GLOSSARY  /  Command and Control (C2)

What is Command and Control (C2)?

The infrastructure attackers use to communicate with and control compromised systems.

After gaining a foothold, malware “beacons” to a C2 server to receive commands and exfiltrate data. Attackers blend C2 traffic into normal protocols (HTTPS, DNS) to evade detection.

Frameworks like Cobalt Strike and Sliver provide turnkey C2.

Related free tools

Related terms

Part of the Ciphers Security glossary. Free reference for analysts, defenders & learners.