFalseFlag GNU GPL3 NA https://github.com/monoxgas/FlyingAFalseFlag
FudgeC2 GNU GPL3 NA https://github.com/Ziconius/FudgeC2
GC2-sheet NA NA https://github.com/looCiprian/GC2-sheet
gcat BSD2 NA https://github.com/byt3bl33d3r/gcat
GoBot2 MIT NA https://github.com/SaturnsVoid/GoBot2
GodGenesis NA NA https://github.com/SaumyajeetDas/GodGenesis
godoh GNU GPL3 NA https://github.com/sensepost/goDoH
Google Socks NA NA https://github.com/lukebaggett/google_socks
GRAT2 GNU GPL3 NA https://github.com/r3nhat/GRAT2
Grim Reaper C2 GNU GPL3 NA https://github.com/d4rckh/grc2
HARS MIT NA https://github.com/onSec-fr/Http-Asynchronous-Reverse-Shell
Haven Commercial Contact Sales https://pivotlabs.dev/haven/
https://docs.pivotlabs.dev/index.html
Havoc GNU GLP3 NA https://github.com/HavocFramework/Havoc
Heroinn GNU GPL3 NA https://github.com/b23r0/Heroinn
HTTP-RevShell GNU GPL3 NA https://github.com/3v4Si0N/HTTP-revshell
ibombshell GNU GPL3 NA https://github.com/ElevenPaths/ibombshell
INNUENDO Commercial Contact Sales https://www.immunityinc.com/products/innuendo/
Khepri Apache 2 NA https://github.com/geemion/Khepri
Koadic C3 Apache 2 NA https://github.com/zerosum0x0/koadic
Link GNU GPL3 NA https://github.com/postrequest/link
LOLBITS GNU GPL3 NA https://github.com/Kudaes/LOLBITS
MacC2 BSD3 NA https://github.com/cedowens/MacC2
MacShellSwift NA NA https://github.com/cedowens/MacShellSwift
MACE NA NA https://github.com/nickvangilder/most-average-c2-ever
MeetC2 NA NA https://github.com/CMatri/MeetC2
Merlin GNU GPL3 NA https://github.com/Ne0nd0g/merlin
https://merlin-c2.readthedocs.io/en/latest/
Metasploit BSD3 NA https://github.com/rapid7/metasploit-framework
https://metasploit.com
Meteor GNU GPL3 NA https://github.com/degenerat3/meteor
Meterpeter NA NA https://github.com/r00t-3xp10it/meterpeter
MicroBackdoor GNU GPL3 NA https://github.com/Cr4sh/MicroBackdoor
MikeC2 MIT NA https://github.com/mlgualtieri/PurpleTeamSummit/tree/main/Summit-M
MiniC2 NA NA https://github.com/RickConsole/minic2
Mistica GNU GPL3 NA https://github.com/IncideDigital/Mistica
Manjusaka NA NA https://github.com/YDHCUI/manjusaka
Mythic BSD3 NA https://github.com/its-a-feature/Mythic
https://docs.mythic-c2.net/
Mythic-Apollo BSD3 NA https://github.com/MythicAgents/Apollo
Mythic-Medusa NA NA https://github.com/MythicAgents/Medusa
Nebula MIT NA https://github.com/gl4ssesbo1/Nebula
Nighthawk Commercial £22,500 https://www.mdsec.co.uk/nighthawk/
Nimbo-C2 MIT NA https://github.com/itaymigdal/Nimbo-C2
Ninja GNU GPL3 NA https://github.com/ahmedkhlief/Ninja/
https://shells.systems/introducing-ninja-c2-the-c2-built-f
NorthStarC2 GNU GPL3 NA https://github.com/EnginDemirbilek/NorthStarC2
Nuages NA NA https://github.com/p3nt4/Nuages
Octopus GNU GPL3 NA https://github.com/mhaskar/Octopus
https://shells.systems/unveiling-octopus-the-pre-operati
OffensiveNotion MIT NA https://github.com/mttaggart/OffensiveNotion
OST Stage 1 Commercial Check Site https://outflank.nl/services/outflank-security-tooling/
Oyabun C2 Commercial $200 https://redcodelabs.io/oyabun/
Palinka NA NA https://github.com/lapolis/palinka_c2
PetaQ MIT NA https://github.com/fozavci/petaqc2
PickleC2 NA NA https://github.com/xRET2pwn/PickleC2
https://picklec2.readthedocs.io/en/latest/
PoshC2 BSD3 NA https://github.com/nettitude/PoshC2/
https://poshc2.readthedocs.io/en/latest/
PowerHub MIT NA https://github.com/AdrianVollmer/PowerHub
Prelude Commercial Check Site https://github.com/preludeorg/
https://www.prelude.org/
Prismatica MIT NA https://github.com/Project-Prismatica
http://prismatica.io/
Proton GNU GPL3 NA https://github.com/entynetproject/proton
Pupy BSD3 NA https://github.com/n1nj4sec/pupy
QuasarRAT MIT NA https://github.com/quasar/QuasarRAT
RATel MIT NA https://github.com/FrenchCisco/RATel
Red Team Toolkit Commercial $7,000 https://www.netspi.com/technology/red-team-toolkit/
RedbloodC2 NA NA https://github.com/kira2040k/RedbloodC2
RedditC2 GNU GPL3 NA https://github.com/kleiton0x00/RedditC2
RedHerd Framework MIT NA https://github.com/redherd-project/redherd-framework
https://redherd.readthedocs.io
redViper NA NA https://github.com/itsKindred/redViper
ReverseTCPShell NA NA https://github.com/ZHacker13/ReverseTCPShell
sak1to-shell NA NA https://github.com/d4rk007/sak1to-shell
Sandman NA NA https://github.com/Idov31/Sandman
SCYTHE Commercial Contact Sales https://github.com/scythe-io
https://scythe.io
Secret Handshake MIT NA https://github.com/jconwell/secret_handshake
Serpentine MIT NA https://github.com/jafarlihi/serpentine
Shad0w MIT NA https://github.com/bats3c/shad0w
Shadow Workers MIT NA https://github.com/shadow-workers/shadow-workers
SharpC2 GNU GPL3 NA https://github.com/rasta-mouse/SharpC2
https://rastamouse.me/2020/05/sharpc2/
SharpGmailC2 MIT NA https://github.com/reveng007/SharpGmailC2
SilentTrinity GNU GPL3 NA https://github.com/byt3bl33d3r/SILENTTRINITY
SK8PARK/RAT NA NA https://github.com/slyd0g/
Slack-C2Bot NA NA https://github.com/praetorian-inc/slack-c2bot
Slackor GNU GPL3 NA https://github.com/n00py/Slackor
Sliver GNU GPL3 NA https://github.com/BishopFox/sliver
SQLC2 BSD3 NA https://github.com/NetSPI/SQLC2
Striker NA NA https://github.com/4g3nt47/Striker
Throwback GNU GPL2 NA https://github.com/silentbreaksec/Throwback
ThunderShell GNU GPL3 NA https://github.com/Mr-Un1k0d3r/ThunderShell
ToRat Unlicense NA https://github.com/lu4p/ToRat
Trevor BSD3 NA https://github.com/trustedsec/trevorc2/
TripleCross GNU GPL3 NA https://github.com/h3xduck/TripleCross
Twittor MIT NA https://github.com/PaulSec/twittor
Violent Fungus BSD3 NA https://github.com/sogonsec/ViolentFungus-C2
VirusTotalC2 NA NA https://github.com/D1rkMtr/VirusTotalC2
Void-RAT NA NA https://github.com/KadeDev/Void-RAT
Voodoo Commercial $2,000 https://s2.security/voodoo/
WarFox BSD3 NA https://github.com/FULLSHADE/WarFox/
WEASEL MIT NA https://github.com/facebookincubator/WEASEL
Zuthaka BSD3 NA https://github.com/pucarasec/zuthaka
C2 Matrix Info
Twitter Evaluator Date Version Implementation How-To Slingshot
@q8fawazo Contribute 10/2/2022
@s4tan @s4tan 9/10/2021 4 binary
sintelligence.com/2022/10/alchimist-offensive-framework.html
@TalosSecurity ###
@nas_bench 5/27/2021 N/A Python
/AsyncRAT-C-Sharp Contribute
@gr1mmie @Adam_Mashinch3/20/2022 C# Yes
@UnkL4b @nas_bench 6/8/2021 Beta 1.0
@GuhnooPlusLinux Contribute
Contribute
@NinjaParanoid @NinjaParanoid 3/19/2021 0.3 binary
oxers/bunraku Contribute
@FSecureLabs @ajpc500 6/30/2021 1.3
@jorgeorchilles 10/6/2019 2 pip3 Yes
@chiragsavla94 @chiragsavla94 5/8/2020 Yes
@tiagorlampert @leekirkpatrick4 5/14/2020 3 Go No
altstrike.com/ @TimMedin ### 3.14 binary
@cobbr_io @jorgeorchilles 10/6/2019 0.3 Docker Yes Yes
Contribute
@h0mbre_ @jorgeorchilles ### POC pip3
@hyp3rlinx @nas_bench 7/4/2021 POC Python
Contribute
@qwqdanchun Contribute
@CharlesDardaman @jasc22 9/17/2020 1.1.0 Beta Golang
Contribute
Contribute
Contribute
@BCSecurity1 @jorgeorchilles 1/30/2020 3.0.5 install.sh Yes Yes
@cabbagesalad2 ### 7.2.1 pip3
@jorgeorchilles ### NA install.sh Yes Yes
yingAFalseFlag @jorgeorchilles ### POC pip3
@Ziconius @jorgeorchilles 2/11/2020 Beta pip3
@loogrz Contribute
@byt3bl33d3r Contribute
Contribute
@SaumyajeetDas21 Contribute
@leonjza @cabbagesalad2 ### 1.6 binary
google_socks
@r3n_hat @r3n_hat 9/1/2021 Beta No
@d4rckh Contribute
p-Asynchronous-Reverse-Shell @leekirkpatrick4 3/24/2020 POC python
tlabs.dev/index.html Contribute
@C5pider Contribute 10/2/2022
Contribute
@3v4Si0N Contribute
@jorgeorchilles ### 0.0.3b pip3 Yes
munityinc.com/products/innuendo/@daveaitel ### 1.7 install.sh
Contribute
@jorgeorchilles 9/27/2019 0xA (10) pip3 Yes Yes
Contribute
@Kurosh2907 Contribute
Contribute
@cedowens @Adam_Mashinch ### N/A python Yes
r/most-average-c2-ever Contribute
Contribute
@merlin_c2 @jorgeorchilles 11/4/2019 0.8.0 Binary Yes Yes
@metasploit @busterbcook 12/4/2019 5.0.62 Ruby
Contribute
/meterpeter Contribute
@d_olex Contribute
@mlgualtieri Contribute 5/25/2021 C# / PHP No No
@ConsoleRick Contribute
Contribute
Contribute
@its_a_feature_ @jorgeorchilles 10/6/2019 1.3 Docker Yes
@djhohnstein Contribute
@ajpc500 Contribute
Contribute
@MDSecLabs @domchell ### 0.1 Binary
Contribute
tems/introducing-ninja-c2-the-c2-built-for-stealth-red-team-operations/
@leekirkpatrick4 4/3/2020 Beta python
ilek/NorthStarC2 Contribute
@xp3nt4 @xp3nt4 ### 1 Node.Js Yes
@mohammadaskar2 @jorgeorchilles ### v1.0 Beta pip3
@mttaggart @huskyhacksmk
@OutflankNL @MarcOverIP 11/5/2021 SaaS
@redcode_labs Contribute
@l4p0lis Contribute
Contribute
@RET2_pwn Contribute
@Nettitude_Labs @jorgeorchilles 9/11/2021 7.4.0 install.sh Yes Yes
@mr_mitm @jorgeorchilles ### 1.3 pip3 Yes
@preludeorg @bfuzzy1 1/15/2021 0.9.12 Binary No No
@PPrismatica @0sm0s1z ### 0.01 Docker
@enty8080 Contribute 5 install.sh
@n1nj4sec Contribute
@leekirkpatrick4 5/20/2020 1.3.0.0 C#
Contribute
@SilentBreakSec @dmay3r ### 2.63 install.sh
@kira_321k Contribute
@kleiton0x7e @t4tchContribute
@RedHerdProject Contribute 9/29/2021 0.0.4 JavaScript / Docker
Contribute
@ZHacker13 @jorgeorchilles ### NA PowerShell
Contribute
Contribute
@scythe_io @Adam_Mashinch 7/7/2020 3 Binary
@turboCodr Contribute
Contribute
@_batsec_ Contribute
kers/shadow-workers Contribute
@_RastaMouse @_xpContribute
@reveng007 Contribute
@byt3bl33d3r @0sm0s1z ### 0.4.6dev Binary Yes Yes
@slyd0g Contribute Yes
nc/slack-c2bot Contribute
Contribute
@LittleJoeTables @rk@jorgeorchilles 11/5/2019 0.0.6 Binary Yes Yes
Contribute
@UmarAbdoul Contribute
@SilentBreakSec @malcomvetter 2/24/2020 Aug 2017 shell script Yes
r/ThunderShell Contribute
@lu4p3 Contribute
@HackingDave @cabbagesalad2 ### 1.1 pip3 Yes
@h3xduck Contribute
Contribute
olentFungus-C2 Contribute
@D1rkMtr Contribute
Contribute
@professor__plum @kevinlustic 2/12/2020 0.2.3 run.py
Contribute
@ucsenoi @jorgeorchilles 12/3/2019 1 pip3
@pucara Contribute
Language UI Dark Implant
Kali Server Implant Multi-User UI Mode API Windows Linux
.NET C/Asm No No No No Yes No

Go Yes Web Yes Yes
Python Python No Web Yes and onlYes Yes Yes
C# C# CLI
Python Bash No Web Yes and onl No No Yes
Golang C, x64 Asm Yes GUI Yes Yes Yes No
.NET Core C++ Yes GUI Yes Yes Yes No

Python Go Yes Web Yes Yes Yes
.Net Core .Net Core No CLI No Yes No
Go Go No CLI No Yes Yes
Java C Yes GUI No Yes No
Yes C# C# Yes Web Yes Yes Yes No
Python Python No CLI No BYOI BYOI

Python Batch No No No No Yes No
Yes No
Golang Golang Yes Web Yes Yes Yes Yes
Yes Python PowerShell Yes GUI Yes Yes Yes Yes

Yes Python Python No GUI No Yes Yes
Yes .NET .NET Yes Web Yes Yes No
Python C++ No CLI No Yes No
Yes Python Powershell Yes Web No Yes No
Yes Go Go No CLI No Yes Yes
No Python C# No CLI No No Yes No

Python C# No CLI No Yes No
Yes Python PowerShell No GUI No Yes Yes

Python Python Yes Web Yes Yes Yes
Yes Python JScript/VBScript No GUI No Yes No
Python Swift No CLI No No No

Python No CLI
Yes Go Go No CLI No Yes Yes

Ruby C/Java/PHP/Python Yes CLI Yes Yes Yes
No PHP C# No CLI No No Yes No
N/A Python
(Mythic is the handler/controller, not the
Yesimplant)
Web Yes Yes Yes
.NET
Python
Python C++ Yes GUI No Yes Yes No

Python Nim
Python C#/PowerShell Yes CLI No Yes No
Python C# Yes Cli Yes Yes Yes

Python PowerShell No GUI No Yes No
Python C++ Yes GUI Yes Yes

Go Go No CLI No Yes Yes
Python PowerShell
Yes Python PowerShell/C#/Python Yes CLI Yes No Yes Yes
Yes Python PowerShell Yes Web No Yes No
No NodeJS Go/Python/JS No GUI Yes Yes Yes Yes
Javascript/Python JScript/.NET/Rust Yes GUI Yes Yes Yes
Python JScript/VBScript
Python Python No CLI No
C# C# No GUI No Yes No
Python C++ No CLI No Yes No
Node.js NA Yes Web Yes Yes Yes* Yes*
PowerShell PowerShell No CLI No Yes No
Python C Yes Web Yes Yes Yes
Yes Python Boolang Yes CLI No Yes No

Python C++ Yes
Yes Go Go Yes CLI No Yes Yes
php C++ Yes Web No Yes No
Python Python/PowerShell No CLI No Yes Yes
Python C++ Yes Web No Yes Yes
Python Python No CLI No Yes Yes

Implant Channel
macOS TCP HTTP HTTP2 HTTP3 DNS DoH ICMP FTP IMAP MAPI SMB
No No Yes No No No No No No No No No
Yes
Yes No Yes No No No No No No No No No
Yes
No Yes Yes No No No No No No No No Yes
No No Yes No No No No No No No No Yes
No Yes No No No No No No No No No
Yes Yes No No No No No No No No No No
No Yes Yes No No Yes Yes No No No No Yes
BYOI No Yes No No No No No No No No No
No Yes No No No No No No No No No No
No
Yes Yes Yes No No No Yes No No No No No
No Yes Yes No No No No No No No No No
Yes No No No No Yes Yes No No No No No
No No Yes No No Yes No No No No No No
Yes No Yes No No Yes No Yes Yes Yes Yes Yes
Yes No Yes Yes Yes No No No No No No No

Yes Yes Yes No No No No No No No No Yes
No Yes Yes No No No No No No No No No
No Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes
Yes No Yes No No Yes No No No No No No

Yes Yes
Yes
Yes No Yes No No No No No No No No Yes

Yes Yes Yes No No No No No No No No No
No Yes No No No No No No No No
Yes*
Yes Yes Yes No No Yes No No No No No Yes
No Yes No No No No No No No No No
Yes
Yes Yes Yes No No Yes No No No No No No
Yes No No No No Yes No No No No No No
Capabilities
LDAP Key Exchange Stego Proxy Aware DomainFront Custom Profile Jitter
No Yes No No No Yes Yes
No None No No No Yes Yes
No None No No No No No
Yes Yes No Yes Yes Yes Yes
Yes Yes No Yes No No Yes

None No Yes Yes Yes Yes
None No No No No No
No No No No No No
Yes No Yes Yes Yes Yes
Encrypted Key Exchange No Yes Yes Yes Yes
AES Yes No No No No
No No No Yes No No Yes
Encrypted Key Exchange No Yes No No Yes

AES No No No Yes No
TLS No Yes No Yes Yes
None No No No No No
None No No No Yes No
None No No No No Yes
No No No Yes No Yes Yes

None No Yes No Yes Yes
None No Yes No No No
None No No No No No
TLS No No No No No
aPAKE OPAQUE No No Yes No Yes

RSA No Yes Yes No No
No No No No No Yes
Encrypted Key Exchange No No Yes Yes No
Yes Yes No Yes Yes Yes Yes
AES No Yes No Yes No
AES No Yes No No No
AES No No No Yes No
Yes Yes Yes Yes Yes
TLS No Yes Yes Yes Yes

TLS No Yes No No No
No Pre-shared key/TLS No No No No Yes
None No Yes No Yes Yes
TLS No No No No No
Encrypted Key Exchang No Yes Yes Yes No
Yes (SSH) NA NA NA NA NA
None No No No No No
Curve25519 Yes Yes Yes Yes Yes
ECDHE No No Yes No Yes

Encrypted Key Exchang No Yes
mTLS No No No No No
RC4 No Yes No No No
AES No No No Yes Yes
TLS + ChaCha20-Poly1305 No Yes No No Yes
AES No No No No No
Capabilities
Working
Hours Kill Date Chaining Logging In Wild ATT&CK Mapping Dashboard
No No No Yes
No No No Yes No Yes
No No No Yes No Yes
No No Yes Yes Yes Yes
No No Yes Yes No No Yes

No No Yes Yes No Yes Yes
No No No No No No
No No No No No No
No Yes Yes Yes Yes Yes Yes
No Yes Yes Yes No Yes
No No No No No No
No No No No No No No
No Yes Yes Yes No No Yes
Yes Yes No Yes Yes Yes No

No No No No No No
No Yes No Yes No Yes
No No No No No No
No Yes No No No Yes
No No No No No No
No No No No No No No
No No No Yes No No
No No No No No No
No No Yes Yes No Yes
No Yes No Yes Yes Yes No
No No No No No No
No Yes No Yes No No
No No Yes Yes No No
No
No Yes No No No No No
https://blog.talosintelligence.com/20
No No No Yes No Yes
No Yes Yes Yes Yes No Yes
No No No Yes No No
No No No No No No
No No No No Yes Yes No
Yes Yes Yes Yes
Yes Yes Yes Yes Yes Yes No

No No No Yes No No
Yes No Yes Yes No Yes Yes
No No Yes Yes No Yes
No
Yes Yes
No No No No Yes Yes No
No No Yes Yes No No
NA NA NA No Yes**
No
No No No No No No
No Yes Yes Yes No Yes Yes
No No No Yes No No
No
No No No No Yes No
No No No No No Yes
No No No No No No
No Yes Yes Yes No No
No No No No No No
Detection Actively Maint.
SOCKS Support Blog C2-Matrix Indicators JARM <12 mo
Yes
Yes Yes No
1dd40d40d00040d1dc1dd40d1dd40d3df2d6a0c2caaa0dc59908f0d3602943
No
Yes
Yes
Yes Yes
.com/blog/print-c2/ - Yara Rule from FireEye - https://www.fireeye.com/blog/threat-research/2021/05/shining-a-light-on-darkside-ransom

Yes
Yes Yes
No
Yes Yes
Yes Yes
07d14d16d21d21d07c42d41d00041d24a458a375eef0c576d23a7bab9a9fb1
Yes
Yes Yes
Yes
Yes
No
00000000000000000041d00000041d9535d5979f591ae8e547c5e5743e5b64
Yes
Yes Yes
0ad0ad0000ad0ad22c42d42d000000088658245da669bb571fc2a62dd80912
Yes Yes
Yes
No
Yes
Yes
No
Yes Yes
No
Yes
Yes Yes
Yes
Yes
Yes
Yes Yes
2ad2ad0002ad2ad22c42d42d000000faabb8fd156aa8b4d8a37853e1063261
2ad000000000000000000000000000eeebf944d0b023a00f510f06a29b4f46
Yes
Yes 29d21b20d29d29d21c41d21b21b41d494e0df9532e75299f15ba73156cee38
Yes
Yes 07d14d16d21d21d00042d43d000000aa99ce74e2c6d013c745aa52b5cc042d
Yes Yes
Yes
No No No
https://blog.talosintelligence.com/2022/08/manjusaka-offensive-framework.html
2ad2ad0002ad2ad00042d42d000000ad9bf51cc3f5a1e29eecb81d0c7b06eb
Yes
Yes
Yes
Yes No Yes
Yes Yes
Yes
Yes
Yes
Yes
2ad2ad0002ad2ad22c42d42d000000faabb8fd156aa8b4d8a37853e1063261
Yes
Yes
No No Yes
Yes
Yes
Yes Yes
Yes
Yes
Yes
Yes No
2ad2ad16d2ad2ad22c42d42d0000006f254909a73bf62f6b28507e9fb451b5
Yes
No
No
No
Yes
No
Yes 2ad2ad0002ad2ad00041d2ad2ad41da5207249a18099be84ef3c8811adc883
Yes
Yes No
//nasbench.medium.com/understanding-detecting-c2-frameworks-trevorc2-2a9ce6f1f425 Yes
No
No
Yes
Yes Yes
Yes
Support
Slack Slack Members GH Issues Notes
No No All code is executed in memory
NA 158
#c3 bloodhoundgang.herokuapp.com 320 6 Asana - Dropbox - GoogleDrive - GitHub - Slack - O365 - LDAP - Print
http://mitre-caldera.slack.com/ 181
O365 services: Outlook, OneNote, Teams
No NA 13
No NA NA
#covenant bloodhoundhq.slack.com 665 108
No NA 0 Uses Imgur
Dropbox
No NA 9
#psempire bloodhoundhq.slack.com 1299 61 Dropbox, OneDrive

No NA 89
#factionc2 bloodhoundhq.slack.com 203 38
No NA 1 PostOffice EWS SendGrid & Addendum VirusTotal
#fudgec2 bloodhoundhq.slack.com NA 3
Google Sheets and Drive
No NA 1
No NA 0 Encrypted Communication using XOR

Previously NimC2
No NA 2
No NA 5
No NA NA
No NA 94 Requires valid cert for HTTPS
8b4d8a37853e1063261
No NA 0
#merlin bloodhoundhq.slack.com 278 57 Gandalf: https://github.com/r00t0v3rr1d3/merlin/tree/dev

metasploit.slack.com 4653 3953
No NA 0
No The MikeC2 agent is best loaded with MikeDrop
#ApFell bloodhoundgang.herokuapp.com180 14
Implant for Mythic
Yes NA NA
No NA 4 Built on top of leaked MuddyC3
No NA 0 Implants can be built and customized easily

No NA 3
Yes, private Focus on Stage 1 type of functionality. Available as part of larger OS
https://labs.nettitude.com/blog/detecting-poshc2-indicators-of-compromise/
poshc2.slack.com 44 https://labs.nettitude.com/blog/detecting-poshc2-indicators-of-com
No NA 38
No N/A 6 Community is free, Professional $50 per user, Enterprise $1,000 a m
No NA 1
No NA 4
No NA 596
No NA 529
No NA NA
No No (*) Implant refers to the supported OS for the assets. (**) ATT&CK
No NA 0
No NA 0 Direct, constant TCP connection
No NA NA
#silenttrinity bloodhoundhq.slack.com 489 67

No NA 0 SK8PARK is server and SK8RAT is implant
Slack
No NA 131 Good for evasion
No NA 1 No updates in 5 years; web UI not authenticated
No NA 5
Twitter
No NA
s2universe.slack.com 189 NA Community edition available for evaluation and linked off the main
No NA 3 Beacons via DNS

b - Slack - O365 - LDAP - Printer - Unc Share File - MSSQL
1d3/merlin/tree/dev
Available as part of larger OST offering with multiple initial access and post-ex capabilities
ting-poshc2-indicators-of-compromise/
r user, Enterprise $1,000 a month up to 10 users
or the assets. (**) ATT&CK Mapping is easly integrated through custom topics, the default is CKC Mapping.
tion and linked off the main site

C2 Matrix

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

C2 Matrix

Uploaded by

Copyright:

Available Formats

C2 Info

Name License Price GitHub Site

.NET C/Asm No No No No Yes No

Golang C, x64 Asm Yes GUI Yes Yes Yes No

.NET Core C++ Yes GUI Yes Yes Yes No

Python Python No CLI No BYOI BYOI

Yes Python PowerShell Yes GUI Yes Yes Yes Yes

Yes Go Go No CLI No Yes Yes

No Python C# No CLI No No Yes No

Yes Python PowerShell No GUI No Yes Yes

Yes Python JScript/VBScript No GUI No Yes No

Python Swift No CLI No No No

Yes Go Go No CLI No Yes Yes

No PHP C# No CLI No No Yes No

Python C++ Yes GUI No Yes Yes No

Python C# Yes Cli Yes Yes Yes

Python C++ Yes GUI Yes Yes

Python C++ No CLI No Yes No

Node.js NA Yes Web Yes Yes Yes* Yes*

PowerShell PowerShell No CLI No Yes No

Python C Yes Web Yes Yes Yes

Yes Python Boolang Yes CLI No Yes No

Yes Go Go Yes CLI No Yes Yes

php C++ Yes Web No Yes No

Python Python/PowerShell No CLI No Yes Yes

Python C++ Yes Web No Yes Yes

Python Python No CLI No Yes Yes

No Yes Yes No No No No No No No No Yes

Yes No No No No Yes Yes No No No No No

Yes No Yes Yes Yes No No No No No No No

Yes No Yes No No Yes No No No No No No

Yes No Yes No No No No No No No No Yes

Yes Yes Yes No No Yes No No No No No Yes

Yes Yes Yes No No Yes No No No No No No

Yes Yes Yes No No No No No No No No No

No Yes No No No Yes Yes

No None No No No Yes Yes

Yes Yes No Yes Yes Yes Yes

Yes Yes No Yes No No Yes

Encrypted Key Exchange No Yes No No Yes

Encrypted Key Exchange No Yes Yes Yes Yes

No No No Yes No Yes Yes

aPAKE OPAQUE No No Yes No Yes

Encrypted Key Exchange No No Yes Yes No

Yes Yes No Yes Yes Yes Yes

AES No Yes No Yes No

Yes Yes Yes Yes Yes

TLS No Yes Yes Yes Yes

Encrypted Key Exchang No Yes Yes Yes No

Curve25519 Yes Yes Yes Yes Yes

ECDHE No No Yes No Yes

AES No No No Yes Yes

TLS + ChaCha20-Poly1305 No Yes No No Yes

No No Yes Yes Yes Yes

No No Yes Yes No No Yes

No Yes Yes Yes No No Yes

Yes Yes No Yes Yes Yes No

No Yes No Yes Yes Yes No

No Yes Yes Yes Yes No Yes

Yes Yes Yes Yes

Yes Yes Yes Yes Yes Yes No

No Yes Yes Yes No Yes Yes

No Yes Yes Yes No No