Flexible, Open-Source Tool to Manage Post-Exploitation Issues – Without the Extra Spend.

TEAMARES, the offensive security and incident response arm of CRITICALSTART, a leading provider of Managed Detection and Response (MDR) services, today announced the launch of DeimosC2, addressing the market need for a cross-compatible, open-source Command and Control (C2) tool for managing compromised machines that include mobile support.

Offensive security teams often need access to a cost-effective, easy-to-use tool that can manage compromised machines after exploitation. However, many of the options currently available in the market can be difficult to use, expensive, or lack the flexibility to expand features. With this in mind, TEAMARES developed DeimosC2, a cross-platform and collaborative tool designed with robust functionality that can be extended in any language. Teams can conduct post-exploitation on any major operating system (OS), including Android devices, addressing the lack of defensive capabilities that are available on enterprise devices.

DeimosC2 features include:

  • A UI that offers ease of use and supports multiple users for collaboration.
  • Multiple listener and agent communication methods such as TCP, HTTPS, DNS over HTTPS (DoH), and QUIC.
  • Pivot capabilities over TCP.
  • Extendable functionality can be written in multiple languages.
  • API over WebSockets allowing for scriptable functionality.
  • Written in Golang for cross-compatibility on all major operating systems.
  • Archive and replay functionality post-testing so users can restore listeners, loot, and other critical information to the database.

“Red teams usually have to choose between expensive C2 tools in the market or training for their teams on the current tools,” said Quentin Rhoads-Herrera, Director of Professional Services for TEAMARES and co-author of DeimosC2. “Deimos is an open-source, community-contributed tool that is designed for ease of use and cross-OS compatibility without a large spend of budget or time.”