DeimosC2: Open source tool to manage post-exploitation issues
TEAMARES launched DeimosC2, addressing the market need for a cross-compatible, open source Command and Control (C2) tool for managing compromised machines that includes mobile support.
Offensive security teams often need access to a cost-effective, easy-to-use tool that can manage compromised machines after an exploitation. However, many of the options currently available in the market can be difficult to use, expensive, or lack the flexibility to expand features.
With this in mind, TEAMARES developed DeimosC2, a cross-platform and collaborative tool designed with a robust functionality that can be extended in any language. Teams can conduct post-exploitation on any major operating system, including Android devices, addressing the lack of defensive capabilities that are available on enterprise devices.
- A UI that offers ease of use and supports multiple users for collaboration.
- Multiple listener and agent communication methods such as TCP, HTTPS, DNS over HTTPS (DoH), and QUIC.
- Pivot capabilities over TCP.
- Extendable functionality that can be written in multiple languages.
- API over WebSockets allowing for scriptable functionality.
- Written in Golang for cross compatibility on all major operating systems.
- Archive and replay functionality post-testing so users can restore listeners, loot, and other critical information to the database.
“Red teams usually have to choose between expensive C2 tools in the market or training for their teams on the current tools,” said Quentin Rhoads-Herrera, Director of Professional Services for TEAMARES and co-author of DeimosC2.
“Deimos is an open source, community-contributed tool that is designed for ease of use and cross OS compatibility without a large spend of budget or time.”