C2

analyzing-cobaltstrike-malleable-c2-profiles helps parse Cobalt Strike Malleable C2 profiles into C2 indicators, evasion traits, and detection ideas for malware analysis, threat hunting, and Security Audit workflows. It uses dissect.cobaltstrike and pyMalleableC2 for profile and beacon config analysis.

detecting-command-and-control-over-dns is a cybersecurity skill for spotting C2 over DNS, including tunneling, beaconing, DGA domains, and TXT/CNAME abuse. It supports SOC analysts, threat hunters, and security audits with entropy checks, passive DNS correlation, and Zeek or Suricata-style detection workflows.

building-c2-infrastructure-with-sliver-framework helps authorized red team and Security Audit work plan, install, and use Sliver-based C2 infrastructure with redirectors, HTTPS listeners, operator access, and resilience checks. It includes a practical guide, workflow files, and repo scripts for deployment and validation.

analyzing-powershell-empire-artifacts skill helps Security Audit teams detect PowerShell Empire artifacts in Windows logs using Script Block Logging, Base64 launcher patterns, stager IOCs, module signatures, and detection references for triage and rule writing.

analyzing-network-traffic-of-malware helps inspect PCAPs and telemetry from sandbox runs or incident response to find C2, exfiltration, payload downloads, DNS tunneling, and detection ideas. It is a practical analyzing-network-traffic-of-malware guide for Security Audit and malware triage.

analyzing-command-and-control-communication helps analyze malware C2 traffic to identify beaconing, decode commands, map infrastructure, and support Security Audit, threat hunting, and malware triage with PCAP-based evidence and practical workflow guidance.