Advanced Command & Control Interface
Get-EmailItems
OPSEC SafeRetrieves all items (emails, contacts, calendar events, etc.) from a specified Outlook folder on the target system. This module enables operators to extract large volumes of mailbox data for analysis, exfiltration, or reconnaissance.
The module supports specifying the target folder (such as Inbox, Sent Items, or custom folders) and limits the number of items retrieved to avoid excessive data transfer or detection. It is useful for gathering sensitive communications, identifying sensitive information, or mapping user activity within an organization.
| # | Option | Required | Type | Description |
|---|---|---|---|---|
| 1 | Agent | Yes | STRING | Agent to run module on. |
| 2 | FolderName | Yes | STRING | Name of the Outlook folder to retrieve items from (e.g., Inbox, Sent Items). |
| 3 | MaxEmails | Yes | STRING | Maximum number of items to retrieve from the folder. |
| 4 | OutputFunction | No | STRING | PowerShell's output function to use ("Out-String", "ConvertTo-Json", "ConvertTo-Csv", "ConvertTo-Html", "ConvertTo-..."). |
Operate on Any Platform
Cross-Platform Compatibility
IRIS C2 is engineered to operate seamlessly across all major operating systems, providing consistent functionality and performance regardless of your team's preferred environment.
Windows
Full support for Windows 10/11 with native syscall execution and EDR evasion
macOS
Complete support for Intel and Apple Silicon with TCC bypass capabilities
Linux
Extensive support for major distributions with kernel module evasion techniques
Key Cross-Platform Benefits:
- •Unified command and control interface across all platforms
- •Consistent payload generation and execution capabilities
- •Platform-specific optimizations for maximum stealth and performance
- •Seamless lateral movement between heterogeneous environments
Platform Feature Comparison
IRIS C2 provides consistent capabilities across all supported platforms, with specialized features optimized for each operating system.
| Feature | Windows | macOS | Linux |
|---|---|---|---|
| Fileless Execution | |||
| EDR/AV Evasion | |||
| Dynamic Syscall Execution | |||
| Process Injection | |||
| Kernel Mode Operations | |||
| TCC Bypass | |||
| AMSI Bypass | |||
| Credential Harvesting |
All-in-One Platform Comparison
IRIS C2 consolidates the functionality of multiple specialized platforms into a single, comprehensive solution. Compare our capabilities against industry alternatives.
Specialized Modules
Modular Architecture
Customizable Framework
IRIS C2 is built with a modular architecture that allows for easy customization and extension. Developers can create custom modules and integrate with existing tools to build a tailored offensive security platform that meets specific operational requirements.
Flexible LLM Integration
As well as open source or external models, IRIS C2 integrates with multiple deployment options including local models, cloud APIs, and hybrid configurations to provide AI-powered tactical guidance while maintaining operational security requirements.
AI Co-Pilot
Tactical Guidance
Real-time tactical guidance based on current environment, target analysis, and operational objectives.
- Attack path optimization
- Risk assessment and mitigation
- Operational security recommendations
Evasion Techniques
Advanced evasion strategies tailored to specific defensive technologies and environments.
- EDR/AV bypass recommendations
- Network detection avoidance
- Behavioral analysis evasion
Vulnerability Analysis
Intelligent vulnerability assessment and exploitation recommendations based on comprehensive analysis.
- Automated vulnerability prioritization
- Exploit chain development
- Impact assessment modeling
Natural Language Interface
Interact with the platform using natural language commands and receive contextual guidance.
- Conversational command interface
- Contextual help and documentation
- Automated report generation
Operational Use Cases
Ethical Red Team Operations
Comprehensive penetration testing and security assessment capabilities for organizations seeking to validate their defensive posture through authorized testing.
- Authorized penetration testing
- Security control validation
- Compliance assessment support
- Executive reporting and metrics
Intelligence Community Operations
Specialized capabilities designed for intelligence gathering operations with advanced attribution obfuscation and counter-intelligence features.
- Advanced persistent threat emulation
- Counter-attribution techniques
- Deep cover operational security
- Intelligence collection frameworks
Military Cyber Operations
Mission-critical capabilities for military cyber operations with emphasis on operational security, mission assurance, and strategic objectives.
- Critical infrastructure assessment
- Mission-focused operational planning
- Strategic cyber effects modeling
- Multi-domain operation integration
System Requirements
Windows
- Windows 10/11 (x64)
- 8GB RAM minimum, 16GB recommended
- 500GB available disk space
- Intel Core i5 or AMD Ryzen 5 (minimum)
- Administrative privileges required
- Docker Desktop for Windows
- PowerShell 5.1 or later
- .NET Framework 4.8+
macOS
- macOS 12.0 Monterey or later
- 8GB RAM minimum, 16GB recommended
- 500GB available disk space
- Intel or Apple Silicon processor
- Administrator access required
- Docker Desktop for Mac
- Xcode Command Line Tools
- Homebrew package manager
Linux
- Ubuntu 20.04 LTS or equivalent
- 8GB RAM minimum, 16GB recommended
- 500GB available disk space
- Intel Core i5 or AMD Ryzen 5 (minimum)
- Root privileges required
- Docker Engine 20.10+
- Python 3.8+ with pip
- GCC compiler toolchain
Pricing & Availability
Enterprise License
Full commercial license with complete access to all modules, AI co-pilot, and premium support. Includes regular updates and priority technical assistance.
- Complete IRIS C2 platform access
- AI co-pilot with premium models
- Priority technical support
- Regular platform updates
- Custom module development
Regional Availability
IRIS C2 is available to qualified users in the following regions, subject to export control regulations and licensing requirements.
Availability in other regions may be subject to additional licensing requirements. Contact our sales team for specific regional availability and compliance requirements.