Introduction to Red Team Infrastructure

What is Command and Control (C2)

In the context of a red team, "C2" stands for Command and Control. C2 refers to the mechanisms or infrastructure that the red team uses to control and coordinate its activities. This can include communication channels, tools, and technologies that allow the red team members to collaborate, share information, and execute their tactics.

Open Source C2 and Commercial C2

Opensource
Commercial

Metasploit Framework

Cobalt Strike

Havoc C2

Brute Ratel

Covenant C2

Nighthawk

Sliver

Scythe

If you don't want to use these c2 build your own c2. Some reference for you

Building a Basic C20xRick's Blog
LogoBuilding a C2 Implant in Nim - Considerations and Lessons LearnedCas van Cooten
LogoC2 Development in C#Zero-Point Security

C2 Matrix

The goal of C2 matrix is to point you to the best C2 framework for your needs based on your adversary emulation plan and the target environment. You can take a look at the matrix or use the questionnaire to determine which fits your needs.

LogoThe C2 Matrix | C2 Matrixwww.thec2matrix.com

Set up a Red Team Infrastructure

Here is the best reference for setting up a Red Team infrastructure

LogoGitHub - bluscreenofjeff/Red-Team-Infrastructure-Wiki: Wiki to collect Red Team infrastructure hardening resourcesGitHub

References for setting up a Red Team Infrastructure

  1. https://www.netspi.com/blog/technical/adversary-simulation/modern-red-team-infrastructure/

  2. https://posts.specterops.io/designing-effective-covert-red-team-attack-infrastructure-767d4289af43

  3. https://www.cobaltstrike.com/blog/infrastructure-for-ongoing-red-team-operations/

PreviousBuilding an Active Directory LabNextExternal Reconnaissance

Last updated