Skip to main content
RESEARCH USE ONLY — This framework is developed for academic and cybersecurity research purposes only. It is designed to operate exclusively within an isolated lab environment. See the Research Disclaimer for full terms.

Overview

C2 Framework is a Python-based command and control system designed for cybersecurity research. It provides a complete agent-server architecture with advanced evasion capabilities, encrypted communications, and comprehensive telemetry analysis tools.

Key Features

Encrypted Communications

AES-GCM encryption with HKDF key derivation for secure agent-server communication

FastAPI Server

Async server with session management, command queuing, and persistent storage

Traffic Evasion

Configurable jitter strategies, traffic padding, and header randomization

Docker Deployment

Containerized deployment with nginx redirector for operational security

Command Execution

Safe command execution with security controls and blocklists

Telemetry Analysis

Built-in traffic capture, flow analysis, and feature extraction tools

Operator Console

Interactive CLI for session management and task execution

Lab Safety Checks

Environment validation to prevent accidental deployment outside lab networks

Quick Start

Get the C2 framework running in your isolated lab environment.

Installation

Install dependencies and configure the framework

Lab Setup

Configure your isolated lab environment

Quickstart Guide

Deploy the server and agent, execute your first task

Architecture

Understand the system architecture and components

Core Components

Server

FastAPI-based C2 server with session management

Agent

Beacon-based agent with command execution

Operator Console

Interactive CLI for managing sessions and tasks

Cryptography

AES-GCM encryption and secure key derivation

Evasion

Traffic obfuscation and anti-detection techniques

Telemetry

Network traffic analysis and feature extraction

Documentation Structure

  • Overview: Introduction, disclaimer, and architecture
  • Getting Started: Installation, lab setup, and quickstart
  • Core Concepts: Agent-server model, protocols, cryptography
  • Deployment: Docker setup, network config, TLS certificates
  • Operator Guide: Console interface and session management
  • Evasion Techniques: Jitter, padding, header randomization
  • Telemetry: Traffic capture and analysis tools

Build docs developers (and LLMs) love

Get started for freeTalk to us