C2 Development

Motivation

Why bother developing a C2 framework?

Commercial C2's such as Cobalt Strike are the main targets for defensive systems. The original Cobalt Strike payloads will be flagged easily by AV products.

To bypass defences, of course we can manipulate Cobalt Strike beacons and build malleable C2 profile and etc. Moving one step further, we can even develop our original C2 framework. Once we learn how to do it, we will gain huge degree of freedom to bypass defence.

C2 development can be a bit challenging, but I believe it is an important skill for long-term success in red teaming.

Plan

I found this talk by Rastamouse:

Designing a C2 framework

Even better, he built a C# C2 development course:

C2 Development in C#Zero-Point Security

C2 Development in C#

In this section, I am going to build a C2 framework in C# following his course and mix my own ideas into the framework.