OpenSec Atlas

Name: DeimosC2
Author: DeimosC2

DeimosC2: An Open Source Framework for Penetration Testing & Red Teaming | OpenSec Atlas

Back to Browse

Penetration Testing & Red Teaming

Framework

DeimosC2

DeimosC2 is a Golang-based post-exploitation command and control framework designed for managing compromised machines across multiple platforms.

View on GitHub

About This Tool

DeimosC2 is a Golang command and control framework for post-exploitation.

Primary Use Case

DeimosC2 is primarily used by penetration testers and red team operators to control and manage compromised hosts during post-exploitation phases. It enables secure, multi-protocol communication with agents on Windows, Linux, and macOS systems to execute commands, browse files, and gather intelligence.

Key Features

Multi-protocol agent support including TCP, HTTPS, DoH, QUIC, and TCP pivoting
Per-listener RSA key encryption for secure agent communications
Dynamic agent generation on the fly
Graphical interface with maps and visualizations of listeners and agents
Multi-user support with role-based access control (admin and user)
Two-factor authentication (2FA) using Google MFA
Agent interaction features including job execution, file browsing, loot management, and comments
Websocket API for real-time interactions

Insights & Recommendations

DeimosC2 is deprecated and no longer maintained, with a known critical XSS vulnerability (CVE-2025-26244). It should only be used in authorized environments with explicit permission. Users are advised to consider alternative maintained C2 frameworks due to security risks.

Installation

Download the latest release from the GitHub releases page: https://github.com/DeimosC2/DeimosC2/releases
Refer to the project wiki for detailed setup and usage instructions: https://github.com/DeimosC2/DeimosC2/wiki

Smart Usage Notes

Integrate DeimosC2 with other exploitation frameworks like Metasploit or Cobalt Strike to automate end-to-end red team operations.Leverage the multi-protocol communication (DoH, QUIC, HTTPS) to simulate advanced adversary C2 channels for purple team exercises.Use the role-based access control and 2FA features to safely conduct multi-user red team engagements with controlled privileges.Despite being deprecated, DeimosC2’s modular agent generation can be used as a training tool for blue teams to detect and respond to post-exploitation behaviors.Consider building detection rules around DeimosC2’s unique network patterns and agent behaviors to enhance blue team visibility.

OpenSec Atlas

DeimosC2

About This Tool

Primary Use Case

Key Features

Insights & Recommendations

Installation

Smart Usage Notes

Security Capability Profile

Tags

You Might Also Like