C2 Frameworks

Overview

Command and Control (C2) frameworks provide the infrastructure to manage implants on compromised hosts. They handle payload generation, encrypted communications, task management, and post-exploitation. The choice of C2 framework depends on the engagement requirements — stealth, collaboration, agent capabilities, and evasion features.

Topics in This Section

• Sliver
• Havoc
• Mythic
• Cobalt Strike

Framework Comparison

Framework       License       Language   Agents           C2 Channels              Collaboration
──────────────  ────────────  ─────────  ───────────────  ───────────────────────  ─────────────
Sliver          Open source   Go         Go (cross-plat)  mTLS, HTTP/S, DNS, WG    Multi-operator
Havoc           Open source   C/C++/Go   C (Windows)      HTTP/S, SMB, Ext C2      Multi-operator
Mythic          Open source   Go/Docker  Modular (many)   HTTP/S, DNS, WS, etc.    Multi-operator
Cobalt Strike   Commercial    Java       C (Windows)      HTTP/S, DNS, SMB, TCP    Multi-operator