C2Matrix

	A	B	C	D	E	F	G	H	I	J	K	L	M	N	O	P	Q	R	S	T	U	V	W	X	Y	Z	AA	AB	AC	AD	AE	AF	AG	AH	AI	AJ	AK	AL	AM	AN	AO	AP	AQ	AR	AS	AT
1		Admin						Language		UI			Channel												Agents			Capabilities											Support
2	Name	Evaluator	Date	License	Price	Version Reviewed	Implementation	Server	Agent	Multi-User	UI	API	TCP	HTTP	HTTP2	HTTP3	DNS	DoH	ICMP	FTP	IMAP	MAPI	SMB	Popular Site	Windows	Linux	macOS	Key Exchange	Stego	Proxy Aware	DomainFront	Custom Profile	Jitter	Working Hours	Kill Date	Chaining	Logging	ATT&CK Mapping	Dashboard	Actively Maint.	Slack	Twitter	Site	GitHub	How-To	Notes

3	Apfell	@jorgeorchilles	10/6/2019	BSD3	NA	1.3	Docker	Python	Python	Yes	Web	Yes	No	Yes	No	No	No	No	No	No	No	No			No	Yes	Yes	Encrypted Key Exchange	No	No	Yes	Yes	No	No	No	No	Yes	Yes	Yes	Yes	#ApFell bloodhoundgang.herokuapp.com	@its_a_feature_		https://github.com/its-a-feature/Apfell	https://docs.apfell.net/
4	C3			BSD3	NA	1.0.0																No																		Yes	#c3 bloodhoundgang.herokuapp.com		https://labs.mwrinfosecurity.com/tools/c3/	https://github.com/mwrlabs/C3
5	CALDERA	@jorgeorchilles	10/6/2019	Apache 2	NA	2	pip3	Python	Go	Yes	Web	Yes	No	Yes	No	No	No	No	No	No	No	No			Yes	Yes	Yes	None	No	Yes	No	Yes	Yes	No	No	Yes	Yes	Yes	Yes	Yes	No		No	https://github.com/mitre/caldera	https://github.com/mitre/caldera/wiki
6	Cobalt Strike	@TimMedin	11/20/2019	Commercial	$3,500	3.14	binary	Java	Java	Yes	GUI	No	Yes	Yes	No	No	Yes	No	No	No	No	No	Yes		Yes	No	No	Yes	No	Yes	Yes	Yes	Yes	No	Yes	Yes	Yes	Yes	Yes	Yes			https://www.cobaltstrike.com/		https://www.cobaltstrike.com/
7	Covenant	@jorgeorchilles	10/6/2019	GNU GPL3	NA	0.3	Docker	C#	C#	Yes	Web	Yes	No	Yes	No	No	No	No	No	No	No	No	Yes		Yes	No	No	Encrypted Key Exchange	No	Yes	Yes	Yes	Yes	No	Yes	Yes	Yes	No	Yes	Yes	#covenant bloodhoundgang.herokuapp.com	@cobbr_io	https://cobbr.io/tags#covenant	https://github.com/cobbr/Covenant	https://github.com/cobbr/Covenant/wiki
8	Dali	@jorgeorchilles	12/24/2019	MIT	NA	POC	pip3	Python	Python	No	CLI	No	No	Yes	No	No	No	No	No	No	No	No	No	Imgur	BYOI	BYOI	BYOI	AES	Yes	No	No	No	No	No	No	No	No	No	No	Yes		@h0mbre_	https://h0mbre.github.io/Image_Based_C2_PoC/	https://github.com/h0mbre/Dali
9	Empire	@jorgeorchilles	9/26/2019	BSD3	NA	2.5	install.sh	Python2	PowerShell	No	GUI	Yes	No	Yes	No	No	No	No	No	No	No	No			Yes	Yes	Yes	Encrypted Key Exchange	No	Yes	Yes	Yes	Yes	Yes	Yes	No	Yes	No	No	Yes	#psempire bloodhoundgang.herokuapp.com	@BCSecurity1		https://github.com/BC-SECURITY/Empire
10	EvilOSX	@cabbagesalad2	11/12/2019	GNU GPL3	NA	7.2.1	pip3	Python	Python	No	GUI	No	No	Yes	No	No	No	No	No	No	No	No			Yes	Yes	Yes	AES	No	No	No	Yes	No	No	No	No	No	No	No	Yes	No			https://github.com/Marten4n6/EvilOSX
11	Faction C2	@jorgeorchilles	10/30/2019	BSD3	NA	NA	install.sh	.NET	.NET	Yes	Web	Yes	Yes	Yes	No	No	No	No	No	No	No	No			Yes	No	No	TLS	No	Yes	No	Yes	Yes	No	Yes	No	Yes	No	Yes	Yes	#factionc2 bloodhoundgang.herokuapp.com		https://www.factionc2.com/	https://github.com/FactionC2/		Ubuntu only
12	FlyingAFalseFlag	@jorgeorchilles	11/12/2019	GNU GPL3	NA	POC	pip3	Python	C++	No	CLI	No	No	Yes	No	No	No	No	No	No	No	No			Yes	No	No	None	No	No	No	No	No	No	No	No	No	No	No	Yes	No			https://github.com/monoxgas/FlyingAFalseFlag		PostOffice EWS SendGrid & Addendum VirusTotal
13	godoh	@cabbagesalad2	10/31/2019	GNU GPL3	NA	1.6	binary	Go	Go	No	CLI	No	No	No	No	No	No	Yes	No	No	No	No			Yes	Yes	Yes	None	No	No	No	No	Yes	No	No	No	No	No	No	Yes	No	@leonjza		https://github.com/sensepost/goDoH
14	ibombshell	@jorgeorchilles	11/12/2019	GNU GPL3	NA	0.0.3b	pip3	Python	PowerShell	No	GUI	No	No	Yes	No	No	No	Yes	No	No	No	No			Yes	Yes	Yes	None	No	Yes	No	No	No	No	No	No	No	No	No	Yes	No			https://github.com/ElevenPaths/ibombshell		Works anywhere PowerShell does; GET requests
15	INNUENDO	@daveaitel	11/11/2019	Commercial	Contact Sales	1.7	install.sh	Python	Python	Yes	Web	Yes	No	Yes	No	No	Yes	No	Yes	Yes	Yes	Yes	Yes		Yes	Yes	Yes	Encrypted Key Exchange	No	Yes	Yes	Yes	Yes	No	No	Yes	Yes	No	Yes	Yes	No		https://www.immunityinc.com/products/innuendo/
16	Koadic C3	@jorgeorchilles	9/27/2019	Apache 2	NA	0xA (10)	pip3	Python	JScript/VBScript	No	GUI	No	No	Yes	No	No	No	No	No	No	No	No			Yes	No	No	None	No	No	No	No	No	No	Yes	No	Yes	No	No	Yes	No		No	https://github.com/zerosum0x0/koadic	https://www.hackingarticles.in/koadic-com-command-control-framework/	Requires valid cert for HTTPS
17	MacShellSwift	@Adam_Mashinchi	11/13/2019	NA	NA	N/A	python	Python	Swift	No	CLI	No	No	Yes	No	No	No	No	No	No	No	No			No	No	Yes	TLS	No	No	No	No	No	No	No	No	No	No	No	Yes	No	@cedowens	No	https://github.com/cedowens/MacShellSwift/tree/master/MacShellSwift
18	Metasploit	@busterbcook	12/4/2019	BSD3	NA	5.0.62	Ruby	Ruby	C/Java/PHP/Python	Yes	CLI	Yes	Yes	Yes	No	No	No	No	No	No	No	No	Yes		Yes	Yes	Yes	RSA	No	Yes	Yes	No	No	No	No	Yes	Yes	No	No	Yes	metasploit.slack.com	@metasploit	https://metasploit.com	https://github.com/rapid7/metasploit-framework
19	Merlin	@jorgeorchilles	11/4/2019	GNU GPL3	NA	0.8.0	Binary	Go	Go	No	GUI	No	No	Yes	Yes	Yes	No	No	No	No	No	No			Yes	Yes	Yes	aPAKE OPAQUE	No	No	No	No	Yes	No	Yes	No	Yes	No	No	Yes	#merlin bloodhoundgang.herokuapp.com	@merlin_c2	http://medium.com/@Ne0nd0g	https://github.com/Ne0nd0g/merlin	https://www.hackingarticles.in/command-and-control-guide-to-merlin/	Domain Front possible by custom compile; QUIC (UDP) Channel; Proxy capable but hard coded and only HTTP
20	Nuages	@jorgeorchilles	11/12/2019	NA	NA	POC	setup.sh	Python	C#	Yes	GUI	Yes	No	Yes	No	No	No	No	No	No	No	No			Yes	No	No	AES	No	No	No	No	No	No	No	No	No	No	No	Yes	No			https://github.com/p3nt4/Nuages	https://github.com/p3nt4/Nuages/wiki	Everything is custom built.
21	Octopus	@jorgeorchilles	12/12/12019	GNU GPL3	NA	v1.0 Beta	pip3	Python	PowerShell	No	GUI	No	No	Yes	No	No	No	No	No	No	No	No	No		Yes	No	No	AES	No	No	No	Yes	No	No	No	No	No	No	No	Yes	No	@mohammadaskar2	https://shells.systems/unveiling-octopus-the-pre-operation-c2-for-red-teamers/	https://github.com/mhaskar/Octopus
22	PoshC2	@jorgeorchilles	11/13/2019	BSD3	NA	5	install.sh	Python	PowerShell/C#/Python	Yes	CLI	No	No	Yes	No	No	No	No	No	No	No	No			Yes	Yes	Yes	TLS	No	Yes	Yes	Yes	Yes	No	Yes	Yes	Yes	No	No	Yes	poshc2.slack.com	@Nettitude_Labs	https://poshc2.readthedocs.io/en/latest/	https://github.com/nettitude/PoshC2/		Many payloads. PoshC2 is current, older version is at: https://github.com/nettitude/PoshC2_Old/
23	PowerHub	@jorgeorchilles	11/15/2019	MIT	NA	1.3	pip3	Python	PowerShell	Yes	Web	No	No	Yes	No	No	No	No	No	No	No	No			Yes	No	No	TLS	No	Yes	No	No	No	No	No	No	Yes	No	No	Yes	No	@mr_mitm		https://github.com/AdrianVollmer/PowerHub	https://github.com/AdrianVollmer/PowerHub/wiki
24	Prismatica	@0sm0s1z	11/13/2019	MIT	NA	0.01	Docker	Javascript/Python	JScript/.NET/Rust	Yes	GUI	Yes	Yes	Yes	No	No	No	No	No	No	No	No			Yes	Yes	Yes	None	No	Yes	No	Yes	Yes	No	No	Yes	Yes	No	Yes	Yes	No	@PPrismatica	http://prismatica.io/	https://github.com/Project-Prismatica		A few issues came up when poking this. Prismatica is a marketplace and not a c2 in and of itself. Prismatica has multliple c2 applications that can be used, but I haven't been able to get them working. Git merge errors and sparse/incomplete instructions have made getting accurate information about this c2 cumbersome.
25	Pupy			BSD3	NA			Python	Python	No	CLI	No													Yes	Yes	No													Yes	No	@n1nj4sec		https://github.com/n1nj4sec/pupy	https://www.hackingarticles.in/command-control-tool-pupy/
26	QuasarRAT			MIT	NA																																			Yes				https://github.com/quasar/QuasarRAT
27	Red Team Toolkit	@dmay3r	11/22/2019	Commercial	$7,000	2.63	install.sh	Python	C++	No	CLI	No	No	Yes	No	No	No	No	No	No	No	No	Yes		Yes	No	No	Encrypted Key Exchange	No	Yes	Yes	Yes	No	No	No	Yes	Yes	No	No	Yes		@SilentBreakSec	https://silentbreaksecurity.com/red-team-toolkit/slingshot/
28	redViper			NA	NA																																			Yes				https://github.com/itsKindred/redViper
29	ReverseTCPShell	@jorgeorchilles	12/19/2019	NA	NA	NA	PowerShell	PowerShell	PowerShell	No	CLI	No	Yes	No	No	No	No	No	No	No	No	No	No		Yes	No	No	None	No	No	No	No	No	No	No	No	No	No	No	No		@ZHacker13		https://github.com/ZHacker13/ReverseTCPShell		Direct, constant TCP connection
30	SCYTHE	@Adam_Mashinchi	11/13/2019	Commercial	Contact Sales	2.5	Binary	Python	C	Yes	Web	Yes	Yes	Yes	No	No	Yes	No	No	No	No	No	Yes		Yes	Yes	Yes	Encrypted Key Exchange	Yes	Yes	Yes	Yes	Yes	No	Yes	Yes	Yes	Yes	Yes	Yes	No	@scythe_io	https://scythe.io
31	SilentTrinity	@0sm0s1z	11/13/2019	GNU GPL3	NA	0.4.6dev	pip3	Python	IronPython	Yes	CLI	No	No	Yes	No	No	No	No	No	No	No	No			Yes	No	No	ECDHE	No	No	Yes	No	Yes	No	No	No	Yes	No	No	Yes	#silenttrinity bloodhoundgang.herokuapp.com	@byt3bl33d3r		https://github.com/byt3bl33d3r/SILENTTRINITY	https://github.com/byt3bl33d3r/SILENTTRINITY/wiki
32	Sliver	@jorgeorchilles	11/5/2019	GNU GPL3	NA	0.0.6-alpha	Binary	Go	Go	Yes	CLI	No	Yes	Yes	No	No	Yes	No	No	No	No	No			Yes	Yes	Yes	mTLS	No	No	No	No	No	No	No	No	No	No	No	Yes		@LittleJoeTables @rkervell @bishopfox		https://github.com/BishopFox/sliver		Good for evasion
33	Throwback			GNU GPL2	NA																																			No				https://github.com/silentbreaksec/Throwback		No updates in 5 years
34	Trevor C2	@cabbagesalad2	10/16/2019	BSD3	NA	1.1	pip3	Python	Python/PowerShell	No	CLI	No	No	Yes	No	No	No	No	No	No	No	No			Yes	Yes	Yes	AES	No	No	No	Yes	Yes	No	No	No	No	No	No	Yes		@HackingDave		https://github.com/trustedsec/trevorc2/
35	Voodoo			Commercial	$2,000																																			Yes	s2universe.slack.com		https://www.voodooops.com/
36	WEASEL	@jorgeorchilles	12/3/2019	MIT	NA	1	pip3	Python	Python	No	CLI	No	No	No	No	No	Yes	No	No	No	No	No	No		Yes	Yes	Yes	AES	No	No	No	No	No	No	No	No	No	No	No	Yes		@ucsenoi		https://github.com/facebookincubator/WEASEL		Beacons via DNS
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100