pentest-c2-operator

Set up authorized C2 simulation workflows and measure defensive detection outcomes.

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "pentest-c2-operator" with this command: npx skills add 0x-professor/pentest-c2-operator

Pentest C2 Operator

Stage

  • PTES: 5-6
  • MITRE: TA0011

Objective

Track infrastructure, persistence, and alerting outcomes from C2 simulation.

Required Workflow

  1. Validate scope before any active action and reject out-of-scope targets.
  2. Run only authorized checks aligned to PTES, OWASP WSTG, NIST SP 800-115, and MITRE ATT&CK.
  3. Write findings in canonical finding_schema format with reproducible PoC notes.
  4. Honor dry-run mode and require explicit --i-have-authorization for live execution.
  5. Export deterministic artifacts for downstream skill consumption.

Execution

python skills/pentest-c2-operator/scripts/c2_operator.py --scope scope.json --target <target> --input <path> --output <path> --format json --dry-run

Outputs

  • c2-infrastructure.json
  • persistence-mechanisms.json
  • c2-report.json

References

  • references/tools.md
  • skills/autonomous-pentester/shared/scope_schema.json
  • skills/autonomous-pentester/shared/finding_schema.json

Legal and Ethical Notice

WARNING AUTHORIZED USE ONLY
This skill executes real security testing tools against live targets.
Use only with written authorization.

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Automation

MacOS Desktop Control

Generic macOS desktop control using AppleScript for app and window semantics plus screenshot, OCR, mouse, and keyboard workflows.

Registry SourceRecently Updated
2771kd-oauth
Automation

siyuan-llm-wiki

在思源笔记中复现 Karpathy 的 LLM Wiki 工作流。 通过思源 HTTP API 让 AI Agent 维护结构化知识库,支持来源摘要、实体页、概念页、 综合分析和双向链接。利用思源原生 SQL 查询和块级引用实现比 Obsidian 更精细的知识管理。

Registry SourceRecently Updated
111whiteless9
Automation

Open-broker

Hyperliquid trading plugin with background position monitoring and custom automations. Execute market orders, limit orders, manage positions, view funding ra...

Registry SourceRecently Updated
2.9K9ya7ya
Automation

neuropay

Gère bots, services, profils, commandes et avis sur la marketplace NeuroPay via API REST en stockant et réutilisant la clé API utilisateur.

Registry SourceRecently Updated
1115theorick