IRIS C2 is a penetration testing framework with integrated AI co-pilot. Use the menu or toolbar to get started.
AI co-pilot ready. Please configure an AI provider in settings.
10:48:40AI provider configured. Ready to chat.
10:52:07You: Test
10:52:08I've received your test message. This is a confirmation that IRIS C2 is active and ready to assist with offensive security operations. To proceed effectively, I'll need specific information about your target environment, objectives, or the specific phase of penetration testing you're currently in (reconnaissance, exploitation, post-exploitation, etc.). Without specific context, I can only provide general guidance.
**Attack Strategy:** Initial strategy would begin with passive reconnaissance to gather information about the target without alerting defenses. This typically includes OSINT, subdomain enumeration, service identification, and vulnerability scanning.
Prioritizes polymorphism and stealth techniques to evade even the most sophisticated AV/EDR systems, with fileless implants that leave minimal forensic footprint across Windows, macOS, and Linux.
Enables red teams to have bigger impact with fewer people, while up-skilling junior and mid-level operators both during operations and over time.
State-of-the-art techniques enable operators to obfuscate identity or emulate TTPs of APTs from around the world, making attribution nearly impossible.
IRIS C2 is engineered to operate seamlessly across all major operating systems, providing consistent functionality and performance regardless of your team's preferred environment.
Full support for Windows 10/11 with native syscall execution and EDR evasion
Complete support for Intel and Apple Silicon with TCC bypass capabilities
Extensive support for major distributions with kernel module evasion techniques
IRIS C2 provides consistent capabilities across all supported platforms, with specialized features optimized for each operating system.
| Feature | Windows | macOS | Linux |
|---|---|---|---|
| Fileless Execution | |||
| EDR/AV Evasion | |||
| Dynamic Syscall Execution | |||
| Process Injection | |||
| Kernel Mode Operations | |||
| TCC Bypass | |||
| AMSI Bypass | |||
| Credential Harvesting |
Watch how IRIS C2's polymorphic engine dynamically mutates payloads to evade detection, making each instance unique and undetectable by signature-based security solutions.
Real-time code mutation and obfuscation
Fileless execution with minimal forensic footprint
Dynamic syscall execution to bypass EDR hooks
Experience how IRIS C2's AI co-pilot provides real-time guidance, automates complex tasks, and helps operators make strategic decisions during penetration testing operations.
Natural language interface for complex operations
Adaptive attack strategies based on real-time feedback
Continuous operator skill enhancement through AI guidance
HuffLoader provides advanced shellcode obfuscation and execution capabilities:
| IP | Distance | Brand | Location | Open Ports |
|---|---|---|---|---|
| 222.128.55.53 | 0 m | Hikvision | Beijing, China | 8000 |
| 111.203.252.1 | 0 m | Hikvision | Beijing, China | 80 |
The IRIS platform is highly modular, enabling users to easily employ their own catalog of exploits and implants. Seamlessly integrate your existing tools or leverage IRIS's built-in capabilities.
IRIS C2 is fully cross-platform, with native support for Windows, macOS, and Linux environments. This ensures seamless operation regardless of your team's preferred operating system or target environment.
Cross-platform lateral movement tooling for rapid, stealthy operations
Seamless BYOVD (Bring Your Own Vulnerable Driver) functionality
Continuous updates to stay four steps ahead of defensive measures
Advanced exfiltration techniques that bypass data loss prevention systems
IRIS enables users to easily work with jailbroken state-of-the-art large language models, as well as open source or internal models, with multiple deployment options to suit your operational needs.
IRIS C2's integrated AI co-pilot allows red teams to have a bigger impact with fewer people. The co-pilot up-skills junior and mid-level operators both during operations and persistently over time, while providing advanced decision support that leaves blue teams with virtually no chance of effective defense.
AI-generated attack strategies tailored to specific target environments, with adaptive recommendations based on real-time feedback and changing conditions.
Advanced evasion recommendations to minimize detection risk, including timing attacks, proxy/VPN routing, and low-and-slow techniques calibrated to the target environment.
Intelligent identification and prioritization of attack vectors based on comprehensive vulnerability analysis and success probability calculations.
Intuitive command interface allowing operators to interact with the platform using natural language, streamlining complex operations and reducing training requirements.
AI co-pilot ready. Please configure an AI provider in settings.
10:48:40AI provider configured. Ready to chat.
10:52:07You: Test
I've received your test message. This is a confirmation that IRIS C2 is active and ready to assist with offensive security operations. To proceed effectively, I'll need specific information about your target environment, objectives, or the specific phase of penetration testing you're currently in.
Without specific context, I can only provide general guidance. "Attack Strategy:" initial strategy would begin with passive reconnaissance to gather information about the target without alerting defenses.
10:52:10
Conduct authorized penetration testing to identify and remediate security vulnerabilities in critical infrastructure and systems.
Support legal targeted access operations with advanced tools and AI assistance for authorized national security purposes.
Enable defensive and offensive cyber capabilities for military operators in accordance with rules of engagement and legal frameworks.
At this time, IRIS C2 is only immediately available to purchase by vetted users in the following regions:
All enquiries outside of these regions will be subject to extended vetting. IRIS C2 is not available for purchase to users based in Belarus, Russia, Ukraine, Central Africa, China, North Korea, Iran, Iraq, Lebanon, Republic of Congo or Libya.
IRIS C2 is available exclusively to authorized government agencies, military organizations, and cleared defense contractors. The platform is subject to all export controls typically applicable to advanced offensive cyber security tooling. Contact our secure channels to request a capability briefing and demonstration.