Read as
Why this module exists. Cobalt Strike remains the standard C2, but defender detection has caught up. Modern red teams operate with multiple C2 frameworks — Sliver, Mythic, Brute Ratel, custom-built. This module covers the C2 landscape and operational considerations for choosing and operating these tools.
The C2 landscape
| Framework | Licence | Notes |
|---|---|---|
| Cobalt Strike | Commercial (Fortra) | Industry standard; highly detected |
| Sliver | Open-source (Bishop Fox) | Go-based; mTLS / DNS / WireGuard transport |
| Mythic | Open-source | Modular agent framework; multiple agents |
| Brute Ratel | Commercial | Newer; modern evasion features |
| Empire / Starkiller | Open-source | PowerShell-centric; widely detected |
| Havoc | Open-source | Modern; community-active |
Need a real pentest?
Get a VAPT scoping call
Senior practitioner-led VAPT — not a checklist run by juniors. CVSS-scored findings, free retest, attestation letter. India's SMBs and SaaS teams.
Book VAPT scoping call
Replies in 4 working hrs · India-only · Senior consultants