Koadic

Koadic is a Windows post-exploitation toolkit with a similar interface to the other famous tools used for penetration testing purposes, namely, Empire and Metasploit. It's called C3 for a reason and that is because it uses the Component Object Model (COM) in Windows and operates using the script host utility (also known as JScript/VBScript). COM objects were introduced by Microsoft in 1993, which also means that Koadic's payloads are compatible with the older versions of Windows (NT/95/2000) up until the latest version, Windows 10. Koadic is built on Python and it's compatible with Python 2 as well as Python 3. The payloads generated by Koadic can be executed completely in-memory (from the stage 0 to the second stage and beyond) and it also supports the stager communication over SSL/TLS, although it depends upon what setting is enabled on the victim OS.